Johnny Halife’s Blog

While attending some CMMi courses that we held at Southworks, and reading some papers about re-work written by Watt Humphrey and the CMU-SEI crew, I started thinking about how to avoid rework and what do I do to avoid re work while coding.

I realized while asking myself a couple of questions and analyzing the code review results for the reviews I conducted that most of the people make the code work, check the code in and then start caring about the quality of that code. For example most of the people check in code that doesn’t meet the code standards and then they do another check in in order to fix those.

I came up with 10 do’s and don’ts while coding that helped me understand how to avoid rework and ensure the health of our deliverables on every check in.

10 Do’s and Dont’s to avoid quality rework

These do’s and don’ts aren’t a silver bullet but they may help you as a strong starting point for avoiding rework on quality related subjects.

Do check-in often

As Alex always says Software Development is a team sport played by talented individuals. While you keep your code in your local machine you’re also putting a barrier between your work and the rest of the world’s work. Doing check in often helps you on integration, avoiding conflicts and even better gives the team visibility on where are you in terms of what you committed to do. In the other hand if you don’t commit often, be prepared to spend half a day fixing the code to avoid conflicts.

Do run StyleCop each time you modify a source code file

Code Standards are something big to be treated on another post by itself but as summary I’ll say that in Southworks we chose the working software over the comprehensive documentation as the Agile Manifesto states.

We have chosen to use Microsoft’s StyleCop to validate our code standards. Most of the code that we write often goes public, and it’s important to demonstrate that we follow a single line of thinking and the code has signature that differentiates it  from others code but also that the code is written in the same way by all the developers on the company.

In order to accomplish this, is as simple as doing right click on the source code file in Visual Studio and then Run Source Analysis. It won’t add an overhead to your regular coding routine but will ensure that the code is written on a consistent fashion the first time.

How to run source analysis

Do run Code Analysis prior every check in

Code Analysis (a.k.a FxCop) is the tool that validates the best practices of the Microsoft.net Framework. It’s based on the book written by Brad Abrams and Krzysztof Cwalina. The best practices described there were ported to an application known as FxCop.

Following Code Analysis guidelines ensures that our code is leveraging the Microsoft.net framework in the best way it can be done. And the same as Style Cop (a.k.a Source Analysis) it can be done by doing right click on an assembly in Visual Studio and then choosing the Run Code Analysis option from the context menu.

Again, doing this the first time is better than reworking the code and re committing to the main line twice in order to do it and then to fix it.

How to run Code Analysis.

Consider branching out code that may introduce risk to your deliverables

This is pretty obvious, sometimes you think a problem can be solved using some kind of approach that might have an impact on others work. The solution there is to branch the code out and don’t introduce the risk while you’re not sure that this will be the final solution or at least that your solution works.

Why is this? Some people might choose to keep it outside the source control but experience tell us that no source control will turn into something painful if something happens.

I’ll write another post about GIT which leverages this by having a local repository for each developer but that’s another story.

Do not forget the commit message

Look at the log above what can you tell about what’s going on on the project? If you don’t include a comment, a note, a reference to a requirement or something that states what are you committing you can get your team in trouble if you have to do any rollback or review of the requirements implementation.

It’s a 1 minute thing to say what are you committing and why are you committing, that also forces you to think what problem, requirement or commitment are you closing with that check in.

Do be polite with the Integration Server

This one is loved by my friend .jpg who is our Build Server & Tooling ranger. People often get confused with the intent of an Integration Server. The Integration Server is used to verify that there’s harmony in your repository, it’s not your tool to validate your code against. You should verify your work against it but don’t use it processor cycles to do your validation work.

Our build process is complex enough that might take at least 2 minutes to build a project, people often think that is the Integration Server responsibility to validate your process. Truth to be told, the intent of the Build Server is just to verify that there’s no integration problems and that all the code follows a standard.

Although the quick feedback is the most important part of the build server, you should have in mind that is a verification of work and it doesn’t do the validation you’re supposed to do.

Do not check in prototype quality code to your main line

I won’t go further on this one, I recommend you to read I.M Wright’s post about Prototyping that he just posted. As an spoiler I can tell you that the title gives a clear message “My experiment worked!”.

Do not check in until all tests pass

This one seems pretty obvious, I wrote a post about TDD last week and most of the people nowadays are adopting this practice. The important thing and a killing feature of TDD is that you are a click away of doing regression testing on all the code and check that nothing got broken with your changes.

Sometimes you get green on yours and then just wait to the Integration Server or another developer to complain about your work. This is the case where you should be polite not only with the integration server but also with your co-workers making sure that nothing is broken because of your changes.

NOTE: If you are running a huge solution with thousands of tests you might want to run just those hundreds tests on the impact surface of your code.

Do ad-hoc peer reviews to validate your logical thinking

Two pair eyes of eyes see better than just one. That’s the rationale behind this point. Developers (and I include myself on the subset) love to put their headphones, enter their matrix kindda world and write code as the music moves forward. But as I said on the first point Software Development is a team sport and a team that cooperates is by far more candidate to win.

Do not wait until the formal Code Review comes up to you and you have to explain what you’ve done. Just put pause on iTunes for 5 seconds, ask your nearest team member (doesn’t matter his expertise always there’s something good to learn from our peers) what does he think about your idea and that’s it. You just had a peer review.

Do be consistent and disciplined while applying the nine practices above

Now you know it, but the practice makes the master. Fasten your seatbelt and get ready to improve your personal development process. You and your team will be happy to share a principles in terms of quality so your code is nice, easy to maintain and well written.

And your team as all the famous painters will have a code signature that will distinguish yourselves from the rest of the mere mortals.

And in the end….

One thing that I’ve learnt from people that have years working on Software Quality and people that I met like Eric Brechner (Microsoft Engineering Excellence Director) is that the most important thing when talking about Software Quality is defining done. If you follow these simple steps you will be closer as a team to produce code in a standard and consistent basis while starting to define the meaning of done for code.

thanks,
~johnny

Subversion authenticating against Windows Active Directory seems fairly complex from the perspective that there’s no documentation available. The existing information relates to authenticating Apache running on Windows against Active Directory.

After a couple of days nightmare/research we came up with this how-to that will provide the basis and the steps needed to authenticate against AD. We recommend you to read the “SVN Book” (Version Control with Subversion, Ben Collins-Sussman, Brian W. Fitzpatrick, C. Michael Pilato), to download the book go this website.

What is Subversion?

Subversion is a versioning system, which allows you to store a development filetree in a “repository”, keeps track of edits made to the files, and allows those edits to be rolled back if necessary.

Software Installation

Before we begin please make sure that you’ve the following packages installed on your computer: apache2, apache2-prefork, apache2-doc, libapr1, libapr-util1, neon, subversion, subversion-server, subversion-docs, pam_ldap.

Once you’ve the required packages installed you should be able to configure apache to load the required modules.

(su) a2enmod dav #enables DAV in apache2
(su) a2enmod dav_svn #enables DAV access to SVN filesystem
(su) a2enmod ldap #loads the base library for ldap modules
(su) a2enmod authzn_ldap #this is the apache 2.2.4 module for ldap authentication
(su) a2enmod authz_svn #enabled file-based access to svn repository

NOTE: Consider that this configuration is valid only for Apache 2.2.x installation, previous versions of apache don’t have the authzn_ldap module.

Configuration

The configuration suggested by most of the svn books/posts sets up individual repositories for each file tree. But since each one requires it’s own site on Apache, the administration could become a nightmare if you’re creating/adding repositories all the time. Instead, the approach proposed on this post sets up a parent repository that works as a container for all the child repositories.

Configure the parent repository

Using the vi text-editor run the following command:

(su) vi /etc/apache2/conf.d/subversion.conf

You should edit the configuration to read the following

        DAV svn
        #Configures the location of the parent repositories (repo container)
        SVNParentPath /srv/svn/repositories/
        #This flag allows you to navigate via http the existing repos on the container
        SVNListParentPath on

If you don’t include the SVNListParentPath on the configuration you’ll get a Http 403.3 forbidden error.

Now let’s configure the repository-container folder on the file system.

mkdir -p /srv/svn/repositories/

Restart apache

(su) rcapache2 restart

Now you should be able to navigate your subversion by entering the address on the web-browser (http://localhost/repositories), and your browser should display something like this:

Setting up your first repository

Let’s create a repository using the command-line tools provided as part of subversion-server package

#This command creates the SVN repository and all its required assets
(su) svnadmin create /srv/svn/repositories/myRepository
#This command gives permissions to the apache worker process
(su) chown -R wwwrun:www /srv/svn/repositories/myRepository/{dav,db,locks}

Here we’re setting up a repository called myRepository, you should see your repository on your web browser and also you should be able to navigate it on the web browser by entering the http://localhost/repositories/myRepository/ url.

(The repository under it’s parent repository)

(Inside the recently created repository)

Further on this post, we’ll go thru the common operations that you can perform on the repositories. Because the main focus of this post is the AD (W2K3) integration, let’s see how to secure the repository.

Securing the repository

Authentication against Active Directory seems to be hard, mostly if you research on the web since most of available information is related to the older module authz_ldap that is not compatible with the 2.2.x version of the Apache.

First of all you should turn off the referrals for the pam_ldap module, because there’s a problem when using Active Directory so you need to turn them off. Edit your /etc/ldap.conf  using a text-editor, and on the first line add:

   1: REFERRALS off

Now you are able to add the LDAP configuration directives to the recently created Apache Configuration. What we found useful is to test the Active Directory connection by using ADSIEdit or you can use this Applet Java LDAP Browser to test the Active Directory lookup information. We strongly recommend you to create a new user to query Active Directory.

Since the Authentication process on LDAP has to phases you should bind an account that performs the query (AD needs to be queried by a AD valid user). Said this, let’s modify the apache configuration to be authenticate with AD.

To open the Apache configuration use this command:

(su) vi /etc/apache2/conf.d/subversion.conf

Then your configuration should look like this:

        DAV svn
        #Configures the location of the parent repositories (repo container)
        SVNParentPath /srv/svn/repositories/
        #This flag allows you to navigate via http the existing repos on the container
        SVNListParentPath on

        #Everything below this line is related to LDAP configuration
        #This sets the AuthProvider to be the ldap provider
        AuthBasicProvider ldap
        #Sets that the authentication type is basic (username & password)
        AuthType Basic
        #This flag indicates that the authentication process continues bubbling up
        AuthzLDAPAuthoritative off
        #This is the message that will be displayed to the users when prompting for
        #for credentials 
        AuthName “My Subversion server”
        #This is the search path for the AD (we’ll explain this later)
        AuthLDAPURL “ldap://directory.example.com:389/
DC=example,DC=com?sAMAccountName?sub?(objectClass=*)” NONE
        #This is the DN of the user performing the query (this could be also a
        #UPN: user@domain)
        AuthLDAPBindDN “CN=apache,CN=Users,DC=example,DC=com”
        #This is the password for the user performing the query
        AuthLDAPBindPassword hackme

        #This flag indicates that only authenticated users can access this repos.
        require valid-user

The AuthLDAPURL indicates the search path where authnz_ldap Apache module will look for the user name, the ?sAMAccountName indicates that the username should match the value of that property for the user on AD. ?sub indicates that the search should be performed recursively. Finally, (objectClass=*) indicates that the object type could be any (I play safe and choose to do objectClass=*).

Now you should be able to navigate, but it’ll prompt you for your domain credentials

IMPORTANT: Since the sAMAccountName doesn’t include the domain name, avoid to user the form DOMAINNAME\user, just enter your user name.

Configuring Authorization Policies

For authorization we’re going to use the authz_svn Apache module, the authorization will be based on a text file, using the domain user name to establish policies or we can use custom groups either.

Configuring Apache to use authz_svn

In order to use the authz_svn module we should open the Apache configuration by doing

(su) vi /etc/apache2/conf.d/subversion.conf

Now we should configure the Apache to use a file for authorization policies definition, so the configuration should look like this

        DAV svn
        #Configures the location of the parent repositories (repo container)
        SVNParentPath /srv/svn/repositories/
        #This flag allows you to navigate via http the existing repos on the container
        SVNListParentPath on

        #Everything below this line is related to LDAP configuration
        #This sets the AuthProvider to be the ldap provider
        AuthBasicProvider ldap
        #Sets that the authentication type is basic (username & password)
        AuthType Basic
        #This flag indicates that the authentication process continues bubbling up
        AuthzLDAPAuthoritative off
        #This is the message that will be displayed to the users when prompting for
        #for credentials 
        AuthName “My Subversion server”
        #This is the search path for the AD (we’ll explain this later)
        AuthLDAPURL “ldap://directory.example.com:389/
DC=example,DC=com?sAMAccountName?sub?(objectClass=*)” NONE
        #This is the DN of the user performing the query (this could be also a
        #UPN: user@domain)
        AuthLDAPBindDN “CN=apache,CN=Users,DC=example,DC=com”
        #This is the password for the user performing the query
        AuthLDAPBindPassword hackme

        #This flag indicates that only authenticated users can access this repos.
        require valid-user

        #This is the configuration for Authorization
        #The following directive defines the file used as AuthZ policies store
        AuthzSVNAccessFile /srv/svn/user_access/authz_policies

Now we should create the file that defines the policies

(su) vi /srv/svn/user_access/authz_policies

The internal file structure is similar to a .ini file, below you will find a sample of how it looks like and then we’ll go section by section explaining it’s meaning

[groups]
administrators = user, user2

[myRepository:/]
@administrators = rw
sally = r
bob =

The [groups] section

Defines a group. The comma separated values are usernames, remember that since we have configured the integrated authentication the username should be a domain username.

The [myRepository:/] section

Defines permissions for a repository. The form is [respositoryName:path], the path is used when more granular permissions are desired (e.g. permissions for an specific branch or feature).

@administrators: indicates that the permissions are assigned to a group.
sally= indicates that the permissions are only assigned to user sally.

Values for the permissions

NOTE: When a user or group is not mentioned below a repository section it won’t get access of any type.

Further Reading

These are useful links that helped when doing this:

• http://www-unix.mcs.anl.gov/~gawor/ldap/applet/applet.html
• http://httpd.apache.org/docs/2.2/mod/mod_authnz_ldap.html
• http://svnbook.red-bean.com/nightly/en/svn.serverconfig.httpd.html
• http://www.debianhelp.co.uk/apachead.htm

thanks,
~johnny

I’m proud to announce that we have helped Microsoft Architecture Strategy Team shipping another version of LitwareHR. These are (among others) the enhancements done for this new version of LitwareHR:

· Platform upgrade. Updated LitwareHR v2.0 to run on Windows Sever 2008 and Microsoft Visual Studio 2008 (Beta 2). This included leveraging new technologies like Active Directory Lightweight Directory Services (ADSLDS), new management APIs and IIS7.

· Performance. We did performance assessment work for Multi Tenant Database design, the outcome of this research is reflected on a new asset called Multi Tenant Database Guide. Based on this assessment we have updated LitwareHR data access code to enhance its performance.

· Services Enhancements. Created new services leveraging Windows Communication Foundation 3.5 features as RSS & REST.

· SilverLight Streaming mash-up. We did a mash-up with LitwareHR and Silverlight Streaming Services that allows candidate evaluation screen to display a video submitted by the applicant.

· Automated Deployment. Moved from the old document  + readme + bunch of scripts approach to a new one including dependency checking and automated configuration.

· Smart Client Application. We included a WPF application that shows how to consume LitwareHR services from an external application. Also shows offline capabilities.

Gadget. We extended the UX of Litware up to the candidate desktop with two gadgets: one for Fabrikam and one for Contoso.

So now go and grab the bits:

http://www.codeplex.com/Release/ProjectReleases.aspx?ProjectName=LitwareHR&ReleaseId=8439

thanks,
~johnny

We’ve finally released the Patterns & Practices Repository Factory. This release contains the source code at the completion of the patterns & practices work on this project. As we said before now the destiny it’s on your hands.

The work done includes:

• Independent of Service Factory tree
• Generic code has been moved into a separate assembly instead of being generated every time
• Generated code has been placed in different folders to keep the underlying goop out of the way
• Interfaces are generated for the repositories, so you can provide multiple implementations of the repository
• Auto-mapping of entity fields and stored proc parameters
• Recipe inputs are stored across runs so you don’t have to reenter everything every time you run
• New, easier to use and understand UI screens

and many other additions…

Requirements

To compile this package, you need:

• Visual Studio 2005
• GAT and GAX July 2007 CTP

The package will also compile and run with the earlier GAX Feburary 2007 CTP.

If you wish to compile and run the unit test projects, you’ll need Visual Studio Team Test, Team Developer, or Team Suite editions.

Compilation and installation

Open the DataAccess Guidance Package.sln file and compile.
The easiest way to install the package is to compile the setup project and run the resulting MSI. The guidance package requires a registry key in order to find various support DLL’s needed at runtime. The MSI will create this key for you.

If you wish to manually register and use the guidance package, this registry key is:

HKEY_LOCAL_MACHINE\Software\Microsoft\patterns & practices\Repository Factory

Create a string value named "EntlibBinaryPath" and point it at a directory that contains the following DLLs:

• Microsoft.Practices.EnterpriseLibrary.Common.dll (available in Entlib 3.1 and included in the Lib folder in the drop)
• Microsoft.Practices.EnterpriseLibrary.Data.dll (available in Entlib 3.1 and included in the Lib folder in the drop)
• Microsoft.Practices.ObjectBuilder.dll (available in Entlib 3.1 and included in the Lib folder in the drop)
• Microsoft.Practices.RecipeFramework.Extensions.dll (Included in the Lib folder in the drop)
• Microsoft.Practices.Repository.dll (compile from source)
• Microsoft.Practices.RepositoryFactory.SchemaDiscovery.dll (compile from source)
• You can get both (supported release code and/or Msi) go to: http://www.codeplex.com/RepositoryFactory/Release/ProjectReleases.aspx?ReleaseId=7429

thanks,
~johnny

Hi! First of all I want to recognize my fault since the last two weeks I didn’t made my weekly-post. I’ve been very busy completing the remaining stuff from Repository Factory. That mostly includes the rework of the Create Repository recipe.

Now it’s a wizard!

As you might know our core in this factory was the generation of Repositories, Chris figured out that it was too hard to do (as it was designed). So we’ve converted the addition of operations to the repository from an ugly screen to a wizard.

Operation detail

Improved parameter mapping

Summary

I’d like to close this post saying thank you. All the improvements done in this project have been community-driven. As I insisted in all the posts about the Repository Factory, the community managed the course of the actions by prioritizing, voting, providing feedback, and reading these posts. Now it’s our call to action: Wanted- Project coordinator and members. Yes, now you have the opportunity to be a developer for this factory!.

From my side I want to thank the community members like BennyXNO and David Hayden whose continuous feedback help us a lot while doing the factory. I’m really happy to work with Chris Tavares who is a great developer and was a great Project Manager.

thanks,
~johnny

As I promised when we launch this project, I’m reporting each week the progress that we’ve accomplished in the past week.  This week has been mostly QA and a highly valuable improvement.

Improved wizard reentrancy

Last week we’ve accomplished wizard reentrancy for Create repository recipe, but we had a bug where we’re not persisting the Identity for each operation (when it applies). Now we’ve added the Identity to the recipe state file as depicted below.

Fixed mapping duplication

When you had a stored procedure that uses a parameter and it’s also included on the as ReturnValue it appear twice in the mappings. Now we’ve fixed this by adding the parameter direction on the recipe state file. How now a parameter looks like

<parameter propertyName=”Name” parameterName=”pty_Name” parameterDirection=”6″ />

Enabled recipes to run on IIS hosted project 

We’ve done a small fix to the GetConfigurationAction that allows you to run the recipes that uses configuration file on web sites that are not on File-System.

Place generated code on folders by entity

This was the major improvement for this week. Previously when you generated a repository, all the files that comes along with it where added to the root of the Data Access Project.  Chris figured out that once we’ve the RepositoryFactory.Create you no longer needed to be aware of those file and generated repository implementation neither. Now this is how your data access project will look like.

This improvement has a couple of benefits:

1. If you want to get rid of the generated code and maintain just the interface, now you just have to remove the {EntityName}RepositoryArtifacts folder.
2. All the generated code is encapsulated in a single folder, so you don’t have to be aware of how many files and the implementation details since you’re relying on the factory.
3. In addition to the RepositoryFactory.Create() this will keep your projects not aware of where the generated files are.

Finally, if you use the generated stuff as showed below, you’ll just have to include a Using to DataAccessProjectNamespace.

using ClassLibrary17;
using Microsoft.Practices.Repository;

public static class Class1
{
    public static void Main()
    {
        IPersonRepository repository =
                                RepositoryFactory.Create();
    }
}

This week we’re probably tackling the rework of the UI. We want to make the factory more usable, since we consider the usability as a core part for software factories.

Summary

We finished another week, all the tackled issues were not invented by us, they are community requests. We’re listening to you, please feel free to provide feedback in our community site. We work on the improvements starting with highly ranked ones, you have a chance to influence the course of the project.

thanks,
~johnny

Hi Guys, it’s been a long time since I post for the last time. In this oportunity I want to make the announce of Web Client Software Factory is RTM and available for download here.

What’s Web Client Software Factory?

What’s on the box?

• Application Blocks (Composite Web & PageFlow)
• Usefull Documentation, Quickstarts & How-To’s
• Architecture guidance with Patterns & Practices for Web Client Applications
• Reference Implementation

What are you waiting for… GET THE BITS NOW!!!!

The team

What else can I say about this guys! It’s an amazing job, and I’m really proud of beign part of such great team. I want to thank all the this guys:

Blaine (PM), Eugenio (PDM), Mike (Dev Lead), Ed (Architect), Matías (Dev), Mariano (Dev), Alan (Dev), Bob(Dev), Dragos (Architect), Tim (Tech writer), Juan Carlos (Dev), Prasad (Test) and Terrence (Test).

Stay tune because more stuff, content, and guidance is going to be published soon… And rembember that feedback is the key for improving our deliverables! So visit our community website at CodePlex http://www.codeplex.com/websf

thank you,
~j