Prairie Dev Con Calgary

Introducing agile to a business or team can be a challenging task, whether you are a manager or a team member advocating for it. It's crucial to understand the benefits that agile can bring to your organization or team, and the concerns and needs of those who are new to agile. This talk aims to provide attendees with valuable insights such as what is at the foundation of agile, the potential points of resistance and fears that team members may have when transitioning to agile, how to adapt to the new agile context and the importance of creating an environment that encourages learning, experimentation, and iteration. By covering these key points, this talk aims to provide a comprehensive overview of introducing and embracing agile practices successfully.

By now we've all heard all the new buzzwords in the AI world: ChatGPT, OpenAI, Dall-E, Codex, etc. But what do they actually mean for you as a developer or for your organization? In this session I will try to demystify the tech behind buzzwords and explain what each of them mean and how to use them.

Modern HTTP APIs run the contemporary tech world. As a result, every organization is now required to produce and consume APIs in some way. The need for your organization to productively design, build, deploy and operate RESTful APIs is higher than it has ever been for you to stay competitive. Developing the processes and tools to design and deliver hundreds of APIs within your organization is fraught with manual checkpoints and inconsistencies. This friction makes standard API Governance slow, uncollaborative, and non-iterative. To succeed in building modern APIs in the enterprise, you will need both an effective and productive API Governance strategy to support your API Design First processes.

In this talk, we will dive into the principal areas of the API Design lifecycle as we discuss how to succeed with API Governance using non-traditional approaches including collaboration, stewardship, and automation. Real-world examples from SPS Commerce, off-the-shelf tooling, and custom solutions will drive our journey through API Standards, Design, Development, and Publishing to demonstrate highly productive API Design First capabilities to rally your teams around.

Still designing in the dark ages with interface design docs and outdated documentation. Come see how SwaggerHub and API Management can enable you to utilize API First Design to create live documentation that allows the designers and stakeholders to design software together for those intended to use it. Lastly, we will look at the code generation features of APIM/Azure Functions and Swagger Hub which will aid with the API First methodology.

GitHub needs no introduction as the world's premier source code repository. However, over the past several years GitHub has transformed well beyond a great tool for managing source code. It now provides a compelling one-stop-shop of capabilities as part of its platform that enables you to cut loose your disparate jungle of other tooling. Being aware of and learning how to effectively use this Swiss Army Knife of GitHub capabilities can substantially reduce your overall development costs while also reducing your team's cognitive overhead.

In this session, we will explore the GitHub toolchain that will enhance your developer productivity and enable your teams to rally around a central engineering platform. We will cover effective pull request lifecycles paired with protected branch configurations including new GitHub beta features for merge queues and rulesets, security vulnerability detection with Dependabot, code scanning with GitHub Advanced Security, and AI-assisted coding with GitHub Copilot. Awareness of these features in this growing ecosystem is only the first half of the battle.

Join me, as we journey to understand how to effectively implement and adopt these features in the organization and avoid inconsistency, churn, and toil!

Too much design up front and you are bumping into the design all of the time (and losing time). Not enough design and your system can crumble in reality. How do you blend architecture so you have the right decisions at the right time, and give them enough due dilligence? How do you embrace cloud and microservices and not risk getting into different failure scenarios or overly complicated maintenance and ripple effects?

In this session we will walk through visualizations that help teams blend product thinking with architecture. Along the way, we will look at microservices and domain modeling as well as chaos engineering and fault tolerance - blending all of these into a context that is consumable by all and gives the right emphasis at the right time.

Leave this session with simple visualizations and approaches that you can apply immediately to start blending product with architecture, especially if you are looking to run in a cloud world.

Building web apps is often characterized as painful, complex, and time consuming. There are many tools, libraries, frontend frameworks, and opinions about how to fix that problem… but they come with a catch. The frontend ecosystem is fractured into incompatible niches. They are incompatible with the web standards until they’ve been compiled. They are incompatible with each other, and often even incompatible themselves in between versions. This is especially frustrating as web browsers automatically update while remaining backwards compatible. The web is a medium where compatibility is a feature. By adopting non standard dialects we trade off the web’s most powerful feature.

Imagine if we could write code that just worked, and ran forever? Imagine not chasing npm updates? Imagine not hunting the forums for an elusive combination of configuration values to fix a broken build?

Good news: we can. HTML, it turns out, is a pretty good choice for web development. Specifically rendering custom elements, styling them with modern CSS, and treating the element upgrade as a progressive enhancement step with JavaScript.

First you need identity, then you need authenticity, you probably want your messages delivered as written and in order. Maybe you’d prefer only you and your recipient can read or derive information from the communiqué, and neither of you can (easily) override this privacy. Perhaps you’d like parties to be unable to track or profile you based on interaction. Let’s explore identity, authenticity, privacy and security in messaging. After all; “On the internet nobody knows you’re a dog”

OK, not *really* from my bathroom, but come to this session where I'll show you how GitHub CodeSpaces works and how it empowers developers to code wherever they want to!

For years we have been sold the benefits of microservices and in some circles monolith has become a dirty word. Like anything in software development, it depends. At small to medium scales, you can reap the benefits of monolith and microservice architectures while avoiding their drawbacks by building a modular monolith. Refactoring an existing monolith to a modular monolith involves employing principles of both continuous architecture and evolutionary architecture. This talk will provide an overview of those principles and how they were applied to an existing monolith (including code samples) to support splitting some functionality into a separate sidekick application.

In this demo filled session, you will discover how to make the most of CosmosDB. We'll use a fictional coffee shop chain as an example to demonstrate how you can use CosmosDB's various features and integrations to create a central hub for all your data. We'll show you how to ingest data using Azure Functions, utilize the Change Feed, enable searching with Azure Search, and perform near real-time analytics with Azure Synapse and Power BI. All of this is achievable with just a few lines of code, regardless of your experience as a database administrator.

This is a #NoSlides presentation where we’ll live-code all the tests. We’ll start with a code sample, discuss the tests we want to build, use xUnit and MoQ to build the tests, then refactor the code to be more testable. Along the way we’ll discuss testing best practices and patterns for making durable tests and incorporating tests into the DevOps build.

Application lifecycle management (ALM) is a critical piece of the puzzle to delivery enterprise solutions. How do we implement ALM with Azure Logic Apps? This talk explores how the planning, development, manual testing, regression testing, code reviews, security, deployment and maintenance of Azure Logic Apps.

Within this talk, we will explore the following areas:

• Overview of how ALM can be implemented in Azure Logic Apps
• Planning considerations such as standard vs consumption, child logic apps and pricing tiers
• Development considerations such as security and integrated development environment
• Testing considerations for manual and regression testing
• Deployment using Azure DevOps for source control, branch management and pipelines for CI/CD - Maintenance considerations such as debugging, logging and scalability

In today's fast-paced tech industry, effective feedback is the key to unlock team's potential and driving innovation.This session navigates the intricacies of giving and receiving feedback, the best of psychology, communication strategies, and technology to create an empowering feedback ecosystem.

I am a firm believer that feedback given or received in a constructive way could be a game changer in anyone's life, and this is the reason I want everyone to reflect when any feedback is shared. This session would be a reminder for all of us, whether we are managers or team members, or this may even relate to any role in our personal lives, of how important it is to give and receive timely feedback for our work and behaviour. I plan to cover the following points as part of this session: Why feedback The art of delivering feedback Tools and techniques of feedback Establish a feedback culture Focusing on behaviour and impact Receiving positive and negative feedback Maintaining a growth mindset The right time and place for feedback Actively seeking feedback

All the above points are very important for all the individuals at the workplace, and these are the catalysts for one's growth and development.

GitHub Copilot is a coding assistant that uses AI technology to analyze code context and suggest intelligent code snippets that can lead to increased productivity and improved code quality for developers. In this presentation, we'll provide a high-level overview of how Copilot works and showcase a live coding demo to highlight some of its capabilities, along with reviewing some challenges. Time permitting, we'll also look at its next offering and review what GitHub Copilot X will bring to the coding landscape.

Want to take your Cypress E2E testing to the next level? This session will explore configuring Cypress in your web project, how to run against multiple environments (local/test/UAT), how to create Azure Pipelines that will run your Cypress tests, and how to publish the test results to Azure DevOps.

Many applications were not designed for the cloud. They were not designed for the scale that cloud workloads encounter. And many of the developers and architects on our teams have no experience with cloud deployments or cloud-scale workloads. In this talk, we'll discuss why event-sourcing and CQRS are the patterns that you should add to your toolbox when building applications that need to be resilient, reliable, and performant. We'll have a sample application demonstrating this in C#/.NET Core.

Does your boss keep telling you to contribute to the team by presenting on a topic? Have you thought about public speaking but you’re a bit nervous and not sure where to start? Come join Frode in this session where he talks about all the things he’s learned about speaking over the past 15 years.

Azure Logic Apps is a powerful platform for building automated workflows that can run anywhere. It offers a low code experience that enables you to create complex integrations using a graphical designer and a rich set of connectors. But what if you need to extend your workflows with custom logic that is not available out of the box? How can you leverage your existing .NET Framework skills and investments to enhance your Logic Apps solutions?

In this session, you will learn about the new .NET Framework custom code feature for Azure Logic Apps (Standard), which allows you to call compiled .NET Framework code from a built-in action in your workflow. You will see how this feature provides a no-cliffs extensibility capability that gives you the flexibility and control to solve the toughest integration problems.

By the end of this session, you will have a better understanding of how to use low code and pro code together to create powerful and scalable integration solutions using Azure Logic Apps. You will also learn how to take advantage of the latest features and updates in Logic Apps (Standard) to improve your productivity and performance.

Metrics are the bane of many organizations, getting fascinated on measurements that don’t matter or can drive improper behaviours. In this session, we walk through a simple grouping for metrics where the groupings not only call out the metrics, but their limits, and help guide to better metrics.

This session is a walk through of a popular blog post we did on metrics. In general, we are leading transformations where the standard questions around metrics (velocity, bug, mttr, come up) - and we use these groupings to help organizations to get some answers for questions they want, but also understand their limits. I.e. if code coverage goes up, that might be good directionaly but does not say we are getting code coverage of the important code paths. We wrap up the session giving examples of more impactful measurements and walk through process behavior charts to help separate signal from noise in data.

With ASP.NET, there’s a 4th coding paradigm joining MVC, WebAPI, and Razor Pages: Minimal APIs. It’s a great way to create the lightest weight microservice. But are you trading everything for the small surface? We’ll start with a .NET 5 project and build up to a Minimal API looking at a bunch of brand new C# 10 features along the way. Like the other 3, this is not an either/or choice, and when it makes sense, you can be really productive here too.

In this talk we’ll introduce Postgres as a standard SQL database and talk about its feature parity with other database solutions like SQL Server. We’ll then delve into some of the other, more advanced, things postgres can do to simply your stack. Using a messaging solution? Postgres can do that. Doing complex GIS operations? Postgres can do that. Need event storage? Postgres can do that. Full text indexing? Postgres can do that. Document database? Postgres can do that. Need your dog de-wormed? Okay, that Postgres can’t do.

Coming out of this talk you should be excited to get into Postgres as an alternative to whatever database you’re using right now.

RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding security and reliability bugs in these services. For a given cloud service with an OpenAPI/Swagger specification, RESTler analyzes its entire specification, and then generates and executes tests that exercise the service through its REST API. Let’s discover what this tool can do for you in your AppSec and DevSecOps programs.

We'll delve into the critical aspects of integrating security practices into the development and operations lifecycle. With the growing complexity and frequency of cyber threats, organizations must adopt a proactive approach to application security. This talk highlights six key practices that can significantly enhance the security posture of applications within a DevSecOps environment. From implementing automated vulnerability scanning to fostering a culture of security awareness, attendees will gain actionable insights to mitigate risks, fortify defenses, and ensure the resilience of their applications in an ever-evolving threat landscape.

How often have you seen this happen: A group talks about a problem and reaches a consensus. Then you start to see what you thought was alignment fall apart or not happen as you would have expected. The problem is that most people don't know how to align others behind an idea and give it momentum. But what if you could easily do so, in any context, at any time?

In this session, you will learn:

• The power of alignment and why it's essential in business
• The core principles required for building alignment
• The four steps in building alignment
• How to facilitate alignment meetings

Building alignment is an art and science that will have you consistently getting people behind an idea and giving it life.

With web authentication (WebAuthn) we move away from sharing a secret with the service (aka password), and instead use public key cryptography to prove we hold a (private) key without ever disclosing that key to the other party. There are several ways to enjoy this new feature, and it’s a huge step. As we wait for services to move to the new paradigm, using a password manager that generates large, random, complex passwords, for each account, at least means the damage of a shared secret leak is limited to one service. But, how do you secure your password manager?

GraphQL is an exciting technology which challenges the dominance of REST for building APIs. It shifts the work of selecting fields and applying filters from the back end to the front end.

In this talk we'll look at Hasura: a server which makes building GraphQL APIs super simple. We'll also look at how we can integrate .NET code with Hasura both using .NET to query Hasura and using .NET to run complex workflows which Hasura isn't designed for.

Dive into the world of confidential computing as we explore this cutting-edge technology that’s revolutionizing secure data processing in the cloud. Learn how confidential computing isolates sensitive data within hardware-protected enclaves, ensuring privacy even from cloud providers and administrators. Understand the key concepts, such as Trusted Execution Environments (TEEs) and their role in safeguarding data during processing. Discover real-world applications and benefits that confidential computing offers across various industries. Join us as we unlock the potential of confidential computing and redefine the future of data privacy and security in the cloud.