I think too that wrapping code used as a substitute to governance and control
is a questionable approach, but this their approach. To me wrapping is more
about protecting source code from prying eyes, but other than that throw away
statement, I have no other knowledge and am having to resort to the docs that,
to be honest are pretty scant on detail.
Am 25/07/2022 um 17:26 schrieb Dominic Brooks <dombrooks@xxxxxxxxxxx>:
Wrapping sounds like the wrong tool.
Er why are they letting their DBAs and Ops people change the code!?!
Of course a version control system should be the golden source of the code.
Lack of controls and oversight.
Sent from my iPhone
On 25 Jul 2022, at 15:59, Michael D O'Shea/Woodward Informatics Ltd
<woodwardinformatics@xxxxxxxxxxxxxxxx> wrote:
I just had a discussion with the development manager/tech lead of a large
organisation. He manages a team of around 15 developers and QA staff for a
single financial product. Client-side code is ASP.NET
<https://nam12.safelinks.protection.outlook.com/?url=http%3A%2F%2Fasp.net%2F&data=05%7C01%7C%7C2ec567a522c543500c0e08da6e4e3c83%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C637943579565757165%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=xj1Xz%2BGWbC8sH1ko9OPa245R4qMHlOPA1JOvsAFvg28%3D&reserved=0>
and a desktop thin client, and server-side it is Oracle 19c with a web
service in-between in a few places.
Deployments are done weekly after UAT signoff of the prior development
sprint the week before.
This chap was expressing his concerns about PSM’s, specifically database
packages, procedures, and functions, being constantly tampered with by DBA’s
and sysops, and not marrying up with the authorative version of the codebase
under source control. His argument was that the version of the code
deployed, using automation tools, should be bit for bit compatible with the
code retrieved from source control. It seems hard to argue with this
perspective.
Then he mentioned that they, recently, have got around the issue of this
third-party „tampering“ rather than by enforcing business controls and
process, but by „wrapping" the code during deployment.
I did not know how to reply.
Does anyone have any views on this approach? The only tangible information I
can pull out from the docs is that wrapped code may not be version upgrade
compatible, meaning possible upgrade issues. I know so little about
„wrapping“ to know the drawbacks, specifically performance or stack traces
and errors thrown.
All/any feedback, no matter how qualitative, would be helpful,
Mike
http://www.strychnine.co.uk ;
<https://nam12.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.strychnine.co.uk%2F&data=05%7C01%7C%7C2ec567a522c543500c0e08da6e4e3c83%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C637943579565913400%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=7FVyzw6xksI5No6vY55cYdEKVSosbz%2FWXqUbP59R1Qs%3D&reserved=0>
Woodward Informatics Ltd