AJR/TechRadarAJR
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Added articles in markdown

Browse Source 
Added all (missing) current articles of each quadrant.
This commit is contained in:
Philip Feldmann
2017-04-04 17:22:21 +02:00
parent 67b1b9e944
commit 461c4e7dda
62 changed files with 763 additions and 44 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
radar/2017-03-01/akeneo.md Normal file
View File

@@ -0,0 +1,18 @@
---
title: "Akeneo"
ring: assess
quadrant: tools
---
Akeneo is a Product Information Management system (also known as PIM, PCM or Product MDM) and helps centralize and harmonize all the technical and marketing information of products.
We use Akeneo with success in our projects and products (For example in OM3), where it is responsible for:
- Keeping product data separate from other applications - such as E-Commerce systems
- Managing livecycles of products and managing product portfolios with their category structures
- Managing attributes and families and therefore acting as attribute master for the suite
The system has a modern and friendly user interface and product managers find things such as completenesscheck, translation views and mass editing very helpful.
With delta export and import capabilities and the usage of Mongo DB as persitence backend, the performance is acceptable. We miss a richer API - but the system is extendable and based on PHP/Symfony 2.

2
radar/2017-03-01/akka.md
View File

@@ -4,11 +4,9 @@ ring: trial
quadrant: languages-and-frameworks
---
With the growing adoption of microservice-based architecures, the interest in frameworks and tools that make building systems that follow the reactive manifesto possible has increased.
Akka provides you a toolkit and runtime based on the Actor model known from Erlang to reach this goal.
It's one of the most-adopted toolkits in its space with its key contributors beeing heavily involved in the overall movement of the reactive community as well.
At AOE, we use Akka when we need high-performance, efficient data processing or where its finite state machine plays nicely with the domain of the application. It is worth mentioning that the actor model might come with extra complexity and therefore should be used in problem spaces where the advantages of this approach bring enough value and no accidental complexity.

2
radar/2017-03-01/angular-2.md
View File

@@ -13,4 +13,4 @@ It supports DI (dependency injection), it has a clean inheritance and a good sep
We think that Angular2+ is well-structured on both a development and an application level.
When talking about Angular2, we must consider the [angular.cli](https://cli.angular.io/) as well, which provides a huge level of intelligent automation along the development process and project setup.
When talking about Angular2, we must consider the [angular.cli](https://cli.angular.io/) as well, which provides a huge level of intelligent automation along the development process and project setup.

9
radar/2017-03-01/ant.md Normal file
View File

@@ -0,0 +1,9 @@
---
title: "Ant"
ring: hold
quadrant: tools
---
Apache Ant was build in 1997 to have something like Make in the C/C++ world for Java. Ant uses xml files to describe steps required to produce executable artifacts from source code. The main concepts of tasks and targets are programmable in an imperative style.
Apache Ant was and is widely used by large software projects. Our recommendation is to stop using Apache Ant for new projects. If you are free to choose, we recommend Gradle as an Apache Ant replacement.

13
radar/2017-03-01/anypoint-platform.md Normal file
View File

@@ -0,0 +1,13 @@
---
title: "Anypoint platform"
ring: trial
quadrant: tools
---
Anypoint platform (formally known as Mule or Mule ESB) is an Enterprise Integration Platform written in Java.
Anypoint provide tools to use Enterprise Integration Patterns (EAI) and has a high number of ready-to-use connectors to communicate with software tools such as SAP, Salesforce, etc.
Anypoint Community Version is Open Source and contribution is possible. The platform is pluggable with own connectors. Mulesoft is also driving the [raml](/tools/raml.html) specification and related Open Source tools.
AOE is a Mulesoft Partner and we use both the Community and Enterprise Versions of Anypoint. We use Anypoint as an API Gateway to combine and transform data from multiple backends. We use it as ESB or Integration platform for loose coupling of software components. And we also use it as legacy modernization to provide modern APIs for legacy- or foreign software.

18
radar/2017-03-01/api-first-design-approach.md Normal file
View File

@@ -0,0 +1,18 @@
---
title: "API-First Design Approach"
ring: trial
quadrant: methods-and-patterns
---
The API-First Design Approach puts the API design at the beginning of the implementation without any constraints, for example, from the current IT infrastructure or the implementation itself. The idea is to design the API in a way that it serves its purpose best and the consumers are enabled to work efficiently.
There are several advantages to this approach. For example, it can help to avoid reflecting the internal structure of the application or any internal constraints. Furthermore, as one of the most important design aspects is consistency, one can define features such as the behavior of security, URL schemes, and API keys upfront. It also helps speed up parallel implementation. A team that consumes the API can start working directly after the API design because it can easily be mocked.
There are several tools for modelling an API, but here at AOE we mainly use [RAML](/tools/raml.html) as it provides a rich set of tools for generating documentation, mocking and more. For mocking we use [Wiremock](/tools/wiremock.html), for example.
Related to the "API-First" approach is the "Headless" approach where an existing application (with or without existing API) is used as a backend for a separate frontend. We used this with sucess for Magento-based E-Commerce platforms. This allows encapsulating the core features of that application, while integrating it into a larger landscape of components using its API as a unified way to interact between components. Decoupling the core logic from its presentation layer allows picking the best technology stack for the various parts independently.
For further reading see:
* [Understanding API First Design](https://www.programmableweb.com/api-university/understanding-api-first-design)
* [When crafting your API strategy, put design first](http://www.techradar.com/news/software/applications/when-crafting-your-api-strategy-put-design-first-1262043?src=rss&attr=all)

11
radar/2017-03-01/artifactory.md
View File

@@ -4,22 +4,17 @@ ring: adopt
quadrant: platforms-and-aoe-services
---
JFrog [Artifactory](https://www.jfrog.com/open-source/) is a software tool, which, in the end, manages and stores (binary) artifacts.
JFrog [Artifactory ](https://www.jfrog.com/open-source/)is a software tool, which, in the end, manages and stores (binary) artifacts.
In addition to storage, it provides a managing interface, which also allows to store build information, properties as well as dependencies per artifact which are organized within repositories. A fine grained security system enables easy management of which artifacts are available to whom.
The artifacts are exposed via an HTTP(S)-Url Artifactory, which can generate package-manager compatible manifests for the repositories. AOE utilizes Artifactory to serve Maven, Apt, Npm, Composer and Docker Repositories.
In addition to storing own assets, Artifactory is able to proxy remote Repository for and cache resolved artifacts locally.
This results in an increased build performance and decouples builds from external service dependencies and ensures builds still work even if they utilize outdated dependencies that might not be publicly available anymore.
Artifactory provides a powerful REST-API for managing Artifacts including a powerful search AQL. It is utilized to provide complex release processes based on QA-Attributes on an artifact level.
Artifactory at AOE currently comes with some problems, too:
- Cleanup in Artifactory has to be done manually. Therefore, if every build is pushed to Artifactory it currently pollutes disk space since old or unused versions are never removed.
- The Composer Integration mirroring github proves to be slower than directly connecting to github.
* Cleanup in Artifactory has to be done manually. Therefore, if every build is pushed to Artifactory it currently pollutes disk space since old or unused versions are never removed.
* The Composer Integration mirroring github proves to be slower than directly connecting to github.
AOE is using the Professional version for a central instance that can be used by different teams. We encourage teams to use Artifactory instead of Jenkins to store and manage build artifacts - and to take care of cleaning up old artifacts automatically.

9
radar/2017-03-01/aws-lambda.md Normal file
View File

@@ -0,0 +1,9 @@
---
title: "AWS Lambda"
ring: trial
quadrant: platforms-and-aoe-services
---
AWS Lambda is one of the exciting new "cloud-native" / serverless ways to run code without worrying about infrastructure. While it is possible to directly respond to web requests using the API Gateway, our teams are currently using AWS Lambda mostly for tasks outside the critical path. As a custom resource for CloudFormation, it allows us to manage all aspects of a deployment in an elegant way by simply deploying a new CloudFormation stack. Baking AMIs and doing green/blue switches are only two of the many use cases where AWS Lambda comes in very handy.
In addition to deployment automation, we're using AWS Lambda to process incoming data. Being able to respond to events from various sources such as S3 Buckets, SNS topics, Kinesis streams and HTTP endpoints it's a perfect match to process, transform and forward incoming data in near-realtime at a fraction of the cost of running an ESB.

12
radar/2017-03-01/bower.md Normal file
View File

@@ -0,0 +1,12 @@
---
title: "Bower"
ring: hold
quadrant: tools
---
[Bower](https://bower.io/) is a package manager for frontend resources such as JavaScript libraries and CSS frameworks. Compared to [npm](https://www.npmjs.com/), it has a somewhat different approach to loading and resolving the packages, resulting in a smaller and cleaner folder structure.
In small web projects, this approach is good and sufficient, but larger projects will need more dependencies such as task runners or testing frameworks, which are not available through Bower. As most of the frontend libraries are also available through npm, it's not suprising that we ask ourselves why Bower is still needed.
At AOE, we decided to use npm as the only package manager to avoid having multiple tools doing similar things. Developers only need to deal with one solution, which makes the project easier to maintain.

12
radar/2017-03-01/client-side-error-logging.md Normal file
View File

@@ -0,0 +1,12 @@
---
title: "Client-side error logging"
ring: trial
quadrant: methods-and-patterns
---
More and more business logic is done client-side with various web and app technologies. How do we know if everything works in production? We can easily track backend exceptions in the server logs, but what about client-side errors in the user's browser or mobile app?
With client-side error logging, we send errors to a central server to see instantly what is going wrong. With this method errors can be found and resolved quickly before they affect even more users.
At AOE, we use the Open Source solution [Sentry](https://sentry.io/welcome/).io. It can handle multiple projects and teams and integrates well with other services such as Mattemost/Slack and Issue Tracking Systems.

12
radar/2017-03-01/consul.md Normal file
View File

@@ -0,0 +1,12 @@
---
title: "Consul"
ring: assess
quadrant: tools
---
Consul is a lightweight service to provide a service discovery registry with failure detection (health checks) for circuit breakers. It also provides configuration management with key/value storage.\
The typical way to use it is that a consul master cluster takes care of the update and write processes and consul clients run locally on the apps host - data is shared accross the complete Consul cluster. The data can be accessed by using DNS and HTTP APIs.
At AOE, we use Consul for settings distribution with consul-template as a way to do [Settings Injection](/methods-and-patterns/settings-injection.html) during deployment. Consul is also used as service discovery between apps inside [microservice](/methods-and-patterns/microservices.html) environments.
With Vault there is another tool that can be used to manage and share secrets.

12
radar/2017-03-01/container-based-builds.md Normal file
View File

@@ -0,0 +1,12 @@
---
title: "Container-based builds"
ring: assess
quadrant: methods-and-patterns
---
Running your builds in isolated containers keeps your build servers clean. It allows you to even run them with multiple versions of a framework or programming language. You don't need additional machines like you would for running builds with PHP5 or PHP7 at the same time or running some legacy builds.
Note that you need to think about some kind of caching mechanism for your depenendies to avoid downloading them in every build, which would cause long build times.
At AOE, we are currently starting to use this approach for building services and it is especially useful if your build has special dependencies. Also, it's possible to use GitLab as a build tool or use [Docker with the new Jenkinspipeline](https://wiki.jenkins-ci.org/display/JENKINS/CloudBees+Docker+Pipeline+Plugin). For caching we are evaluating minio as a cache server. We noticed that our builds run quite rapidly and reliably with that. Also, the complexity of the builds decreased since we don't need any workarounds, which were caused by having everything installed on one build server.

10
radar/2017-03-01/dagger.md Normal file
View File

@@ -0,0 +1,10 @@
---
title: "Dagger"
ring: adopt
quadrant: tools
---
[Dagger](https://google.github.io/dagger/) is a fully static, compile-time [dependency injection](http://en.wikipedia.org/wiki/Dependency_injection) framework for both Java and Android. [Dagger](https://google.github.io/dagger/) doesn't use reflections at runtime, it saves resources. For us, it is a perfect match for Android development.
We at AOE use it as a base framework for every Android project.

8
radar/2017-03-01/datadog.md Normal file
View File

@@ -0,0 +1,8 @@
---
title: "Datadog"
ring: assess
quadrant: platforms-and-aoe-services
---
After realizing that AWS CloudWatch isn't flexible enough, and running our own metrics aggregation, monitoring and altering isn't something we want to do ourselves, we decided to give Datadog a try. Datadog is very simple to set up and retrieves metrics from the AWS API (and many other integrations) and from an agent running on the EC2 instances. On top of that, it comes with many plugins for services such as Apache, NGINX and ElasticSearch, allowing us to track all important metrics without much effort. Creating dashboards, setting up alarms and integrating into other applications (such as ticket systems) is easy to do and works fine.

2
radar/2017-03-01/decoupling-infrastructure-via-messaging.md
View File

@@ -4,4 +4,6 @@ ring: trial
quadrant: methods-and-patterns
---
In [Microservices](/methods-and-patterns/microservices.html) we have already covered the trend that modern architectures are moving away more and more from big monolithic applications to distributed software suites. The result of splitting our software and infrastructure in smaller parts, is the need to communicate with each other. This can be done by direct communication or by message-based asynchronouous communication. While synchronuous communication allows for more plannable "real-time" response times of the overall systems, asynchronouos communication increases the resilience and stability of the system significantly and allows one to use other integration and scaling patterns. However, it often comes with additional complexity.
Most of the IaaS Cloud providers offer messaging services such as AWS SQS which provide the possibility to decouple our infrastructure via Messaging. Also, we use [RabbitMQ](/tools/rabbitmq.html) as a Messaging and Broker solution within our applications. The decision of using messaging and messaging patterns as an integration strategy can be made as part of [strategic design](/methods-and-patterns/strategic-domain-driven-design.html) considerations.

36
radar/2017-03-01/devops-practices.md Normal file
View File

@@ -0,0 +1,36 @@
---
title: "Devops practices"
ring: trial
quadrant: methods-and-patterns
---
DevOps is a term that has been around for some years now. We understand DevOps as a philosophy and culture with related practices and tools - all with the aim of bringing (IT) Operations closer to Development.
Jez Humble described the devops movement like this: "a cross-functional community of practice dedicated to the study of building, evolving and operating rapidly changing, secure, resilient systems at scale".
With the size of software projects and the effects of agile development, the need to also deliver operation and infrastructure in an agile way increases more and more.
We have been using the following practices with success:
**Crossfunctional Teams "you build it, you run it"**
In the past year, we have moved from a more centralistic or standanlone IT and operations service team to crossfunctional teams with Infrastructure experts working in and with the development team (admins joining the project team).
And, we changed to crossfunctional teams and a "you build it, you run it" approach for the bigger projects. We have seen that this leads to the following positive effects:
* Software application architecture demands a certain infrastructure and the other way around. Having all the know-how in one team leads to more major decisions and implementations. Also, solving of root causes for problems works better.
* Rotating operation and incident management inside the whole team brings everyone into closer contact with the day-to-day operation of their software. This results in a shared and improved responsibility and commitment to the complete platform in the team. In addition, this brings developers into contact with the customer - which is an important feedback loop as well.
* Increased flexibility in the infrastructure: Implementations and adjustments in the infrastructure are faster and can be done together with the ongoing agile development of the platform.
* Developers also explicitly think of operation issues when building the application - since they are responsible for operation. For example, logging concept, monitoring aspects and resilience patterns are now explicitly optimized continuously and improve faster.
Important enabler of such an approach is the size and available budget for the project (not every project allows for having a continuous crossfunctional teams that carries out ongoing development and operations). Also, this requires a certain amount of independence for the team.
As always, we are establishing "community of interests" to improve and promote the knowledge transfer between different teams.
**Increase of relevant tools**
Another important aspect and also enabler of DevOps practices is the increase of certain tool and methods - some of them are also represented in the Tech Radar. For example: Puppet Environments; Docker; Cloud Services, Terraform, Consul etc.
**DevSetup = Prod Setup, Infrastructure as a Code**
Keeping the development infrastructure setup close to production is also a commonly implemented practice and a direct result of the "Infrastructure as Code" method. Handling infrastructure and the required changes and innovations in ways similar to those used for applications is important; you can ready more about this here: Infrastructure as Code
We encourage all teams to adopt devops practices in the teams and to take care that there is a true collaboration between the different experts in a team and no invisible wall.

18
radar/2017-03-01/docker.md Normal file
View File

@@ -0,0 +1,18 @@
---
title: "Docker"
ring: assess
quadrant: platforms-and-aoe-services
---
Docker is currently the most-used solution for creating and managing container-based infrastructures and deployments.
Essentially, Docker is a platform to build container images, distribute them and run them as an isolated process (using Linux kernel cgroups, network namespaces and custom mounts).
In a DevOps environment, this helps a lot as we can run the exact same software and runtime (such as PHP) on both production and locally while developing. This enables us to debug our software much easier.
Also, Docker allows us to keep our development setup much smaller and faster; instead of VirtualBox setups on a per-project base, we can compose our project development setup out of small containers. A CI environment building the containers allows us to package and test the whole environment instead of different software components on different runtimes in a much more stable way.
Backed by services such as [Kubernetes](/platforms-and-aoe-services/kubernetes.html), we can deploy Docker containers on a flexible infrastructure and enable our developers to test their software more easily in different environments.
Here at AOE, we assess Docker in different projects to become more flexible and faster, which increases our focus on development of even better and more stable software.

9
radar/2017-03-01/elasticsearch.md Normal file
View File

@@ -0,0 +1,9 @@
---
title: "Elasticsearch"
ring: trial
quadrant: platforms-and-aoe-services
---
Elasticsearch is a REST-based search and analytics engine based on Lucene. Unlike its competitor Apache Solr, it was developed in the beginning with clustering and scaling in mind. It allows you to create complex queries while still delivering results very fast.
At AOE, we use Elasticsearch for logging as well as our own search solution [Searchperience](http://www.searchperience.com/). We recently moved the Searchperience stack from Solr to Elasticsearch and think this was the right decision. Especially in terms of scaling, ease of use and performance, Elasticsearch really shines. Also, the API design took some of the learnings from Apache SOLR into account - for example, the queryDSL is a powerful way of describing different search use cases with highly flexible support of aggregations, etc.

15
radar/2017-03-01/evil-user-stories.md Normal file
View File

@@ -0,0 +1,15 @@
---
title: "Evil User Stories"
ring: assess
quadrant: methods-and-patterns
---
With Evil User Stories, we aim to raise the project teams' (PO, Dev-Team, QA) and clients' awareness for security topics and introduce a security-by-design principle.
The first step is to identify business use cases of potential vulnerabilities in our software product. The next step is to write an Evil User Story for this use case, from the perspective of an evil persona, e.g. "John Badboy who wants to hack our software". The idea behind this is to take a look at specific parts (business logic) of the software from a perspective that would otherwise not be considered when working on standard user stories.
So how would this work? To illustrate this, let's consider the following user story: "As Emma Shopping I am be able to pay for a product in my checkout using a credit card". To get that story done, we might have to persist some payment data somewhere. But within the context of an Evil user story we now also need to consider the security for the credit card and payment handling in our application. So, for that reason, we write an Evil User Story, which in this case could, for example, be "As John Badboy, I want to steal payment data" or more specifically "As John Badboy, I want to do to sql inject to get the payment token".
Before implementation of this particular user story starts, developers should think about how they can secure potentially vulnerable parts of the software to prevent attacks such as sql injections. In this case, one approach should be the use of prepared statements for sql queries. When the development is finished, we should then be able to test the story using an automated testing approach with a penetration testing tool such as [sqlmap](http://sqlmap.org/) to confirm that our database queries are not vulnerable to sql injections.
Additionally, both solutions should be checked during the development process using code reviews to identify and correct potentially buggy code.

21
radar/2017-03-01/explicit-test-strategy.md Normal file
View File

@@ -0,0 +1,21 @@
---
title: "Explicit test strategy"
ring: assess
quadrant: methods-and-patterns
---
According to the [ISTQB Glossar](http://glossar.german-testing-board.info/#teststrategie)- a **Test Strategy** is an abstract specification that comprises the designated test levels (unit, integration, system and acceptance tests) and the implementation of each level for a whole organization or for an application. This test strategy can be applicable to one or more projects.
At AOE, we established an explicit test strategy for many of our projects. The coordination of the test levels improves the effectivity of test runs and helps to avoid testing gaps, double inspection and overhead. Every test level has a different focus. Tests that are executed on one level don't have to be implemented on others.
These are the test levels that we implement as a standard in the software deployment pipeline of our projects and that handle multiple integrated components and services:
- **Unit Test:** The unit level tests verify the functionality of a specific section of code, usually at the function level. We use static as well as dynamic test methods such as code reviews, style or complexity checks and white-box testing. 
- **Module Tests:** Module Tests focus on testing the functionality that a service or component provides in isolation to other components or services that this service depends on. This test stage finds errors in a component. It should never fail due to a consumed service that is not reachable or has been altered. Therefore, all dependencies of these components are mocked or stubbed on some level. Tests are most commonly conducted through interfaces using black-box testing.
- **Integration Tests:** On the integration level, individual software modules are combined and tested as a group. The integration testing verifies functional, performance and reliability requirements. These tests are also most commonly conducted through interfaces using black-box testing. In case there is a great number of (external) subsystems, we mock these systems outside of the defined context and use contract-based testing to verify the interfaces. All contract-based tests that focus on testing the interface contracts between services are also executed on this test level.
- **System Level Tests:** On the system level, tests are performed on a complete, integrated system, where they evaluate the system's compliance with its specified requirements. System tests not only verify the design, but they also check the system's behavior in general and even the assumed expectations of the customer. They are intended to test up to and beyond the bounds defined by the explicit system requirements.
- **Client Acceptance Tests:** The client acceptance level includes all testing done by the customer and is the last one in the succession of the five test levels. The objective is to evaluate the system's compliance with the business requirements and to assess whether it is acceptable for delivery.
As a rule, we automate the execution of tests where it is feasible and sensible. Related to the test strategy are the test concept, test data management and the usage of a test case management tool that allows one to assess and categorize functional test cases.
Due to the practical usefulness of having a sound test strategy for a project, we classify the explicit test strategy for projects with assess.

14
radar/2017-03-01/galen.md Normal file
View File

@@ -0,0 +1,14 @@
---
title: "Galen"
ring: assess
quadrant: tools
---
With [Galen Framework](http://galenframework.com/), layout testing can be automated to save you a lot of manual work. With its own specification language (Galen Spec), you can write tests to verify the correct look of the web page as well as the location and alignment of specific elements on a page.
So, you can write simple tests such as "The button should be green" as well as more complex behavior specifications such as "On mobile devices the button should be inside the viewport". Especially when testing a responsive website on multiple devices, browsers and resolutions, the manual testing effort gets expensive. To help with that, Galen runs its specifications fully automated with Selenium against the required browsers and devices.
Whenever a test fails Galen writes a test report with screenshots to show the mismatching areas on the page to help testers and developers become aware of the problem.
At AOE, the Galen Framework helps us to continuously test the UI for potential regression bugs introduced by new features.

17
radar/2017-03-01/gatlin.md Normal file
View File

@@ -0,0 +1,17 @@
---
title: "Gatling"
ring: trial
quadrant: tools
---
[Gatling](http://gatling.io/) is a highly capable load testing tool. It is designed for ease of use, maintainability and high performance.
Out of the box, Gatling comes with excellent support of the HTTP protocol that makes it a tool of choice for load testing any HTTP server. As the core engine is actually protocol agnostic, it is perfectly possible to implement support for other protocols. For example, Gatling currently also ships [JMS support](http://gatling.io/docs/current/).
Gatling is built with [Scala Lang](https://extranet.aoe.com/confluence/display/knowledge/Scala+Lang) and [Akka](https://extranet.aoe.com/confluence/display/knowledge/Akka). By making good use of Scala's native language features (such as as the extensive type system), it makes writing tests feel natural and expressive, instead of writing load tests based on a DSL encoded in some special syntax.
This allows us to use all native Scala features to work with, with the focus on the ability to structure your tests as pure code, and actually unit test your load tests.
Besides the very good performance, we definitely like the pure code-based approach. Gatling creates HTML-based reports with nice graphs and metrics about how and what was tested.
We use Gatling as an alternative to Jmeter with success in some of our projects. We encourage teams to try Gatling for future load testing. There is an integrated test recorder similiar to what other test frameworks have to get you started with a basic test case.

13
radar/2017-03-01/gradle.md Normal file
View File

@@ -0,0 +1,13 @@
---
title: "Gradle"
ring: adopt
quadrant: tools
---
Gradle is a build automation tool originating in the Java space, providing declarative dependency management (like Maven) and support for custom functionality (like Ant). It has superb multi-project support and is extremely extensible via third-party plugins and also via self-written extensions and plugins that make it outstanding in its area.
It uses a Groovy-based DSL to declaratively model your problem domain (Build automation) and provides a rich object model with extension points to customize the build logic. Because it is extremely easy to extend this DSL, you can easily provide a declarative interface to your customizations and add-ons.
While providing plugins for building libs, apps and webapps in Java, Groovy and Scala out of the box it is not tied to the JVM as target platform, which is impressively shown by the native build support for C / C++.
At AOE, it is used in various places already: to build [Anypoint](/tools/anypoint-platform.html)- and [Spring Boot-](/languages-and-frameworks/spring-boot.html) based applications; to build Android Apps; to automate the creation of Jenkins Jobs; to create Docker images and Debian packages and also do some deployment scripting with it.

2
radar/2017-03-01/groovy.md
View File

@@ -7,4 +7,4 @@ quadrant: languages-and-frameworks
Groovy is a dynamically typed compiled language running on the JVM. It is easy to learn as it provides a familiar syntax for Java programmers, but also offers advanced features such as closures and makes some mandatory Java syntax requirements optional to enhance the conciseness of the code. These features make Groovy especially well-suited for scripting and domain-specific languages. This is used by popular tools such as Gradle or Spock.
At AOE, Groovy is used in many projects and areas. We use Gradle as a build system, we carry out unit and integration testing with Spock and Geb, we generate Jenkins jobs with JobDSL and we implement complete services with Groovy and Spring Boot.
At AOE, Groovy is used in many projects and areas. We use Gradle as a build system, we carry out unit and integration testing with Spock and Geb, we generate Jenkins jobs with JobDSL and we implement complete services with Groovy and [Spring Boot](/languages-and-frameworks/spring-boot.html).

24
radar/2017-03-01/hal-hateoas.md Normal file
View File

@@ -0,0 +1,24 @@
---
title: "HAL / HATEOAS"
ring: assess
quadrant: methods-and-patterns
---
Hypermedia As The Engine Of Application State or in short HATEOAS is a pattern that helps to organize dependencies and resources in a RESTful API. The basic idea of HATEOAS is that an API consumer do not have to know how dependencies of resources are connected and how to get them. A consumer must only be familiar with the basics of hypermedia.
Let's assume we have a bank account and an action to deposit money on that account. Everything you need to know is that the account resource has an action for a deposit. The URL of that action can then fetched from the link attribute with the corresponding relation.
`<account>`
` <account_number>12345</account_number>`
` <balance currency="usd">-25.00</balance>`
` <link rel="deposit" href="https://bank.example.com/account/12345/deposit" />`
`</account>`
Besides from HATEOAS there is an alternative implementation called Hypertext Application Language, in short HAL, which has much more features than the basic HATEOAS.
With HAL you are allowed to also define parametrized links, embedded resources and a documentation relation between resources which are called curies. You can find the specification [here](http://stateless.co/hal_specification.html).

17
radar/2017-03-01/hystrix.md Normal file
View File

@@ -0,0 +1,17 @@
---
title: "Hystrix "
ring: assess
quadrant: tools
---
Hystrix is a very powerful library for handling failures, fallbacks and latency management within complex distributed environments. Netflix developed it and after years of experience, they are using it in almost each of their microservices. It evolved to a great library for handling resilience in complex architectures and covers solutions for the most common resilience patterns like:
- Fail fasts
- Fail silent
- Circuit Breaker
- Fallbacks (Static, Stubbed)
Beside from that purposes Hystrix also offers some helpful features like parallel and asynchronous execution, In-Request-Caching and other useful features for working with distributed systems.
Another useful component that you are able to use with Hystrix is his powerful dashboard that give you the ability of real time monitoring of external dependencies and how they are behave. Alerting is also able with that powerful dashboard.

11
radar/2017-03-01/imgix.md Normal file
View File

@@ -0,0 +1,11 @@
---
title: "imgix"
ring: assess
quadrant: platforms-and-aoe-services
---
[Imgix](https://www.imgix.com/) is an SaaS solution for delivering and processing images. When developing responsive websites, you will quickly reach the point where you need various versions of your images to achieve a good responsive user interface. You want high quality versions for retina displays but small versions for mobile devices with a slow Internet connection.
Especially when dealing with user-generated uploads, it is getting hard to create different versions for any supported device and breakpoint of your web page. Doing this manually is hardly an option.
At AOE, we decided to use imgix as an image processing service for some projects to solve this problem. The benefits of imgix are the simple API to create responsive images in real-time as well as the fast delivery over their CDN.

12
radar/2017-03-01/infrastructure-as-code.md Normal file
View File

@@ -0,0 +1,12 @@
---
title: "Infrastructure as Code"
ring: adopt
quadrant: methods-and-patterns
---
Infrastructure as Code (IaC) describes the process of managing all infrastructure resources via code. Treating infrastructure code the same way we treat application code, we can benefit from the same advantages of having a history in our version control system, doing code reviews and rolling out updates via a Continuous Delivery pipeline in a way that closely approaches how we handle application deployments.
Infrastructure code is often described in a declarative language und the target platforms figure out what to create, update or delete in order to get to the desired state, while doing this in a safe and efficient way. We've worked with [AWS CloudFormation](https://aws.amazon.com/de/cloudformation/) in the past, and while this is a great tool, you can only manage AWS resources with it and you need some more tooling around it in order to automate things nicely and embed it into other processes such as Jenkins Jobs. That's what we created [StackFormation](https://github.com/AOEpeople/StackFormation) for. Another tool that is actively developed is [Terraform](https://www.terraform.io/). Terraform comes with a lot of concepts that make managing environments easier out of the box and nicely embeds into other related tools. Also, Terraform allows you to manage a variety of different infrastructure providers.
Infrastructure as code should cover everything from orchestration of your infrastructure resources, networking and provisioning as well as monitoring setup. The orchestration tools mentioned above are supplemented by other tools such as Puppet, Chef or simple Bash scripts that take over provisioning the instances after they are booted.

18
radar/2017-03-01/jest.md Normal file
View File

@@ -0,0 +1,18 @@
---
title: "Jest "
ring: assess
quadrant: tools
---
[Jest](https://facebook.github.io/jest/) is a javascript testing framework by facebook to test javascript code **and** react applications / components.
We started using Jest (and [watchmen](https://github.com/facebook/watchman)) instead of Karma because it:
- gives us integrated mocking library
- gives us integrated support for testing "promises"
- gives us integrated code coverage report
- automatically runs tests related to changed files (instead of all tests)
- gives us parallel test execution
- gives us snapshot testing for react components
It is easy to set up. And even if you have a running setup with karma/chai you can easily replace karma with jest. With a small [workaround](https://medium.com/@RubenOostinga/combining-chai-and-jest-matchers-d12d1ffd0303#.3callo273), chai and jest test matchers work fine together.

11
radar/2017-03-01/job-dsl.md Normal file
View File

@@ -0,0 +1,11 @@
---
title: "Job DSL (Jenkins)"
ring: trial
quadrant: tools
---
The [Job DSL ](https://wiki.jenkins-ci.org/display/JENKINS/Job+DSL+Plugin)is a plugin for the Jenkins automation server. Jenkins jobs that automate parts of a software project are usually configured using the web interface of Jenkins. If Jenkins is the choice for your project and the number of build jobs tend to grow, the Job DSL plugin is your friend.
The plugin allows Jenkins jobs to be described by code (Groovy DSL). This code is then used for generating Jenkins jobs. As a consequence, job configuration can be part of the project's source code. During the generation step, existing jobs are synchronized, overwritten or left alone, depending on the configuration. The same configuration manages deleting or ignoring jobs that are not described in code anymore. Jobs can easily be restored in case of data loss and changed without clicking buttons for hours. The automation also makes it easy to seed large numbers of homogeneous components and builds on different branches.
The ability to treat Jenkins jobs as code is a big advantage. We highly suggest that every team automate the setup of their jobs and their pipelines. Another way of expressing build pipelines as code is the new [Jenkins Pipeline](https://jenkins.io/doc/book/pipeline/) feature - but still we see the need of Job DSL seeder jobs to seed the Jenkins pipeline jobs themselves and any additional jobs.

17
radar/2017-03-01/keycloak.md Normal file
View File

@@ -0,0 +1,17 @@
---
title: "Keycloak"
ring: trial
quadrant: tools
---
User management, authentication, authorization and Single Sign-On are part of most distributed systems nowadays. Building these sensitive and serious parts on your own might be a problem due to knowledge- and budget restrictions. Because of growing requirements in that field (social logins, single sign-on, federation, two-factor authentication, etc.), as well as growing security concerns, building these things on your own has become more challenging during the past decade.
As a consequence, the recommendation is: use an existing solution and connect it with your project's codebase using provided standards. Our recommended solution is the Open Source project JBoss Keycloak. We use Keycloak in our OM3 suite for several authentication-related use cases - such as user management for system users and single sign-on for customers. The OAuth access tokens can be used to secure APIs that access sensitive information.
Keyloak is based on standards such as OAuth2, OIDC and SAML2. Securing a distributed system is supported by adapters, which are provided by the Keycloak developers for different technology stacks. If there is no adapter for your technology stack, an integration on protocol level with a library is simple. A lot of configurable features require no coding in the integrated projects.
By design, the Keycloak project offers customizability and extensibility via so-called SPIs, e.g. a custom authenticator can be implemented to address project specific problems.
Keycloak normally runs standalone and can use various database products. A docker image is available to start in a containerized environment.
Keycloak might be overkill, depending on your project needs. For a simple integration with, for instance, a social login provider (Facebock, Twitter, etc.) Keycloak might be too much. For a JVM project, the pac4j library might be an alternative. If a cloud-based solution is preferred and data privacy concerns are not an issue, Auth0 might be the choice.

10
radar/2017-03-01/kubernetes.md Normal file
View File

@@ -0,0 +1,10 @@
---
title: "Kubernetes"
ring: assess
quadrant: platforms-and-aoe-services
---
Kubernetes is a container orchestration platform, which supports many different infrastructure providers. It allows you to deploy containers and takes care of running, scaling or self-healing your applications based on configurations you provide. It's based on years of knowledge and experience Google gained by using containers.
At AOE, we started Kubernetes in a test environment on bare metal to experiment with it. It's currently used for running AOE internal apps such as dashboards as well as running builds in containers. We also started to use it for upcoming projects to run and manage several services. There are Tools to automate the setup of kubernetes in AWS like [Cops](https://kubernetes.io/docs/getting-started-guides/kops/). Another helpful tool is [Minikube](https://github.com/kubernetes/minikube), which allows to test and run kubernetes locally.

10
radar/2017-03-01/maintain-third-party-packages.md Normal file
View File

@@ -0,0 +1,10 @@
---
title: "Maintain third party packages"
ring: hold
quadrant: platforms-and-aoe-services
---
Rebuilding and packaging software from "third parties" (e.g. PHP, MySQL, Redis, Nginx, Java,...) implies starting to maintain the packaging for the desired distribution.
Even with tool support and targeted for automation, we found that building those packages is very often unstable. The effort to keep up with the upstream changes (security changes, fixes, etc...) exceeds the benefit in most cases. We prefer to not create our own packages and rather use what's available in the distribution repository.

18
radar/2017-03-01/neo4j.md Normal file
View File

@@ -0,0 +1,18 @@
---
title: "Neo4j"
ring: assess
quadrant: platforms-and-aoe-services
---
Neo4j is one of the oldest Open Source Graph Databases. It's one of the rare NoSQL databases that is fully ACID-compliant. We see two main advantages of graph databases:
* for a lot of domains there is a natural way of modeling this in a graph (the Neo4j website says "everything is a graph"),
* and querying relations between nodes is very efficient in a graph database.
Neo4j database is implemented in Java and can therefore be embedded in your application if you live on the JVM.
You can also choose to run it in a classic server mode, which then provides you with the possibility to either use its REST API or connect to it via the BOLT Driver, which has native bindings for the most popular languages.
The cypher query language which comes with Neo4j is a declarative graph query language that allows for expressive and efficient querying and updating of the graph.
At AOE, we use Neo4j mostly for explorative, interactive work with weakly structured or highly connected data, also we are evaluating this for knowledge-based recommendations in our [Searchperience](http://www.searchperience.de/home.html) product.

10
radar/2017-03-01/node-js.md
View File

@@ -1,17 +1,17 @@
---
title: "Node.js"
title: "node.js"
ring: trial
quadrant: languages-and-frameworks
---
Node.js is a no- browser JavaScript execution runtime. Its basis is Google's V8 engine. [Node](http://nodejs.org/) is event-driven and follows a non-blocking I/O model.
Node.js is a no- browser JavaScript execution runtime. Its basis is Google's V8 engine. [Node](https://nodejs.org/en/) is event-driven and follows a non-blocking I/O model.
It's a good choice for restful APIs, realtime purposes or situations where many concurrent connections are expected, where each connection has a lightweight memory footprint. 
Its a good choice for restful APIs, realtime purposes or situations where many concurrent connections are expected, where each connection has a lightweight memory footprint.
Node allows separation of concerns by using its package manager [npm](http://npmjs.org/), which is also the largest ecosystem of Open Source libraries (modules).
Node allows separation of concerns by using its package manager [npm](https://www.npmjs.com/), which is also the largest ecosystem of Open Source libraries (modules).
Modules are added as dependencies and offer a wide range of functionalities in a range from simple helper functions to mature web frameworks such as [express.js](http://expressjs.com/de/).
Modules are added as dependencies and offer a wide range of functionalities in a range from simple helper functions to mature web frameworks such as [express.js](http://expressjs.com/de/).
Many PaaS providers (AWS, Google Cloud Platform, Azure) support node, including deployment and monitoring services out of the box for scalable stateless applications.

26
radar/2017-03-01/npm.md Normal file
View File

@@ -0,0 +1,26 @@
---
title: "NPM"
ring: adopt
quadrant: tools
---
[NPM](https://www.npmjs.com/) is one of, if not the most, popular package manager for JavaScript. Because of the big community, you can find nearly every dependency in npm.
Instead of other package managers such as [bower](/tools/bower.html), you have to write your packages as [modules](https://en.wikipedia.org/wiki/CommonJS). This unifies the way you have to use, test and, of course, understand dependencies.
NPM creates a tree for your dependencies and their nesting dependencies. Because of this, you don't need to handle version conflicts, since every dependency uses there own version of e.g. [webpack](/tools/webpack.html).
With [shrinkwrap](https://docs.npmjs.com/cli/shrinkwrap) you have a robust tool to lock down and manage the versions of your dependencies - following the [Pin (external) dependencies](/methods-and-patterns/pin-external-dependencies.html) approach.
For each package you have to classify your dependencies:
- dependencies are needed for use without the need of pre compiling, e.g. [lodash](https://lodash.com/)
- devDependencies are needed for development only, e.g. testing frameworks or pre compiler e.g. [babel](/languages-and-frameworks/babel.html)
- peerDependencies you have to provide for using the package
With [scripts](https://docs.npmjs.com/misc/scripts) you get support for the most common build lifecycle steps, e.g. build, start, test ...
Other useful features:
- mirror support for your own repository (e.g. [artifactory](/platforms-and-aoe-services/artifactory.html))
- can be used for server and client JavaScript development (see [node.js](/languages-and-frameworks/node-js.html) )

16
radar/2017-03-01/oro-platform.md Normal file
View File

@@ -0,0 +1,16 @@
---
title: "Oro Platform"
ring: assess
quadrant: tools
---
OroPlatform is a framework built on Symfony 2 with the purpose of providing the features you need in every business application that is not your core business logic. Hence, it serves you with a basic application, providing login and complex security, menus and menu management, history, audit trails, settings management, etc. It comes complete with a design and many widgets to be utilized in own entities. Other Features of OroPlatform are, for example, a WebSocket server-driven user interface, queue-based task runners, REST Interface, as well as messaging- and workflow systems.
One of the central features is that entities, which are to be managed within the system, can be set up completely by configuring them using the UI. This in itself implies that it puts another abstraction layer upon doctrine and symfony defaults.
As with every framework or application, the general-purpose goals and abstraction comes with drawbacks: In fact, OroPlatform modifies and extends the common way of doing things in Symfony in several places, which makes the developer's life hard at times. Also, the UI and package managing are set in such a way that they are hard to extend or replace. The many additional abstraction layers can result in decreased performance.
On the other hand, OroPlatform gives you a good headstart for prototyping and frees you from rebuilding common requirements - which makes it a relevant choice for business applications with the need to manage several entities in a backend. Also, projects such [Akeneo](/tools/akeneo.html) or OroCRM use OroPlatform with success.
Since the project is still young, the future development and improvements need to be watched. We classified the Framework as ***Assess***.

11
radar/2017-03-01/pair-working.md Normal file
View File

@@ -0,0 +1,11 @@
---
title: "Pair working"
ring: trial
quadrant: methods-and-patterns
---
We summarized the practices of pair programming and administrating as pair working.
Derived as a practice from eXtreme Programming (XP), pair programming is a method/pattern that aims for fine-scaled feedback within a team.
At AOE, some developers and operators work in pairs, not constantly, but from time to time. Most teams have positive experiences using this method, but not all teams tried the by-the-book-approach (driver and navigator principle). Especially for non-trival tasks, pair working results in rapid knowlegde exchange and better results with less bugs. We encourage the teams to try this approach more often.

14
radar/2017-03-01/phan.md Normal file
View File

@@ -0,0 +1,14 @@
---
title: "phan"
ring: assess
quadrant: tools
---
Phan is a static code analyzer for PHP7, which is very fast, since it uses the PHP 7 AST (abstract syntax tree). Phan basically offers some of the safety that otherwise only compiled type-safe languages have - such as checking function references and return types.
We expect at least the following benefits:
- Decreased bug density; possible bugs and issues are found early
- Safer code and higher code quality
We think Phan can be used in the deployment pipeline or as commit hooks for PHP 7-based applications. For a full Feature list check [here](https://github.com/etsy/phan#features).

7
radar/2017-03-01/php7-over-php5.md
View File

@@ -1,20 +1,17 @@
---
title: "PHP7 over PHP5"
ring: trial
ring: adopt
quadrant: languages-and-frameworks
---
PHP 5 has been around for a very long time, and can be considered as the PHP version that defined where PHP wants to go in the future.
With proper OOP, support for clojures and a steadily improving type system, it has become a very mature language.
However, in the past 3 years, Facebook introduced HHVM, which became a major influence on PHP 7 and eventually brought a lot of improvements not only for the execution speed, but also with proper type hints and other features.
Here at AOE, we have numerous PHP projects, and we often kept it backwards-compatible to make sure that it will run on older systems. This is comparable to the procedure most frameworks (Magento, OroPlatform and derived projects) use.
Now, PHP 5 has reached its end--of-life, and it is time to discontinue the backqards-compatibility in favor of better and more stable applications.
Even though we can use the PHP 7 runtime while being PHP 5-compatible, it is not considered good practice anymore, as we can now rely on the PHP 7 features and use all of its advantages.
One of the major points PHP 7 supports is proper typehinting and return types (apart from PhpDocs), which makes [static analysis](https://extranet.aoe.com/confluence/display/knowledge/phan) much easier and can improve the overall code quality significantly.
One of the major points PHP 7 supports is proper typehinting and return types (apart from PhpDocs), which makes [static analysis](/tools/phan.html) much easier and can improve the overall code quality significantly.

8
radar/2017-03-01/play-framework.md
View File

@@ -5,12 +5,12 @@ quadrant: languages-and-frameworks
---
The Play Framework is a lightweight (web)application framework for Java and [Scala](https://extranet.aoe.com/confluence/display/knowledge/Scala+Lang) programmers.
The Play Framework is a lightweight (web)application framework for Java and [Scala](/languages-and-frameworks/scala-lang.html) programmers.
A developer can choose from different modules to include necessary functionality such s accessing http resources, databases, and so on. As a consequence, the developer can choose, and is not distracted by or clobbered with irrelevant things. This approach is considered as minimalistic, but it is easy to include necessary functionality.
A developer can choose from different modules to include necessary functionality such s accessing http resources, databases, and so on. As a consequence, the developer can choose, and is not distracted by or clobbered with irrelevant things. This approach is considered as minimalistic, but it is easy to include necessary functionality.
Regarding the architecture, Play is stateless and built on Akka. As a consequence, Play applications have much lower resource consumption regarding CPU und memory and can scale easily. Play manages concurrency without binding a request to a thread until the response is ready.
Regarding the architecture, Play is stateless and built on Akka. As a consequence, Play applications have much lower resource consumption regarding CPU und memory and can scale easily. Play manages concurrency without binding a request to a thread until the response is ready.
With the use of "[Futures](http://docs.scala-lang.org/overviews/core/futures.html)" in your code you can turn synchronous tasks (such as IO or API call to another service) into asynchronous and you can build non-blocking applications. It is recommended to understand the principles Play uses to achieve performance and scalability.
Play can act as backend service delivering JSON, for esample. For building web applications. the [Twirl](https://www.playframework.com/documentation/2.5.x/ScalaTemplates) template engine enables server-side rendering of html pages. These html pages can include css and java script parts of your own choice.
Play can act as backend service delivering JSON, for esample. For building web applications. the [Twirl](https://www.playframework.com/documentation/2.5.x/ScalaTemplates) template engine enables server-side rendering of html pages. These html pages can include css and java script parts of your own choice.

12
radar/2017-03-01/postcss.md
View File

@@ -5,12 +5,14 @@ quadrant: languages-and-frameworks
---
PostCSS is a tool for transforming stylesheets with JavaScript plugins. It comes with a parser that reads your CSS file into an AST, pipes it through the loaded plugins and finally stringifies it back into a (transformed) CSS output file.
PostCSS is a tool for transforming stylesheets with JavaScript plugins. It comes with a parser that reads your CSS file into an AST, pipes it through the loaded plugins and finally
stringifies it back into a (transformed) CSS output file.
We at AOE love PostCSS because it gives us the power to use [CSS Modules](https://github.com/css-modules/css-modules), which finally ends the curse of global CSS.
We at AOE love PostCSS because it gives us the power to use [CSS Modules](https://github.com/css-modules/css-modules), which finally ends the curse of global CSS.
It also has a huge list of more than 350 other [available plugins](http://postcss.parts/). Sure, not all of them are useful, but the sheer number of plugins shows how easy it is to write your own plugin for it. In fact, it's just a matter of writing a single JS function.
It also has a huge list of more than 350 other [available plugins](http://postcss.parts/).
Sure, not all of them are useful, but the sheer number of plugins shows how easy it is to write your own plugin for it.
In fact, it´s just a matter of writing a single JS function.
Finally, PostCSS is very fast and easy to setup because it runs 100% in JavaScript.
Compared to [SASS](https://extranet.aoe.com/confluence/display/knowledge/SaSS) as a preprocessor, it feels much more powerful but at the same time less bloated with superfluous functionality because everything comes in its own little plugin.
Compared to [SASS](/languages-and-frameworks/sass.html) as a preprocessor, it feels much more powerful but at the same time less bloated with superfluous functionality because everything comes in its own little plugin

60
radar/2017-03-01/puppet-environments.md Normal file
View File

@@ -0,0 +1,60 @@
---
title: "Puppet Environments"
ring: assess
quadrant: platforms-and-aoe-services
---
Puppet
------
Puppet is an Open Source configuration management tool. It is used by a wide range of different companies world-wide, e.g. the Wikimedia Foundation, Mozilla, Reddit, CERN, Dell, Rackspace, Twitter, the New York Stock Exchange, PayPal, Disney, Citrix Systems, Spotify, Oracle, the University of California Los Angeles, the University of North Texas, QVC, Intel, Google and others.
Puppet has been the basic tool to address Continuous Configuration Automation (CCA) in AOE's [Infrastructure as Code](/methods-and-patterns/infrastructure-as-code.html) strategy (IaC) for more than 4 years.
Puppet Environments
-------------------
Intended to give projects the means to develop and maintain their own infrastructure, separated and not influenced by other projects, Puppet environments, together with Puppet module versioning and ENC, have been introduced.\
Puppet Environments are rated "Trial". It supports our strategy of Infrastructure as Code (IaC) and links it to our DevOps approach, enabling project teams to set up and customize their own infrastructure. 
Teams that want to use the Puppet Environments service from the AOE IT Team will find detailed information about the implemented CI/CD process for this.
Internal from here regarding IT Core Puppet Environments:
=========================================================
To cope with different repositories holding the code for the environments, we decided not to use r10k for managing environments. Instead, setting up an environment is done via a bunch of Jenkins jobs clearly separating responsibilities and concerns of the project teams and the core IT team.
Principles
----------
* Management of Environments automated as much as possible
* Clear Interface between IT and Project Team
* Separation of Concern between IT and Project Team
* Inversion of Control (You are the framework)
Responsibilities and Concerns
-----------------------------
![Responsibilities and Concerns](/assets/images/puppet-responisbilities-and-concerns.png)
Puppet environments allow for shadowing the commonly used default set of modules depending on an node attribute assigning a host to a specific environment.\
Core IT is the owner of the default environment, providing and maintaining a stable base set of modules, which can be used by project teams. It covers company-wide aspects such as user management, base layout of hosts, integration into the company's infrastructure as well as commonly-used and well-established modules.\
Project teams are holding their own versions of modules in separate environment repositories. QA and deployment is managed by the project's own Jenkins. In this way a project team has full control over the nodes assigned to its environment. Copying over modules from the default environment repository to the project repository pins project infrastructure to exactly the copied version of the module. On the other hand, extending a module in the project environment only affects nodes in the environment, and no other nodes.
Use Cases
---------
Possible use cases are
* Production Environments using a frozen snapshot of the default environment, thus decoupling from further development in the default environment and mitigating the risk of instability.
* Puppet Module Development, restricting changes in the Puppet source code to dedicated test nodes.
* Project-specific Environments, separating development of infrastructure code independent from and not influenced by other projects.\
This separation dramatically makes self-organization of the projects concerning infrastructure less daunting.
Rating
------
Puppet environments are rated "Trial". It supports our strategy of Infrastructure as Code (IaC) and links it to our DevOps approach, enabling project teams to set up and customize their own infrastructure. Additionally, they reduce interdependencies between projects and support the need for stability in critical production environments. Still, for historical reasons, dependencies between modules in the default environment and naming conflicts to standard modules provided by Puppet Forge are undermining the separation and independence of project environments, requiring further efforts in consolidating the existing code base.

15
radar/2017-03-01/rabbitmq.md Normal file
View File

@@ -0,0 +1,15 @@
---
title: "RabbitMQ"
ring: trial
quadrant: tools
---
RabbitMQ is an Open Source message broker - implementing the Advanced Message Queuing Protocol (AMQP) protocol. It provides a reliable and scalable way to transport data between loosely coupled applications, using different EAI patterns such as the Publish & Subscriber pattern. AMQP supports direct and fan-out exchanges (broadcasts) as well as topics. Queuing mechanisms allow for robust architectures, mitigating the risks of application downtimes. Typically, a RabbitMQ server can easily buffer millions of messages. RabbitMQ supports JMS in addition to AMQP. It is not intended to use JMS for new systems, but it makes RabbitMQ useful for integrating legacy systems.
There are several alternative solutions to RabbitMQ, e. g. the free Apache ActiveMQ, which is integrated in [Anypoint platform](/tools/anypoint-platform.html). ActiveMQ implements a somewhat simpler routing concept than RabbitMQ, but offers more protocols. Commercial products in this area are offered by IBM (Websphere MQ), Fiorano and almost every vendor of ESB products.
We use RabbitMQ internally for transferring messages safely in our logging ecosystem between [Logstash](/platforms-and-aoe-services/elk-stack.html) proxies and servers using direct and fan-out exchanges for delivering messages to appropriate destinations. RabbitMQ is also used to asynchronously trigger Jenkins jobs from our SCMs to mitigate heavy load on the SCMs, usually caused by Jenkins polls for SCM changes. Additionally, some critical events for monitoring are using RabbitMQ for guaranteed notification. 
RabbitMQ is rated "Trial". It fits into our approach to build robust, [resilient systems](/methods-and-patterns/resilience-thinking.html) and use [asyncronous messages](/methods-and-patterns/decoupling-infrastructure-via-messaging.html) for loosely coupled communications between components. In practice, RabbitMQ proved to be stable and dealt well with service interruptions from failures and maintenance slots. A common pain point is RabbitMQ as a single point of failure disrupting the data flow in a system. This issue is currently approached by setting up a HA cluster for RabbitMQ. The outcome of this approach will clarify the extent of future usage of RabbitMQ in our systems.
 ![](/assets/images/rabbitmq.png)

12
radar/2017-03-01/raml.md Normal file
View File

@@ -0,0 +1,12 @@
---
title: "RabbitMQ"
ring: adopt
quadrant: tools
---
[RAML](http://raml.org/) (the RESTful API Modelling Language) is a YAML-based API specification language. It's now available in [version 1.0](https://github.com/raml-org/raml-spec/blob/master/versions/raml-10/raml-10.md#defining-types). The philosophy behind it is to specify the API before implementation.
If you follow this philosophy, you can design your API and discuss it with your clients and team before implementing a single line of code. API consumers are able to implement against the API before it's really up and running. The [api-console](https://github.com/mulesoft/api-console) provides a beautiful online documentation with "try it" features for your raml definition.
The RAML ecosystem provides a rich toolset for code generation (e.g. [online editor](http://rawgit.com/mulesoft/api-designer/master/dist/index.html#/?xDisableProxy=true);[ api-workbench](http://apiworkbench.com/)), automatically generated documentation, code generation (e.g. [go-raml](https://github.com/Jumpscale/go-raml)), mocking, testing and much more. We prefer RAML over Swagger because of this.

8
radar/2017-03-01/react.md
View File

@@ -14,3 +14,11 @@ Components are the central point of React - once we fully started [thinking in r
After some 1.5 years of experience with React and the steady growth of the community and ecosystem around it,
we can confidently say that we still see great protential to build upcoming projects with React.
<!--except-->

6
radar/2017-03-01/redux.md
View File

@@ -5,10 +5,10 @@ quadrant: languages-and-frameworks
---
[Redux](http://redux.js.org/) helps us to maintain state in our frontend applications in a more predictable and clearer way. It is extendable though middleware, it has a great documentation and some awesome [devtools](https://github.com/gaearon/redux-devtools) that are especially helpful when you are new to Redux.
[Redux](http://redux.js.org/) helps us to maintain state in our frontend applications in a more predictable and clearer way. It is extendable though middleware, it has a great documentation and some awesome [devtools](https://github.com/gaearon/redux-devtools) that are especially helpful when you are new to Redux.
The functional concepts for updating the state, combined with immutable data, lead to extremely easy and enjoyable [unit tests](http://redux.js.org/docs/recipes/WritingTests.html) - this is maybe the biggest plus for us developers.
The functional concepts for updating the state, combined with immutable data, lead to extremely easy and enjoyable [unit tests](http://redux.js.org/docs/recipes/WritingTests.html) - this is maybe the biggest plus for us developers.
The official [react-redux bindings](https://github.com/reactjs/react-redux) also made it straightforward to weave Redux into our React applications. For asynchronous actions we use [redux-sagas](https://redux-saga.github.io/redux-saga/) which has proven itself as a better alternative for [redux-thunk](https://github.com/gaearon/redux-thunk).
The official [react-redux bindings](https://github.com/reactjs/react-redux) also made it straightforward to weave Redux into our React applications. For asynchronous actions we use [redux-sagas](https://redux-saga.github.io/redux-saga/) which has proven itself as a better alternative for [redux-thunk](https://github.com/gaearon/redux-thunk).
Currently, we use Redux only in our React projects, but we are evaluating it together with other frameworks such as Angular or Vue.js, as well.

12
radar/2017-03-01/rest-assured.md Normal file
View File

@@ -0,0 +1,12 @@
---
title: "Rest Assured (Testing)"
ring: trial
quadrant: tools
---
**[REST-assured](https://github.com/rest-assured/rest-assured)** is a Java DSL for simplifying testing of REST-based services built on top of HTTP Builder. It supports the most important http request methods and can be used to validate and verify the response of these requests.
At AOE, we use REST-assured with Spock to automate our API testing. We appreciate the easy-to-use DSL, which uses the Given-When-Then template (also known as Gherkin language). This template helps other project members to understand the code/test easily.
Because of the seamless integration with Spock and our positive experience in one of our major projects, we classify REST-assured as *assess.*

8
radar/2017-03-01/rxjava.md Normal file
View File

@@ -0,0 +1,8 @@
---
title: "RxJava"
ring: trial
quadrant: tools
---
[RxJava](https://github.com/ReactiveX/RxJava) is the Open Source Java implementation of ReactiveX. The main concept heavily relies on the Observer- (and Subscriber)-Pattern. An Observer emits a stream of data, which can be consumed by Subscribers. The Subscriber reacts (That's where the 'Rx' comes from) asynchronously to those data events. Reactive Extensions were originally developed by Mircosoft's Erik Meijer and his team and have been ported to all major programming languages after being released to the public as Open Source software. We use RxJava (but actually RxAndroid to be precise) in the Congstar Android App to let the UI layer react to changes in the underlaying data layer.

4
radar/2017-03-01/sass.md
View File

@@ -15,7 +15,7 @@ Core features of SASS are:
* Extends: CSS properties can be inherited
* SASS files can be split into modules, which leads to smaller files and better file structures
* Operators: Simple math calculations can be applied to CSS properties
* Easily to integrate in nodejs-environments and build tools such s [NPM](https://www.npmjs.com/), [Gulp](http://gulpjs.com/) and [Grunt](https://gruntjs.com/).
* Easily to integrate in nodejs-environments and build tools such s [NPM](/tools/npm.html), [Gulp](/tools/gulp.html) and [Grunt](/tools/grunt.html).
SASS has been widely adopted for many years and has evolved to an industry-standard backed by an active community since 2006.
@@ -27,4 +27,4 @@ More information:
* [SASS Language](http://sass-lang.com/)
* [SASSDoc](http://sassdoc.com/)
* [Improving Sass code quality on](https://www.theguardian.com/info/developer-blog/2014/may/13/improving-sass-code-quality-on-theguardiancom) [theguardian.com](http://theguardian.com)
* [Improving Sass code quality on](https://www.theguardian.com/info/developer-blog/2014/may/13/improving-sass-code-quality-on-theguardiancom) [theguardian.com](http://theguardian.com)

11
radar/2017-03-01/settings-injection.md Normal file
View File

@@ -0,0 +1,11 @@
---
title: "Settings Injection"
ring: adopt
quadrant: methods-and-patterns
---
While deploying applications to an environment, the application typically needs to be configured for that specific environment. Typical settings include domain names, database credentials and the location of other dependent services such as cache backends, queues or session storages.
These settings should not be shipped with the build package. Instead, it's the environment this build is being deployed to that should expose these values to application. A common way to "inject" these values is by making them available as environment variables or dynamically creating configuration files for the application. You can achieve this pattern without special tools - but this concept of settings injection also works with tools such as [Consul](/tools/consul.html) or [YAD](https://github.com/AOEpeople/YAD).
In this manner, the build package can be independent from the environment it's being deployed to - making it easier to follow the "Build once, deploy often" CI/CD principle.

13
radar/2017-03-01/sparkpost.md Normal file
View File

@@ -0,0 +1,13 @@
---
title: "SparkPost"
ring: assess
quadrant: platforms-and-aoe-services
---
Sparkpost is an SaaS service for E-Mail delivery and E-Mail templating that can be used to send E-Mails by calling an API.
In a lot of projects, it is a typical requirement that different E-Mails need to be sent and that the project stakeholders want to adjust E-Mail templates and content on a relatively regular basis.
Also, (mass) sending E-Mails and avoiding that they are classified as Spam is not an easy topic. That's why we decided to use E-Mail delivery services in our projects and evaluated different providers.
We decided to start using SparkPost because of pricing, feature set and the available reviews on the Internet. There are also other possible solutions such as SendGrid or Postmark.

4
radar/2017-03-01/spring-boot.md
View File

@@ -5,12 +5,12 @@ quadrant: languages-and-frameworks
---
With Spring Boot you create standalone Spring Applications with minimum configuration. [Spring Boot](https://projects.spring.io/spring-boot/) rapidly gets you up and running for production.
With Spring Boot you create standalone Spring Applications with minimum configuration. [Spring Boot](https://projects.spring.io/spring-boot/) rapidly gets you up and running for production.
With an embedded Tomcat, Jetty and Undertow you have everything you need to deploy your application out-of-the-box.
The Spring Cloud ecosystem also gives you a lot of extension points for developing, deploying and running cloud applications.
It's based on the rock-solid Spring framework and provides excellent documentation.
It's based on the rock-solid Spring framework and provides excellent documentation.
At AOE, we use Spring Boot in a microservice architecture. Together with Groovy as the implementation Language, and some other Tools (Spring Security, Cloud, HATEOAS, Data, Session) from the Spring environment, we are able to create complex and powerful applications in no time.

9
radar/2017-03-01/spring-rest-docs.md Normal file
View File

@@ -0,0 +1,9 @@
---
title: "Spring REST Docs"
ring: assess
quadrant: tools
---
[Spring REST Docs](https://projects.spring.io/spring-restdocs/) auto generates [Asciidoctor](http://asciidoctor.org/) snippets with the help of [Spring MVC Test](http://docs.spring.io/spring/docs/current/spring-framework-reference/htmlsingle#spring-mvc-test-framework) or [RestAssured](https://extranet.aoe.com/confluence/pages/viewpage.action?pageId=86937862).  So you can be sure that your tests are inline with the documentation.
At AOE, we use [Spring REST Docs](https://projects.spring.io/spring-restdocs/) to document our Rest Services and Hal Resources. We also use it to auto generate [Wiremock](/tools/wiremock.html) Stubs, so the consumer of the service can test against the exact API of the service.

13
radar/2017-03-01/styleguide-driven-development.md Normal file
View File

@@ -0,0 +1,13 @@
---
title: "Styleguide Driven Development"
ring: trial
quadrant: methods-and-patterns
---
The goal of Styleguide Driven Development is to develop your application user Interface independently and reusable in a Pattern Library.\
In the old days, the frontend was developed based on page-centric Photoshop files which made it hard to change things afterwards. With styleguide driven development you build smaller elements, which are reusable in all of your frontends.
You can start developing your UI components (HTML/CSS/JavaScript) very early in the production phase without having to wait for a ready-to-use development system.\
Designers and Testers can give feedback early and you can share the documentation and code with external teams.
At AOE, we use [Hologram](https://trulia.github.io/hologram/) to build a living documentation right from the source files. Whenever a new UI Element is needed, a developer starts building it in the styleguide -- not in the actual application code. By writing the code for the new component, the documentation for it is created instantly. Any other developer can easily see which elements exist and how it can be used in the code.

6
radar/2017-03-01/symfony-components.md
View File

@@ -5,8 +5,6 @@ quadrant: languages-and-frameworks
---
Symfony Components are part of the [Symfony Framework](https://symfony.com/) and they are designed as decoupled and reusable PHP components.
Symfony Components are part of the [Symfony Framework](https://symfony.com/) and they are designed as decoupled and reusable PHP components.
Their use cases vary from simple little helpers such as a [beautified var_dump](http://symfony.com/doc/current/components/var_dumper.html) to more complex ones such as access control, list-based [security mechanisms](http://symfony.com/doc/current/components/security.html) and an easy-to-integrate [console component](http://symfony.com/doc/current/components/console.html) to give your already existing applications some CLI capabilities. They are [used by a lot of PHP-based projects](http://symfony.com/projects) such as Typo3, Magento, Composer, PHPUnit and Doctrine, with contributions continually taking place.
If you are planning the next project with PHP components, you should have a look at the [Symfony Components list](http://symfony.com/components), which includes a lot of well-designed, decoupled [Open Source pieces of PHP code](https://github.com/symfony).
Their use cases vary from simple little helpers such as a [beautified var_dump](http://symfony.com/doc/current/components/var_dumper.html) to more complex ones such as access control, list-based [security mechanisms](http://symfony.com/doc/current/components/security.html) and an easy-to-integrate [console component](http://symfony.com/doc/current/components/console.html) to give your already existing applications some CLI capabilities. They are [used by a lot of PHP-based projects](http://symfony.com/projects) such as Typo3, Magento, Composer, PHPUnit and Doctrine, with contributions continually taking place. If you are planning the next project with PHP components, you should have a look at the [Symfony Components list](http://symfony.com/components), which includes a lot of well-designed, decoupled [Open Source pieces of PHP code](https://github.com/symfony).

4
radar/2017-03-01/typescript.md
View File

@@ -17,6 +17,6 @@ TypeScript continues to be actively developed by Microsoft and is also well-Inte
The excellent strucure and the possibilities for extension make it a good choice to consider for larger JavaScript projects.
Typescript was the choice for [Angular 2+](/tools/angular-2.html) and one can assume that it will get more traction with the success of Angular 2 in the future.
Typescript was the choice for [Angular 2+](/languages-and-frameworks/angular-2.html) and one can assume that it will get more traction with the success of Angular 2 in the future.
There are also projects that support Typescript „code execution“ on the server such as [ts-node](https://www.npmjs.com/package/ts-node).
There are also projects that support Typescript „code execution“ on the server such as [ts-node](https://www.npmjs.com/package/ts-node).

11
radar/2017-03-01/typo3-as-a-framework.md Normal file
View File

@@ -0,0 +1,11 @@
---
title: "Typo3 as a Framework"
ring: hold
quadrant: tools
---
We should avoid building new projects around TYPO3 by default. A lot of past projects started with CMS-only features in the beginning, and, for example, developed toward highly customized E-Commerce platforms. Instead of rearranging the architecture in a useful way, functionality was built on top of TYPO3's core and its extension framework Extbase. In the context of larger projects, this lead to deployment monoliths and the inability to integrate new technologies.
While in the past it was easy to kickstart a TYPO3 project with AOE's custom-tailored kickstarter, we now have a lot of knowledge and tools available to start projects with a much smarter architecture.
This does not mean you shouldn't use TYPO3 anymore, but use it as the tool it is: a content management system.

30
radar/2017-03-01/webpack.md Normal file
View File

@@ -0,0 +1,30 @@
---
title: "Webpack"
ring: trial
quadrant: tools
---
[Webpack](https://webpack.js.org/) is a web bundler for JavaScript applications. Instead of writing scripts to build and bundle your app like you would with [Gulp](/tools/gulp.html), you just define what files you want to load into your bundle.
In the following example, we define that JavaScript files should be handled by babel-loader, excluding the files from node_modules. The logic behind the process comes from the [loader](https://webpack.js.org/concepts/loaders/). You can find the right loader in [npm](https://www.npmjs.com/search?q=loader%20webpack&page=1&ranking=optimal).
`{`
`test: /\.js$/,`
`loader: 'babel-loader',`
`exclude: /node_modules/,`
`},`
On top of that you can use [plugins](https://webpack.js.org/plugins/) to optimize your bundle like uglifying your code or put your common libraries in a separate file.
Under the hood, you've got nice features such as:
- [tree shaking](https://webpack.js.org/guides/tree-shaking/) to just bundle the features from a library you need
- [chunk splitting](https://webpack.js.org/guides/code-splitting/) to split your code to manage the load prioritization
The configuration is simple and there is excellent and extensive [documentation](https://webpack.js.org/configuration/).

15
radar/2017-03-01/wiremock.md Normal file
View File

@@ -0,0 +1,15 @@
---
title: "Wiremock"
ring: trial
quadrant: tools
---
**[WireMock](http://wiremock.org/docs/)** is an HTTP mock server - it can be used to mock APIs for testing.
At its core, it is a web server that can be prepared to serve canned responses to particular requests (stubbing), and that captures incoming requests so that they can be checked later (verification). It also has an assortment of other useful features including record/playback of interactions with other APIs, injection of faults and delays, simulation of stateful behavior. 
It can be used as a library by any JVM application, or run as a standalone process either on the same host as the system under test or a remote server. All of WireMock's features are accessible via its REST (JSON) interface and its Java API. Additionally, the mock server can be configured via JSON files.
At AOE, we use WireMock as a standalone server to mock APIs that are outside our system context to get a stable environment for testing and rapid feedback. Besides the decoupled test and development advantages, the mocked APIs can also be used in contract-based tests. We also use embedded WireMock in functional tests to stub external services. The explicit test of faults are especially helpful in building and testing the [resilience of your application](/methods-and-patterns/resilience-thinking.html).
Because of the features such as flexible deployment, powerful request matching and record/payback interactions, as well as the fact that the server runs stable in our project environments, we classify WireMock as *trial*.

10
radar/2017-03-01/xataface.md Normal file
View File

@@ -0,0 +1,10 @@
---
title: "Xataface"
ring: hold
quadrant: platforms-and-aoe-services
---
In the past, we used a custom-developed toolset with Xataface,T3Deploy and a settings migration tool as an easy way to manage TYPO3- and Magento-related configurations and to automatically create environments on our shared integration/dev-servers.
Today, there is no advantage or need for Xataface. Don't use it anymore

9
radar/2017-03-01/xmlunit.md Normal file
View File

@@ -0,0 +1,9 @@
---
title: "XMLUnit"
ring: assess
quadrant: tools
---
[XMLUnit](http://www.xmlunit.org/) is a Java and .NET testing framework for XML documents. It is very useful for performing contract tests with SOAP interfaces or other XML-based message types.
Comparing strings of XML can lead to instable tests because of the changing order of elements or changed values, etc. XMLUnit provides features to address these issues. It is possible to validate against an XML Schema, use XPath queries or compare against expected outcomes. It also comes with a nice diff-engine which makes it easy to check the parts of an XML document that are important.