DrupalCon Nashville 2018 – Higher Education Summit Notes

2 minute read

I will be leading two sessions at the DrupalCon Higher Education Summit on Monday, April 8th, 2018, and I’m using this post for my preparation notes.

You can find all the virtual directory for all the Higher Education Summit Session notes here.

Note: these agenda items are not hard-and-fast discussion items. Depending on session attendees and details I cannot anticipate, these discussions tend to grow a life of their own. I find that nearly always, the actual discussion turns out far better than I anticipate. Caveat lector.

Session 1; 11:20 AM – 12:20 PM

Continuous Integration / Continuous Development Strategies

Agenda

  • Spread out and speak up
  • Volunteers for note-keeping
    (Google docs allows for multiple authors. The more the merrier)
    Link to the session notes
  • Introductions
    Tell us your name, title, what you do, and your efforts at CI/CD so far?
  • What is Continuous Integration / Continuous Development (CI/CD)? What is it NOT?
    • Continuous integration is the integration of code commits with building, testing and deploying these commits. (1)
  • What are the tools and components of CI/CD? What are you using? (1)
    • Gitlab-ci, Jenkins, Circle-CI, Travis, git-commit hooks
    • Ansible, Git workflow, dev vm or docker, task runners, package managers, repositories
    • Functional testing, Behat testing, coding standards, linting, static analysis
    • Deploy, pipelines, stages and tasks At Duke’s Trinity School of Arts & Sciences, we’re using gitlab-ci. We have used Jenkins, we still have a 2-year old Jenkins server, but we prefer gitlab-ci.
  • How long have you been using CI/CD?
  • What benefits have you seen because of your adoption?
    • Improving quality, consistency and process speed How would you like to extend your CI/CD adoption?
  • What are some blockers or obstacles to implementation?
  • Examples or potential CI/CD workflows
  • Examples of shared CI/CD resources

Session 2; 1:30 AM – 2:30 PM

Web Accessibility, led by Joel Crawford-Smith

Led by my fellow Dukie, Joel, with whom we collaborate frequently. Looking forward to his session.

You can find his session notes here

Session 3; 2:30 AM – 3:30 PM

Holistic DevOps & Drupal Security

  • Spread out and speak up
  • Volunteers for note-keeping
    (Google docs allows for multiple authors. The more the merrier)
    Link to the session notes
  • Introductions
    Tell us your name, title, what you do, and your efforts at security so far?
  • Why “Holistic?”
  • What are the tools and means of Security? What are you using?
    This is a multi-pronged front:
    • Policy and Governance
    • Identity, membership and SSO
    • CI/CD
    • Firewall
    • OS
    • Stack
    • Third-party integrations, events, faculty profiles, courses
    • Third-party vendor-built websites
    • Drupal
    • Scanning, such as NetSparker
  • How have your efforts evolved over the years?
    • Compare and contrast your response between Drupalgeddon and Drupalgeddon II
  • What benefits have you seen because of your efforts?
    How would you like to extend or enhance your security?
  • What are some blockers or obstacles to enhancing or extending?
  • Examples or potential security workflows
  • Examples of shared security resources