 Hello, everyone. Today, I will be talking about automation as a core IT principle. I think it's really a key concept that a lot of company don't work with. And we all spend a lot of time doing copy and paste or waiting for a date, checking security issue and stuff like that. I think a lot of this can be automated and should be automated in our company. I'm Jean-Verolier. I'm working as a principal engineer in LRMS. You can find me on pretty much everywhere with a nickname Sheplu, except on Twitter, where I use Chef Sheplu. I'm also really passionate about community and how you should bring community in your company or maybe take time to work with community outside. And as a previous trainer, I'm also really keen to work and to speak about sharing, mentoring people and how it could be great for everyone. I like to travel. I'm French and I also love food from everywhere. So let's start. Before starting with automation, I think it's really, we should begin with speaking really fast with agile and DevOps because for me, it really linked. I think you all know this image of the DevOps with every part where everything is linked. So I don't want to really spend a lot of time. But if we check, we work with a lot of different plan release, monitor, deploy a lot of stuff. And for me, maybe a half of this part can be automated. So yeah, first of all, when you speak about DevOps, you don't really have, you maybe have your own definition because we don't really have an official definition for DevOps, it will really depend from one company to another company. But for me, my definition I really like to use is that DevOps is not really a tool of a process, but mostly a practice that value continuous communication, collaboration, integration, and automation across an organization. I see a lot of company which really work and try to bring a DevOps with the continuous communication, collaboration, and integration. But for me, the automation part is mostly not present in the company. And agile and DevOps are really linked too because it's almost the same mindset. You want to have a continuous evolution of your people, of your project. You try to produce, gather feedback, improve on feedback, and you start over and you start over again and again. From the same way, you try to come in knowledge of people, people with an experience and capacity capabilities, but also to bring and to build a team with multiple areas of expertise. It's not just a team which only know how to handle a cloud provider. Another team just know how to build an API. The other one really is only aware on how building a mobile application or stuff like that. You try to bring everyone with an expertise to build across a team with different kind of expertise. In DevOps, we have a lot of stuff that are going on, but mostly for me, DevOps should not be only in one team but across the company. So it should lead to build and to share code with library, common library between teams, but also you can work with trying to have the same CI CD process, maybe work on infrastructure as code, reusable infrastructure as code, or to provide feedback from between all the team. If you don't have this kind of global DevOps mentality, and we call that, it's really hard for the company and even for the team because mostly the teams and the company will lose knowledge every time someone leaves the company. You will also have multiple implementation of the same part. We, maybe you will have multiple team working on infrastructure as code solution to deploy the same kind of container or maybe some front end. Your time to market will be higher as you will need to develop and rebuild every time the same stuff. And mostly you will also have a run and maintenance cost that will be higher because you will need to maintain not just one library, but maybe 10 libraries across the company. So yeah, that's why automation for me could be really great and bring a lot of stuff when you are already in this kind of mindset to have a global DevOps agile environment in your company. So as of today, we have most of the company or at least a lot of company are moving from the, let's say old monolithic solution to write code to really try to split API and project in microservices architecture, maybe even serverless architecture. So it's really used more and more every day. But by having that shift from one big project which is breakdown to multiple microservices project, you will lower the complexity of each project, which is great. But the downside is that you don't need to update one project that you will have maybe 10, 20, 30 project you will need to take care of, to update, to upgrade, to check security issue every day. So it's a lot more. And mostly it's a basic task because you will have to go to each project, maybe run some kind of NPM audit or NPM update, wait for the result and push through a pipeline or a normal pipeline. So it takes time to people to review that to just handle this basic task. So bit of a story time for me. I'm working with one of my team, one of my squad, we are six. So six DevOps, which are mostly API with Node.js but also Terraform code. We need to deploy in five environments every time from dev to production. We maintain more than actually three library which are used by us, but also by other teams. We handle three deployment project to deploy mostly API but also Docker and frontend application. And if I want really just to focus on API part because it's our main task, it's almost or it's at least 70 plus different kind of project for around 400 endpoints. We also support other team. Like I said, it really depends. But so we have a lot of stuff to do every time if, and we try to have the same base for each project. If tomorrow we have an issue with our HTTP library, this means we will need to update 70 plus library, which is a lot of work for a team of six to redeploy, test everything. It can take a lot of time. So around a year ago, I started to work to improve that because we had issues. How can we maintain this number of project? How can we really do our job and be sure to deliver the best solution and up to date solution without security issue and optimize with the latest version of everything? How can we also provide the best support for other team? Because other team rely on us to provide some libraries as they use as some kind of HTTP libraries to parsing or error libraries, stuff like that. How can we from outside have feedback from the other team? Just not from people, but also re-analyses and from the daily use ages from which version are used or stuff like that. And last but not the least, how can we update everything when we deploy a new version, when we create a new version of one of our library? How can we update every project without taking a week, a month or stuff like that? So that's the main issue. So for us, really, we started with trying to have first a base project every time we want to start again a new project, a new API. So some kind of template, a good start for a project. So it was the first step, quite easy. So every time we needed to deploy a new project from dev to production, so kickstart a new project, it would take us basically one hour. We did a lot of manual operation as someone had to pull the project, check it if it was up to date on his computer, copy and paste on a new folder, he said the Git, the Git remote, stuff like that, maybe, and just basically create a new magic way, set up the project on GitLab, configure the GitLab project, everything like that. So it takes a lot of time, and for us developers, I think it's not really what we want to do, we are not really keen to just working days and days to copy and paste and to check that. So we did some automation, and we work mostly to try to improve our processes. So that's one key issue for us is to create a new project. It can take time. The second part is really when we need to update a project. Like I said, we handle the libraries, when we update it, we want to use it in all our solution, our project, how can we update everything? Because it's 70 plus projects, it takes a lot of time. You have the MR2 Review, Check2Review, maybe other stuff really based on this project. So it can take a lot of time. It can be just update also on public dependencies, maybe to add new requirements from the company, maybe on security, on logging issue, and tracing solution, and update, like I said, internal library. So it's two main parts for us. Main issue is one, we want to create a project and to deploy it really fast. And on the other end, we want to be able to update our project really fast without taking a lot of time, human time to do so. So we worked on automation a lot. We wanted to create something that did it all for us. So that's what I really want to show you right now. It's just, let's say an internal solution for now, but I will come back to that a bit earlier. So yeah, so I have a terminal, an empty folder right now. We created and worked to create some kind of a library, let's say a CLI tool, to improve and set up everything for us. So the library is named Condense, and I will speak about that a bit later. So we have, let's say currently two modes, the create mode and update mode. So the create mode allow you to create a project really fast. So yeah, let's create a project, hello OpenGS, I already created a folder, so no, I don't want to create a folder. I have multiple choice. So you see, we work with React, with REST Lambda. So I will want you to set up a REST Lambda. It will automatically gather the latest version of this project or this, let's say template or bootstrap project. It will get it installed, copy pass every file I need, every base file I need, also install all dependency. I hope it won't take too long. But the idea behind that is that, with that, okay, great, it's finished. It's already finished. So now I have a full project which is working if I try to run our dev setup, okay. It's created a basic, okay. So, okay, so I do a curl request, basically on the previous project deployed. Okay, so if I send a string three, I get a JSON value, a JSON output, which is a value three, okay, great. It's just a basic API for us. So nothing really important on that. But what can be great if it's, if tomorrow I want to update the solution, maybe not returning the same value or just updating can be a lot of stuff. The condom CLI also allow you to update without a typo. We can update it. So on this one, you see it restarts the server just now. So on this one, it's just a basic update. So this update is really just to channel to show you the main idea behind that. So if I do my curl again, now the value is 31 because on my update, I just asked the project to update my solution to change, to return the parameter which was given for three to add a plus one. So because it's handle as a string, it will have, it will just concatenate. But you see with this kind, with this little demo, with this fast demo, we were able to update my projects. The idea behind that is really to be able to update everything on our project. So on this project, I will come back. So we have a lot, I have a lot of feedback about that. So first, moving to a full automation or at least to try to automate more and more stuff is always a big win. Because first, your people and every developer and even manager and everyone will be able to focus on meaningful tasks. You want to spend your time writing code, maybe architecture project, not just copy-pasting and updating your project and running NPM audit and NPM update every day. You don't waste your time. You also, when you create new project or maybe when someone will update a project, mostly you won't have any mistake because maybe you will forget to check your project or maybe you will not update it, miss to update one key solution, one key dependency you need to add to your project. It's also a bit of a shift of mindset because with this kind of solution, the idea is to really bring a solution which is working for everyone in the company. So the idea is really to break the silo between project and to have everyone working together. You also have more communication between teams. So that's really great. At least for me, I think it's really great to be able to have a full company working on key projects like that, which improve the daily life of everyone. In number, basically. So now we can, as you saw, we can set up and deploy a full project. So it stayed on my computer, but mostly behind that, if you want to push it to how GitHub or GitHub solution, it will set up everything from the GitHub project to the magic automatically. So we create the magic quest, setting up the GitHub repository and handle everything automatically. So you can have two mode when you need to have a validation from a human, so normal, let's say approval, or bypassing this kind of step and running every pipeline into production. It's also for us do a check every night on all our projects. It also provide analysis because on the feedback on all projects, we will have, I didn't show that, but after the update of dependency and stuff like that, we will have a record of what have been done and a notification will be sent. So we have a track of everything. So we update our project, audit and dependency, and you try to fix everything. It also updates the code base when we have global changes. So it's a bit harder to set up because it's not just an NPM command to run, but it's also possible. And like I said, it creates complete magic quest and creates a pipeline on our solution to just be able to deploy it. So every night, our solution is deployed automatically which handle security issue, dependency issue or at least CDE we can find or stuff like that. So for us, it's really nice because we don't spend time working on that. We are notified of everything. So we keep track of every changes. But we also have this solution to first help people to build with the same standard as us in the company. So it's way easier when project shift from one team to another on new team are created on new people are coming from outside. But it also assure you that we are aware of security issue with our project. So it helps us as software engineer but it's also a great tool for security teams that rely on it to have information. So that's the main point I want to take. For me on my side, I also started to work on the open source project, which will be I think released in June, so next month or let's say this month as of the conference day because I saw that most of the company don't work and try to work on automation for multiple solutions. They don't have their own CLI with our need or stuff like that. We all use CLI every day. You set up a project, you will use a create react app. You same with Angular. You work with Express, it will be the same. Most of the company of the let's say public use tool on let's say Node.js tool in Node.js tool you can find have some CLI even of, maybe even old cloud provider of CLI but not the company for themselves. Maybe first because you don't really have an easy way to do it. You need to write Node.js code. Maybe you can rely on some library from the ecosystem, which is great but you will have to work a lot and write a lot of code to do it. Maybe you don't have the need to have it or at least for me it's why they sync because for me you always have this need. Maybe the processes are not in place to have a communication and this kind of feedback from all teams, from all projects. Or maybe you are not in a true let's say to develop solutions. So maybe some team can only work on building an application. They need to submit a magic quest or a project to another team, an upstream which will deploy it elsewhere. So maybe you have also this issue. So it can be the best, I think it's some challenges or company are facing but to be able to work on really your project, your solution to bring something to the IT, to the business and not spending time doing update or auditing stuff manually it's really great for us. It's helped us to improve our capability to work more with other team to also have a better state of mind because we are not stressed about releasing or checking if our project, our today stuff like that. So that's really great for us. So I really invite you to try to see if in your company you have this kind of a solution which could be in place or should be in place. If you want to come and talk to me about it I'm more than welcome to talk with you to see how we can do that to also as I said earlier I will release the condoms code really soon. So if you want to provide feedback to implement it to just come contribute or anything I'm really glad to speak with you on Twitter or elsewhere or just on the Q&A a bit later with that. So enjoy the conference, have a nice day, bye.