[kcdc 2022] creating a culture of appreciation

Speaker: Ash Banaszek @ashbanaszek

For more, see the table of contents

Tools

  • Interviews
  • Spotcheck with collegaues
  • DoveTail for affinity mapping

What is recognition

  • Exercise: what makes you feel appreciated. Last time and when was. For me, it was yesterday when a manager (not me) acknowledged a milestone our team made on a key project.
  • Poll to see when last felt appreciated. Most recent but some were longer than 6 months ago.
  • For some people, it is only during annual review
  • Making your employees and coworkers feel valued by you and the company
  • Be specific, descriptive and timely
  • Why are you giving it? What was the impact? Be honest.
  • Mono directional – I am recognizing you
  • Within the week is best
  • Email is ok. Doesn’t have to be formal
  • Tailor to the recipient – not everyone wants public attention

Less good examples

  • Think about how makes feel when manager has to pay for thank yous because companies don’t want to
  • HR sent note with pin for 10 years and manager signature. Ritual, not an accomplishment. Not personalized. Form letter.
  • Too late – forget
  • Where is the bar. If you are never appreciated, better than nothing.
  • Checking a box
  • Recognition is not the same as team building.
  • Don’t want to wait 6 months. Less impact the longer you wait.

Formats

  • Gift
  • Money
  • Time off
  • Face time
  • Public praise
  • Personal note
  • What is best varies by person.
  • Exercise: think about what motivates you
  • Less genuine if do same thing for everyone.

Better

  • Be specific. Mention something did. Not just 10 years.
  • “The team did great on X. We are going out bowling to celebrate”. Better if list specific things during the event for specific people

Why helps

  • Feel happy
  • More productive when believe colleagues respect and appreciate them, gratitude from manager

What is worth recognition

  • Save time/effort
  • Make things better
  • Outside job scope
  • Stretching skill set
  • Doing job while under tough circumstances
  • New certification
  • Going to conference and presented
  • Example of learning from failure (before too late)
  • Something cool
  • Recognize for things reinforce

Tips

  • Block calendar – Ash blocks half an hour to think about gratitude, check in on mentees/managers, send out notes
  • Include in project milestones (if x is true, we will do y)
  • Put in performance goals. Makes measurable. I recognized X people.
  • Talk about it with team/leadership
  • Must be visible and supported by the top to be part of the culture. Example: if X, team has lunch with you
  • Tailor recognition – ex: gifts, meals, emails
  • Remember is it s a thank you gift
  • Vary approach for effect
  • Make it easy to give
  • Make it a habit – schedule time
  • Build reputation for gratitude. People want to work with people who appreciate them
  • Reinforce people recognizing others

Who to recognize

  • Not just managers can do
  • Teammates
  • Other work teams
  • People in roles above you
  • Contractors

Traps

  • “But that’s their job anyway; Already get paycheck, that is recognition” – think about what done that special
  • “What if people don’t think it’s fair” – not recognizing anyone because someone might be upset. Need to make it fair. Find out how doing if less visibility.
  • “My folks don’t need to coddled; don’t want to be recognized” – culture failure
  • “We already have a yearly bonuses” – not specific, descriptive or timely
  • “There’s not on my team, someone else can do it” – all working towards same goal
  • “It’s not worth my time” – well worth ROI because others more productive
  • Fear of “watering down” recognition – number vs specific recognition/scope. Needs to be equivalent in nature to what did
  • Inauthentic – can’t just want productivity gain
  • Ignoring standard practices – if everyone else recognizes anniversary, feel ignored
  • Folks feeling isolated/unseen – talk to others to find out how doing
  • Overcompensating – feels like want something when disproportionate.
  • Checking the box
  • If barrier to entry too high, people won’t do. Ex: having to find a paper form

My take

Ash asked everyone in the first two rows to wear a mask. People complied. I was impressed they got compliance. The talk was interesting. The examples were relatable and fun. The “what to consider” was helpful in getting me to reflect. I like the reinforcement of specific, descriptive and timely throughout! They said we’d be asked to talk to each other but that didn’t happen so I was wondering when that was coming. At the end, we wrote down what would have been in the brainstorming groups and shared out loud. Seemed equally effective.

[kcdc 2022] building rugged devops pipelines with github

Speaker: Brian Gorman @blgorman

Repo: https://github.com/blgorman/codemash-rugged-devops

For more, see the table of contents

DevOps

  • Process, not product
  • Can’t buy tool (but can buy an existing team)
  • Goal: reduce cycle time form idea to production with minimal error
  • Automated testing
  • Gates – automated and human, quality, release
  • Avoid 2am support calls. Or at least only have to push a button to recover

Shift left

  • Less cost if find bug early
  • Reusable processes
  • Push quality upstream
  • Dev machine is as far left as can go
  • Build scanning tools into process
  • Sell the vision

Prereq

  • Cloud env exists
  • Templates

Actions

  • .github/workflows – folder
  • Actions tab to see result

YAML

  • on: the triggers (ex: push, pull_request)
  • env: (ex: branch)
  • jobs: want you want to do
  • with: trigger another job

Infrastructure as Code

  • Declarative
  • Repeatable Results
  • Ensures no configuration drift
  • Azure has imperative and complete options for ARM templates – complete is destructive and dangerous. Anything added outside code deleted.
  • Tools – ARM templates (Bicep) , Terraform, Ansible, Puppet/Chef, Pulumi

Security

  • App registration so github actions get access to Azure and add credential
  • Setup github token

SonarCloud Scanner

  • Most popular
  • Not free
  • Can choose whether to require fixing of warnings

Dependabot

  • Brining in dependencies without knowing
  • Alerts on insecure package
  • Options for security updates

OWASP

  • Zap Scan
  • Baseline (lightweight) scan for pull requests
  • Full scan overnight
  • For penetration test, provide valid URL so can try to hit it
  • WhiteSource – GP Security Scan

Q&A

  • Azure DevOps pipelines easier if new team
  • Azure DevOps has better gating
  • GitHub getting better.

My take

The room was full. When I walked in, Brian was talking. I was worried he started early, but did not. He was just talking to the audience who arrived early separate from the session. It was a good intro to github actions. Also if it has been a while (more features now.) I’m glad the code was in a repo so I could read it on my screen. I’m sitting in the back (because my talk is right after this and I need to leave early) and can’t read the code from here. It’s also nice to have as a reference. I also like that he covered integrations like Sonar.

KCDC 2022 Table of Contents

KCDC is back and “normal” at full strength. This page is for the table of contents of blog posts.

Monday

Tuesday

Wednesday