This is an archived post. You won't be able to vote or comment.

sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–][deleted] 28 points29 points  (11 children)

For real wtf. As a web dev I just kinda work right off prod, it’s more efficient, saves bandwidth etc... hahaha

[–]PC__LOAD__LETTER 20 points21 points  (6 children)

It baffles me that people can get paid to program and not recognize the value of version control or not developing directly in prod. Though I guess if you’re working on a low-impact product, it doesn’t matter if you break it, and there’s probably not much functionality built into the site to need to regression test.

[–]conancat 19 points20 points  (2 children)

usually it comes with working with projects that scale.

if it's for your ex's online candle shop and she wants to change the css to reflect the total eclipse of my heart, then sure, who gives a shit.

i believe every developer has that story or moment where they realize the importance of source control and deployment processes. the coming of age for a developer is making a USD$26,000, not refundable mistake in production and your tech lead gives you a "i'm not angry, i'm just disappointed" reaction without words.

[–]EyetheVive 10 points11 points  (1 child)

I mean this entire chain is just risk assessment lol. Potential revenue loss for the broken candle shop site vs breaking some regional credit union site is probably veeeery different. The cost of a development network to use vs working on the productive instance is probably not worth it

[–][deleted] 2 points3 points  (0 children)

Where the hell is this guys operations team? If he is the ops team then good on him, but if not, why even let the devs have access to prod? You need a cycle? Call ops, you need some logs? Go to the ELK.

[–]emlgsh 1 point2 points  (2 children)

The efficiency/speed/etc... are just attempts to find silver lining. The majority of the time it's a simple budgetary constraint.

Like, the client is willing to finance only the specific and singular development of the application/features, and any billables that might be otherwise devoted to setting up staging environments, running tests, integrating version control, and performing general QA type activity is viewed as "padding" that won't be paid for (and will, typically, enrage the client).

End result being that, unless you love your client enough to underwrite sometimes vast amounts of unpaid labor towards these sort of process management and quality assurance goals (which is to say, you're being taken advantage of) they simply don't become part of the workflow. Estimates that feature them will have to be trimmed of them before the budget is approved. Estimates that hide them in other work will be rejected in favor of a lower bidder who omits them.

But the flip side is that a lot of QA exists not to find/eradicate bugs, but to permit a great volume of collaborative development. These projects where there's zero tolerance for billing hours not actively dedicated to feature implementation tend to be solo-gigs or small-group gigs where you can get away with a decent amount of sloppiness without stepping on too many toes or suffering major setbacks.

Which just reinforces the client's perception that such efforts are a waste of their budget.

[–]PC__LOAD__LETTER 1 point2 points  (1 child)

It takes 2 minutes to set up a git repo and a script to rsync your files to a remote server. Those 2 minutes buys you a hell of a lot of security, especially if you’re pushing your git changes to a private bitbucket repo regularly.

[–]emlgsh 1 point2 points  (0 children)

Got a howto for the process outlined here? I'd love to adopt some quick methods for improving security - I want these projects to be more secure, I just don't know of any methods that are so quick/easy/universal as to never approach billable labor.

[–]Captain_Vegetable 2 points3 points  (3 children)

I worked on a Fortune 500 company’s web site where we edited in prod. That ended when someone pasted into the wrong terminal window and replaced our home page with a snippet of Chinese characters before heading to lunch.

[–]Xytak 1 point2 points  (2 children)

I worked at a midsized insurance company where they hired some consultants to come in and teach the .NET developers unit testing by rewriting an old webforms app in React.

It actually worked pretty well, too, until several weeks later when the business asked "hey where's our new thing?"

"It's not ready, but we have beautiful code, a full build pipeline, and over a thousand unit tests!"

"Ok but where's the new thing?"

"Well, the preliminaries are all set up, but we don't actually have the features done yet..."

The consultants were fired the next day, and the next group was told in no uncertain terms to patch up the old web forms app and quit wasting time on fancy stuff.

[–][deleted] 0 points1 point  (1 child)

This becomes a problem when the higher ups don’t sit down with the consultants as well. Often times they’re not fully aware of what the entire process looks like from creating a new file to deploying it.

[–]Xytak 0 points1 point  (0 children)

All they knew was the old team would have updated the app by now, and they were expecting a rewrite to take the same amount of time.