Post on 12-Apr-2017
transcript
Custom Code: The Missing Piece of the SharePoint Governance Puzzle
MATTHIAS EINIGMVP, CEO OF RENCORE
SPONSORS
Matthias Einig
matthias.einig@rencore.comwww.rencore.com@mattein
CEO, MVPMunich, Germany
…is the set of policies, roles, responsibilities
and processes that control how an organization's
business divisions and IT teams
work together to achieve its goals.
Governance
SharePoint GovernanceIT Governance- Services Offered- Control Services- SLA- Manage Growth
Information Management- Documents, Lists, Sites- Usability & Manageability- Access Control- Availability Options
Application Management- Allowed Customziations- Manageability of Customizations- Process to Customize- Application Lifecycle Management
CONTENT
&
INFORMATIO
N
SOFTWARE& SERVICES
CUSTOMIZATIONS
SharePoint Governance Tools
CONTENT
& INFORMATION
CUSTOMIZATIONS
SOFTWARE& SERVICES
What is a Customization?
1.Configuration
2.Branding
3.Custom Code
Types of Customizations
Farm SolutionsSandboxed SolutionsAdd-ins
SharePoint DesignerBranding
Site CustomizationsPage ModificationsList Modifications
Developer End-User
Template modifications
Impact of Customizations
Severity
Security
Stability
Availability
Standardization
Accessibility
Usability
Maintainability
Migrateability
Supportability Resources
Performance
Scalability
Memory LeaksPerformance, Availability
Impersonation,Privilege ElevationContext Hijacking
3rd Party ComponentsLibraries, JavaScript Frameworks
Logging
Hybrid SolutionsSharePoint Versions, Integration, Interaction
SharePoint DesignerGhosting, DVWP, Workflows
Page ModificationsCEWP / JSWP / Display
Templates
BrandingCSS, Masterpages, JavaScript
Governance Plan for Customizations (1)
1.What types of customizations do you allow?
2.Who is allowed to customize?3.Which tools are of approved to create customizations?
4.How to implement and update customizations (SLDC)?
5.How do you package and deploy customizations?
Governance Plan for Customizations (2)
6.How are customizations piloted and tested?
7.How to run and maintain customizations (SLA)?
8.How to analyse customizations to know if they are working well?
9.Who is responsible for ongoing support?
Governance for Code1. Farms solutions vs. Add-ins vs. SPFx?2. Usage of artefacts 3. Naming Conventions4. Structure, Complexity and Dependencies5. Deployment methods, locations6. Patterns & Practices7. Usage of Frameworks and 3rd party components8. Documentation9. Code Quality
When to govern Code?
Design
DevelopmentBuild
DeploymentOperation
TIME
EFFORT
How to Govern Code?
Pair ProgrammingCode Reviews
Farm & Tenant AuditsPatterns & Practices
Restrictions & PermissionsContinuous IntegrationAutomatic Deployment
Code Analysis ToolsAudit Tools
Manually Automatic
Customization Policies & Standards
Who should govern Code?
Developer Administrator
Architect Quality Manager
• Corporate Policies• Standards• Tools
• Restrictions & Permissions
• Automatic Deployment• Farm & Tenant Audits• Tools
• Customization Policies
• Patterns & Practices• Tools
• Pair Programming• Code Reviews• Practices• Continuous Integration• Tools
Code Analysis ToolsFxCop/VSCAFxCop MetricsCAT.netStyleCopSPDisposeCheckMSOCAFResharper
Checks against general coding errors (not SharePoint-specific)Calculates code metrics (only .NET code, not SharePoint specific)
Checks coding style guidelines(only .NET code, not SharePoint specific)
Analyzes code security(not SharePoint-specific)
Checks memory leaks(SharePoint-specific)Combination of FxCop and SPDisposeCheck for SharePoint Online Developer productivity tool (not SharePoint-specific)
www.spcaf.com
SPCAF in the SDLC
Design
Architect
Develop
Developer
Build
Quality Manager
Deploy
Administrator
Operate
Administrator
Change/Migrate
Architect
Project Manager
Summary1. SharePoint governance includes also
customizations
2.High impact of customizations on the platform3. Customization governance starts in the design
phase
4. The later you govern the more costly it is5.Tools can support and enforce the governance
plan
thank youquestions?
live ratingsBLOG.SPCAF.COM@MATTEIN
http://spca.biz/UGCP