Homepage of Matthew Brooks

I make things… sometimes

Best setup for Web Development in a group setting 27.10.11

Recently, a former co-working, Chris Horlick, asked me what the best setup would be for Web Development in a group setting.

I need some suggestions. Whats the best tool/setup for doing web development in a group setting? The requirements are a centralized code repository, a location to test development code on, and finally a way to push tagged code out to a staging server. What im thinking is svn/redmine for code repo, each user has an account on a central development machine to allow for ssh access(eclipse over ssh) and their own virtual host one the dev server. Code is tested then checked back into svn and later tagged and pushed out to the staging server. Yeah? Thoughts comments or recommendations?

*Also, in a dev environment what is the best way to handle databases? Is it wise to pull from the production database? Also should each developer have his/her own db or work off a master db?

I decided to make my response public in hopes that it may be useful to someone:

First off, SVN or Git version control is a must if you are developing in any kind of group environment.

It is best to have 3 different types of setups for servers; A production server (running a tag), A staging / test server (which runs trunk), and dev server or local environment (running a branch).

How you go about setting this up really depends on the framework you are using. There really is no good way to dev for PHP in a group environment. I’ve learned the best way to dev for PHP is to have a shared Dev server setup with SMB shared drive to aptana (unless everyone uses vi). We use SMB because frankly a SSH mount is too freaking slow. The actual staging server setup is a lot more complicated than I want to go into, but it’s a lot of work to get up and running. The main point to it all is that development should never be done in Trunk and should never be done on the actual main staging or testing site. Just about every other language besides PHP has support for Development instances built into the framework. Ruby on Rails, Django, and Java all let you run multiple Dev instances on your local machine which makes things really nice.

The database work pretty much the same way as the production, staging, dev setup. Each instance should have it’s own MySQL server. You should NEVER use mysql or any admin tool to create or modify DB schema. This should always be scripted out. Once again, PHP in general is lacking in this area, however you may be able to find a tool or Framework to handle schema versions correctly. Rails and Django have DB migration tools built into the framework and make updating and playing with DB schema easy. With both Rails and Django, DB development is always done in sqllite and then testing and production can be done in mysql. This allows for a more flexible development environment.

Rolling out a tag to a server is mainly process driven. It’s best to document the process and always follow it. We create the tag from the staging server’s trunk after it passes all of our tests. The roll out is very simple. We have also played around with tools called Capistrano that rolls out branches from SVN or Git to product or test servers. Capistrano is really nice once it is setup. Use Capistrano if you can.

12 Questions For Service Providers 10.07.10

Read Write Web had a great article about 12 questions you should ask a Service Provider. The article is more for Cloub Services, but I think it applies to pretty much anything IT related. If you are part of an IT organization, you really need to be thinking about the questions addressed below.

This is an excerpt from Read Write Web below.  You can find the original article here.

SaaS Chronicles has put together a good list that can help gain more insights into security and provide some additional context for the ways data does flow in the cloud:

  1. Where will my data be stored?
  2. Who will have access to my sensitive data?
  3. What controls do you have in place to ensure safety for my data while it is stored in your environment?
  4. What type of employee / contractor screening you do, before you hire them?
  5. Will my data be replicated to any other datacenters around the world (If yes, then which ones)?
  6. What is your Disaster Recovery and Business Continuity strategy?
  7. Is your Cloud Computing service SAS70 compliant?
  8. Do you offer single sign-on for your services?
  9. How do you detect if an application is being attacked (hacked), and how is that reported to me and my employees?
  10. Do I have full ownership of my data?
  11. Will you provide me my data in a readable format – Pdf, Excel, Access…?
  12. Do you offer a way for me to run your application locally and how quickly I can revert to the local installation?