quality control in development
TRANSCRIPT
Safe harbor statement under the Private Securities Litigation Reform Act of 1995:
This presentation may contain forward-looking statements that involve risks, uncertainties, and assumptions. If any such uncertainties materialize or if any of the assumptions proves incorrect, the results of salesforce.com, inc. could differ materially from the results expressed or implied by the forward-looking statements we make. All statements other than statements of historical fact could be deemed forward-looking, including any projections of product or service availability, subscriber growth, earnings, revenues, or other financial items and any statements regarding strategies or plans of management for future operations, statements of belief, any statements concerning new, planned, or upgraded services or technology developments and customer contracts or use of our services.
The risks and uncertainties referred to above include – but are not limited to – risks associated with developing and delivering new functionality for our service, new products and services, our new business model, our past operating losses, possible fluctuations in our operating results and rate of growth, interruptions or delays in our Web hosting, breach of our security measures, the outcome of any litigation, risks associated with completed and any possible mergers and acquisitions, the immature market in which we operate, our relatively limited operating history, our ability to expand, retain, and motivate our employees and manage our growth, new releases of our service and successful customer deployment, our limited history reselling non-salesforce.com products, and utilization and selling to larger enterprise customers. Further information on potential factors that could affect the financial results of salesforce.com, inc. is included in our annual report on Form 10-K for the most recent fiscal year and in our quarterly report on Form 10-Q for the most recent fiscal quarter. These documents and others containing important disclosures are available on the SEC Filings section of the Investor Information section of our Web site.
Any unreleased services or features referenced in this or other presentations, press releases or public statements are not currently available and may not be delivered on time or at all. Customers who purchase our services should make the purchase decisions based upon features that are currently available. Salesforce.com, inc. assumes no obligation and does not intend to update these forward-looking statements.
Safe Harbor
Quality Control (Noun)
A system for verifying and maintaining a desired level of quality in an existing product or service by careful planning, use of proper equipment, continued inspection, and corrective action as required.
Quality Assurance (Noun)
A system for ensuring a desired level of quality in the development, production, or delivery of products and services. A planned and systematic pattern of all actions necessary to provide adequate confidence that the product optimally fulfils customers’ expectations, i.e. that it is problem-free and well able to perform the task it was designed for.
What is It? Quality Control
Proactive & Early Identification
• Business Requirements
• Governor Limits
• Architecture Decisions
• Development Standards
• Test Classes
• Code Structure
• Naming Conventions
• Security
What is It? Quality Control
When? Quality Control
Dev SB3 Dev SB2
Dev SB1
Proj2 Shared Dev SB
Source Control
QA/UAT Integration Partial SB
Staging Full SB
PROD
Dev SB3 Dev SB2
Dev SB1
Proj1 Shared Dev SB
Develop Dev / Integration
Test QA / System
Test
UAT / Staging / Performance
Test
Full Sandbox
Partial or Full Sandbox
Dev Pro Sandbox
Dev Pro Sandbox
Dev Sandboxes
Dev Sandboxes
Production Org
Reduction in Cost to Fix
• Early identification of Bugs
Minimization of Maintenance Cost
• Use of click-config options when possible
Future-Proof Code
• Robust test classes for automated regression testing
Minimize Security Risks & Governor Limit Issues
• Best practices, security risks, and limits are reviewed
Self-Documentation & Easier Enhancement Ability
• Naming conventions, comments, and best practice standards implemented
What are the Benefits? Quality Control
An evaluation of a person's work or performance by a group of people in the same team
Who: Developer within same team
What: Full review, with extra focus on Business Requirements and Architecture, in context, for a specific build request
Why: Early detection & remediation of issues
What is It? Peer Reviews
Does it meet the business requirements specified?
Is it possible to accomplish with click-config?
Does it meet the development standards and best practices?
Are sufficient and appropriate test classes created for the classes & methods?
Do the test classes run successfully?
Is the code structured reasonably?
What do you look for? Peer Reviews
Does not meet all requirements for component
Insufficient test classes and scenarios
Could be accomplished with other functionality
Does not follow development standards or best practices
Hits governor limits
Has security issues
What are some common issues found here with Salesforce development? Peer Reviews
A review performed by competent, objective reviewers who are independent of the developer
Who: Reviewer outside of development team
What: Detailed review with extra focus on standards, architecture, limits, best practices for an entire initiative’s build (potentially multiple developers)
Why: Ensures all changes follow best practices and standards, and have appropriate test classes for future issue detection
What is It? Independent Reviews
Is it possible to accomplish with click-config?
Does it meet the development standards and best practices?
Are sufficient and appropriate test classes created for the classes & methods?
Do the test classes run successfully?
Is the code structured reasonably?
Are there security issues?
Are there governor limit issues?
What do you look for? Independent Reviews
Test Class coverage insufficient
Uses “without sharing” for no reason
Uses “seealldata” for no reason
Doesn’t utilize a Test Data Factory & @isTestSetup
Incorrectly uses / places the startTest / stopTest methods
SOQL or DML or @future calls inside loops
No or insufficient assert statements
Lingering Debug statements
No or insufficient Comments
Invalid naming conventions used
Could be accomplished with other functionality
What are some common issues found here with Salesforce development? Independent Reviews
These standards will provide:
• A standard configuration guideline for Salesforce
• A standard guideline for Apex and Visualforce development
• Hints and tips and best practices for development.
• Easier maintenance/enhancement through consistent standards.
• Consistency with Java programming language naming conventions
The standards should be applied to all new development work and should be introduced to existing projects as far as is practically possible.
Creating Development Standards How to Get Started
Create an app:
• Developers submit Review requests
• Reviewers leverage Excel template for Review
• Reviewers upload Review results
• Reports analyze developer effectiveness
Formalizing the Review Request Process How?
What is Quality Control?
What are the benefits of implementing Quality Control?
When should reviews be done?
What is involved with Peer Reviews?
What is involved with Independent Reviews?
How do you get started?
How do you track and formalize this process?
What did we cover? Summary
• Free security tool at http://security.force.com/security/tools/forcecom/scanner to identify potential security risks
• Additional security best practices available at http://security.force.com
• Free CodeScan Apex PMD Eclipse plugin from http://codescan.villagechief.com/eclipse/ to identify coding standards discrepancies within apex code
• Java Code Conventions http://www.oracle.com/technetwork/java/codeconventions-150003.pdf
• Understanding Execution Governor & Limits http://www.salesforce.com/us/developer/docs/apexcode/index_Left.htm#StartTopic=Content/apex_gov_limits.htm
• Apex Code Cheat Sheet https://ap1.salesforce.com/help/pdfs/en/salesforce_apex_developer_cheatsheet.pdf
• Visualforce Cheat Sheet https://ap1.salesforce.com/help/pdfs/en/salesforce_visualforce_developer_cheatsheet.pdf
• Sample Review Results App (with Excel Template & Standards Template): https://na16.salesforce.com/packaging/installPackage.apexp?p0=04ti0000000gUmO
Mentioned during Discussion Useful Tools