Enhance Software Delivery Performance with GitHub Issues, Projects, Actions, and Advanced Security
This is the companion repository for my book Accelerate DevOps with GitHub. You can find all hands-on labs and other examples from the book here. I also provide all the links and references from the chapters.
In Part 1 you will learn how to reduce ballast from your development process and move to a lean and collaborative way of working that allows your teams to accelerate their value delivery. You’ll learn how to use GitHub to work together from everywhere effectively and use work insights and the right metrics to optimize your engineering productivity.
In this chapter I explain how to measure engineering velocity and developer productivity and how to make your DevOps acceleration measurable. The following topics will are covered in this chapter:
- Why Accelerate?
- Engineering Velocity
- High Performance Companies
- Measuring metrics that matter
- The SPACE of Developer Productivity
- Objectives and Key-Results
References and Links
- Srivastava S., Trehan K., Wagle D. & Wang J. (April 2020). Developer Velocity: How software excellence fuels business performance.
- Forsgren N., Smith D., Humble J., Frazelle J. (2019). DORA State of DevOps Report
- Brown A., Stahnke M. & Kersten N. (2020). 2020 State of DevOps Report
- Forsgren N., Humble, J., & Kim, G. (2018). Accelerate: The Science of Lean Software and DevOps: Building and Scaling High Performing Technology Organizations (1st ed.) [E-book]. IT Revolution Press.
- Coupland M (2021). DevOps Adoption Strategies: Principles, Processes, Tools, and Trends: Embracing DevOps through effective culture people, and processes (1st ed.) [E-book]. Packt.
- Dina Graves Portman (2020). Are you an Elite DevOps performer? Find out with the Four Keys Project
- Forsgren N., Storey M.-A., Maddila C., Zimmermann T., Houck B., & Butler J. (2021). The SPACE of Developer Productivity
- Grove, A. S. (1983). High Output Management (1st ed.). Random House Inc.
- Grove, A. S. (1995). High Output Management (2nd ed.). Vintage.
- Doerr, J. (2018). Measure What Matters: OKRs: The Simple Idea that Drives 10x Growth. Portfolio Penguin
In this chapter we will focus on organizing your work inside your team and apply Lean Principles. You’ll learn how GitHub Issues and Projects can help you to simplify your flow of work.
In this chapter we will cover the following topics:
- Work is work
- Unplanned work and rework
- Visualizing your work
- Limiting work in progress (WIP)
- GitHub issues, labels, and milestones
- GitHub projects
Highlights:
- Follow the About GitHub markdown for all updates on GitHub flavored markdown. See this page for the source and rendered version.
- See the issue templates in action.
- Check out the Team Backlog - an example for GitHub Projects.
- See the Azure Boards integration
References and Links
- Tregubov A., Rodchenko N., Boehm B. & Lane J.A. (2017). Impact of Task Switching and Work Interruptions on Software Development Processes
- Weinberg G.M. (1991), Quality Software Management: Systems Thinking (1st ed.). Dorset House
- GitHub issues and about GitHub issues
- Markdown
- Issue templates
- GitHub projects
- GitHub Jira integration
- GitHub Azure Boards integration
A high performing team is more than the sum of its members, and it takes a high performing team to build products that people love. In this chapter you’ll learn how to set up your team for high collaborative development using pull requests. You’ll learn what a pull request is and what features can help you to get a good code review workflow for your team. The following are the core topics that we will cover in this chapter:
- Software development is a team sport
- The heart of collaboration: the pull request
- Propose changes using pull requests
- Pull request reviews
- Finishing pull request
- Best practices for code reviews
Hands-on exercices: ✋
References and Links
Link to the video on how GitHub uses GitHub to collaborate.
- Coyle D. (2018). The Culture Code: The Secrets of Highly Successful Groups (1st ed.). Cornerstone Digital
- Kim G., Humble J., Debois P. & Willis J. (2016). The DevOps Handbook: How to Create World-Class Agility, Reliability, and Security in Technology Organizations (1st ed.). IT Revolution Press
- Scott Prugh (2014), Continuous Delivery.
- Chacon S. & Straub B. (2014). Pro Git (2nd ed.). Apress.
- Kaufmann M. (2021), Git für Dummies (1st ed., German). Wiley-VCH
- Git
- Pull requests
- Code owners
- Branch protection
- [Code review assignments](https://docs.github.com/en/organizations/ organizing-members-into-teams/managing-code-review-assignment-for-your-team)
- Auto-Merge
- Pull request reviews
In this chapter we’ll focus on synchronous and asynchronous work and how you can use the benefits of asynchronous workflows for a better collaboration in distributed, remote, and hybrid teams and a better cross-team collaboration. The following are the topics that will be covered in the chapter:
- Comparing synchronous and asynchronous work
- Distributed teams
- Cross-team collaboration
- GitHub Discussions
- GitHub Pages and Wikis
- Working from everywhere with GitHub Mobile
Highlights:
- Discussions in the main menu of this repository.
- GitHub Pages: see the rendered output and check out the files in /docs that are the source - especially the _config.yml.
- Sample GitHub Wiki.
- Also see the sample pages for a ToC in AsciiDoc and MediaWiki.
- A sample for navigation and ToC in a custom wiki can be found here.
References and Links
In this chapter I explain the history of free and open-source software and why it has become so important over the last years. I will explain the impact it can have on your engineering velocity and how you can use the principles of open source for better cross-team collaboration in your company (inner source). The chapter will cover:
- History of free and open-source software
- The difference between open source and open development
- Benefits of embracing open source for companies
- Implementing an open-source strategy
- Open and inner source
- Importance for insourcing
- GitHub Sponsors
Featured open-source projects to sponsor:
- curl is the example for an organization that you can sponsor. Curl is used every day by thousands of developers worldwide (sponsor the project here).
- Dennis Doomen is the example for
Sponsor tiers. He is the author of FluentAssertions - a .NET library I use in most of my C# projejcts (sponsor Dennis here). - Jan De Dobbeleer is the example for
Sponsorship goals. He is the maintainer of oh-my-posh - a highly customizable and extensible prompt theme engine for PowerShell (sponsor Jan here).
At the time writing the book, GitHub Sponsors was new and I worked with some of the mainters mentioned to set this up in a good way. So not all projects made it here - for example oh-my-zsh, which I use every day and which was the inspiration for oh-my-posh.
References and Links
- Greene T. C. (2001). Ballmer: Linux is a cancer
- Warren T. (2020). Microsoft: we were wrong about open source
- Raymond, E. S. (1999). The Cathedral and the Bazaar: Musings on Linux and Open Source by an Accidental Revolutionary. O'Reilly Media.
- O’Reilly (1998). FREEWARE LEADERS MEET IN FIRST-EVER SUMMIT O'Reilly Brings Together Creators of Perl, Apache,Linux and Netscape's Mozilla. Press Release
- OSI (2018). Open Source Initiative - History of the OSI
- Richard S. (2021). Why Open Source Misses the Point of Free Software
- Volpi M. (2019). How open-source software took over the world
- Ahlawat P., Boyne J., Herz D., Schmieg F., & Stephan M. (2021). Why You Need an Open Source Software Strategy
- Inner Source
- GitHub Sponsors
Part 2 explains the most important engineering practices for effective DevOps. You’ll learn how to use GitHub Actions to automate your release pipelines and other engineering tasks, how to work trunk-based and with feature-flags and how to shift left security and quality assurance.
This chapter explains the importance of automation for quality and speed. It introduces you to GitHub Actions and how you can use them for any kind of automation – not only continuous delivery.
- Overview of GitHub Actions
- Workflows, pipelines, and actions
- YAML basics
- The workflow syntax
- Working with secrets
- ✋ Hands-on: Your first workflow
- ✋ Hands-on: Your first action
References and Links
- Humble J., & Farley, D. (2010). Continuous Delivery: Reliable Software Releases through Build, Test, and Deployment Automation. Addison-Wesley Professional.
- Forsgren N., Humble, J., & Kim, G. (2018). Accelerate: The Science of Lean Software and DevOps: Building and Scaling High Performing Technology Organizations (1st ed.) [E-book]. IT Revolution Press.
- YAML
- GitHub Actions
- GitHub Learning Lab
- Workflow syntax
- GitHub Marketplace
In this chapter, I’ll show you the different options for running your workflows. We’ll investigate hosted and self-hosted runners, and I’ll explain how you can tackle hybrid-cloud scenarios or hardware-in-the-loop tests using the different hosting options. I’ll also show you how to set up, manage, and scale self-hosted runners, and I’ll show you how you can approach monitoring and troubleshooting. The following are the core topics that we will cover in this chapter:
- Hosted runners
- Self-hosted runners
- Managing access with runner groups
- Using labels
- Scaling your self-hosted runners
- Monitoring and troubleshooting
References and Links
- Using GitHub-hosted runners
- Virtual environments
- Hosting your own runners
- A curated list of awesome self-hosted GitHub Action runner solutions in a large comparison matrix.
This chapter describes how you can use GitHub Packages, semantic Versioning together with GitHub Actions to manage dependencies between your teams and products. The main topics are as follows:
- GitHub Packages
- ✋ Hands-on: Use npm packages with Actions
- ✋ Hands-on: Use Docker with Packages
- Apache Maven, Gradle, NuGet, and RubyGems packages
References and Links
In this chapter I'll show you how you can easily deploy to any cloud and any platform in a secure and compliant way. The chapter will cover:
- Staged deployments
- Automate your deployments
- ✋ Hands-on: Deploy to Azure App Service
- ✋ Hands-on: Deploy to AWS Elastic Container Service (ECS)
- ✋ Hands-on: Deploy to Google Kubernetes Engine (GKE)
- Infrastructure as Code
- Workflow templates
- Reusable workflows and how they are used
- Measuring success
References and Links
- CI/CD
- Deployment rings
- Deploying to Azure App Service
- Deploying to Google Kubernetes Engine
- Deploy to AWS Elastic Container Service
- Security hardening your deployments
- Kubernetes Deployments
- Kubernetes Deployment Strategies
- Helm
- Kustomize
- Infrastructure as Code
- Infrastructure as Code and environment or configuration drift
- Workflow templates
- Reusable workflows
- Four Keys Project
This chapter explains how Feature Flags – or Feature Toggles - can help you to reduce complexity and manage the lifecycle of features and your software.The main topics of this chapter are:
- What are Feature Flags
- The lifecycle of features
- The benefits of Feature Flags
- Getting started with Feature Flags
- Feature Flags and technical debt
- Experimentation with Feature Flags
References and Links
- Martin Fowler (2017). Feature-Toggles (aka Feature Flags)
- Comparison of Feature Flag Solutions
- LaunchDarkly
- Switchover
- VWO
- Split
- Flagship
- Unleash and on GitHub
This chapter explains the benefits of trunk-based development and introduces you to the best git workflows to accelerate your software delivery.
The chapter covers:
- Trunk-based development
- Why you should avoid complex branching
- Other git workflows
- Accelerate with MyFlow
References and Links
- Forsgren N., Humble, J., & Kim, G. (2018). Accelerate: The Science of Lean Software and DevOps: Building and Scaling High Performing Technology Organizations (1st ed.) [E-book]. IT Revolution Press.
- Trunk-based development
- Git flow: Vincent Driessen (2010), A successful Git branching model
- GitLab flow
- Edward Thomson (2018). Release Flow: How We Do Branching on the VSTS Team
- Aman Gupta (2015). Deploying branches to GitHub.com
- GitHub flow
- GitHub CLI
Part 3 explains how you can accelerate even further and release frequently with confidence by baking quality assurance and security into your release pipelines. This includes concepts like shifting left testing and security, testing in production, chaos engineering, DevSecOps, securing your software supply chain, and ring-based deployments.
takes a closer look at the role of quality assurance and testing on developer velocity and shows how you can shift left testing with test automation. The chapter also covers testing in production and chaos engineering.
Main topics in the chapter are:
- Shift left testing with test automation
- Eradicating flaky tests
- Code coverage
- Shift right – testing in production
- Fault injection and chaos engineering
- Tests and compliance
- Test management in GitHub
References and Links
- Forsgren N., Humble, J., & Kim, G. (2018). Accelerate: The Science of Lean Software and DevOps: Building and Scaling High Performing Technology Organizations (1st ed.) [E-book]. IT Revolution Press.
- Eran Kinsbruner (2018), Continuous Testing for DevOps Professionals: A Practical Guide From Industry Experts (Kindle Edition). CreateSpace Independent Publishing Platform.
- Sam Laing (2015), The Testing Manifesto.
- Wolfgang Platz, Cynthia Dunlop (2019), Enterprise Continuous Testing: Transforming Testing for Agile and DevOps (Kindle Edition), Independently published.
- Tilo Linz (2014): Testing in Scrum (E-book), Rocky Nook.
- Kaner C., Falk J., H. Q. Nguyen (1999), Testing Computer Software (2nd Edition) Wiley.
- Roy Osherove (2009), The Art of Unit Testing (1st edition), Manning.
- Martin Fowler (2007), Mocks Aren't Stubs.
- Müller, Matthias M.; Padberg, Frank (2017). About the Return on Investment of Test-Driven Development (PDF). Universität Karlsruhe, Germany.
- Erdogmus, Hakan; Morisio, Torchiano (2014). On the Effectiveness of Test-first Approach to Programming. Proceedings of the IEEE Transactions on Software Engineering, 31(1). January 2005. (NRC 47445).
- Shift left to make testing fast and reliable.
- Martin Fowler (2011), Eradicating Non-Determinism in Tests.
- Jordan Raine (2020). Reducing flaky builds by 18x.
- John Micco (2016). Flaky Tests at Google and How We Mitigate Them.
- Shift right to test in production.
- Michael Nygard (2018). Release It! Design and Deploy Production-Ready Software (2nd Edition). O'Reilly.
This chapter takes a broader look at the role of security in software development and how you can bake security into the process and practice DevSecOps, zero-trust, and how you can shift left security. The chapter looks at common attack scenarios and how you can practice security and create awareness using attack simulations and red team | blue team exercises. The chapter also introduces you to GitHub Codespaces as a secure development environment in the cloud.
The key points that we will cover in this chapter are:
- Shift left security
- Assume breach, zero trust, and a security first mindset
- Attack simulations
- Red team | blue team exercises
- Attack scenarios
- GitHub Codespaces
References and Links
- IC3 (2020). Internet Crime Report 2020.
- IC3 (2019). Internet Crime Report 2019.
- Data reaches in 2020.
- Data breaches in 2021.
- Terranova & Microsoft (2021). Gone Phishing Tournament - Phishing Benchmark Global Report 2021.
- GitHub Codespaces.
- devcontainer.json reference.
This chapter describes how you can use GitHub Advanced Security to eliminate bugs, security, and compliance issues by performing static code analysis with CodeQL and other tools, successfully manage your software supply chain with Dependabot, and eliminate secrets in your code base using Secret Scanning.
The key topics in this chapter are:
- Dependency management and Dependabot
- Automate dependabot with GitHub Actions (see auto-merge.yml and dependabot.yml)
- Secret Scanning
- Code Scanning
- Writing your own CodeQL queries
References and Links
- Keith Collins (2016). How one programmer broke the internet by deleting a tiny piece of code.
- Tyler Eon (2016). Kik, Left-Pad, and NPM — Oh My!
- Maya Kaczorowski (2020). Secure at every step: What is software supply chain security and why does it matter?
- About the dependency graph.
- About dependabot version updates.
- About secret scanning.
- About GitHub Advanced Security.
- About Code Scanning.
- GitHub Blog (2021). CodeQL code scanning: new severity levels for security alerts.
- Common Vulnerability Scoring System (CVSS)
- CodeQL documentation
- CodeQL Language Reference
This chapter shows how you can secure deployments to your environments and how you can automate your complete release pipeline in a secure, compliant way to also meet regulatory requirements. The chapter covers Software Bills of Meterials (SBoM), code and commit signing, dynamic application security testing, and security hardening your release pipelines. We will cover the following main topics in this chapter:
- Container and infrastructure security scanning
- Automate the infrastructure change process
- Source code and infrastructure integrity
- Signing commits and code
- Dynamic Application Security Testing
- Security hardening your release pipeline
References and Links
- Kim G., Humble J., Debois P. & Willis J. (2016). The DevOps Handbook: How to Create World-Class Agility, Reliability, and Security in Technology Organizations (1st ed.). IT Revolution Press
- Forsgren N., Humble, J., & Kim, G. (2018). Accelerate: The Science of Lean Software and DevOps: Building and Scaling High Performing Technology Organizations (1st ed.) [E-book]. IT Revolution Press.
- Oladimeji S., Kerner S. M. (2021). SolarWinds hack explained: Everything you need to know.
- Sudhakar Ramakrishna (2021). New Findings From Our Investigation of SUNBURST.
- Crowdstrike blog (2021). SUNSPOT: An Implant in the Build Process.
- Eckels S., Smith J. & Ballenthin W. (2020). SUNBURST Additional Technical Details
- Souppaya M., Morello J., & Scarfone K. (2017). Application Container Security Guide.
- National Telecommunications and Information Administration (NTIA), Software Bill of Materials.
- Thomas Claburn (2018). Check your repos... Crypto-coin-stealing code sneaks into fairly popular NPM lib (2m downloads per week).
- Haymore A., Smart I., Gazdag V., Natesan D., & Fernick J. (2022). 10 real-world stories of how we’ve compromised CI/CD pipelines.
- Rob Bos (2022). Setup an internal GitHub Actions Marketplace
Part 4 is about the correlation of your software architecture and the communication in your organization. You’ll learn how to transform your monolith gradually to a loosely coupled, event-based architecture.
In this chapter I’ll give you an overview of loosely coupled systems and how you can evolve your software and system design to achieve a high engineering velocity. The following topics will be covered in this chapter:
- Loosely coupled systems
- Microservices
- Evolutionary design
- Event-based architecture
References and Links
- Forsgren N., Humble, J., & Kim, G. (2018). Accelerate: The Science of Lean Software and DevOps: Building and Scaling High Performing Technology Organizations (1st ed.) [E-book]. IT Revolution Press.
- Lewis J. & Fowler M. (2014). Microservices.
- Eric Evans (2003). Domain-Driven Design: Tackling Complexity in the Heart of Software. Addison-Wesley Professional.
- Martin Fowler (2004). StranglerFigApplication.
- Michael T. Nygard (2017). Release It!: Design and Deploy Production-Ready Software. Pragmatic Programmers
- Martin Fowler (2005). Event Sourcing.
- Lucas Krause (2015). Microservices: Patterns and Applications – Designing Fine-Grained Services By Applying Patterns [Kindle Edition].
This chapter is about the correlation of the communication structure of your organization and your system architecture (Conway’s law) and how you can use this to improve architecture, organization structure, and software delivery performance. It covers the two-pizza team, the Inverse Conway Maneuver, and a mono- versus multi-repo strategy for your code. The following are the core topics in this chapter:
- Conway's law
- The two-pizza team
- Inverse Conway Maneuver
- Delivery cadence
- Mono- or multi-repo strategy
References and Links
- Conway, Melvin (1968). How do committees invent.
- Raymond, Eric S. (1996). The New Hacker's Dictionary [3rd ed.]. MIT Press.
- Amazon (2020): Introduction to DevOps on AWS - Two-Pizza Teams.
- Willink, J. & Leif Babin, L. (2017). Extreme Ownership: How U.S. Navy SEALs Lead and Win. Macmillan.
- Miller, G. A. (1956). The magical number seven, plus or minus two: Some limits on our capacity for processing information.
- Cohn M. (2009). Succeeding with Agile: Software Development Using Scrum. Addison-Wesley
- QSM (2011). Team Size Can Be the Key to a Successful Software Project.
- Karau, S. J., & Williams, K. D. (1993). Social loafing: A meta-analytic review and theoretical integration. Journal of Personality and Social Psychology, 65(4), 681–706.
- Robbins S. (2005). Essentials of organizational behavior. Prentice Hall.
- Steiner, I. D. (1972). Group process and productivity. Academic Press Inc.
- Forsgren N., Humble, J., & Kim, G. (2018). Accelerate: The Science of Lean Software and DevOps: Building and Scaling High Performing Technology Organizations (1st ed.) [E-book]. IT Revolution Press.
- Skelton M., and Pais M. (2019). Team Topologies: Organizing Business and Technology Teams for Fast Flow. IT Revolution.
- Reinertsen D. (2009). The Principles of Product Development Flow: Second Generation Lean Product Development. Celeritas Publishing.
- Medina A. M. (2021). Remote debugging on Kubernetes using VS Code.
In Part 5 you’ll learn the importance of lean product management, how to integrate customer feedback into your flow of work, and how to combine hypothesis-driven development with OKR.
This chapter is about the importance of lean product management at a product and feature level. It shows how you can incorporate customer feedback into your product management, create Minimal Viable Products, and how you can manage your enterprise portfolio. This chapter covers:
- Lean product development
- Incorporate customer feedback
- The Minimal Viable Product
- Enterprise portfolio management
- Business Model Canvas
References and Links
- Forsgren N., Humble, J., & Kim, G. (2018). Accelerate: The Science of Lean Software and DevOps: Building and Scaling High Performing Technology Organizations (1st ed.) [E-book]. IT Revolution Press.
- Ward, Allen (2007). Lean Product and Process Development. Lean Enterprise Institute, US
- Ries, Eric (2011). The Lean Startup: How Today's Entrepreneurs Use Continuous Innovation to Create Radically Successful Businesses [Kindl Edition]. Currency
- Humble J., Molesky J. & O’Reilly B. (2015). Lean Enterprise: How High Performance Organizations Innovate at Scale [Kindle Edition]. O'Reilly Media.
- Osterwalder, Alexander (2004). The Business Model Ontology: A Proposition In A Design Science Approach.
- Goodwin, Kim (2009). Designing for the Digital Age - How to Create Human-Centered Products and Services. Wiley.
This chapter explains how you can evolve and continuously improve your products by conducting experiments to validate hypotheses through evidence-based DevOps practices like A|B-testing. It also explains how you can leverage OKR to empower your teams to conduct the right experiments and to build the right products. The following topics will be covered in this chapter:
- Conducting experiments with the scientific method
- Effective A|B testing with GrowthBook and Flagger
- Experimentation and OKR
References and Links
In Part 6 you’ll learn about the different hosting and pricing options of GitHub, how you can migrate to GitHub from other platforms, and best practices for structuring your teams and products inside GitHub Enterprise.
This chapter explains how GitHub can serve as the holistic, open platform for your teams. It explains the different hosting options, pricing, and how you can integrate it in your existing toolchain. The key topics are:
- Hosting options and pricing
- GitHub Connect
- Hands-on: create your account on GitHub.com
- Enterprise Security
- GitHub Learning Labs
References and Links
If you are not a start-up, then you always have existing tools and processes that must be considered when moving to a new platform. In this chapter, we will discuss different strategies related to migrating to GitHub from different platforms. In this chapter, we will cover the following:
- Picking the right migration strategy
- Achieving compliance with low-fidelity migrations
- Synchronizing requirements for a smooth transition
- Migrating from Azure DevOps with the GitHub Enterprise Importer
- Migrating pipelines using Valet
References and Links
In this chapter you’ll learn best-practices to structure your repositories and teams into organizations and enterprises to foster collaboration and facilitate administration. The chapter covers:
- GitHub scopes and namespaces
- Structuring GitHub teams
- Role-based access
- Custom roles
- Outside Collaborators
References and Links
The last chapter puts all the pieces together. The book gives you a lot of tools that you can use to drive a successful transformation and to gain developer velocity. But only if all pieces are put together the transformation will succeed. The chapter will explain, why many transformations fail, and what you shoud do to make your transformation a success.
We will cover the following topics:
- Why many transformations fail
- Start with WHY
- Data-driven transformation
References and Links
- Simon Sinek (2011), Start With Why – How Great Leaders Inspire Everyone to Take Action, Penguin
- Simon Sinek (2019), The Infinite Game, Penguin
- Nadella, S., Shaw, G. & Nichols, J. T. (2017), Hit Refresh: The Quest to Rediscover Microsoft's Soul and Imagine a Better Future for Everyone, Harper Business
- Srivastava S., Trehan K., Wagle D. & Wang J. (April 2020). Developer Velocity: How software excellence fuels business performance.
- Forsgren N., Humble, J., & Kim, G. (2018). Accelerate: The Science of Lean Software and DevOps: Building and Scaling High Performing Technology Organizations (1st ed.) [E-book]. IT Revolution Press.
- John P. Kotter (2008), A Sense of Urgency, Harvard Business Review Press
- John P. Kotter (2012), Leading Change, Harvard Business Review Press
- Volkswagen (2019): Volkswagen with New Corporate Mission Statement Environment "goTOzero".
- Mezedes-Benz Group Media (2019): “Ambition2039”: Our path to sustainable mobility.
- Theory of constraints.
- Small World (2016): Theory of constraints – Drum-Buffer-Rope.
- de Vries, M., & van Osnabrugge, R. (2022): Together we build an Engineering Culture. XPRT Magazine #12.