Implementing Continuous Delivery continues to be a challenge for many organizations, and it remains important to highlight useful techniques such as decoupling deployment from release. We recommend strictly using the term Deployment when referring to the act of deploying a change to application components or infrastructure. The term Release should be used when a feature change is released to end users, with a business impact. Using techniques such as feature toggles and dark launches, we can deploy changes to production systems more frequently without releasing features. More-frequent deployments reduce the risk associated with change, while business stakeholders retain control over when features are released to end users.


‘Just In Time Design’ is an important and useful concept for visual design that the NoPSD movement attempts to capture. You don’t need to design the whole application or every UI element up front. Design things as you need them with as lightweight tools as you can use. We have seen a corresponding growth in simpler tools with faster learning curves, such as Sketch, as well as an increasing return to pen-and-paper (especially when paired with an existing robust digital style guide). Because of the limitations of flat mock-ups when you’re designing for screens, creating prototypes of varying fidelity with tools such as Invision, FramerJS and Origami - or simply HTML/CSS and a bit of JavaScript - has also become increasingly common and valuable for communicating design intent.

NoPSD想要抓住的是”即时设计“这个在视觉设计中重用实用的概念。你需要事先设计整个应用程序或者每一个界面元素。尽可能使用轻量工具按需设计。我们已经看到简单易学的工具更多地使用,如Sketch;纸和笔也有更多回归的趋势,尤其在与现有强大的数字风格指南配合时。由于为屏幕设计时平面模型的限制,使用如Invision, FramerJS和Origami这样的工具,或者简单的HTML/CSS加一些JavaScript来创造各种保真效果的原型,已经成为沟通设计意图时常见有效的方式。

We’ve long been championing the idea that thinking of software development as a project - something budgeted and delivered during a limited time slot - doesn’t fit the needs of the modern business. Important software efforts need to be an ongoing product that supports and rethinks the business process it is supporting. Such efforts are not complete until the business process, and its software, cease to be useful. Our observation of this products over projects approach, both with our own projects and outside, makes us determine that it is the approach to use for all but exceptional cases.


With the number of high-profile security breaches in the past months, software development teams no longer need convincing that they must place an emphasis on writing secure software and dealing with their users’data in a responsible way. The teams face a steep learning curve, though, and the vast number of potential threats - ranging from organized crime and government spying to teenagers who attack systems ‘for the lulz’can be overwhelming. Threat Modelling provides a set of techniques, mostly from a defensive perspective, that help you understand and classify potential threats. Turned into ‘evil-user stories’, threat models can give a team a manageable and effective approach to making their systems more secure.


Debugging CSS problems can be painful. How many times have you had to trawl through thousands of overridden styles to work out the source of your problem? This has led many of our teams to introduce various guidelines such as avoiding cascading and overrides, making styles opt-in and emphasizing thoughtful naming. BEM is a simple CSS naming convention (standing for Block, Element, Modifier) that helps give semantic clarity and structure to your CSS. By using BEM, it becomes much easier to understand which CSS rules are influencing the appearance of an element and, more importantly, the intent of those rules. This approach can be seen as moving the OO lesson of favoring composition over inheritance to the world of CSS.

调试CSS是非常痛苦的,有多少次你不得不从成千上万的样式覆盖中找出问题所有。为减少这种痛楚,很多团队引入了各种各样的代码规范(guidelines),比如避免级联与覆盖,使用真正需要的(opt-in)样式,并强调有意义的命名。BEM(代表Block, Element, Modifier)是一种简明的CSS命名规范,它能把你的CSS变得更语义化和结构化。通过使用BEM, 可以更容易地理解CSS规则是怎么影响第一个元素的,并且更重要的是理解CSS规则本身。这个方法可以被看做是将面向对象中“组合优于继承”的经验搬到了CSS世界中一样。

Valuable services support many variations in clients, such as mobile versus、 web and different forms of web interface. It’s tempting to design a single back-end API to support all clients with a reusable API. But client needs vary, as do constraints such as bandwidth for mobile devices versus the desire for lots of data on fast web connections. Consequently it’s often best to define different back-end services for each kind of frontend client. These back ends should be developed by teams aligned with each front end to ensure that each back end properly meets the needs of its client.


One of the many innovative uses of Docker that we’ve seen on our projects is a technique to manage buildtime dependencies. In the past, it was common to run build agents on an OS, augmented with dependencies needed for the target build. But with Docker it is possible to run the compilation step in an isolated environment complete with dependencies without contaminating the build agent. This technique of using Docker for builds has proven particularly useful for compiling Golang binaries, and the golang-builder container is available for this very purpose.


Event Storming is a useful way to do rapid “outside-in” domain modeling: starting with the events that occur in the domain rather than a static data model. Run as a facilitated workshop, it focuses on discovering key domain events, placing them along a timeline, identifying their triggers and then exploring their relationships. This approach is particularly useful for people taking a CQRS or Event Sourcing approach. Getting the right people in the room is important - a blend of business and technical people who bring both the questions and the answers. Ensuring that you have enough wall space for modeling is the second key to success. Look to discover the big picture, with the goal of collectively understanding the domain in all of its complexity, before diving into solutions.

事件风暴是快速领域建模的一种方式,它由外及内,以领域中的关键事件而不是传统的静态数据模型作为起点。它以工作坊的形式展开,主要目的是识别领域关键事件,将它们以时间轴的方式组织,确定它们的触发条件,并探索它们之间的关系。这种方式对于采用CQRS或者Event Sourcing的开发者来说尤为有效。它成功的第一要素是找到合适的人。这组人需要融合业务和技术人员,能够提出问题并一起发现答案。第二,要确认你有足够的白板空间来建模。它可以通过可视化的方式,帮助我们一起发现全景,共同了解目标领域以及它的复杂度,确保在讨论解决方案之前对于问题的一致理解。

Flux is an application architecture introduced by Facebook. Usually mentioned in conjunction with React.js, Flux is based on a one-way flow of data up through the rendering pipeline. Flux embraces the modern web landscape of client-side JavaScript applications in a way that avoids the venerable MV* clichés. ThoughtWorks teams are now starting to gain some experience with this architectural style and find that it meshes well with service orientation and solves some of the problems inherent in two-way data binding.


Many services, especially legacy services, are written with the assumption that any request will occur only once. Networks being what they are, this can be difficult to arrange. An idempotency filter is a simple component that merely checks for duplicate requests and ensures that they are sent to the supplier service only once. Such a filter should do only this one task and be used as a decorator over existing service calls.


Modern web pages tend to contain a plethora of JavaScript widgets and snippets coming from a variety of third-party sources. This can have a negative impact on both security and performance. While we are still waiting for fuller JavaScript isolation with web components, our teams have benefited from using HTML5 iFrames for sandboxing untrusted JavaScript.

现在的网页往往含有过多的来自第三方的JavaScript部件和代码片段,这对安全和性能都会产生负面影响。虽然我们仍在等待基于Web组件的JavaScript完全隔离方案,我们的团队已经从使用HTML5 iframe来沙盒化不可信的JavaScript中受益匪浅。

The JavaScript world has a plethora of dependency and package-management tools, all of which rely on the Node Package Manager (NPM). Teams are starting to see these extra tools as redundant and are recommending that if you can use solely NPM for package and dependency management, you should. The simplification of using NPM for all the things helps reduce some of the churn in the JavaScript tools space.

JavaScript的世界中有太多的依赖和包管理工具,它们全都基于NPM(Node Package Manager)之上。许多团队慢慢开始发现这些额外的工具有点冗余,他们推荐在条件允许的前提下只用NPM来管理包和依赖。使用NPM的简化方案有利于减少JavaScript工具世界的噪音污染。

The time taken to provision and update environments continues to be a significant bottleneck on many software projects. Phoenix Environments can help with this delay by extending the idea of Phoenix Servers to cover entire environments. We feel this is such a valuable and time-saving technique that you should consider trialing this approach. Using automation, we can create whole environments - including network configuration, load balancing and firewall ports - for example by using CloudFormation in AWS. We can then prove that the process works by tearing the environments down and recreating them from scratch on a regular basis. Phoenix Environments can support provisioning new environments for testing, development, UAT and disaster recovery. As with Phoenix Servers, this pattern is not always applicable, and we need to think carefully about things like state and dependencies. Treating the whole environment as a blue/green deployment can be one approach when environment reconfiguration needs to be done.


Traditionally, QA roles have focused on assessing the quality of a software product in a pre-production environment. With the rise of Continuous Delivery, the QA role is shifting to include analyzing software product quality in production. This involves monitoring of the production systems, coming up with alert conditions to detect urgent errors, determining ongoing quality issues and figuring out what measurements you can use in the production environment to make this work. While there is a danger that some organizations will go too far and neglect pre-production QA, our experience shows that QA in production is a valuable tool for organizations that have already progressed to a reasonable degree of Continuous Delivery.


Immutable data structures are becoming more popular, with functional languages such as Clojure and Scala providing immutability by default. Immutability allows code to be more easily written, read and reasoned about. Using an accumulate-only data store can confer some of these benefits in the database layer, as well as make audit and historical querying simple. Implementation options vary, from specific accumulative data stores such as Datomic to simply using an “append-don’t-update” approach with a traditional database. Accumulate-only is a design strategy whereby data is removed via retraction rather than update; append-only is an implementation technique.


More and more organizations are starting to use bug bounties to encourage reporting of what are often security-related bugs, and in general help improve the quality of their software. To support these programs, companies like HackerOne and BugCrowd can help organizations manage this process more easily. We have limited experience with these offerings ourselves, but we like the idea of encouraging people to help come forward and highlight what can often be damaging vulnerabilities in an open and transparent way. It’s worth noting that there might be some legal issues with encouraging users to find vulnerabilities in your software, so please do check that out first.

越来越多的组织开始通过bug bounties鼓励记录常见的安全相关的bugs,帮助提高软件质量。为了支持这些方案,诸如HackerOne和BugCrowd公司的出现可以更容易地帮助企业管理这个过程。我们在这方面经验有限,但是我们喜欢这种鼓励人们以很开放、很透明的形式来提出常见的漏洞的想法。值得一提的是,在鼓励用户发现你们软件中的漏洞的前要先确认清楚是否会引发法律问题。

A Data Lake is an immutable data store of largely unprocessed ‘raw’ data, acting as a source for data analytics. Whereas the more familiar Data Warehouse filters and processes the data before storing it, the lake just captures the raw data, leaving it to the users of that data to carry out the particular analysis that they need. Examples include HDFS or HBase within a Hadoop, Spark or Storm processing framework. Usually only a small group of data scientists work on the raw data, developing streams of processed data into lakeshore data marts for most users to query. A Data Lake should only be used for analytics and reporting. For collaboration between operational systems we prefer using services designed for that purpose.


Many organizations want to leverage distributed or offshore development but have security concerns with their code and other intellectual property sitting outside their control. The result is often to use high-latency remote-desktop solutions for development, adhering to an organization’s security controls but crippling developer productivity. An alternative is to use a Hosted IDE delivered to a browser via VPN. The IDE, code and build environment are hosted within the organization’s private cloud, easing security concerns, and the developer experience is significantly improved. Tools in this space include Orion and Che from the Eclipse Foundation, Cloud9 and Code Envy.

很多组织希望能充分利用分布式或海外交付,但对于其控制外的代码和知识产权的安全性深表担忧。其结果往往是采用能维持安全控制,但牺牲开发人员生产力的高延迟的远程桌面进行开发的解决方案。另一种方案是使用通过VPN接入的浏览器访问托管IDE。IED,代码和构建环境托管在组织内的私有云上既消除了安全忧虑,又大幅改善了开发者的体验。来自Eclipse基金会的Orion和Che,以及Cloud9和Code Envy都是这个领域的佼佼者。

In monitoring, the common approach is to conceive of erroneous conditions and set alerts when these appear. But it’s often difficult to enumerate the myriad failure modes in a software system. Monitoring of invariants is a complementary approach to setting expected normal ranges, often by examining historical behavior, and alerting whenever a system goes outside those bounds.


We firmly believe that long-lived version-control branches harm valuable engineering practices such as continuous integration, and this belief underlies our dislike for Gitflow. We love the flexibility of Git underneath but abhor tools that encourage bad engineering practices. Very short-lived branches hurt less, but most teams we see using Gitflow feel empowered to abuse its branch-heavy workflow, which encourages late integration (therefore discouraging true continuous integration).


We see many teams run into trouble because they have chosen complex tools, frameworks or architectures because they ‘might need to scale’. Companies such as Twitter and Netflix need to be able to support extreme loads and so need these architectures, but they also have extremely skilled development teams able to handle the complexity. Most situations do not require these kinds of engineering feats; teams should keep their web scale envy in check in favor of simpler solutions that still get the job done.


Gartner’s Pace-layered Application Strategy approach appears to be creating an unhelpful focus on the idea of layers within an architecture. We find thinking about the pace of change within different business capabilities (which can be made up of several architectural layers) to be a more useful concept. The danger in focusing on layers is that many types of change cut across multiple layers. For example, being able to add new class of stock to a website is not just about having an easy-to-change CMS; you also need to update the database, integration points, warehouse systems, etc. The recognition that some parts of an architecture need to be more maneuverable than others is useful. However, a focus on layers is proving unhelpful.


The Scaled Agile Framework® (aka SAFe™) continues to gain mindshare in many organizations at scale. In addition, tools and certification are becoming a significant aspect of the adoption of SAFe™. We continue to be concerned that actual adoptions are prone to over-standardization and are tending towards large release practices, resulting in practices that hinder agile adoption. In its place, we continue to recommend lean approaches that include experimentation and incorporate continuous improvement practices like the Improvement Katas offer organizations a better model for scaling agile.

规模化敏捷框架Scaled Agile Framework(又名SAFe)继续获得很多大型组织的心理份额。此外,工具和认证正在成为是否采用了SAFe的一个重要的判断依据。我们依然担心的是,在这个过程中容易过度标准化,并且趋向于大型发布,结果在实际上阻碍了敏捷的实行。在这方面,我们继续推荐精益方法,包括实验和持续改进实践的整合(如改进道场Imporvement Katas),从而为企业提供更好的规模化敏捷模型。

