Through the stack / 01-12 (Week 18)
This week, the newsletter is about: engineering and product strategy, security, hiring, and writing code. So, very much as usual: Through The Stack!
This is "Through the Stack," a weekly list of links relating to topics relevant to Lead developers (actual or aspiring) working with an internet-related product.
Many lead developers, tech lead, and staff engineers have their hands in many projects and influence many layers in their organizations. This publication aims to share thoughts and content that are relevant to such profiles.
If you have comments or content to suggest, please reach out to us by email email@example.com.
This episode is more akin to the first ones: we decided to share content we have encountered through the week or the last two weeks. We wanted to talk about "Value analysis" and "Technical dive-ins" but this was such a big topic we published it aside. So here, you'll find a distilled version in the form of a list of links to read and some open-ended questions for you to consider.
You will also find links to content about hiring, security, code, and books to read.
First, let's echo a post on imfiny's blog: Value analysis and technical dive-ins. Based on several articles we encountered this week :
- What makes great product managers: the case for learning
- Value analysis: starting development later to deliver sooner
- Value Engineering: designing products that sell
- Reintroducing engineering thinking in the development world
If you only read 4 articles this week, then read those 4. They are a remarkable condensation of what many think and give some nice weight to a more value and engineering-oriented approach in tech companies.
As I point out in the post, this is something that engineers and product people should have in mind. This is a fascinating take on moving back to the basics of Agile (communication) and correctly setting your scale on engineering excellence.
In parallel, though, there are more talks about Agile and the software engineering crisis. Miriam Posner penned down an interesting history of Agile in "Agile and the Long Crisis of Software".
Both topics are reflected in J. Samuel's "Five valuable lessons for a new tech lead" posts.
As a consequence of those readings, it's difficult not to read articles such as "Is fear stopping your engineering team from achieving its goals?" and consider it in a different light than before. Yes, G. Sandahl has plenty of valid points and good suggestions in this piece, yet, isn't he describing issues we could avoid by changing our approach even more?
Hiring is one constant for all companies, and senior staff is the one that will have to deal with interviews and figuring out which candidate is a great pick.
There is an important topic: ensuring you don't hire clones. I am always happy to see diverse teams in companies and organizations. It avoids many present and future issues, notably by making it possible, in the future, to continue to hire a diverse set of people. It's critical to start early. K. Stewart has a great post: "Fighting the mirrortocracy with including hiring".
In a more technical take, there is an interesting post on making sure your candidates read code during interviews (instead of writing it).
We usually mix reading and writing as we are more akin to pair program during interviews. But that depends on the role and level of the candidates.
Following the Github's security issue (due to stolen tokens from TravisCI and Heroku), there has been a flurry of password resets left and right.
We also decided to update our security strategy by adding a physical key to some of our authentication processes. To do so, we went with new Yubikeys and looked into how to set up both SSH and GPG to use them.
Some more reads
Github's ReadME project published a story on _why. Always good to revisit a bit of history on some characters who have had such an impact on communities.
We encountered an excellent read from DoorDash's Engineering team: "3 principles for Building and ML platform that will sustain hypergrowth". Although focused on Machine learning, there is plenty to pick up about building a strategy. A good read for sure.
Qonto's engineering and product blog also shared their approach of using docker-compose to build microservices locally.
We stumbled upon EdgeDB, and while our plates are definitely full at the moment with some other projects ... maybe you want to try it out?
They will probably land on our shelves sooner or later.
- Observability Engineering by Charity Majors, Liz Fond-Jones, and George Miranda
- Container Security by Liz Rice
Already on our shelves and read :
- Kubernetes up and running (2nd ed) by Brendan Burns, Joe Beda, and Kelsey Hightower. An excellent read to get yourself up to speed on the vocabulary and basics of Kubernetes.
This episode is coming to an end. If you want to talk about these topics or share some comments on them, you can reach out to me (see at the top and bottom of the newsletter for details).
This content is written and published by Imfiny, a consulting company based in France. We do Ruby software engineering and DevOps in the Cloud (AWS, GCP, and others) and train and support teams in their journeys to grow code, infrastructure, and practices (production engineering, incident management, retrospectives, ...).
We have courses available on https://learn.imfiny.com/. We are available for 3 to 18 months contracts. Contact us.
Illustration Photo by Mario Dobelmann on Unsplash