From Monolith to DevOps
Customer:
Perion Networks Redmond, WA. USA
Industry:
Advertising Technology
Needs Expressed:
Adopt DevOps and help developers make the transition quickly
Migrate to micro-services architecture
Prevent security risks and quality issues during the transition
Drive consistent adoption of development best practices across all the teams
Benefits Realized:
Best practices & lessons learned from production issues were implemented as policies, and automatically enforced
Several security and production risks relating to secret keys and Docker images were eliminated
Software delivery speed increased thanks to better code consistency and faster code reviews
Contact Us:
Perion (NASDAQ: PERI) is an established leader in the increasingly competitive ad tech industry. To stay ahead, they needed to modernize the way their 400+ software engineers across 20 global offices deliver software. They started a huge initiative to transition from monoliths to micro-services and DevOps.
Problem
Each company Perion had acquired brought their own tech stacks. By the time Perion made this transition, they had to deal with not only multiple monolithic codebases, but also highly divergent practices of the many and autonomous Engineering teams.
The move to micro-services also created more repositories to manage.
As a result, ensuring that development best practices and security policies were followed across the organization became a big challenge.
For examples:
- Some developers were still committing directly to master – a legacy practice from SVN days.
- Secret keys were hardcoded into the code, and deprecated Docker images were used, causing security and production risks.
- As the teams tried to move faster, more mistakes were leaking into production and causing outages. Some became repeat mistakes.
Solution
Perion needed all developers to adopt the best practices and security policies quickly and consistently.
They also wanted to ensure mistakes that had been made were prevented from happening again.
Using Datree, they were able to:
Prevent commits straight to master, across all the repositories – including future new ones.
Scan each pull request for secret keys, and prevent its merging if such keys were found.
Identify all the repos where deprecated and vulnerable Docker images were being used.
Automate the enforcement and education of best practices to avoid repeating costly past mistakes.
Crucially, they were able to all these without slowing down development, because Datree was seamlessly implemented as part of the development workflow.
“Datree helps our engineering teams develop software in an efficient and scalable way. It lets us enforce code quality, security, and development best practices.”