Oct 31 2018
Jay
Oct 31

Leveraging Drupal's cache effectively can be challenging at first, but the benefits for your site's performance make it well worth the effort. It all starts with figuring out what sort of rules your site should use to cache its content. The improved page load times that come from properly handling caching rules can help improve SEO and are generally more appealing to those that visit the website. In the right hands, the techniques outlined in this article can get a website into a much more specialized caching system.

I previously covered the fundamentals of how caching works in Drupal 8, including what the two core caching modules do and what cache tags, contexts, and max-age are for. If you're familiar with those things, then this post is for you; otherwise, check out my previous article and get up to speed before we dive into a slightly more in-depth topic: Figuring out how you should set up caching on your site.

If you're using a simple Drupal installation with no custom code and with well-maintained contributed modules, Drupal's Internal Page Cache and Dynamic Internal Page Cache modules will likely cover your caching needs. This article focuses on some more complex and custom scenarios which, nonetheless, come up with some frequency. 

The Guiding Principle

Perhaps the most frequent issue custom code has when it comes to caching is that it doesn't account for caching at all. This isn't ideal if you want to take advantage of Drupal's caching system to optimize your site's speed, and it points to one principle which can be tricky to learn and is critical to master: If you write custom code, always think about its caching implications. Always. 

Often, the implications will be minimal, if there are any at all. It's important not to assume that every bit of custom code will cache perfectly on its own - that's a mistake that could lead to something being cached either for too long or not at all. 

When to Disable the Cache 

Most everything Drupal renders as output (to a web browser, to a RESTful web service, etc.) can be cached. However, sometimes the development time to ensure that your custom code handles caching precisely outweighs the performance benefits that caching might provide. So the first question when you're writing custom code is, should this be cached at all?

Ready to get the most out of Drupal?  Schedule a free consultation with an Ashday Drupal Expert. 

If you're building something like an administrative page that only a few users with special permissions will ever see, it may not be worth the time and effort to make sure it is cached perfectly, especially if the rules for doing so would be complicated. For these scenarios, Drupal has a "page cache kill switch" that can be triggered in code:

 \Drupal::service('page_cache_kill_switch')->trigger();

Calling the kill switch will stop both the page cache and the dynamic page cache from doing any caching on that page.

This should be used with caution though, and only as a last resort in situations where figuring out proper caching logic isn't worth the time. It should never be used on a page which is expected to be viewed by a large number of your website's visitors.

Rules for Cache Contexts

You should consider using a cache context if your content should look different when displayed in different situations. Let's look at a couple scenarios that benefit from using a cache context:

Say you have a site which can be accessed from two different domains and you want to display something a little different depending on which domain someone is looking at. Perhaps the site's logo and tagline change a little. In this case, the block containing the logo and tagline should be given the url.site context. With this context in place, Drupal will cache a separate version of the block for each domain and will show each domain's visitors the appropriate one.

Or, perhaps a block contains a bit of information about which content the currently logged-in user has permission to edit. This sounds like an excellent case for using the user.permissions context to indicate to Drupal that the block is different for each possible combination of permissions that a user might have. If two users have the same permission, the same cached version can be used for both of them.

There are many other contexts are available as well; take a look at the full list to see if one or more of them is applicable to your code.

Rules for Cache Tags 

Cache tags are probably the most important caching mechanism available to custom code. Drupal includes countless cache tags which can be used to invalidate a cache entry when something about your site changes, and it is also very easy to create your own cache tags (which we'll get to in a minute). For now, I'm going to focus on some of the cache tags Drupal has by default.

Say you're creating a page which shows the top five most recently published articles on your site. Now, Drupal sites can often make use of the Views module for this sort of thing, but depending on your exact requirements Views may not be the best approach – for instance, maybe part of the content has to come from a remote service that Views can't readily integrate with. The most obvious tags needed for this page are the tags for the specific pieces of content that are being shown, which are tags in the format of node:<nid>, for instance, node:5 and node:38. With these tags in place, whenever the content gets updated, the cache entry for your page gets invalidated, and the page will be built from scratch with the update information the next time somebody views it.

But that's not all there is to think about. Perhaps this page also shows what categories (using a taxonomy structure) each article is in. Now, the articles each have an entity reference field to their categories, so if a user changes what categories the article is in, the relevant node:<nid> tags already added to your page will get cleared. Easy enough. But what if somebody changes the name of the category? That involves editing a taxonomy term, not the article node, so it won't clear any node:<nid> tags. To handle this situation, you'd want to have appropriate taxonomy_term:<id> tags. If an article with ID 6 has terms with IDs 14 and 17, the tags you'd want are node:6, taxonomy_term:14, and taxonomy_term:17, and you'll want to do this for every article shown on your page.

Fortunately, most of the time, you don't need to worry about the specific tag names. Nodes, terms, and other cacheable objects have a getCacheTags() method that gets exactly whatever tags you should use for that object.

These are all simple entity-based tags, but there are many more available as well. There are tags for when various aspects of Drupal configuration changes as well as for things such as when certain theme settings get changed. Unfortunately, since the available cache tags vary from site to site, there isn't a ready-made list of them available for you to use as a reference. You can, however, look at the "cachetags" table in your Drupal database to see a list of all the tags that have been invalidated at least once on the site. This will be pretty minimal if your site is brand-new, but as people use the site it will start filling up.

The basic idea of tags is this: If you render something on a page, and there's a chance that something displayed on it might change in the future, there should be an appropriate tag in place to watch for that change.

Up Next

This is a big topic, but it looks like we're out of time for today. Next time, we'll delve a bit deeper into cache tags by seeing how to create custom ones that perfectly fit your site's needs and will also cover how to use max-age, including one important gotcha that makes them more complicated than they look.

Offer for a free consultation with an Ashday expert

Oct 31 2018
Oct 31

by David Snopek on October 31, 2018 - 1:28pm

As you may know, Drupal 6 has reached End-of-Life (EOL) which means the Drupal Security Team is no longer doing Security Advisories or working on security patches for Drupal 6 core or contrib modules - but the Drupal 6 LTS vendors are and we're one of them!

Today, there is a Critical security release for the Session Limit module to fix a Insecure Session Management vulnerability.

The session limit module enables a site administrator to set a policy around the number of active sessions users of the site may have.

The module does not sufficiently tokenise the list of sessions so that the user's session keys can be found through inspection of the form.

See the security advisory for Drupal 7 for more information.

Here you can download the Drupal 6 patch.

If you have a Drupal 6 site using the Session Limit module, we recommend you update immediately! We have already deployed the patch for all of our Drupal 6 Long-Term Support clients. :-)

If you'd like all your Drupal 6 modules to receive security updates and have the fixes deployed the same day they're released, please check out our D6LTS plans.

Note: if you use the myDropWizard module (totally free!), you'll be alerted to these and any future security updates, and will be able to use drush to install them (even though they won't necessarily have a release on Drupal.org).

Oct 31 2018
Oct 31

Ten Halloweens ago I shared a story of Drupal haunting. The post survives only in the faint afterlife of archive.org's Wayback Machine, having long since disappeared from the site of CivicActions where I was working at the time, so I thought I'd reprise it here. First, the original post. Then some notes on what's changed in the years since--and what remains chillingly accurate.

The Curse of the Haunted Drupal Site!

It's a specter ghastly enough to make the most seasoned Drupal developer quiver with fear.

Yes, it's the dreaded Haunted Drupal Site!

Oh, it may appear innocent enough on the surface. Just a typical business or organizational website that perhaps you've been asked to upgrade or enhance. But don't be fooled--lurking beneath the surface is a host of nasty surprises just waiting for the developer naive or foolish enough to venture in.

By what signs can you recognize the beast? What dreadful acts awakened the accursed spirits that now haunt this site? What mantras or talismans can protect you from inadvertently bringing the curse upon yourself?

Read on to find out.

The Tell Tale Signs of the Haunted Site

The signs may be subtle, even invisible to the casual observer. But to the initiated, there are sure signs by which the Haunted Site can be identified.

As with any case of detection, it's important to watch out for seemingly unimportant details.

Perhaps you find that the site is using a very old release version--Drupal 5.2, even though the current stable release is much later than that. A mere oversight? A mere detail, easily addressed through a routine update? Possibly. But, more likely, it's your first sign that all is not as it appears beneath the tranquil home page.

Or else you're exploring the site and try to do some familiar task, something you've done a thousand times on any number of Drupal sites. You try again and again, incredulous, but every time you get the same mysterious error. Impossible! This can't be true!

Oh, but it can. On the Haunted Drupal Site, all your assumptions are wrong, for nothing is as it appears.

Or perhaps you hear a seemingly casual remark like the following: "The previous developers may have applied a patch or two here and there." A "patch or two"? Don't believe it for a minute. No, you have received almost definitive notice of haunting.

What to do? It's time to reach for the tools that will reveal the worst. Yes, I mean diff. Nothing short of a full diff of the site's codebase will suffice to reveal the full scope of the beast.

How the Haunting Began

The truth is, most hauntings begin with the best of intentions.

Like an Egyptologist, an intrepid developer sets out to delve into secret places--in this case, the mysteries of the Drupal codebase. Perhaps she or he pauses a moment in amazement, dazzled with the complexity brought to light.

But who among us would not feel the temptation at this moment to touch the artifacts, to move them, even to leave our own mark?

Yes, there are professional mores that call for caution, for tedious processes of step by step excavation, for patient consultation, for publishing of results.

But how much quicker and more rewarding it seems simply to reach in and rearrange. In only a moment the change is made. No one need ever know.

Ah, but that moment has been enough--enough to awaken both the first hints of haunting and - more importantly - the thirst for instant treasure.

The next time there's a need for a quick fix, the lure will be harder to resist. What began as "a patch or two, here and there" can soon mushroom into a tangled web of changes--a labyrinthine maze that even the original site developer is quickly lost in.

Protecting Yourself from the Curse

How to ensure you don't get stuck in the Haunted Site?

It's not enough to be able to detect the curse where it exists. Sure, detecting the Haunted Drupal Site can help us avoid taking on a losing struggle with a dangerous foe. But it won't protect us from our own failings, or the dark passages we may ourselves be tempted by.

As with any secret knowledge, one approach is avoidance--look not in the source code and ye shall never be tempted.

But the path of avoidance is fraught with its own perils. No, our surest way is not to avoid the secrets of the codebase, but rather to immerse ourselves in them. Not to hack away and bear off treasures, but to learn, improving our collective knowledge, and restore the artifacts of our predecessors with the same care that went into their original construction.

Then the open, expansive spirit of Drupal will not haunt, but will infuse our work with the energy of creation that flows through all of us.

An energy that will stick with us long after the Trick or Treaters have gone home.

The Curse Revisited!

Okay, that was the state of haunting ten Halloweens ago. What shades still lurk in the Drupal realm?

On the plus side, we now have far more to work with than garlic and wooden stakes. Less than a year after my Halloween musings, Dmitri Gaskin (dmitrig01 on drupal.org) posted the first iteration of Drush Make, a magical system that could conjure an entire code base using spells encoded in a simple text file. For a site or Drupal distribution built and maintained with Drush Make no divination rituals are required--each patch and module version is meticulously documented in the sacred Drush Make File.

At least in theory. In practice? Any number of sites begun with excellent intentions soon diverged from the make file's specification. A contributing factor was that Drush Make was focused on building a code base more than on maintaining one. Efforts like Drush Make Sync to extend Drush Make for ongoing development were valiant but ultimately fated for the graveyard of undead code.

With Drupal 8, focus shifted to a fresh spellbook as Composer promised a new era of certainty in which code demons and hauntings were forever banished. But the transition to a new spellbook was anything but smooth. Even now, years later, Drupal distributions are stuck in the netherworld between a bygone Drush Make and the elusive realm of Composer. And who among us has not had a Composer spell go awry, springing back at us with some cryptic message of censure?

And, sadly, the best spells do nothing if not spoken. Just this month an organization (no sorcery will wrest from me its name!) contacted us to help with a Drupal site that, ostensibly, needed little more than a few simple tweaks. Oh, and--brace yourself for that portentous phrase, here innocuously dangled in a bulleted list: "update site".

Yes, yes, it was just as bad as it sounded. Drupalgeddon 2 may have come and gone, but this site remained suspended in a past state where the creaky gate was off its hinges and demons drifted in and out at will.

Proving once more that times and spellbooks may change but the challenges of keeping up--those continue their frightening reign.

Oct 31 2018
Oct 31

Have you thought of expanding your online business overseas? Or having identical platforms available to visitors in Spanish, French and German? There is one certain way to increase your business globally — create a multilingual website!

One might think that it is easy to translate any platform into any languages. However, there are a number of factors to consider when creating multilingual sites.

Our web development team prefers Drupal 8 content management system (CMS) for multilingual websites. Now find out what features make Drupal 8 the perfect choice for a multilingual website development

Benefits of Building a Multilingual Website

First things first. Why should you make your platform multilingual? The benefits of building a multilingual website are numerous. We point out some of the most important ones for your business:

  • to explore new markets.

Providing multilingual content is a necessity in a modern global marketplace. It’s all about reaching and building strong relationships with new customers and visitors. If your content is presented in the customer’s native language, consumption is easy and loyalty grows. If the visitor likes the platform, he might recommend it to his friends. This will rightly earn your place in new markets.

The Number of Internet Users by Language - April, 2018

  • to get more visitors.

It’s obvious that the more languages your website is presented in, the more visitors you can reach. A multilingual platform is a great opportunity to appeal to people from other countries and to increase website traffic.

  • to sell more products and services.

Increased website traffic creates more product and service selling potentials. It’s a simple, by-the-numbers way to instantly expand your business.

  • to improve SEO.

In addition to Google, some countries have their own search engines. Enabling a multilingual search of your website will improve its SEO.

Why Build a Multilingual Site in Drupal 8?

The content of your website is built and stored in your CMS. Choosing the right CMS at the start makes development and further maintenance of a multilingual website much easier.

Why you should opt for Drupal 8?

Powerful built-in multilingual features in Drupal 8.

The Drupal CMS offers powerful multilingual features. What’s more, Drupal 8 provides built-in multilingual modules that make the process even simpler. They are Language, Interface Translation, Content Translation and Configuration Translation modules.

Drupal offers 90+ languages and has a built-in translational core.Drupal translates both your content as well as all the fields, forms and error messages. Everything from configuration settings to menus and views can be translated with the help of out-of-the-box modules in Drupal 8.

Drupal 8 is scalable for multilingual websites.

Drupal is scalable for all your needs. No matter how many languages you choose, it will deliver all your multilingual content.

Transliteration support in Drupal 8.

One really handy addition to Drupal 8 is the Transliteration module added to Drupal core. This module automatically converts special characters such as "ç" and "ü" to "c" and "u" for machine names, file uploads and search results.

And some more! What can you get by building a multilingual website in Drupal 8?

  • Get automatic software translation updates from the Drupal community.
  • Choose what content not to translate.
  • Add a language selector to your site.
  • Overview screen for translators, contextual translation tabs for site builders.
  • Protected local, custom translations which are exportable.

These impressive multilingual capacities are among Drupal 8’s top benefits and it is no wonder that more and more website owners are choosing to migrate to Drupal 8.

Core Modules for Building a Multilingual Website in Drupal 8

Drupal 8 comes with four build-in modules for a multilingual feature.

1. Language Module.

The Language module lets you choose out from 94 languages as of now. With this module you can assign a language to everything: nodes, users, views, blocks and menus. Browser language detection can be easily configured with external language codes. Each user is able to select his own language for the admin interface. Besides, there is built-in transliteration for the machine names.

2. Interface Translation Module.

The Interface Translation module translates the built-in user interface, your added modules and themes. It has built-in translation UI for easier editing. By allowing automatic downloads and updates, this module lets use any translation interface available in the Drupal community in any language supported by Drupal 8. English language is now customizable and removable. There is no more need to use English as your default language.

3. Content Translation Module.

The Content Translation module allows users to translate content entities. It also allows to translate site content, including pages, taxonomy terms and blocks into different languages. The same as in Interface Translation module, the default language of the content can be easily configured. Users can even hide or display the position of language selector.

4. Configuration Translation Module.

The configuration translation module provides a translation interface for configuration. It allows to translate text that is part of the configuration, such as field labels, the text used in Views, etc.

Moreover, there is a provision of an overview screen to help you in the process.

Contributed Modules for Building a Multilingual Website in Drupal 8

Now, let’s proceed with the list of contributed modules that will help you build your Drupal 8 multilingual website.

1. Language Cookie Module.

Language Cookie module identifies visitors' mother languages. How? It simply adds an extra “cookie” field to the Language Negotiation settings. Therefore, the language on your website will instantly be set in accordance with this extra cookie.

2. IP Language Negotiation Module.

IP Language Negotiation is a key module for your Drupal 8 multilingual website. By detecting the countries that your visitors access your website from it instantly displays the content on your website in their native languages.

3. Language Fallback Module.

Language Fallback module allows to specify a language fallback for each defined language, so translation can fallback to another language. If a certain translation can't be delivered to your visitors in your custom language, they will always get the requested content in another familiar language or dialect.

4. Language Selection Page Module.

Instead of trying to identify your website visitors' mother languages, let them choose the languages they'd like to see the content translated to. Language Selection Page module allows visitors of your website to select the language on landing page/splash page, based on the languages that have been enabled on your Drupal platform.

It’s Time to Build a Multilingual Website in Drupal 8

Content on your website determines traffic, positive user experience and conversion rates. Choosing the right CMS from the start is vital to managing the content of any proposed multilingual site.

As soon as Drupal 8 delivers multilingual platforms straight out-of-the-box, it is a perfect solution for building a multilingual website.

Our Drupal development team at InternetDevels has years of experience in developing multilingual websites in Drupal CMS. Don’t hesitate to contact us if you have any questions regarding your multilingual platform or need our services on its development or support.

Oct 31 2018
Oct 31

Today, Acquia announced a partnership with Elastic Path, a headless commerce platform. In this post, I want to explore the advantages of headless commerce and the opportunity it holds for both Drupal and Acquia.

The advantages of headless commerce

In a headless commerce approach, the front-end shopping experience is decoupled from the commerce business layer. Headless commerce platforms provide a clean separation between the front end and back end; the shopping experience is provided by Drupal and the commerce business logic is provided by the commerce platform. This decoupling provides advantages for the developer, merchant and shopping experience.

  • For developers, it means that you can decouple both the development and the architecture. This allows you to build an innovative shopping experience without having to worry about impacting a system as critical as your commerce backend. For instance, you can add ratings and reviews to your shopping experience without having to redeploy your commerce platform.
  • For merchants, it can provide a better experience for administering the shop. Traditional commerce solution usually ship with a lightweight content management system. This means that there can be competition over which system provides the experience layer (i.e. the "glass"). This can introduce overlap in functionality; both systems offer ways to manage URLs, create landing pages, manage user access rights, etc. Because headless commerce systems are designed from the ground up to integrate with other systems, there is less duplication of functionality. This provides a streamlined experience for merchants.
  • And last but not least, there is the shopping experience for end-users or consumers. Simply put, consumers are demanding better experiences when they shop online. They want editorials, lookbooks, tutorials, product demonstration videos, testimonials, and more. They want the content-rich experiences that a comprehensive content management system can provide.

All this is why Acquia is excited about our partnership with Elastic Path. I believe the partnership is a win-win-win. It's a win for Acquia because we are now better equipped than ever to offer personal, unique and delightful shopping experiences. It is a win for Elastic Path as they have the opportunity to provide contextual commerce solutions to any Acquia customer. Last but not least, it's a win for Drupal because it will introduce more organizations to the project.

Note that many of the above integration challenges don't apply to native solutions like Drupal Commerce for Drupal or WooCommerce for WordPress. It only applies when you have to integrate two entirely different systems. Integrating two different systems is a common use case, because customers either already have a commerce platforms in place that they don't want to replace, or because native solutions don't meet their needs.

Acquia's commitment to best of breed

Acquia remains committed to a best-of-breed strategy for commerce. There isn't a single commerce platform that meets the needs of all our customers. This belief comes from years of experience in the field. Acquia's customers want to integrate with a variety of commerce systems such as Elastic Path, SAP Hybris, Salesforce Commerce Cloud (Demandware), Magento, BigCommerce, Reaction Commerce, Oracle ATG, Moltin, and more. Our customers also want to use Drupal Commerce, Drupal's native commerce solution. We believe customers should be able to integrate Drupal with their commerce management solutions of choice.

October 31, 2018

2 min read time

db db
Oct 31 2018
Oct 31

Join us on November 5th for the Zurich Drupal Meetup at the Amazee Labs Zürich office.

Agenda

  • The File Management Module for Drupal 8 - Lightning talk + Q&A by David Pacassi Torrico
  • Outlook Drupal Switzerland Activities 2019 - Discussion by Josef Dabernig (Amazee Labs)
  • Propose your topic in the comments!


General Information 

The Zurich Drupal Meetup is dedicated to people interested in the Content Management System & Framework Drupal.

We welcome everybody from beginners to Drupal ninjas and would be happy to see you present a recent project of yours or talk about any other Drupal-related topic.

Talk Formats

  • Lightning talk (max. 10 minutes)
  • Short talk (max. 25 minutes)
  • Full talk (max. 45 minutes)

If you would like to join us, sign-up here: https://www.meetup.com/Zurich-Drupal-Meetup/ 

Oct 31 2018
Oct 31

In this episode, we cover the Drupal 8 Linkit Module. This module extends the link functionality of your Drupal 8 WYSIWYG editor (like CKeditor) to make it easier to link to other pages on your website. Rather than having to go find a page on your website you would like to link to, copy the URL, and paste it in the link field, this module allows you to do it in one step!

Check out the Code Karate Patreon page

Oct 30 2018
Oct 30

More than 1 million websites worldwide use Drupal to combine great design with power, speed and security that Drupal provides. From large enterprises to NGOs, Drupal is actively helping organizations change the world through their digital experiences. One of these institutions is the Commonwealth of Massachusetts.

In a recent report published by ITIF (an independent, nonpartisan think tank), the official website for the Commonwealth of Massachusetts (mass.gov) was named #3 in the nation for its overall web presence.

“This report assesses four criteria: page-load speed, mobile friendliness, security, and accessibility. For page-load speed, we reviewed both desktop page-load speed and mobile page-load speed.” - ITIF

Building a Better Experience for Constituents

The Commonwealth set out to better the digital experience for the constituents of Massachusetts back in 2016 when they began engaging with outside vendors to take on the responsibility of redesigning and developing mass.gov using the open source CMS Drupal 8. The end goal for the Commonwealth was to restructure their site’s content in a way that made it intuitive for people to accomplish their goals.

With the help of Palantir.net, Massachusetts launched the new platform in October 2017 designed to better serve constituent needs in the digital age.

“We’ve redesigned Mass.gov for you, the people of the Commonwealth. We have one goal: to make it easy for you to find what you need.” - Mass.gov homepage

We’re proud of Mass.gov for this amazing achievement, and we’re not surprised. Good web design in government is about ensuring a great experience for constituents of diverse backgrounds and creating an open and accessible government for all users.

The goal of ITIF’s report was to assess state government websites based on seven popular state e-government services. Download the full report to see how your state’s website ranked.

Oct 30 2018
Oct 30

Next steps for Drupal's configuration management system.

Configuration management is an important feature of any modern content management system. Those following modern development best-practices use a development workflow that involves some sort of development and staging environment that is separate from the production environment.

Configuration management example

Given such a development workflow, you need to push configuration changes from development to production (similar to how you need to push code or content between environments). Drupal's configuration management system helps you do that in a powerful yet elegant way.

Since I announced the original Configuration Management Initiative over seven years ago, we've developed and shipped a strong configuration management API in Drupal 8. Drupal 8's configuration management system is a huge step forward from where we were in Drupal 7, and a much more robust solution than what is offered by many of our competitors.

All configuration in a Drupal 8 site — from one-off settings such as site name to content types and field definitions — can be seamlessly moved between environments, allowing for quick and easy deployment between development, staging and production environments.

However, now that we have a couple of years of building Drupal 8 sites behind us, various limitations have surfaced. While these limitations usually have solutions via contributed modules, it has become clear that we would benefit from extending Drupal core's built-in configuration management APIs. This way, we can establish best practices and standard approaches that work for all.

Configuraton management initiativeThe four different focus areas for Drupal 8. The configuration management initiative is part of the 'Improve Drupal for developers' track.

I first talked about this need in my DrupalCon Nashville keynote, where I announced the Configuration Management 2.0 initiative. The goal of this initiative is to extend Drupal's built-in configuration management so we can support more common workflows out-of-the-box without the need of contributed modules.

What is an example workflow that is not currently supported out-of-the-box? Support for different configurations by environment. This is a valuable use case because some settings are undesirable to have enabled in all environments. For example, you most likely don't want to enable debugging tools in production.

Configuration management example

The contributed module Config Filter extends Drupal core's built-in configuration management capabilities by providing an API to support different workflows which filter out or transform certain configuration changes as they are being pushed to production. Config Split, another contributed module, builds on top of Config Filter to allow for differences in configuration between various environments.

The Config Split module's use case is just one example of how we can improve Drupal's out-of-the-box configuration management capabilities. The community created a longer list of pain points and advanced use cases for the configuration management system.

While the initiative team is working on executing on these long-term improvements, they are also focused on delivering incremental improvements with each new version of Drupal 8, and have distilled the most high-priority items into a configuration management roadmap.

  • In Drupal 8.6, we added support for creating new sites from existing configuration. This enables developers to launch a development site that matches a production site's configuration with just a few clicks.
  • For Drupal 8.7, we're planning on shipping an experimental module for dealing with environment specific configuration, moving the capabilities of Config Filter and the basic capabilities of Config Split to Drupal core through the addition of a Configuration Transformer API.
  • For Drupal 8.8, the focus is on supporting configuration updates across different sites. We want to allow both sites and distributions to package configuration (similar to the well-known Features module) so they can easily be deployed across other sites.

How to get involved

There are many opportunities to contribute to this initiative and we'd love your help.

If you would like to get involved, check out the Configuration Management 2.0 project and various Drupal core issues tagged as "CMI 2.0 candidate".

Special thanks to Fabian Bircher (Nuvole), Jeff Beeman (Acquia), Angela Byron (Acquia), ASH (Acquia), and Alex Pott (Thunder) for contributions to this blog post.

October 30, 2018

2 min read time

Oct 30 2018
Oct 30

Drupal Modules: The One Percent — Entity Jump Menu (video tutorial)

[embedded content]

Episode 50

Here is where we bring awareness to Drupal modules running on less than 1% of reporting sites. Today we'll consider Entity Jump Menu, a module which allows you to quickly navigate between nodes, users, and taxonomy terms provided you know their ID.

Oct 30 2018
Oct 30

Our client is migrating from Luminate CMS to Drupal because they want to improve performance without changing the look or feel of the site. Each of the pages on a Luminate site are like snowflakes - unique. It doesn’t make sense to rebuild those features as structured blocks given that they only appear on one single page. So having the ability to use existing JS and CSS allows us to copy and paste markup without rebuilding a whole structure that wouldn’t be repurposed on other pages.

This technically savvy client wants a way to add existing JavaScript and CSS to Drupal pages. So let’s give them the capability of putting raw CSS and JavaScript on their pages. This will help them complete the migration, moving their existing code to Drupal. These are the tools the content editors need to make their website beautiful and effective. If your content editors are more familiar with writing javascript and css here’s how to enable them to keep doing that.

To make this happen, first make a raw field formatter.

  • Go to Configuration > Content authoring > Text formats and editors.
  • Add a new text format called “Raw”. None of the filters should be enabled since this will be raw output.

Raw Text Format

Adding in raw text format

No Filters Enabled

AND…No filters enabled!

Since our client wants to add raw css and javascript to landing pages, we will create a field on the ‘landing page’ content type. It will be Text (formatted, long) and label “Inline CSS”. We will limit it to just one on the page.

Add field inline

Add field inline css

Have it use the Raw text format from the last step. You can limit the field to only this format by installing the package

Composer require drupal/allowed_formats

Be sure to check the “Raw” box on the field page and save it.

Now make sure our field is being output.

  • Go to Admin > Structure > Types > Manage > Landing page > Display > Full
  • Make sure it is enabled and the label is hidden. It should be output in the default format.

Inline css displayed

Making sure inline css is displayed

Visit a landing page content form by going to Manage > Content > Add content > Landing Page, and put some real css in our new field:

Add map background raw

Adding map background raw

We also provide a WYSIWYG place to enter HTML. In this case we need some HTML, perhaps a div, with class=‘map’.

We’re not finished yet! We need to provide a twig template. Look at the output HTML. We get:

<!-- THEME DEBUG -->
<!-- THEME HOOK: 'field' -->
<!-- FILE NAME SUGGESTIONS:
* field--node--field-inline-css--landing-page.html.twig
* field--node--field-inline-css.html.twig
* field--node--landing-page.html.twig
* field--field-inline-css.html.twig
x field--text-long.html.twig
* field.html.twig
-->
<!-- BEGIN OUTPUT from 'core/themes/classy/templates/field/field--text-long.html.twig' -->
<div data-quickedit-field-id="node/589/field_inline_css/en/full" class="clearfix text-formatted field field--name-field-inline-css field--type-text-long field--label-hidden field__item">.map {
background: url(http://www.example.com/assets/images/background-images/banner-landing-page/map.png) center no-repeat;
padding-top: 80px;
min-height: 350px;
}</div>
<!-- END OUTPUT from 'core/themes/classy/templates/field/field--text-long.html.twig' -->

in our output! Notice the <div> surrounding our CSS! We don’t want that! So it’s time to create a Twig template without extra div’s. One that will output raw CSS.

We will go from this (notice all the extra <div>s)


   <div>
       <div></div>
       
           
           
   </div>


And we should do three things:

  1. Remove all <div> tags,
  2. Send it through a raw filter, and
  3. Surround it with <style> tags so we will go to this >
<style>

       
           
           

</style>

Then we get in output:

<!-- THEME DEBUG -->
<!-- THEME HOOK: 'field' -->
<!-- FILE NAME SUGGESTIONS:
x field--node--field-inline-css--landing-page.html.twig
* field--node--field-inline-css.html.twig
* field--node--landing-page.html.twig
* field--field-inline-css.html.twig
* field--text-long.html.twig
* field.html.twig
-->
<!-- BEGIN OUTPUT from 'themes/custom/example/templates/field/field--node--field-inline-css--landing-page.html.twig' -->
<style>
.map {
background: url(http://www.example.com/assets/images/background-images/banner-section-landing-page/map.png) center no-repeat;
padding-top: 80px;
min-height: 350px;
}
</style>
<!-- END OUTPUT from 'themes/custom/example/templates/field/field--node--field-inline-css--landing-page.html.twig' -->

Tada! The CSS shows up ready to use on the page! The same technique can be used to allow content editors to put JavaScript on the page! Instead of putting <style> tags around the template, make it <script> tags instead.

Make sure you meet your content editors where they are, give them tools they can use but don’t use this technique with novice or non-technical content editors.

Get In Touch

Questions? Comments? We want to know! Drop us a line and let’s start talking.

Learn More Get In Touch
Oct 30 2018
kpv
Oct 30

The article continues the series started with Creating interactive content in CKEditor with VisualN Embed article.

It shows how to use IFrames toolkit provided with VisualN module to share embedded drawings across sites.

For our example we use a Drupal 8 site as drawings origin and a Wordpress site as a target resource exposing those drawings. The Wordpress site can be located at any domain and/or server and doesn't depend on the origin in any way.

[embedded content]

There are a couple of use cases when you might want to share drawings:

  • to share content with you audience to promote your brand, attract new users (generate quality traffic) or spread your data / knowledge across the Internet
  • to create SaaS-like solutions when users use your site to create content and reuse on their sites (e.g. Flickr)
  • to use it as a backend platform for your other resource (as in the video above, Drupal 8 can be used as a backend for Wordpress)

 

Generating quality traffic, promoting brand, spreading knowledge

Any shared drawing can be configured to show origin link near (at the bottom by default) the drawing.

Origin links allow to attract new target users from third-party sites. Clicking that link user is redirected to the origin site. Of course, you can't oblige users to click those links, so the user should want or find it useful (e.g. for some additional info) to click it. That makes it fair to expect that mostly target users will click the link under shared content. And thus generate quality traffic.

You can also manage which pages exactly to direct those users to, per drawing basis or multiple at once (using tokens* or relying on defaults). It allows you to better run marketing campaigns, e.g. to temporarily switch shared drawings to direct traffic to a specific page of interest. Also no restrictions are placed upon link url, it may even point to a different site, which allows you to share traffic.
Usually origin page url (i.e. the page where drawings appears) is used by default.

Though it is not always necessary for user to click the link to achieve your goals. Sometimes just showing the content is enough. E.g. when content is obviously related to your brand, it already accomplishes its promoting functions. Or if you want just to share some knowledge (e.g. plastic waste amounts in oceans dynamics), then its still enough that user just reads it. And of course someone should also want to share your content.

These and some other ideas (including those presented below) served as a foundation and composed the notion of Fidelity Marketing, something that can be seen as another branch of Internet Marketing (along with Content and Referral marketing). The concept is developed and promoted within the scope of VisualN Project.

* There are still tasks to do for better tokens support

Creating SaaS-like solutions

With the IFrames toolkit you can build solutions the primary purpose of which is to provide some service to users. There are a lot of such services on the Internet - some of them allow to share images (e.g. Flickr), slides presentations (e.g. Slideshare), data visualizations etc. Now you can build yours of any of these and other types or invent something different.

Also you can add such functionality to an already existing site which would add additional value to it and its users.

Using as a backend for some other resource

Imagine that you or your client (if you are a developer) owns a site made on some other framework or CMS.

When using Drupal with VisualN along with your primary site (if not D8), all embedded content is at one place and belong to your infrastructure, so you don't depend on third-party services providing similar services (e.g. charts or galleries), also it allows to use such solutions in internal, e.g. corporate systems without need to access Internet.

On the other hand VisualN is a general purpose graphical content authoring and sharing framework and can replace multiple other solutions having more specific implementation area.

Configuration details and Sharing settings

As mentioned before, the sharing functionality is provided by VisualN module, namely with VisualN IFrame submodule. At the moment it supports sharing for embedded drawings and drawings created as generic Drupal blocks, provided by VisualN Block submodule (which goes beyond the subject of the current article).

When enabling sharing, you have some options to configure. The following settings are available.

Use defaults - the defaults are set on IFrame settings page. Allows shared drawings to reuse global IFrame settings without saving locally for each single one. Useful to change settings for multiple shared drawings at once.

Show origin link - whether or not to show origin link at the bottom of shared drawings.

Origin url - by default current drawing page url is used. Though you can use some custom page for a specific drawing iframe as origin.

Origin title - you can set any title for the link to appear under the shared drawing. Of course, you can override shared drawing template to change its style or use an image instead of the origin link, e.g. origin site logo.

Open in new window - whether shared drawings links should open origin site in a new window or not.

Conclusion

These are just some obvious implementations of IFrames toolkit, you are encouraged to develop yours. Also the subject itself is relatively new to Drupal ecosystem since there were no noticeable attempts to create a such. As well as for other popular Content Management Systems.

Oct 30 2018
Oct 30

Entity Reference Views are one way you can make life easier for Drupal content creators.

Normally, when people are creating content on your site, each field consists of a single box with a single data point. For example, in a list of people, you might get only the person's name. 

Entity Reference Views allows you to provide far more information. For example, you can add photos and personal details to your list of people.

Entity Reference Views in Drupal 7

In this example, I have a content type called "Presentations" and another content type called "Speakers". Every time I add a presentation, I want to choose from a list of speakers.

  • Install and enable Views and Entity Reference.
  • Go to Structure > Views > Add new view.
  • Create a view of the content that you want content editors to choose from. In this example, I'm going to make a list of "Speakers":
Create a view of content in Drupal
  • At the top of the page, click "Add" then "Entity Reference":
Adding an entity reference view
  • Click "Settings" next to "Entity Reference list".
Click
  • Search fields: Choose the field you want users to search by.
  • Click "Apply (this display)".
Choose the field you want users to search by in Views
  • Check the preview to make sure your view is working ...
The preview of our entity reference view

Step #2. Add a Field with the Entity Reference View

  • Go to Structure > Content types.
  • Add an "Entity Reference" field.
Add an Entity Reference field
  • Target type: Choose to link to nodes, users, files or whatever else you want to display.
  • Mode: Choose "View: Filter by an entity reference view."
  • View used to select the entities: choose the view you created.
  • Click "Save field settings".
Settings for an Entity Reference field
  • Click "Add content" and the data entry for your field will use the View you created:
A working Entity Reference field

Entity Reference Views Widget

It's possible to extend this module by using Entity Reference View Widget. This places your view inside a pop-up box to make it easier to select items.

There's a tutorial here and this video has guidance:

[embedded content]

Entity Reference Views in Drupal 8

Both Views and Entity Reference are now part of the Drupal 8 core. To use Entity Reference Views in Drupal 8, the process is like this:

  • Create a view, as we showed above.
  • Go to Structure > Content types > Add field.
Adding an Entity Reference field in Drupal 8

Click through the settings and under "Reference type", you can choose "Views: Filter by an entity reference view".

The setting Views: Filter by an entity reference view

About the author

Steve is the founder of OSTraining. Originally from the UK, he now lives in Sarasota in the USA. Steve's work straddles the line between teaching and web development.
Oct 30 2018
Oct 30

Entity Reference Views are a great way to make life easier for Drupal content creators.

Normally, when people create content on your site, each field is very plain. However, Entity Reference Views allows you to provide far more information. For example, instead of just showing a list of users, your content creators can browse through a list of names, photos and personal details.

Both Views and Entity Reference are now part of the Drupal 8 core. This made using Entity Reference Views in Drupal 8 much easier.

If you're a Drupal 7 user, read this version of the tutorial.

Step #1. Create a content view

  • Create a view of the content that you want content editors to choose from. In this example, I'm going to make a view by the name "List of Speakers":
Create a view of content in Drupal
  • At the top of the page, click "Add" then "Entity Reference":
Adding an entity reference view
  • Click "Add Fields":

add field

  • Set For to 'This entity_reference (override)
  • Add the fields you want to have displayed and searchable.

03 add field

  • Click "Settings" next to "Entity Reference list".
Click
  • Search fields: Choose the field(s) you want users to search by.
  • Click "Apply (this display)".
04
  • Check the preview to make sure your view is working:
The preview of our entity reference view

Step #2. Add a Field with the Entity Reference View

  • Go to Structure > Content types.
  • Add an "Entity Reference" field.
Adding an Entity Reference field in Drupal 8
  • Save and continue
  • Save field settings
06
  • Click "Add content" and the data entry for your field will use the View you created.
  • If you prefer a checkbox to autocomplete go to Administrator > Structure > Types > Manage > Speakers > Form-display and change the widget type.
07

About the author

Daniel is a web designer from UK, who's a friendly and helpful part of the support team here at OSTraining.
Oct 30 2018
Oct 30

In this episode, we cover the Drupal 8 Contact Storage Module. This module extends the Drupal 8 core contact module by saving the contact entries in the database. This makes it easy to go back and view, edit, or delete any of the contact form submissions on your Drupal 8 site. It's a handy little module that can save you from needing to install a more fully featured form module (like Webform or Entity Forms).

Check out the Code Karate Patreon page

Oct 29 2018
Oct 29

Yesterday, big tech tripped over itself with IBM’s Red Hat acquisition--for the staggering sum of $34B. Many were shocked by the news, but those that know Red Hat well--may have been less surprised. Long the leader and largest open source company in the world: Red Hat has been getting it right for many years.

Still more shocking is how this fits an albeit new pattern for 2018 and beyond. One which is completely different than the typical enterprise software acquisition of the past. Red Hat is not the first mega tech deal of the year for the  open source community. (There was the $7.5B purchase of GitHub by Microsoft, and recently the $5.2B merger of big-data rivals Cloudera and Hortonworks.)

Now, with this much larger move by IBM, it brings us to consider the importance of open source value, and contribution culture-at-large.

This was a great acquisition target for IBM:

  • They have a powerful product suite for some of the more cutting edge aspects of web development including a secure and fully managed version of Linux, hybrid cloud, containerization technology and a large and satisfied customer base;

  • their products and technologies fit perfectly against IBM’s target market of enterprise digital transformation; and

  • the deal opens up a huge market to Red Hat via Big Blue.

And in the age we live--one focused on (and fearful of) security, privacy, data domiciles, and crypto tech--a $14B valuation, over market cap (a premium of $74/share), is a validation of the open source model shining sunlight on software to achieve more secure products.

At Phase2, this news comes with much interest. Red Hat is a company that we know very well for its contributions to open source and web technology, in general. We have worked with Red Hat since 2013 and come to respect them in several key ways.

As pioneers in the commercialization of open source, Red Hat popularized and legitimized the idea that the concept of open contribution and financial gain can co-exist. While our own experimentations with productization of open source over the years within the Drupal community were certainly less publicized, we, and ostensibly the ‘industry’, looked to Red Hat as the archetype for a modern business model that could work.

We’ve had the privilege of working for, and alongside, the Red Hat team to develop many of the company’s websites over the last five years, including Redhat.com and developers.redhat.com. Through these experiences, we have come to value the way in which they blend great talent, great culture, and open values.

On many occasions, we have even drawn parallels between their business culture and our own. After reading the Open Organization by Red Hat CEO Jim Whitehurst, I was struck by the values and culture of Red Hat and their similarities with how Phase2 similarly side-eyes the future. Perhaps it was their open source ethos, collaborative approach, or the meritocracy (vs. democracy or autocracy) they fostered, but I felt like we were emulating a “big brother”.

FInally, but perhaps most importantly, we respect them as a business. The pure fact that a larger-than-life brand like IBM would pay such a premium implies both strategic and business health. I believe that,  while in part it is earned from a strong repeatable subscription-based revenue stream, nothing creates business value like a great culture of amazing people, dependable customers, and undeniable innovation.

And now with IBM’s extended reach and additional resources, we look forward to Red Hat’s continued success and partnership.

Oct 29 2018
Oct 29

This blog has been re-posted and edited with permission from Dries Buytaert's blog. Please leave your comments on the original post.

The cover of the Decoupled Drupal book

Drupal has evolved significantly over the course of its long history. When I first built the Drupal project eighteen years ago, it was a message board for my friends that I worked on in my spare time. Today, Drupal runs two percent of all websites on the internet with the support of an open-source community that includes hundreds of thousands of people from all over the world.

Today, Drupal is going through another transition as its capabilities and applicability continue to expand beyond traditional websites. Drupal now powers digital signage on university campuses, in-flight entertainment systems on commercial flights, interactive kiosks on cruise liners, and even pushes live updates to the countdown clocks in the New York subway system. It doesn't stop there. More and more, digital experiences are starting to encompass virtual reality, augmented reality, chatbots, voice-driven interfaces and Internet of Things applications. All of this is great for Drupal, as it expands its market opportunity and long-term relevance.

Several years ago, I began to emphasize the importance of an API-first approach for Drupal as part of the then-young phenomenon of decoupled Drupal. Now, Drupal developers can count on JSON API, GraphQL and CouchDB, in addition to a range of surrounding tools for developing the decoupled applications described above. These decoupled Drupal advancements represent a pivotal point in Drupal's history.

Decoupled Drupal sites

A few examples of organizations that use decoupled Drupal.

Speaking of important milestones in Drupal's history, I remember the first Drupal book ever published in 2005. At the time, good information on Drupal was hard to find. The first Drupal book helped make the project more accessible to new developers and provided both credibility and reach in the market. Similarly today, decoupled Drupal is still relatively new, and up-to-date literature on the topic can be hard to find. In fact, many people don't even know that Drupal supports decoupled architectures. This is why I'm so excited about the upcoming publication of a new book entitled Decoupled Drupal in Practice, written by Preston So. It will give decoupled Drupal more reach and credibility.

When Preston asked me to write the foreword for the book, I jumped at the chance because I believe his book will be an important next step in the advancement of decoupled Drupal. I've also been working with Preston So for a long time. Preston is currently Director of Research and Innovation at Acquia and a globally respected expert on decoupled Drupal. Preston has been involved in the Drupal community since 2007, and I first worked with him directly in 2012 on the Spark initiative to improve Drupal's editorial user experience. Preston has been researching, writing and speaking on the topic of decoupled Drupal since 2015, and had a big impact on my thinking on decoupled Drupal, on Drupal's adoption of React, and on decoupled Drupal architectures in the Drupal community overall.

To show the value that this book offers, you can read exclusive excerpts of three chapters from Decoupled Drupal in Practice on the Acquia blog and at the Acquia Developer Center. It is available for preorder today on Amazon, and I encourage my readers to pick up a copy!

Congratulations on your book, Preston!

Oct 29 2018
Oct 29

The last step is to modify the javascript and styles that your theme uses to display the pullquotes that have been added in the editing interface. As you can see from the GitHub repo, there are four files that will need to be updated or added to your theme:

  1. your theme info file
  2. your theme library file
  3. the javascript file that adds the markup
  4. the scss (or css) file

In our case, the javascript finds any/all pullquote spans on the page, and then adds them as asides to the DOM, alternating between right and left alignment (for desktop). The scss file then styles them appropriately for small and large breakpoints. Note, too, that the theme css includes specific styles that display in the editing interface, so that content creators can easily see when a pullquote is being added or modified. To remove a pullquote, the editor simply selects it again (which turns the pullquote pink in our theme) and clicks the ckeditor button. 

That wraps up this simple tutorial. You can now rest assured that your readers will never miss an important quote again. The strategy is in no way bulletproof, and so its mileage may vary, but if you have questions, feedback, or suggestions on how this strategy can be improved, please add your comment below. 

Oct 29 2018
Oct 29

Today, more than 80% of people’s interactions with government take place online. Whether it’s starting a business or filing for unemployment, too many of these experiences are slow, confusing, or frustrating. That’s why, one year ago, the Commonwealth of Massachusetts created Digital Services in the Executive Office of Technology and Security Services. Digital Services is at the forefront of the state’s digital transformation. Its mission is to leverage the best technology and information available to make people’s interactions with state government fast, easy, and wicked awesome. There’s a lot of work to do, but we’re making quick progress.

In 2017, Digital Services launched the new Mass.gov. In 2018, the team rolled out the first-ever statewide web analytics platform to use data and verbatim user feedback to guide ongoing product development. Now our researchers and designers are hard at work creating a modern design system that can be reused across the state’s websites and conducting the end-to-end research projects to create user journey maps to improve service design.

If you want to work in a fast-paced agile environment, with a good work life balance, solving hard problems, working with cutting-edge technology, and making a difference in people’s lives, you should join Massachusetts Digital Services.

Check out some of our current postings here:

Digital Strategist

Digital Project Manager

Web Analytics Business Analyst

Didn’t see a good fit for you? Check out more about hiring at the Executive Office of Technology and Security Services and submit your resume in order to be informed on roles as they become available.

Coming soon…

Senior Drupal Developer

Director of Technology

Creative Director

Senior UI/UX Designer

Oct 29 2018
Oct 29

MacOS Mojave, Apple's newest operating system, now features a Dark Mode interface. In Dark Mode, the entire system adopts a darker color palette. Many third-party desktop applications have already been updated to support Dark Mode.

Today, more and more organizations rely on cloud-based web applications to support their workforce; from Gmail to Google Docs, SalesForce, Drupal, WordPress, GitHub, Trello and Jira. Unlike native desktop applications, web applications aren't able to adopt the Dark Mode interface. I personally spend more time using web applications than desktop applications, so not having web applications support Dark Mode defeats its purpose.

This could change as the next version of Safari adds a new CSS media query called prefers-color-scheme. Websites can use it to detect if Dark Mode is enabled.

I learned about the prefers-color-scheme media query on Jeff Geerling's blog, so I decided to give it a try on my own website. Because I use CSS variables to set the colors of my site, it took less than 30 minutes to add Dark Mode support on dri.es. Here is all the code it took:

@media (prefers-color-scheme: dark) {
  :root {
    --primary-font-color: #aaa;
    --secondary-font-color: #777;
    --background-color: #222;
    --table-zebra-color: #333;
    --table-hover-color: #444;
    --hover-color: #333;
  }
}

If you use MacOS Mojave, Safari 12.1 or later, and have Dark Mode enabled, my site will be shown in black:

Dark mode dri es

It will be interesting to see if any of the large web applications, like Gmail or Google Docs will adopt Dark Mode. I bet they will, because it adds a level of polish that will be expected in the future.

October 29, 2018

1 min read time

db db
Oct 29 2018
Oct 29
  • By: Shriganesh
  • Date: 29-10-2018

One of the most important aspects of technology in education is its ability to level the field of opportunity for students. --- John King, U.S. Secretary of Education

How many of you were aware of the fact that the very first instance of what became of the internet, was a communication link between UCLA and Stanford in October 1969?! At that time, more than half of the eventual nodes on the ARPANET - the precursor to today's Internet - were universities. To be fair, the internet was literally born in universities.

In the 80s and the 90s, most of these organizations had a significant online usage penetration and were amongst the first ones to have a digital presence and develop a website of their own.

With the faculty members and the administrators of the education organisation having better access to the internet in much larger numbers, this was viewed not as a potential source of revenue, but as an educational imperative. Unlike their corporate counterparts, higher ed organisations had fewer restrictions, thus making this less about profits and more about the mission.

Today's Scenario?

Over the past 2 decades, the advancements in technology have been tremendous and these changes have played a major role in allowing educational institutions to move into a teaching and learning method inspired and driven by technology.

However, the changes while creating new opportunities for students, have brought upon new obstacles for colleges and universities to overcome.

Today's technology driven higher education is rich and also in tangles. With almost zero editorial governance, most of the universities are caught up in a heap of long trail of microsites, internal portals, mismatched designs, and patchwork integrations.

In the present scenario, from textbooks to exercises, from software simulations to data sets containing educational data, it is necessary to rethink the way these educational resources or “learning objects” are managed.

Though this is all exciting to begin with, it is not just tiny web presence that is the issue. Let us discuss about some of the common problems that higher education institutions face when it comes to content management.

Diverse Audience

In an ideal condition, a website is crafted for a specific audience. However, think of an higher ed institution and the website of its own which will be serving multiple audiences from all the possible corners of the world with a diverse background of their own. Apart from the main set of audience, serving dozens of smaller sub-audiences, the higher education institutions faces the daunting task of serving more people with more complexity in a more challenging web environment.

When we talk about the challenging environment, it is just not about different people needing different information. For example, students might want to access a class video on their mobile device. However, this is driven by various other factors such as students with different economic backgrounds and financial conditions, different broadband speeds, different internet access regulations and many more.

This clearly implies that the requirements for a higher education universities with respect to content, design and development need to be broad, drastically broad!

Contributor Base

With a long tradition of direct web publishing with little or no oversight whatsoever, the higher education projects are always present with larger numbers of content contributors from various departments and wings of the organisation than any other type of industry. They have their own independent departments, each with their own stake, audiences and outcomes, resulting in the faculty members publishing their content in the form of research to public websites under the university banner without clearing this with the central governing body.

To add to the complication, even if the higher education body has a centralized editorial board, the departments often come up with their own editorial teams, making it difficult task for the central governing body to maintain the vision of each individual team.

With all this going on, the most affected are the permissions and the security features under the high number of users and student population. A streamlined user management driven by a central management for permissions and supported by a user database for the website independent of the rest of the organization is a rare sight in the higher education institutions.

Too Many Units, Websites

Most of the large higher ed websites are actually several (in some cases even hundreds) of loosely associated microsites, department websites, external applications and more. Consisting of a number of semi-autonomous departments, the organizational structure is completely paralleled in their website management and governance. This results in a major architectural issue, struggling to keep consistency between the various different groups and their content.

With so many microsites, it often appears as though there is a seperate website for each department. In some cases these websites might differ in terms of visual appearance, architecture of the information, and also the editorial tone. Some extreme cases can also have the micro sites running on seperate servers, powered by their own CMS and operated as complete separate entities!

System Integrations

A great university does more than just handle a bunch of students and teach them a few subjects. Similarly, a great website does more than just show a text page or two. An average higher education institution is quite complex, involving lot of people, departments, students and more. Thus the average website of this average institution is bound to be complex system of interlocking technologies.

A typical website for a higher education institution is a complex world of system integrations with functionalities bolted onto the main content management systems. With multiple portals and support systems to service the academic needs of the student population, there lies a huge challenge in how to balance the specific needs of their diverse audience and also manage the technology constraints with respect to standards of integrations.

The Solution

When we think from the perspective of an educational institution there is a lot of data that is travelling among the teachers, students and the administrators. Comprising of worksheets, homework, reports, assignments and so on, most of this content is not managed and maintained by the educational institution but by the teachers themselves, making it entirely dependent on context and the learning goals to be achieved.

Quoting Wiley, in his “content is infrastructure,” the learning process must be created on top of such infrastructure, and there is a real need for managing all those contents available on the Web.

This fact combined with the concept of open educational resources, enables a new environment for learners that view the web as a learning space with many possibilities, with no time or space barriers. While content management has traditionally been related to content producers such as news and media agencies, publishers and other portals, the higher education institutions are a major contender (courtesy of their methods to churn out their own content on a regular basis) to use a CMS effectively.

A CMS is basically defined as a combination of three distinct concepts: content, process and technology.

Content usually refers to the text, graphics, videos, animations and other media that comprise the base of a system.

Process is more concerned about the users and the actions performed by the users. Defined as the set of actions that produce a notable outcome, process refers to the ways integrated into the system for the users to perform certain tasks such as publish, share or download.

Technology is the driving force to perform the process and control content over the internet.

Content Management System & The Concept of Compound Learning

The basic purpose of any CMS in any industry is to manage the information workflow in a database and publish the content onto the web environment. However, even when the purpose is standard for any user, the process and the way to present it to many other users differs according to the user requirements that can range from a simple task to a complex one.

In the case of educational purposes, a CMS can be used to submit various assignments or publish research papers or update information on the student portal etc. Furthermore, using the CMS as a support for classroom instruction results in a structure for Compound Learning.

Compound Learning is the combination of both the traditional instructions and e-learning with the support of an effective CMS like Drupal. This ensures that the students are not deprived of the interactivity in the classroom and also are exposed to technology that eases their workload.

From the teacher's point of view, this integration of a CMS like Drupal helps them effectively manage their online information such as audios, videos, animation, interactive applications and more. Providing an effective usage to control processes for managing content and its users, some of the features that Drupal CMS offers are,

  • Easy navigation
  • Effective information management
  • Ease of access and usage
  • Architectural organization
  • Different interfaces and functions for different user groups
  • Robustness & Scalability

Furthermore, by using a CMS like Drupal, higher education institutions can develop up-to-date information on a regular basis, improve their system administration and also lower their expenses at the same time. Also, achieving following goals with a Drupal CMS becomes much easier.

  • Ease of use with security and permissions
  • Creating workflow administration
  • Separating content from design and view
  • Managing and controlling content
  • Handling structures for metadata
  • Creating depository for reusable content and more...

When education systems find it hard to maintain knowledge acquisition, management and publishing process because of their complexity, web based content management systems like Drupal makes things easier irrespective of the amount of content owned and the amount of updates and modifications required.

In any higher education institution, it is very important to understand how a CMS impacts a number of people and the departments concerned. While analyzing the current website of the institution and using the input from some of the key individuals helps in understanding how a CMS fits into the environment, the decision is still based on an extensive process and open communication. In the field of educational technology, it is an often repeated motto to emphasize teaching with technology rather than teaching the technology itself.

Oct 29 2018
Oct 29

Cloning is a concept that runs in almost every industry that exists, for ages. And the world of website development is no different from others. Multiple tools are available to clone a website, be it a command line or GUI. Being in the business of coding for years now, we at AddWeb have cloned a number of websites/website pages to fulfill the requirement of our client.

 

Over a span of 6+ years of our existence in the industry as a leading IT company, we have worked with a host of international clients. Similarly, this time too a client, whose name we can not disclose due to legal & ethical reasons, came up with a requirement of cloning multiple pages for their Drupal-based website. And we, buckled-up to deliver our expertise and stand true to the client’s requirement.

The Client’s Requirement:
Simple cloning is not an extraordinary task since the modules for the same are easily available from the community. But this one required us to clone multiple pages at a time, where the original page is not affected. Also, the pages had to be cloned in such a manner that the components of the same are thoroughly included. Scrutinizing the nature of the requirement, we realized that this type of cloning required us to either custom-create a module or make alterations to the existing module available for cloning. The website was in Drupal 8 and we knew, it’s about time to show some more love for our most loved tech-stack.
 

The Process of Cloning:
Drupal 8 has always been our favorite sphere to work on. So, all excited and geared up with the tool of our experience over the same we searched out the available module for cloning from the community site of Drupal - Drupal.org. The name of this module is ‘Entity Clone Module’. 

The Emergence of Challenge:
But as they say, “Calm waters does not make a good sailor”. The water was not calm for us either. Because as we said the cloning module that we found from the community came with a limitation, which was that only one page can be cloned at a time. So, now was the time to bring our expert knowledge of Drupal to use and create a custom module that fulfills the requirement of the client.
 

Overcoming the Challenge:
We have had made a couple of modules in Drupal earlier and hence, we knew we would be able to create a fine custom module for cloning. And we did it! Yes, we created a custom module which came with multiple page templates, group-wise. One just needs to select the required page-template, submit the form to clone it and it’s done. Every single selected page gets cloned along with the components. This process turned out to be immensely useful for the editor. Because it saved both the admin’s time as well as energy to clone the pages. This process was otherwise quite tedious and time-taking since the admin had to clone one page at a time; whereas here just one single click and multiple pages are cloned together. And we’ll definitely share the credit of creating this custom module for cloning with the ‘Entity Clone Module’; since we used their script and made some alterations and addition to it in order to make the multiple-page cloning feature possible.

The Final Word:
We, at AddWeb Solution Pvt. Ltd., believe the ultimate achievement of any work that we do lies in the satisfaction that the client feels on delivering the final product. And we don’t whether we’re just lucky or too good with our work that like others, this client too responded to us with the appreciation - not just for the quality of the work that we deliver but also for the ‘Artful Agile’ process that we choose to follow for our work!

Oct 29 2018
Oct 29

Drupal 7.61 - the next planned minor release of Drupal 7 - is scheduled for Wednesday, November 7th, 2018. Minor releases include new features, usability improvements, and backwards-compatible API improvements.

The release will feature full compatibility for PHP 7.2 and so far includes the following changes:

  • File upload validation functions and hook_file_validate() implementations are
    now always passed the correct file URI.
  • The default form cache expiration of 6 hours is now configurable (API
    addition: https://www.drupal.org/node/2857751).
  • Allowed callers of drupal_http_request() to optionally specify an explicit
    Host header.
  • Allowed the + character to appear in usernames.
  • PHP 7.2: Fixed Archive_Tar incompatibility.
  • PHP 7.2: Removed deprecated function each().
  • PHP 7.2: Avoid count() calls on uncountable variables.
  • PHP 7.2: Removed deprecated create_function() call.
  • PHP 7.2: Make sure variables are arrays in theme_links().
  • Fixed theme-settings.php not being loaded on cached forms

At core committer discretion important bug fixes might be added prior to release and this post will be updated to inform of further changes.

Thanks for your patience,

The Drupal 7 core committer team

Oct 29 2018
Oct 29

In just a few weeks the Norwegian Drupal association will host the annual Drupalcamp oslo (9-10th of November). If you have not already booked your tickets, now is the time!

Great featured speakers

We are very pleased with our program this year. In addition to the rest of the program, we are proud of our invited featured speakers:

Senior technical architect justafish from Lullabot is coming to speak about the JavaScript modernization initiative! If you are not already aware of the work going on in core in this area, don't miss this opportunity to get a first hand view at the exciting progress!

CEO and co-founder of 1xINTERNET baddysonja is having a session about how "Drupal is full of opportunities". Come and get inspired about the Drupal ecosystem, with a focus on contribution and volenteering!

Also joining us is security team member Stella Power, Managing Director and founder of Annertech.

Open source in the public sector

But not only that: The first half of Friday will be dedicated to the subject "open source in the public sector". It will be a segment that will be free to attend for everyone, trying to bring attention to the subject especially for Norway, where we still have a way to go in this area (my own subjective opinion). It will feature national and international case studies as well as Jeffrey A. “jam” McGuire talking about international trends.

What are you waiting for?

The preliminary program is available here, and we still have early bird tickets for just a few days more.

Welcome everyone! See you there!

Oct 29 2018
Oct 29

So, you’ve decided to join the Drupal community and want to know what are some development tips you should know beforehand? You are in the right place. Firstly, I’d like to welcome you to the most awesome development community out there.

Starting out with Drupal can be a bit daunting, after all, it is quite a bit more complex than other popular CMSs, but it’s also a lot more rewarding, powering all kinds of websites out there.

So, let’s go through what are some things you should be familiar with, to get started on your Drupal journey.

Languages

While you could create a Drupal site without any prior programming languages knowledge, to make anything more than a simple website would most probably require delving into Drupal’s back-end. For that purpose, it helps to know beforehand what technologies Drupal is using and what you’ll be dealing with. To keep this section simple, Drupal utilizes the following:

  • PHP 7 (Symfony Framework)
  • HTML5, CSS3 (Sass) and Javascript (jQuery and recently React)

Getting familiar with core PHP as well as Symfony framework plus front-end skills should get you in a pretty good position for Drupal development.

Front-end frameworks

This point ties into the point above. Read about frameworks, what they are, as well as how they are used. Frameworks are also going to become a lot more important for Drupal, due to the emergence of headless or decoupled Drupal (a concept that allows integration of various front-end technologies such as React, Angular etc. with Drupal’s back-end). This further enforces the importance of familiarity with JavaScript since all of these front-end technologies are built on it.

Twig Templating Engine

Drupal 8’s move to the Symfony framework has resulted in the Twig templating engine being used throughout. Learning Twig templating is an absolute must for any aspiring Drupal developer. The great thing about Twig templating is that it is easy to learn and use.

Command Line Interface (CLI)

Developing on Drupal will require quite a lot of time spent on Command Line Interfaces, in fact, it’s so essential that Drupal has its own CLIs, named Drush and Console. Also with tools like a Composer, you can make it a lot easier for your Drupal development efforts by learning it to get a grip with CLI.

Debugging

Ah debugging. This is an essential skill for any developer. While Drupal has a great built-in error reporting tool, there will be many scenarios where it won’t be able to catch on to problems, and that’s where your debugging skills will come in handy. Any Drupal developer worth his salt should be a good debugger. At AGILEDROP we use XDebug.

How Drupal works

Learning how Drupal works is a crucial step in your Drupal development journey. Learning the ins and outs of the CMS keeps a clear picture in your head and provides a good high-level view of what goes on behind the scenes of a Drupal site. The official Drupal site has a great in-depth section on its working.

Theming

Themes are a basic component of Drupal. They give Drupal site’s their looks and turns them from boring and bland sites to pretty and visually appealing sites. Learning how Drupal handles themes and how they are implemented should be a part of every Drupal developer's arsenal.

Version control

Version control is a form of keeping revisions for your code. This is a skill that every developer should have, regardless of the technologies they work on. Version control also acts as a gateway to collaboration with other devs and the Drupal community. As in many other open-source communities, Drupal developers mostly use Git.

Contribute to the community

Speaking of Community, Drupal is a CMS that thrives on it. Being an open-source software the community is what keeps it thriving. Drupal’s community is widely known as being one of the greatest of all open-source software. Contributing to the community doesn’t only help Drupal to grow, it also helps you to know great people while simultaneously increasing your Drupal development knowledge!

Are you starting a Drupal site and coming across hurdles? Our extensive experience with Drupal here at Agiledrop can be of great use to you! Feel free to contact us.

Oct 29 2018
Oct 29

If you want to build a large, multi-level drop-down menu in Drupal 8, then the Superfish module is a great choice.

The Superfish module makes use of the jQuery Superfish menu plugin, which is useful for multi-level drop-down menus. Superfish has more features than most dropdown menus. It supports touch devices and keyboard interaction.

In this tutorial, we’re going to create a menu for a sports news site with three menu levels.

Three menu levels

Step #1. Install the module and libraries

First, let's install the module:

Now, let's install the libraries:

  • Download the Superfish library 2.x for Drupal 8.x.
  • Uncompress it to your [DRUPAL_ROOT]/libraries directory. If you don’t have the libraries directory yet, please create it
  • Download the jQuery Easing plugin (optional but recommended)
  • Uncompress it too to your [DRUPAL_ROOT]/libraries directory. 
  • Rename both directories, so that you have the following file/folder structure:

 Superfish module file structure

Step #2. Create the menu structure

  • Go to Structure > Menus.
  • Click the Add menu button:

Click Add menu button

  • Enter the menu title and click the Save button:

Add site title and click Save

Step #3. Add the menu links

  • Once the menu has been added, click the Add link button to create the menu links:

Click Add link button

  • Create the menu links according to the predefined structure. Notice that you have to link each menu item to a piece of content.
  • Click on the Show as expanded checkbox, so that the menu will appear expanded if it has children.
  • Click the Save button each time you create a menu item.

Create menu link and click Save

Once you have created all the links:

  • Use the handles to drag and drop the items in order to match the menu structure
  • Click Save:

Match the menu structure and click Save

Step #4. Place the menu

Menus in Drupal 8 are rendered as block entities.

  • Click Structure > Block layout.
  • Search the Primary menu region and disable the Main navigation default block.
  • Click the Place block button.

Click Place block button

  • Enter the name of your menu in the search box. You will find two “News site” menus.
  • Click the Place block button on the line with the Supefish category.

Click Place block button

Step #5. Finalize the Superfish configuration

  • Uncheck the Display title checkbox:

Uncheck Display title checkbox

There are several configuration options in this window. Particular attention deserves the Slide-in effect provided by the jQuery Easing plugin (which you downloaded at the beginning) and the ADVANCED SETTINGS where you can configure for instance the animation speed. Play with this options until you find the ones to your liking.

Block settings

Advanced settings

  • Click Save block and go to your homepage. You will have a multi-level drop-down menu now!

You have to tweak it with your own CSS, but the main menu functionality is there:

You have a multi level dropdown menu now

I hope you enjoyed reading this tutorial and making your own Superfish menu. Please leave your comments below.


About the author

Jorge lived in Ecuador and Germany. Now he is back to his homeland Colombia. He spends his time translating from English and German to Spanish. He enjoys playing with Drupal and other Open Source Content Management Systems and technologies.
Oct 29 2018
Oct 29
How to Set Up Dropdown Menus in Drupal 8

A few years ago, we published a very popular post called "How to Create Dropdown Menus in Drupal".

That post focused on Drupal 7, and some things have changed in Drupal 8.

Here's an updated explanation of how to set up dropdown menus for a Drupal 8 site.

Step #1. Choose a theme with dropdowns

Before you can use a dropdown menu, choose your theme carefully.

Many themes don't have dropdown menus built-in. That includes Drupal's core themes, such as Bartik. Unless you want to make major code changes, it is best to choose a theme that already have dropdowns available. To find out whether a theme does have dropdowns, read the theme's description and documentation on Drupal.org.

If your theme doesn't support dropdowns, we do have a guide to adding a dropdown menu using a module.

Step #2. Create the dropdown links

If you want dropdown menus, you'll need to arrange your menu links in a parent-child relationship:

  • Go to Structure > Menus > Main Navigation.
  • Drag-and-drop your menu links to that they are in a hierarchy:

menu indented in Drupal 8

Also, edit each menu link and check "Show as expanded". If you don't choose this option, the dropdown link will only show if you are on the page being linked to.

show as expanded

Step #3. Places the menu block

In Drupal, menus are normally placed by using blocks:

  • Go to Structure > Block layout.
  • Click "Demonstrate block regions"
  • You'll now see a layout of your theme's regions. It should be clear where your menu should be placed. In this case, use the "Navigation" region. 
  • In this example, move the Move the "Main navigation" block to the "Navigation" region.

Your dropdowns will not appear unless your menu block is in a block region that supports dropdowns.

breeze-regions

Step #4. Configure your menu block

This is the major change in Drupal 8 in regards to dropdown menus. You must configure your menu block.

  • Click "Configure" next to the "Main navigation" block.
  • Change "Maximum number of menu levels to display" to more than 1.
Editing the menu block in the Breeze Drupal 8 theme

Step #5. Check the end result

If you make the changes listed here, your dropdown menus should appear:

Dropdown menus in the Breeze Drupal 8 theme

About the author

Steve is the founder of OSTraining. Originally from the UK, he now lives in Sarasota in the USA. Steve's work straddles the line between teaching and web development.
Oct 29 2018
Oct 29

In this episode, we will cover five different ways to download and install modules in Drupal 8. Yes, that’s right, FIVE different ways! If you are just getting started with Drupal or are transitioning from Drupal 7 to Drupal 8, this is a great place to start. Once you understand all the ways to download and install modules, you can make the decision on which option works best for you.

Check out the Code Karate Patreon page

Oct 28 2018
Oct 28

In 2017, Drupal Association decided not to host a DrupalCon Europe 2018 due to waning attendance and financial losses. They took some time to make the European event more sustainable. After this, the Drupal community decided to organise a Drupal Europe event in Darmstadt, Germany in 2018. My colleagues and I joined the biggest European Drupal event in October and here is my summary of few talks I really enjoyed!

Driesnote

By Dries Buytaert
Track: Drupal + Technology
Recording and slides

This year, Dries Buytaert focuses on improvements made for Drupal users such as content creators, evaluators and developers.

Compared to last year, Drupal 8 contributions increased by 10% and stable modules released by 46%. Moreover, a steady progress is noticeable. Especially in many core initiatives like the last version of Drupal 8 which is shipped with features and improvements created from 4 core initiatives.

Content creators are the key-decision makers in the selection of a CMS now. Their expectations have changed: they need flexibility but also simpler tools to edit contents. The layout_builder core module gives some solutions by enabling to edit a content inline and drag-and-dropping elements in different sections. The management of medias has been improved too and there is a possibility to prepare different “states” of contents using workspaces module. But the progress doesn’t stop here. The next step is to modernize the administrative UI with a refresh of the Seven administration theme based on React. Using this modern framework makes it familiar to Javascript (JS) developers and is building a bridge with the JS community.

Drupal took a big step forward for evaluators as it provides a demo profile called “Umami” now. Evaluators have a clear understanding of what kind of websites can be produced by Drupal and how it works by navigating through the demo website.
The online documentation on drupal.org has also been reorganized with a clear separation of Drupal 7 and Drupal 8. It provides some getting-started guides too. Finally, a quick-install link is available to have a website running within 3 clicks and 1 minute 27 seconds!

Developers experience has been improved as well: minor releases are now supported for 12 months instead of the former 4 weeks. Teams will have more time to plan their updates efficiently. Moreover, Gitlab will be adopted within the next months to manage the code contributions. This modern collaborative tool will encourage more people to participate to projects.

Regarding the support of the current Drupal versions, Dries shares that Symfony 3, the base component of Drupal 8 will be end-of-life by 2021. To keep the CMS secure, it implies to be end-of-life by November 2021 and Drupal 9 should be released in 2020. The upgrade from Drupal 8 to Drupal 9 should be smooth as long as you stay current with the minor releases and don’t use modules with deprecated APIs.
The support of Drupal 7 has been extended to November 2021 as the migration path from Drupal 7 to Drupal 8 is not stable with multilingualism yet.

This is a slide from Driesnote presentation showing a mountain with many tooltips: "Drupal 8 will be end-of-life by November 2021", "Drupal 7 will be supported until November 2021", "Drupal 9 will be released in 2020", "Drupal 8 became a better tool for developers", "You now have up to 12 months to upgrade your sites", "Drupal 8 became much easier to evaluate", "We've begun to coordinate the marketing of Drupal", "Drupal 8 became easier to use for content creators", "Drupal.org is moving to GitLab very soon".Slide from Driesnote showing current state of Drupal.

Last but not least, DrupalCon is coming back next year and will be held in Amsterdam!

JavaScript modernisation initiative

By Cristina Chumillas, Lauri Eskola, Matthew Grill, Daniel Wehner and Sally Young
Track: Drupal + Technology
Recording and slides

After a lot of discussions on which JS framework will be used to build the new Drupal administrative experience, React was finally chosen for its popularity.

The initiative members wanted to focus on the content editing experience. This affects a big group of Drupal users. The goal was to simplify and modernize the current interface. Furthermore, embracing practices that are familiar to JS developers so they can easier join the Drupal community.
On one hand, a UX team ran some user tests. Those showed that users like the flexibility they have with Drupal interface but dislike its complexity usually. A comparative study was ran to know what has been used in other tools or CMSs too. On the other hand, the User Interface (UI) team worked on the redesign of the administrative interface and built a design system based on components. The refreshment of the Seven administration theme is ongoing.
Another group worked on prototyping the User Experience (UX) and User Interface (UI) changes with React. For instance, if an editor quits a page without saving they's last changes, a popup appears to restore the last changes. This is possible due to contents stored to the state of the application.

You can see a demo of the new administrative UI in the video (go to 20 minutes 48 seconds):

[embedded content]Demo of the new administrative UI in Drupal 8

If you are interested, you can install the demo and of course join the initiative!

Drupal Diversity & Inclusion: Building a stronger community

By Tara King and Elli Ludwigson
Track: Drupal Community
Recording

Diversity in gender, race, ethnicity, immigration status, disability, religion etc. helps a lot. Proven it makes a team more creative, collaborative and effective.

Tara King and Elli Ludwigson who are part of the Drupal Diversity and Inclusion team presented how Drupal is building a stronger and smarter community. The initial need was to make Drupal a safer place for all. Especially for the less visible ones at community events such as women, minorities and people with disabilities.
The group addressed several issues, such as racism, sexism, homophobia, language barriers etc. with different efforts and initiatives. For example, diversity is highlighted and supported in Drupal events: pronoun stickers are distributed, #WeAreDrupal hashtag is used on Twitter and social events are organized for underrepresented people as well. Moreover, the group has released an online resource library, which collects articles about diversity. All of this is ongoing and new initiatives were created. Helping people finding jobs or attracting more diverse people as recruiters are only two to name.

Flyer put on a table with the text "Make eye Contact. Invite someone to join the conversation. Consider new perspectives. Call out exclusionary behavior. Be an ally at Drupal events."Diversity and Inclusion flyer, photo by Paul Johnson, license CC BY-NC 2.0 Sign mentionning "All-gender restrooms" at Drupal Europe venue.All-gender restrooms sign, photo by Gábor Hojtsy, license CC BY-SA 2.0

If you are interested in the subject and would like to be involved, there are weekly meetings in #diversity-inclusion Drupal Slack channel. You can join the contrib team or work on the issue queue too.

Willy Wonka and the Secure Container Factory

By Dave Hall
Track: DevOps + Infrastructure
Recording

Docker is a tool that is designed to create, deploy and run applications easily by using containers. It is also about “running random code downloaded from the internet and running it as root”. This quote points out how it is important to maintain secure containers. David Hall illustrates this with practical advice and images from the “Willy Wonka and the chocolate factory” movie. Here is a little recap:

  • Have a light image: big images will slow down deployments and also increase the attack surface. Install an Alpine distribution rather than a Debian which is about 20 times lighter;
  • Check downloaded sources very carefully: for instance, you can use wget command and validate checksum for a file. Plus you can scan your images to check vulnerabilities using tools like Microscanner or Clair;
  • Use continuous development workflows: build a plan to maintain your Docker images, using a good Continous Integration / Continous Delivery (CI/CD) system and document it;
  • Specify a user in your dockerfile: running root on a container is the same as running root on the host. You need to reduce the actions of a potential attacker;
  • Measure your uptime in hours/days: it is important to rebuild and redeploy often to potentially avoid having a compromised system for a long time.

Now you are able to incorporate these advice into your dockerfiles in order to build a safer factory than Willy Wonka’s.

Decoupled Drupal: Implications, risks and changes from a business perspective

By Michael Schmid
Track: Agency + Business
Recording

Before 2016, Michael Schmid and his team worked on fully Drupal projects. Ever since they are working on progressive and fully decoupled projects.
A fully decoupled website means that frontend is not handled with Drupal but with a JS framework such as React. This framework is “talking” to Drupal via an API such as GraphQL. It also means, that all interactions from Drupal are gone: views with filters, webforms, comments etc. If a module provides frontend, it is not useable anymore and needs to be somehow re-implemented.
When it comes to progressive decoupled websites, frontend stack is still built with Drupal. But some parts are implemented with a JS framework. You can have data provided by APIs or injected from Drupal too. The advantage is that you can benefit from Drupal components and don’t need to re-implement everything. A downside of it are conflicts with CSS styling and build systems handled on both sides. Therefore you need to have a clear understanding of what does what.

To be able to run such projects successfully, it is important to train every developer in new technologies: JS has evolved and parts of the logic can be built with it. We can say that backenders can do frontend now. In terms of hiring it means, you can hire full stack developers but also JS engineers. Attracting more developers as they love working with JS frameworks such as React on a global level.

Projects are investments which continue over time and expect failures at the beginning. These kinds of projects are more complex than regular Drupal ones, they can fail or go over budget. Learn from your mistakes and share them with your team in retrospectives. It is also very important to celebrate successes!
Clients request decoupled projects to have a faster and cooler experience for users. They need to understand that this is an investment that will pay off in the future.

Finally, fully decoupled Drupal is a trend for big projects and other CMSs are already using decoupled out of the box. Drupal needs to focus on a better editor experience and a better API. There might also be projects that require simple backend edition instead of Drupal.

Hackers automate but the Drupal Community still downloads updates on drupal.org or: Why we need to talk about Auto Updates

By Joe Noll and Hernani Borges de Freitas
Track: Drupal + Technology
Recording and slides

In 2017, 59% of Drupal users were still downloading modules from drupal.org. In other words, more than half of the users didn’t have any automatisation processes to install modules. Knowing that critical security updates were released in the past months and it is only a matter of hours until a website gets potentially hacked, it comes crucial to have a process to automate these updates.
The update can be quite complex and may take time: installing the update, reviewing the changes, deploying on a test environment, testing either automatically or manually and deploying on production. However this process can be simplify with automation in place.

There is a core initiative to support small-to-medium sites owners that usually are not taking care of security updates. The idea is a process to download the code and update sources in the Drupal directory.
For more complex websites, automating the composer workflow with a CI pipeline is recommended. Everytime a security update is released, the developer pushes it manually in the pipeline. The CI system builds an installation containing the security fix within a new branch. This will be deployed automatically to a non-productive environment where tests can be done and build approved. Changes can be merged and deployed on production afterwards.

A schema showing the update strategy through all steps from a CI pipelineUpdate strategy slide by Joe Noll and Hernani Borges de Freitas

To go further, the update_runner module focuses on automatizing the first part by detecting an update and firing up a push for an update job.

Conclusion

Swiss Drupal community members cheering at a restaurantMeeting the Swiss Drupal community, photo by Josef Dabernig, license CC BY-NC-SA 2.0

We are back with fresh ideas, things we are curious to try and learnings from great talks! We joined social events in the evenings too. Therefore we exchanged with other drupalists, in particular with the Swiss Drupal community! This week went so fast. Thank you Drupal Europe organizers for making this event possible!

Header image credits: Official Group Photo Drupal Europe Darmstadt 2018 by Josef Dabernig, license CC BY-NC-SA 2.0.

Oct 28 2018
Oct 28

The American Disability Act (ADA), 1990 provides provisions to secure the rights of specially-abled people. Although, when first passed, it focussed primarily on physical properties, over time it has covered digital spaces too, which means people can take a complaint to the court for discriminating and violating the ADA act. 

Accessibility is a more accepted norm when it comes to physical infrastructure, however, when accessibility translates to the digital space, industries across the web are struggling to answer. Higher education is no exception.

Building entrance with people sitting on stairs and three Harvard flags tucked on four pillars

 

“The National Association of the Deaf in 2015 slapped Harvard University and Massachusetts Institute of Technology in Massachusetts federal court, accusing them of discriminating against deaf and hard-of-hearing people” 

An absence of hard and fast rules to adhere to in the higher education sector often lead institutes to ignore the web accessibility practices. 

Exploring Issues in Higher Ed & the ADA Compliance

Lawsuits can be avoided by following WCAG 2.0. Since web accessibility guidelines and best practices are already clear through WCAG 2.0. 

The ADA Compliance

The ADA not only covers the general non-discriminatory guidelines but also encourages organizations, institutions, and businesses to provide accommodations to people with disabilities so they can have the same level of access to services as everyone else. 

The law was amended later in 2008 to fit the conditions of modern society and include the digital space while broadening the term “disability”.

Since, ADA conforms to other state laws, including section 508 of the Rehabilitation Act and existing WCAG 2.0 guidelines, hence the term - ADA Website Compliance. In January 2017, the federal government adopted the Web Content Accessibility Guidelines, (popular as WCAG 2.0) setting the standards with A and AA level for all websites. 

The Guiding Principles to Web Accessibility - POUR

The WCAG 2.0 consists of 12 guidelines with four arching principles of POUR. These guidelines relate to one simple question: can the users with varying degree of ability ingest the content on your site?

“Just as no ramps would exclude people with a wheelchair, videos without caption exclude people who are hard of hearing.”

Accessibility in higher education should not be restricted only to lectures and videos. In the case of a flash-based campus tour, there should be alt-text for visually impaired people. Accessing content should be intuitive. Making navigation easier needs to be part of the plan. 

Perceivable
Operable
Understandable
Robust

  • Perceivable

The content needs to be presented in different ways, including assistive technologies, without losing its meaning. The easiest way to do so is by providing alt-text for non-text content. The content should be easier to see and hear. 

By no means should the multimedia content be unattainable.  In the case of Harvard and Massachusetts Institute of Technology, the content was not perceivable for the deaf and hard-of-hearing people.

Story of Harvard: Harvard and M.I.T. have extensive free materials online, distributed across platforms like [email protected], MIT OpenCourseWare, YouTube, and iTunesU, edX which offers extensive massive open online courses (MOOCs), free to students around the world. 

The videos either did not include captions or were inaccurately captioned (read unintelligibly) making it inaccessible for people with hearing ability.

"Accessible" means fully and equally accessible to, and independently usable by, differently abled students and faculty members in a way that they can acquire the same information, engage in the same interactions, and enjoy the same services as sighted students and faculty with substantially equivalent ease of use.

This principle ensures that the content is easy to operate upon. Web accessibility issues are not synonymous with visibility issues, as is the popular myth. They are as much a problem for people with hearing disability as for a person with a neurological or cognitive disorder. 

The content on the website needs to be accessible with a keyboard for people with limited motor functions, people with color blindness, and avoiding the use of content and types that cause seizure. 

“People living with reflex epilepsy have seizures that occur in response to a specific stimulus, like flashing lights or by noises.” 
  • Understandable

Is the text readable for people with difference in visual ability? This principle ensures that the content appears and operates in a predictable way. This specifically focuses on the issues related to color contrast. 

Two bad examples of contrast on left with black on yellow vs two good contrast example with yellow on black on right

Accessing content should be intuitive and easy. To disable the pop-up button or going back need not be a time-consuming exercise.  

Atlantic Cape Community College in 2007 was dragged to court by a visually challenged student after the campus and curriculum proved to be a challenge for him. 

Any content - written or multimedia - should be future proof. Efforts should be made to maximize compatibility with current and future user tools. Before the dawn of the 21st century, screen readers were not as popular as they are 18 years later. A decade back even mobile phones were not as ubiquitous. 

Assistive technologies are advancing by leaps and bounds, and your site needs to adapt and step up with upcoming trends in hardware and software tools. In order to keep the content robust, higher ed institutes need to adhere to best practices or lose it the way University of California, Berkeley did.

“In a similar scenario in 2017, The University of California, Berkeley, in response to a Justice Department accessibility order, had two options:

1. Update existing content to comply with accessibility standards.
2. Remove more than 20,000 video and audio files from public view.

They chose the latter, the digital equivalent of boarding up the entrance to a building instead of installing a wheelchair accessible ramp.”

Checklist: Making Higher Ed Institutes ADA Compliant

In its defense, the Harvard University asked the court to propose rules “to provide much-needed guidance in this area”. This is one of the most infuriating aspects of accessibility compliance in higher education – there has been an absence of hard and fast rules to adhere to. Something that echoes the statement of Harvard. 

Logo of Massachusetts Institute of Technology on the top left, Harvard University on the top right, and edX on center bottom


Now that we understand the guiding principles, we are in a better position to deliver a better user experience to all. One thing worth highlighting is - accessibility issues are easier to address before they manifest on your site, not after. 

“It costs significantly less to make a site accessible than it does to procure the lawyer to protect you in an accessibility claim.” 

Under WCAG 2.0 priority levels are assigned to each checkpoint based on its impact on accessibility. These levels were the following:

Priority 1: Conforming to this level will make it possible for one or more groups to access the web content. This is level A.
Priority 2: Conforming to this level will make it easy for one or more groups to access the web content. This is level AA. 
Priority 3: Conforming to this level will make it easier for most of the groups to access the web content. This is level AAA.

Drupal has been powering higher education websites. In fact, it is one of the most-sought-after CMS for higher education institutes. Read Why Drupal Is Your Best Bet For Your Educational Site

Level A Conformance 

  • Provide web pages with titles that describe the topic or purpose of the page.
     
  • Make sure it is navigated in a meaningful manner while providing the options to bypass repeating blocks of content on multiple pages.
     
  • Make sure that the purpose of each link can be determined by the link text alone unless the purpose is ambiguous to all users.
     
  • In case of an input error made by the user, provide text information specifying the item in error and the error itself.
     
  • Provide labels, guidance and instructions, and text alternatives for all non-text content. Controls or input fields must have a name describing their purpose. 
     
  • Information must be accessible to different users in multiple ways, including through assistive technologies (such as screen readers) without losing information. 
     
  • Using colors that convey visual information, distinguishing visual components, indicating actions or prompting for a response.
     
  • Users must have the ability to fully operate the website through a keyboard interface, including the ability to pause and stop any presentation, audio or adjust the volume. 
     
  • Content must not cause seizures. Avoid designing content in a way that is known to cause seizures.
     
  • Compatibility with other user software, like the ones in assistive technologies.

Level AA Conformance - other than those in level A

  • Provide captions for all live audio content. And provide audio descriptions for all pre-recorded video content.
     
  • Text content and images of text must have a contrast ratio of 4.5:1. Content that serves only design purposes have no contrast requirements.
     
  • Enable the user to resize the text up to 200 percent without any assistive technology.
     
  • Use of text over images, whenever possible.
     
  • Provide multiple ways to locate web pages.
     
  • Ensure the keyboard focus indicator visibility through all interfaces.
     
  • Components with the same functionality must be identified consistently.
     
  • Ensure the security of legal and financial data transactions by making them reversible, and giving the user an opportunity to recheck the input data and the confirmation mechanism before finalizing submission.

Level AAA Conformance - other than those in level A and AA

  • Support all pre-recorded audio content with sign language interpretation and provide extended audio descriptions for all prerecorded video content where there’s no opportunity to pause the foreground audio and provide audio descriptions.
     
  • The contrast ratio between text and images must be 7:1. However, text or images which serve only design purposes do not require contrast or alt text.
     
  • Any pre-recorded audio content must provide users with context-sensitive help. In case the audio-content is not a CAPTCHA it should either:
    • must not contain any background sounds
    • or the background sounds can be turned off, 
    • or the background sounds should be at least 20 dB lower than the pre-recorded speech content. 
       
  • Provide users with a mechanism to choose foreground and background colors. With the width of blocks of content must not exceed 80 characters or glyphs.
     
  • Line spacing must be at least 1.5 spaces within paragraphs and paragraph spacing must be at least 1.5 times larger than the line spacing.
     
  • Ensure the text can be adjusted up to 200 percent without the use of assistive technologies. The user does not have to scroll horizontally to read a line of text.
     
  • Allow users to postpone or suppress interruptions, except in the case of emergency.
     
  • Ensure the users can continue their activity without much interference or loss of data after re-authentication in case the authenticated session expires. 
     
  • Include information on the user’s location within a set of pages. Provide supplementary content for identifying definitions of unusual words or phrases, including idioms, abbreviations, and jargon.
     
  • Provide additional content when users require a more advanced education level than lower secondary education (to 9th grade) to understand the content.
     
  • Changes of web content may only be initiated by the user or the user must be provided with a mechanism to turn off such changes.

It is worth noting that web accessibility compliance may not be realistic for all websites depending on the type of content. Drop a mail at [email protected] and connect with us if you are planning to build a user-friendly education website. 

Oct 28 2018
Oct 28

Lando is what the cool kids are using for their local development environments these days. In this episode, I give you a quick introduction to Lando and show you how it can be used to create a Drupal 8 site in less than a minute. I also show you how you can integrate Lando into your workflow if you are hosting your websites on Pantheon.

Are you using or have you tried using Lando yet? What are your thoughts?

Check out the Code Karate Patreon page

Oct 27 2018
Oct 27

If the community is a top priority then resources for organizing DrupalCamps must also be a top priority.

“Together We Create graffiti wall decor” by "My Life Through A Lens" on Unsplash

Community, community and more community. One of the common themes we hear when it comes to evaluating Drupal against other content management systems (CMS), is that the community is made up of over 100,000 highly skilled and passionate developers who contribute code. And in many of these application evaluations, it’s the community, not the software that leads to Drupal winning the bid. We have also heard Dries Buytaert speak about the importance of the community at various DrupalCons and he is quoted on Drupal.org’s getting involved page:

“It’s really the Drupal community and not so much the software that makes the Drupal project what it is. So fostering the Drupal community is actually more important than just managing the code base.” — Dries Buytaert

My First Encounter with the Drupal Community

With this emphasis on community, I tried to think back to how and when I first interacted with the community. Like so many others, my first introduction to Drupal was at a local Meetup. I remember going to this office building in Atlanta and the room was packed with people, plenty of pizza, soda and, of course, laptops. It was a nice relaxed atmosphere where we introduced ourselves and got a chance to know each other a little bit. Then the lights dimmed, the projector turned on and the presentations kicked off, highlighting some new content strategy or a new module that can help layout your content. After that first meetup, I felt energized because until that point, I had never spoken with someone in person about Drupal and it was the first time that I was introduced to Drupal professionals and companies.

Are you interested in attending the first online DrupalCamp Organizers Meeting, on Friday, November 9th at 4:00pm (EST)? RSVP Here.

DrupalCamps Play An Integral Role in Fostering Community

After attending a few meetups, I joined the email list and I received an email announcing DrupalCamp Atlanta was going to be held at Georgia Tech and the call for proposals was now open for session submissions.

2013 DrupalCamp Atlanta photo by Mediacurrent

I purchased a ticket for a mere $30 and added it to my google calendar. On the day of the event, I remember walking in the front door and being blown away by the professionalism of the conference as there were sponsor booths, giveaways, and four concurrent sessions throughout the day. But it wasn’t until I was inside the auditorium during the opening session and saw the 200 or so people pile in that made me realize this Drupal community thing I heard about was for real. Over the next couple of years, I decided that I would attend other camps instead of DrupalCon because the camps were more affordable and less intimidating. My first camp outside of Atlanta was Design4Drupal in Boston, DrupalCamp Charlotte, DrupalCamp Florida and BADCamp were all camps I went to before attending a DrupalCon. All of these camps were top notch but what I really loved is that each camp had their own identity and culture. It’s exactly what I think a community should be and for the very first time, I felt that I was a part of the Drupal community.

Why Establish the DrupalCamp Organizers Council?

As provided in my previous examples, one of the advantages of Drupal comes from the great community and DrupalCamps are an important aspect in fostering this community. Running any event can be challenging, but to pull off a respectable DrupalCamp you have consider so many things such as the website, credit card processing, food, accepting and rejecting sessions, finding a keynote speaker, the afterparty, pre-conference trainings, oh and did I mention the website? You get my drift, it's a lot of work. Many of these tasks just roll off my tongue from past experience so ask yourself;

  • Where can I share my knowledge with other people who organize camps?
  • What if there was some way that all of us DrupalCamp organizers could come together and implement services that make organizing camps easier?
  • How could we provide camp organizers with resources to produce great camps?

During the #AskDries session at DrupalCon Nashville (listen for yourself), Midwest DrupalCamp Organizer Avi Schwab asked Dries the following question;

“... giving the limited funding the Drupal Association has, where should we go in trying to support our smaller local community events?” — Avi Schwab

Dries then responded with:

“That’s a great question. I actually think its a great idea what they (WordCamp) do. Because these camps are a lot of work. ...I think having some sort of central service or lack of a better term, that helps local camp organizers, I think is a fantastic idea, because we could do a lot of things, like have a camp website out of the box, ... we could have all sorts of best practices out of the box .” — Dries Buytaert

DrupalCamp Slack Community was the first time that I was provided a link to a spreadsheet that had the camp history dating back to 2006 and people were adding their target camp dates even if they were just in the planning stages. As a camp organizer I felt connected, I felt empowered to make better decisions and most of all I could just ask everyone, hey, how are you doing this?

Are you interested in attending the first online DrupalCamp Organizers meeting, on Friday, November 9th at 4:00pm (EST)? RSVP Here.

Earlier this year I volunteered for the Drupal Diversity and Inclusion Initiative (DDI) and was inspired when I heard Tara King on the DrupalEasy podcast, talk about how she just created the ddi-contrib channel on the Drupal slack and started hosting meetings. All jazzed up and motivated by that podcast, I reached out to over 20 different camp organizers from various countries and asked them if they would be interested in being on something like this? And if not, would they feel represented if this council existed?

Here are some quotes from Camp Organizers:

“I think a DrupalCamp Organizers Council is a great idea. I would be interested in being a part of such a working group. Just now I’m restraining myself from pouring ideas forth, so I definitely think I’m interested in being a part.”

“I am interested in seeing something that gathers resources from the vast experiences of current/past organizers and provides support to camps.”

“I definitely would appreciate having such a council and taking part. I’ve now helped organize DrupalCamp four times, and this was the first year we were looped into the slack channels for the organizers.”

“I really like the idea — what do we need to do to get this started?”

What are the Next Steps?

Based on the positive feedback and the spike in interest from other camp organizers I have decided to take the plunge and establish our first meeting of DrupalCamp Organizers on Friday, November 9th at 4:00pm (EST). This will be an online Zoom video call to encourage people to use their cameras so we can actually get to know one another.

The agenda is simple:

  • Introductions from all callers, and one thing they would like to see from the council.
  • Brainstorm the list of items the council should be advocating for.
  • Identify procedures for electing people to the Council: ways to nominate, eligibility criteria, Drupal event organizer experience required etc.
  • Outline of a quick strategic plan.
Oct 27 2018
Oct 27

The old adage “united we stand and divided we fall” doesn’t stand true for modern web application architecture. 

When developing an enterprise application, the architecture can reckon among its different features, a monolithic system is deployed with a hope to process the information unruffled without any possible breakups. 

A logical component for corresponding to different functional areas of the application does the monolithic architecture give a smoother ride when the complexity of technology is increasing?

a big fish after a group of small fishes and a group f small fishes in the shape of a fish after the big fish


Monolithic is Boring, while Microservices is Full of Possibilities

With digital transformation on a rise and implications on the entire business operations moving from monolithic to microservices is a paradigm shift on how businesses approach software development. 

Understanding the Monolithic System

A monolithic system is a single-tiered software application in which the user interface and data access code are combined into a single program on a single platform. The multiple components run in the same process, on the same system.

A monolithic architecture is where the multiple layers of the application are tightly coupled together.

Usually, there are three components in a system the user interface, the data access layer, and the data store.

The user interface acts as an entry point of the application varying from the website, web service, or various other entry points.

The second layer is the data access layer which is where the layer of the program will wrap a data store. It handles concerns like authenticating with a data store and sanitizing data before it’ is transmitted to the data store.

The third layer is the database or data store which is the most fundamental part of the system and is responsible for storing arbitrary information (data) and retrieving it. 

one big box on left with an arrow in the middle and 4 small boxes on left

Together these three components make up an application. In the case of a monolithic application, the multiple layers of the application tightly coupled together. 

Limitations of a Monolithic Drupal Architecture

The major problems which affect a monolithic architecture application both from a business and end users perspective are as follows:

  1. Performance Impairment: One of the biggest reasons why people are shifting to monolithic is the heavy lifting it does which eventually impairs the performance. Continuous heavy cron jobs and on-demand computation on page request by the end user affect the speed

    In monolithic, all the calculations & computations are handled by the PHP code. And it hurts the business.
     

    • It becomes hard to maintain with time as any new deployment affects the entire system rendering wider regression a must.
       
    • The performance of pages and content delivery to users suffer due to on-the-fly heavy computation.

      In most cases, if it is difficult to manage monolith, the system is already or may be sitting on an n-tier layered system, however, they are not independent and asynchronous of each other. This is the malady with large Drupal systems.
       

  2. Bad User Experience:  The poor implementation of the presentation layer of a monolithic Drupal website is another major reason for the bad user experience and the underperformance of applications.

    Some of the bad practices in Drupal theme layer which increase the rendering time of pages can be listed as: 
     

    • Database calls also present in the theme layer instead of being in controllers, adding to the page load time.
    • Use of traditional and non-optimized code in Javascript & CSS.
       
  3. Unscalable Drupal Implementation: Drupal is scalable. But the approach used for feature implementation in Drupal is not scalable with monolithic systems. 
     
    • Improper use of third-party applications in the backend coupled with heavy reliance cron jobs can slow down the system. An advanced approach would be to fetch and render the third party API via Drupal.
       
    • Extremely minimal use of multilayer cache mechanism provided by Drupal 8 is the biggest culprit. 
       
  4. Missing DevOps & Automation: Just like continuous integration, delivery, and deployment, DevOps is a newer phenomenon. With a monolithic application on run, the DevOps process won’t allow proper collaboration with bad codes creeping into the architecture resulting in a bad UX. 
     
    • There is no Continous Integration based build process which executes a set of automated quality checks.
    • Regression in the current site is very hectic and costly affair due to lack of automation in code and functional testing.
Boxes on left and right side arranged in a horizontal manner

What are Microservices?

A microservice is a software development technique where the application (monolithic) is broken into sub-services which are loosely coupled together. Each service is independent of the main system. Together they offer value at par with a monolithic system. 

Microservices-based architectures enable easy continuous delivery and continuous deployment

Providing the Benefits of Layered Architecture of Microservices

Here are the reasons “why” microservices needs to be adopted in lieu of the monolithic Drupal are given below: 

  1. Fault Isolation: Since the services run independently failure of one service wouldn’t affect the overall performance of the system as much as it affects in the monolithic. Other services will continue to work which will limit the scope of code to be refactored for resolution.
     
  2. Independent Deployment: Components built as microservices can be broken down into multiple component services so that each of these services can be deployed and redeployed independently with improvements without compromising the integrity of an application.
     
  3. Easy Maintenance: Microservices require more efforts comparatively to build, however, it is a lot less effort when maintaining in the long term and will ensure better performance of the overall system.
     
  4. Easy Modification: Easy to understand since they represent a small piece of functionality, and easy to modify for the developers. This will also increase the autonomy of individual development teams within an organization, as ideas can be implemented and deployed without having to coordinate with a wider IT delivery function.

Read how Microservices are powering Drupal development

Exploring the MicroServices Architecture

The following diagram explains the ideal layering in the application of a Drupal monolithic system:

a flow chart with four blue outlined boxes on left and parallel text on right

 

  • Presentation Layer: This should be a combination of Drupal, and decoupled React apps.
     
  • Aggregation Layer: This should be Drupal being the core of application engaging with microservices and data store layers.
     
  • Business Logic Layer: This should be Node.js based services executing specific tasks.
     
  • Persistence Layer: This should be the primary store of the most important company and produce data. This will engage with Drupal to handle CRUD operations in real time. The will also engage with decoupled React apps on Presentation layer to help them render the data on frontend without any expensive Drupal calls or backend PHP execution.

Steps: How to Plan the Transition and Execution to a Monolithic Architecture

The transition from a present monolithic architecture to the layered microservices architecture can be done in an incremental fashion. Here’s how the plan can be executed:

  1. Identifying the business logic for components like, endorsements, email triggers and all other computation and processes which block the delivery of pages to the end user.
     
  2. Create independent Node.js based services which handle all the logic for the above-identified processes who communicate within themselves via messaging queues and communicate with Drupal via a push-based cronless mechanism.
     
  3. Create a data store. Drupal will push any change in these entities to the cronless mechanism in real time.
     
  4. Use progressively decoupled Drupal for the following purpose limited in its scope.
    For the presentation layer
     
    • For user, role and subscription management system
    • To manage decoupled react based pages and blocks for search which will be powered by independent elastic service.
    • To manage decoupled react based pages/blocks which pull data in a scalable and fast way from the cronless datastore.

      For CMS features like SEO, schema, static pages, CCMS integration etc.
       

  5. Re-Develop the Drupal theme layer to remove all bad practices in current the code base.

Conclusion 

Web applications need to evolve along with the rapid pace of technology and their users. Digital users expect more in terms of better content recommendations, and better ways for accessing websites and data.

As easy as the idea sounds, building microservices is that complex. Streamlining the overall application development lifecycle to boost frequent releases and QA can lead to a far better product. 

This gives a boost when managing a large Drupal system. Contact us at [email protected] to know more about microservices architectures and its value to your organizational setup.

Oct 27 2018
Oct 27

Six years and 9 months... is a relatively long time. Not as long as some things, longer than others. Relative. As is everything.

But Six years and 9 months is the length of time I've been on the board of the Drupal Association.

I was elected to serve on the board by the community in February 2012, and then nominated to serve for another two terms. That second term expires on 31 October. My original candidate statement makes somewhat nostalgic reading now... and it's now that I wonder, what I achieved. If anything?

But that's the wrong question. There's nothing useful to be gained in trying to answer it.

Instead - I want to reflect on what I learned.

I learned something from everyone at that table. Honestly, I never really lost my sense of imposter syndrome, and I'm freely and gleefully willing to admit that.

Cary Gordon - we shared a passion for DrupalCon. That show grew into the incredible event it is because of seeds you sewed. And your experience running big shows, and supporting small community libraries seemed to be the perfect mix for fueling what Drupal needed.

Steve Purkiss - we were elected together! Your passion for cooperatives, for Drupal, and for getting on with it, and making things happen was infectious! Thank you for standing with me in those weird first few months of being in this weird new place, called the board of the Drupal Association!

Pedro Cambra - I wish I'd heed the lesson you taught me more often. Listen carefully. Speak only when there's something important to say, or to make the case for a perspective that's being missed. But also good humour. And Thank you for helping make the election process better, and helping the DA "own" the mechanics.

Morten - brother. I can't even find the words to say. Your passion for Drupal, for theming, and for our community always inspired me. I miss your energy.

Angie "webchick" Byron - mate! I still can't fathom how you did what you do so effortlessly! Well, I know it's not effortless, but you make it look that way. Your ability to cut through noise, sort things out, get things done, and inspire the Drupal masses to greatness is breathtaking.

Matthew Saunders - you made me appreciate the importance of governance from a different perspective. Thank you for the work you did to strengthen our board processes.

Addison Berry - Sorry Addi - this is a bit shameful, but it was the mezcal, tequila and bourbon lessons that really stuck.

Danese Cooper - I was so grateful for your deep wisdom of Open Source, and the twists and turns of the path it's followed over such a long time. Your eye to pragmatism over zealotry, but steadfast in the important principles.

Shyamala Rajaram - Oh Shyamala! I can't believe we only first met at DrupalCon Mumbai, or perhaps it was only the first time, this time! Thank you for teaching us all how important it is for us to be in India, and embrace our global community.

Ryan Szrama - you stepped onto the board at such a tough moment, but you stepped up into the role of community elected Director, and helped make sense out of what was happening. Sorry not to see you in Drupal Europe.

Rob Gill - Running. I didn't learn this. Sorry.

Tiffany Farriss - You're formidable! You taught me the importance of having principles, and sticking to them. And then using them to build a foundation in the bedrock. You do this with such style, and grace, and good humour. I'm so thankful I've had this time with you.

Jeff Walpole - You made me question my assumptions all the time! You made me laugh, and you gave me excellent bourbon. You always had a way of bringing us back to the real world when we waded too deep into the weeds.

Vesa Palmu - So many things - but the one that still resonates, is we should all celebrate failure. We should create ritual around it, and formalise the lessons failure teaches. We all learn so much more from mistakes, than from successes.

Sameer Verna - For a time, we were the only linux users at the table, and then I defected back to MacOS - I still feel a bit guilty about this, I admit. You championed Free Software at every step - but also, so often, guided us through the strategic mumbo jumbo, to get to the point we needed to.

Steve Francia - "It's not as bad as you all seem to think it is" I don't know why, but I hear this mantra, spoken with your voice, whenever I think of you. Thank you for your Keynote in Nashville, and for everything.

Mike Lamb - I've not yet put into practice the lesson I need to learn from you. To switch off. To really go home, and be home, and switch off the world. I need me some of that, after all of this. Thank you so much for all you've done, but more for your positive, real world perspective. Ta!

Annie - I missed your presence in Germany so much - I feel like I've still got so much to learn from you. You bridged the worlds of digital and marketing, and brought much needed perspective to our thinking. Twas an honour to serve with you.

Audra - With you too, I feel like I was only beginning to get into the groove of the wisdom you're bringing to the table. I hope our paths continue to cross, so I can keep learning!

Baddy Sonja Breidert - A powerful lesson - as volunteers, we have to account for the time, passion and energy we borrow from the rest of our lives, when we give it to Drupal. And Drupal needs to properly recognise it too.

Ingo Rübe - You taught me how to have courage to bring big ideas to the table, and show grace in letting them go.

Michel van Velde - You taught me to interrogate my assumptions, with fun, with good humour, and honest intention of doing good.

George Matthes - You taught me the power of questioning the received wisdom from history. You reminded me of the importance of bringing fresh eyes to every challenge.

Adam Goodman - a simple, but important lesson. That leadership is about caring for people.

Suzanne Dergacheva - newly elected, and about to start your term - I had too little chance to learn from you at the board table, but I already learned that you can teach the whole community kindness by giving them carnations! #DrupalThanks to you too. And power to your arms as you take the oars as a community elected director, and help row us forward!

And to all the staff who've served over the years, your dedication to this organisation and community it serves is incredible. You've all made a difference, together, to all of us. Special mentions for four of you...

Kris - from Munich to Vienna - my constant companion, and my dive bar adventure buddy. Til next time there is cheese...

Holly - Inspiring me to knit! Or, more accurately, to wish I could knit better than I can. To knit with conviction! It's a metaphor for so much, but also very very literally. Also I miss you.

Steph - Your vibrant enthusiasm, and commitment to DrupalCon always inspired me. Your advice on food trucks in Portland nourished me.

Megan - where to start? I'd never finish. Kindness, compassion, steely focus, commercial reality, "operational excellence", and cactus margaritas.

I save my penultimate words for Dries... Thank you for having faith in me. Thank you for creating Drupal, and for sharing it with all of us. Also, thank you sharing many interesting kinds of Gin!

These final words are for Tim - as you take the reins of this crazy sleigh ride into the future - I feel like I'm leaving just before the party is really about to kick off.

Go you good thing.

Good bye, so long, and thanks for all the fish.

The DA does amazing work.
If you rely on Drupal, you rely on them.

Please consider becoming a member, or a supporting partner.

Oct 27 2018
Oct 27

October 27, 2018

This article discusses how to use HTTPS for local development if you use Docker and Docker Compose to develop Drupal 7 or Drupal 8 (indeed any other platform as well) projects. We’re assuming you already have a technique to deploy your code to production (either a build step, rsync, etc.).

In this article we will use the Drupal 8 site starterkit, a Docker Compose-based Drupal application that comes with everything you need to build a Drupal site with a few commands; we’ll then discuss how HTTPS works.

If you want to follow along, install and launch the latest version of Docker, make sure ports 80 and 443 are not used locally, and run these commands:

cd ~/Desktop
git clone https://github.com/dcycle/starterkit-drupal8site.git
cd starterkit-drupal8site
./scripts/https-deploy.sh

The script will prompt you for a domain (for example my-website.local) to access your local development environment. You might also be asked for your password if you want the script to add “127.0.0.1 my-website.local” to your /etc/hosts file. (If you do not want to supply your password, you can add that line to /etc/hosts before running ./scripts/https-deploy.sh).

After a few minutes you will be able to access a Drupal environment on http://my-website.local and https://my-website.local. For https, you will need to explicitly accept the certificate in the browser, because it’s self-signed.

Being a security-councious developer, you probably read through ./scripts/https-deploy.sh before running it on your computer. If you haven’t, you are encouraged to do so now, as we will be explaining how it works in this article.

You cannot use Let’s Encrypt locally

I often see questions related to setting up Let’s Encrypt for local development. This is not possible because the idea behind Let’s Encrypt is to certify that you own the domain on which you’re working; because no one uniquely owns localhost, no one can get a certificate for it.

For local development, the Let’s Encrypt folks suggest using trusted, self-signed certificates instead, which is what we are doing in our script.

(If you are interested in setting up Let’s Encrypt for a publicly-available domain, this article is not for you. You might be interested, instead, in Letsencrypt HTTPS for Drupal on Docker and Deploying Letsencrypt with Docker-Compose

Make sure your projects works without https first

So let’s look at how the ./scripts/https-deploy.sh script we used above works.

Let’s start by making sure our project works without https, then add a https access in a separate container.

In our starterkit project, you can run:

./scripts/deploy.sh

At the end of that scripts, you will see something like:

If all went well you can now access your site at:

 => http://0.0.0.0:32780/user/reset/...

Docker is serving our application using a random non-secure port, in this case 32780, and mapping it to port 80 on our container.

If you use Docker Compose for local development, you might have several applications running at the same time on different host ports, all mapped to port 80 on their respective container. At the end of this article you should be able to see each of them on port 443, something like:

The secret to all your local projects sharing port 443 is a reverse proxy container which receives requests to port 443, and indeed port 80 also, and acts as a sort of traffic cop to direct traffic the appropriate container.

That is why your individual projects should not directly use ports 80 and/or 443.

Adding an Nginx proxy container in front of your project’s container

An oft-seen approach to making your project available locally via HTTPS is to fiddle with your Dockerfile, installing openssl, setting up the certificate there; and rebuilding your container. This can work, but I would argue that it has significant drawbacks:

  • If you have several projects running on https port 443 locally, you could only develop one at a time because you only have one 443 port on your host machine.
  • You would need to maintain the SSL portion of your code for each of your projects.
  • It would go against the principle of separation of concerns which makes containers so robust.
  • You would be reinventing the wheel: there’s already a well-maintained Nginx proxy image which does exactly what you want.
  • Your job as a software developer is not to set up SSL.
  • If you decide to deploy your project to production Kubernetes cluster, it would longer makes sense for each of your Apache containers to support SSL.

For all those reasons, we will loosely couple our project with the act of serving it via HTTPS; we’ll leave our project alone and place an Nginx proxy in front of it to deal with the SSL/HTTPS portion of our local deployment.

Local https for one or more running projects

In this example we set up only one starterkit application, but real-world developers often need HTTPS with more than one application. Because you only have one local 443 port for HTTPS, We need a way to differentiate between our running applications.

Our approach will be for each of our projects to have an assigned local domain. This is why the https script we used in our example asked you to choose a domain like starterkit-drupal8.local.

Our script stored this information in the .env file at the root or your project, and also made sure it resolves to localhost in your /etc/hosts file.

Launching the Nginx reverse proxy

To me the terms “proxy” and “reverse proxy” are not intuitive, at least to me. I’ll try to demystify them here.

The term “proxy” means something which represents something else, but it is already widely used to denote a web client being hidden from the user. So, a server might deliver content to a proxy which then delivers it to the end user, thereby hiding the end user from the server.

In our case we want to do the reverse: the client (you) is not placing a proxy in front of it; rather the application is placing a proxy in front of it, thereby hiding the project server from the browser: the browser communicates with Nginx, and Nginx communicates with your project.

Hence, “reverse proxy”.

Our reverse proxy uses a widely used and well-maintained GitHub project. The script you used earlier in this article launched a container based on that image.

Linking the reverse proxy to our application

With our starterkit application running on a random port (something like 32780) and our nginx proxy application running on ports 80 and 443, how are the two linked?

We now need to tell our Nginx proxy that when it receives a request for domain starterkit-drupal8.local, it should display our starterkit application.

There are a few steps to this, most handled by our script:

  • Your docker-compose.yml file should look something like this: it needs to contain the environment variable VIRTUAL_HOST=${VIRTUAL_HOST}. This takes the environment variable from the ./.env file and makes it available inside the container.
  • Our script assumes that your project contains a [./scripts/deploy.sh]((https://github.com/dcycle/starterkit-drupal8site/blob/master/scripts/deploy.sh)) file, which deploys our project to a random, non-secure port.
  • Our script assumes that only the Nginx Proxy container is published on ports 80 and 443, so if these ports are already used by something else, you’ll get an error.
  • Our script appends VIRTUAL_HOST=starterkit-drupal8.local to the ./.env file.
  • Our script attempts to add 127.0.0.1 starterkit-drupal8.local to our /etc/hosts file, which might require a password.
  • Our script finds the network your project is running on locally (all Docker-compose projects run on their own local named network), and gives the reverse proxy accesss to it.

That’s it!

You should now be able to access your project locally with https://starterkit-drupal8.local (port 443) and http://starterkit-drupal8.local (port 08), and apply this technique to any number of Docker Compose projects.

You can copy paste the script to your Docker Compose project at ./scripts/https-deploy.sh if:

  • Your ./docker-compose.yml contains the environment variable VIRTUAL_HOST=${VIRTUAL_HOST};
  • You have a script, ./scripts/deploy.sh, which launches a non-secure version of your application on a random port.

Happy coding!

Please enable JavaScript to view the comments powered by Disqus.

Oct 26 2018
Oct 26

RFF will be measuring the success of the consortium’s website by looking at factors like how the site’s audience grows over time. They hope that the VALUABLES community will use the platform to learn more about the consortium’s activities, access information about the case studies the consortium is completing, and share the tools it is building.

RFF takes an economic lens toward environmental and energy-based issues, highlighting how decisions affect both our environment and our economy. Historically, RFF has played an important role in environmental economics by developing the methods and studies that help policymakers understand the value of things that are hard to value, like clean air and clean water. Now, a few decades later, RFF is working with NASA on this initiative to value information. Work to quantify the societal benefits of Earth observations is important for a number of reasons. For example, it can help demonstrate return on investments in satellites. It can also provide Earth scientists with an effective way to communicate the value of satellite remote sensing work to policymakers and the public.

Oct 26 2018
Oct 26

To get started with decoupling Drupal with Gatsby, check out our previous screencasts here.

In this screencast, I'll be showing you how to automate content deployment. So when you update the content on your Drupal site, it will automatically rebuild/update your Gatsby site on Netlify.

[embedded content]

Download a Transcription of this Screencast

Download Transcription

Oct 26 2018
Oct 26

The Guardian, one of the most trusted news media, took a different approach for their membership and subscriptions apps. Rather than emphasising on lengthy validation in staging environments, The Guardian’s Continuous Deployment pipeline places greater focus on ensuring that the new builds are really working in production. Their objective was to let the developers know that their code has run successfully in the real world instead of just observing green test cases in a sanitised and potentially unrepresentative environment.

Front view of lots of hollow cylindrical pipes stacked on top of each other with a man sitting inside one of the pipes


Thus, The Guardian reduced the amount of testing run pre-deployment and extended the deployment pipeline constituting feedback on tests run against the production site. Such is the significance of utilising a lightweight Continuous Deployment pipeline which has helped a large organisation like The Guardian to focus on production validation instead of a large suite of acceptance tests. Such benefits can be witnessed in the Drupal-based projects as well where Continuous Deployment can allow us to iterate on Drupal web applications at speed.

Read more on the implementation of Continuous Integration and Continuous Delivery with Drupal

A Brief Timeline of Continuous Deployment

Agile Aliiance has stated that the origins of Continuous Deployment can be traced in the early 2000s. In 2002, Kent Beck, creator of Extreme Programming, has mentioned Continuous Deployment in the early discussions (unpublished) of applying Lean ideas to software where undeployed features are seen as inventory. However, it took multiple years for it to be refined and codified.

Later, in the proceedings of Agile 2006 Conference, the first article describing the core of Continuous Deployment - The Deployment Production Line - came into the limelight. Published by Jez Humble, Chris Read and Dan North, it was a codification of the practices of numerous ThoughtWorks UK teams.

By 2009, the practice of Continuous Deployment became well established as can be seen through the article called Continuous Deployment at IMVU by Timothy Fitz. Not only it is beneficial in Agile processes, but its great features can be extracted for methodologies such as a Lean startup or DevOps.

Continuous Deployment in focus

Flowchart showing green and orange coloured boxes to illustrate workflow of Continuous Integration, Continuous Delivery and Continuous DeploymentSource: Atlassian

While Continuous Integration refers to the process of automatically building and testing your software on a regular basis, Continuous Delivery is the logical next step which ensures that your code is always in a release-ready state. The ultimate culmination of this process is the Continuous Deployment.

In Continuous Deployment, every alteration that passes all stages of your production pipeline is released to the customers

In Continuous Deployment, every alteration that passes all stages of your production pipeline is released to the customers with no human intervention and only a failed test will deter a new alteration to be deployed to production. It is a spectacular way to aggrandise the feedback loop with your customers and take pressure off the team as is takes away the so-called ‘release day’ from the equation. It allows the developers to emphasise on creating software and they can see their work going live minutes after they have put in all their efforts on it.

Why Should you Consider Continuous Deployment?

Continuous Deployment benefits both the internal team who are implementing it and the stakeholders in your company.

For internal team

  • Instead of performing a weekly or a monthly release, moving to feature-driven releases enables faster and finer-grained upgrades and helps in debugging and regression detection by only altering one thing at a time.
  • By automating every step of the process, you make it self-documenting and repeatable.
  • By making the deployment to the server fully automated, a repeatable deployment process can be created.
  • By automating the release and deployment process, you can constantly release the ongoing work to the staging and QA servers thereby giving visibility fo the state of development.
Moving to feature-driven releases enables faster and finer-grained upgrades

For stakeholders in the company

  • Instead of waiting for a fixed upgrade window, you can release features when they are ready thereby getting them to the customer faster. As you are constantly releasing to a staging server while developing them, internal customers can see the alterations and take part in the development process.
  • Managers will see the result of work faster and progress will be visible when you release more often
  • If a developer needs a few more hours to make sure that the feature is in perfect working condition, then the feature will go out a few hours later and not when the next release window opens.
  • Sysadmins will not have to perform the releases themselves. Small, discrete feature releases will enable easier detection of the alterations that have affected the system adversely. 

Continuous Deployment Tools

wrench and screwdriver icon


Unit tests and functional tests put the code into as many execution scenarios as possible for predicting its behaviour in production. Unit testing frameworks consist of NUnit, TestNG and RSpec among others.
 
IT automation and configuration management tools like Poppet and Ansible manage code deployment and hosting resource configuration. Tools like Cucumber and Calabash can help in setting up integration and acceptance tools.
 
Monitoring tools like AppDynamics and Splunk can help in tracking and reporting any alterations in application or infrastructure. Performance due to the new code. Management tools like PagerDuty can trigger IT incident response. Monitoring and incident response for Continuous Deployment setups should be to real-time for shortening time to recovery when there are hassles with the code.
 
Rollback capabilities are essential in the deployment toolset to detect any unexpected or undesired effects of new code in production and mitigate them faster. Moreover, canary deployment and sharding, blue/green deployment, feature flags or toggles and other deployment controls can be useful for organisations looking to safeguard against user disruption from Continuous Deployment.
 
Some applications can deploy in containers such as Docker and Kubernetes for isolating updates from the underlying infrastructure.

Continuous Deployment with Drupal

An arrow and a box icon representing settings icon


A digital agency worked with Drupal 8, Composer, Github, Pantheon and CircleCI around Continuous Integration and Deployment. The project involved moving from internal hosting to the cloud (in this case, Pantheon), moving the main sites from Drupal 7 to Drupal 8 and implementing a new design.

To the cloud

Pantheon was chosen as the cloud host for new Drupal sites. Initially, it was chosen for features like ‘Cutom Upstreams’, one-click core updates, simple deployments between development, Test, and Live environments, Multidevs, and the fact that each is a Git repo a heart. Terminus (Pantheon CLI tool) was heavily used and appreciated.

Migration to Drupal 8

It focussed on two main umbrella sites and one news site to serve both umbrella sites. It did a content refresh which showed that only content that needs to be migrated are the news articles. The configuration management of Drupal 8 was found to be nicer than the Drupal 7.

Custom Design

As the Drupal is not the only web platform they were using, instead of building a Drupal theme, they built a platform-agnostic project with a new look and feel. It was based on the Zurb foundation and was just HTML, CSS, and JavaScript.
 
Grunt was used as the build tool. So when they have a new release, they would just commit and push to Github. That triggers a CircleCI workflow which tags a new release and publishes the release artefact as an npm package to Artifactory. From there, npm package can be pulled into any project including Drupal.
 
It should be noted that the published package includes only the CSS, JS, libraries and other assets. After the publishing, a static site is created with the package and corresponding HTML templates on a cloud host as a reference implementation.

Deployment Process

They had an ‘upstream’ repo on Github named umbrella-upstream which is a composer-based Drupal 8 project with a custom install profile comprising of custom modules, package.json, and deploy scripts. Each of the sites (umbrella-site X, umbrella-site Y, etc.) was also in a Github repo as composer-based Drupal 8 project and had umbrella-upstream configured as a remote.
 
When they push an alteration to the upstream repo, a set of CircleCI workflows gets started that runs some Codeception acceptance tests and the alterations get merged from umbrella-upstream down to each umbrella-site X/Y repo.
 
Then, another CircleCI workflow builds, tests and pushes a full Drupal umbrella-site X/Y install to the corresponding Pantheon site X/Y all the way up right to the test environment. Quicksilver hooks were used to send any alterations Pantheon back to the site repos.

Entire Workflow involved:

  • Code alterations and Git commit in custom design repo
  • Npm update custom-design -save-dev, grunt and Git commit in umbrella-upstream repo

Finally, the alterations show up in the Test environment of each site on Pantheon.

Conclusion

It is of paramount importance that you keep iterating and deploy software at speed and with efficacy. Continuous Deployment is a great strategy for software releases wherein code commit that passes automated testing phase is automatically released into the production environment.
 
Drupal deployment can benefit to a great extent through the incorporation of Continuous Deployment in the project development process. The biggest advantage of doing so is that it makes the alterations visible to the application’s users.
 
Opensense Labs is committed towards the provision of wonderful digital experience to the organisations with its suite of services.
 
To make your next Drupal-based project supremely efficacious through the implementation of Continuous Deployment, ping us at [email protected]

Oct 26 2018
Oct 26

Drupal has a great way to provide your website with the latest features and make it more protected against new cyber threats. To achieve this, it constantly evolves to keep with the pulse of the times. You all you need is to regularly update to newly released Drupal versions — and your Drupal support provider could help you with that. However, there is an idea floating in the air about how great it would be to have automatic Drupal core updates. We will explore this issue, with its benefits and challenges, in our blog post.

The need for automatic Drupal core updates

The Drupal community fully understands all wishes of website owners. At DrupalCon Vienna in September 2017, Drupal founder Dries Buytaert gave a presentation about the state of Drupal. He emphasized that complicated updates are one of the reasons that pushes the audience away from Drupal, and that users are asking for auto-updates. The need to automate Drupal core updates became clear — and grew into the special initiative.

Automatic Updates Initiative for Drupal core & its benefits

Automatic Updates Initiative for Drupal core & its benefits

So the Automatic Updates Initiative was created with the main aim to build a secure system that would install core updates automatically. The Initiative is meant to:

  • reduce website maintenance costs and time
  • immediately respond to critical security issues and apply patches
  • free from possible hassle and complexities all website owners who do updates without a development expert
  • and, finally, give the answer to all customers who keep asking why, despite all Drupal’s awesome strengths, it still has no automatic updates. 

The challenges of automatic Drupal core updates

So the idea of automatic updates sounds very lucrative indeed. However, despite the unquestionable benefits, the community also understands that implementing automatic updates for Drupal core meets a number of challenges:

  • automatic updates without human supervision may involve great risks — up to a website crash
  • there is no testing pipeline
  • automatic updates may open opportunities to hackers for mass dependency injections
  • there is no GIT version control, so it’s impossible to roll back if something goes wrong
  • automatic updates will mostly benefit simple websites with no custom modules, otherwise they will require much developers’ attention anyway
  • this idea requires a comprehensive restructuring of Drupal codebase, which means it’s not a near-future innovation
The challenges of automatic Drupal core updates

Considering that Drupal is a very powerful CMS able to handle extremely feature-rich and complex websites, such thing as automatic updates should be approached with caution. 

When it comes to core updates, nothing can replace developer’s hands at the moment. However, the future may change this, because great works are being done in this realm.

Quick core updates already a reality in Drupal 8!

Luckily, automation is not the only way to facilitate core updates. When it comes to Drupal 8, there are already a snap.

A long of work has been put into making Drupal updates and even Drupal upgrades easy forever (upgrades are transfers, for example, from Drupal 8 to 9 in the future). This article by Dries Buytaert explains that this is achieved, in particular, thanks to backwards compatibility between the versions and semantic versioning.

Let’s say, updating an average website from Drupal 8.5.x to 8.6.x will only take half an hour to our Drupal maintenance team. Smaller updates (like Drupal 8.6.0 to 8.6.1) can be done at the snap of a finger. Overall, it will depends on the amount of custom modules. 

By the way, this is yet another reason for Drupal 7 website owners to upgrade to Drupal 8 — for which you can rely on our Drupal website support. Easy upgrades are listed among numerous Drupal 8’s benefits for your business

So your wish about easy Drupal core updates can come true right now!

So do you regard automatic updates as the opportunity to forget about everything and have a good night’s sleep? This wish can come true right now! But you don’t have to wait until the Drupal automatic update feature is finally there and well-tested. 

Rather, this dream will come true if you apply to our Drupal support firm. All our maintenance packages include the watch-out for security updates and their running. We can agree the on following not only security, but any other kinds of updates. 

Let our experts run all Drupal core updates for you — manually, safely, and reliably!

Oct 26 2018
Oct 26

After almost one year, and that $1.6M for a single item we had a couple more (big) sales that are worth talking about.

If you expect this to be a pat on the shoulder kind of post, where I’m talking about some hyped tech stack, sprinkled with the words “you can just”, and “simply” - while describing some incredible success, I can assure you it is not that.

It is, however, also not a “we have completely failed” self reflection.

Like every good story, it’s somewhere in the middle.

The Exciting World of Stamps

Many years ago, when Brice and me founded Gizra, we decided “No gambling, and no porn.” It’s our “Do no evil” equivalent. Along all the life of Gizra we always had at least one entrepreneurial project going on in different fields and areas. On all of them we just lost money. I’m not saying it necessarily as a bad thing - one needs to know how to lose money; but obviously it would be hard to tell it as a good thing.

Even in the beginning days, we knew something that we know also now - as a service provider there’s a very clear glass ceiling. Take the number of developers you have, multiple by your hourly rate, number of working hours, and that’s your your optimal revenue. Reduce at least 15% (and probably way more, unless you are very minded about efficiency) and now you have a realistic revenue. Building websites is a tough market, and it’s never getting easy - but it pays the salaries and all things considered, I think it’s worth it.

While we are blessed with some really fancy clients, and we are already established in the international Drupal & Elm market, we wanted to have a product. I tend to joke that I already know all the pain points of being a service provider, so it’s about time I know also the ones of having a product.

Five years ago Yoav entered our door with the idea of CircuitAuction - a system for auction houses (the “going once… going twice…” type). Yoav was born to a family of stamps collectors and was also a Drupaler. He knew building the system he dreamed of was above his pay grade, so he contacted us.

Boy, did we suck. Not just Gizra. Also Yoav. There was a really good division between us in terms of suckiness. If you think I’m harsh with myself, picture yourself five years ago, and tell yourself what you think of past you.

I won’t go much into the history. Suffice to say that my believe that only on the third rewrite of any application do you start getting it right, was finally put to the test (and proved itself right). Also, important to note that at some point we turned from service provides to partners and now CircuitAuction is owned by Brice, Yoav, and myself. This part will be important when we reach the “Choose your partners right” section.

So the first official sale along with the third version of CircuitAuction happened in Germany at March 2017. I’ve never had a more stressful time at work than the weeks before, and along the sale. I was completely exhausted. If you ever heard me preaching about work life balance, you would probably understand how it took me by surprise the fact that I’ve worked for 16 hours a day, weekdays and weekends, for six weeks straight.

I don’t regret doing so. Or more precisely, I would probably really regret it if we would have failed. But we were equipped with a lot of passion to nail it. But still, when I think of those pre-sale weeks I cringe.

Stamp Collections & Auction Houses 101

Some people, very few (and unfortunately for you the reader, you are probably not one of them) are very, very (very) rich. They are rich to the point that for them, buying a stamp in thousands or hundreds of euros is just not a big deal.

Some people, very few (and unfortunately for you the reader, you are probably not one of them), have stamp collections or just a couple of valuable stamps that they want to sell.

This is where the auction house comes in. They are not the ones that own the stamps. No, an auction house’s reputation is determined by the the two rolodexes they have: the one with the collectors, and the one with the sellers. Privacy and confidentiality, along with honesty, are obviously among the most important traits for the auction house.

So, you might think “They just need to sell a few stamps. How hard can that be?”

Well, there are probably harder things in life, but our path led us here, so this is what we’re dealing with. The thing is that along those five days of a “live sale” there are about 7,000 items (stamps, collections, postcards etc’) that beforehand need to be categorized, arranged, curated and pass an extensive and rigorous workflow (if you would buy these 4 stamp for 74,000 euro, you’d expect it to be carefully handled, right?).

Screenshot of the live auction webapp, built with Elm. A stamp is being sold in real time for lots of Euros!

Now mind you that handling stamps is quite different from coins and they are both completely different from paintings. For the unprofessional eye those are “just” auctions, but when dealing with such expensive items, and such specific niches, each one has different needs and jargon.

We Went Too Far. Maybe.

  • Big stamps sales are a few million euros; but those of coins are of hundreds.
  • The logic for stamp auctions is usually more complex than that of coins.
  • Heinrich Koehler, our current biggest client and one of the most prestige stamps auction houses in the world has an even crazier logic. Emphasis on the crazier. Being such a central auction house, every case that would normally be considered as edge case, manifests itself on every sale.

So, we went with a “poor” vertical (may we all be as poor as this vertical), and with a very complex system. There are a few reasons for that, although only time would tell if was a good bet:

Yoav, our partner, has a lot of personal connections in this market - he literally played as kid or had weekend barbecues with many of the existing players. The auction houses by nature are relying heavily on those relations, so having a foothold in this niche market is an incredible advantage

Grabbing the big player was really hard. Heinrich Koehler requires a lot of care, and enormous amount of development. But once we got there, we have one hell of a bragging right.

There’s also an obvious one that is often not mentioned - we didn’t know better. Only until very late in the process, we never asked those questions, as we were too distracted with chasing the opportunities that were popping.

But the above derails from probably the biggest mistake we did along the years: not building the right thing.

If you are in the tech industry, I would bet you have seen this in one form or another. The manifestation of it is the dreaded “In the end we don’t need it” sentence floating in the air, and a team of developers and project managers face-palming. Developers are cynical for a reason. They have seen this one too many times.

I think that developing something that is only 90% correct is much worse than not developing it at all. When you don’t have a car, you don’t go out of town for a trip. When you do, but it constantly breaks or doesn’t really get you to the point you wanted, you also don’t get to hike, only you are super frustrated at the expense of the misbehaving car, and at the fact that it’s, well, not working.

We were able to prevent that from happening to many of our clients, but fell to the same trap. We assumed some features were needed. We thought we should build it in a certain way. But we didn’t know. We didn’t always have a real use case, and we ended rewriting parts over and over again.

The biggest change, and what has put us on the right path, was when we stopped developing on assumptions, and moved one line of code at a time, only when it was backed up with real use cases. Sounds trivial? It is. Unfortunately, also doing the opposite - “develop by gut feeling” is trivial. I find that it requires more discipline staying on the right path.

Luckily, at some point we have found a superb liaison.

The Liaison, The Partners, and the Art of War

Tobias (Tobi) Huylmans, our liaison, is a person that really influenced for the better and helped shape the product to what it is.

He’s a key person in Heinrich Koehler dealing with just about any aspect of their business. From getting the stamps, describing them, expediting them (i.e. being the professional that gives the seal of approval that the item is genuine), teaching the team how to work with technology, getting every possible complaint from every person nearby, opening issues for us on GitHub, getting filled with pure rage when a feature is not working, getting excited when a feature is working, being the auctioneer at the sale, helping accounting with the bookkeeping, and last, but not least, being a husband and a father.

There are quite a few significant things I’ve learned working with him. The most important is - have someone close the team, that really knows what they are talking about, when it comes to the problem area. That is, I don’t think that his solutions are always the best ones, but he definitely understands the underlying problem.

It’s probably ridiculous how obvious this above resolution is, and yet I suspect we are not the only ones in the world who didn’t grasp it fully. If I’d have to make it an actionable item for any new entrepreneur I’d call it “Don’t start anything unless you have an expert in the field, that is in a daily contact with you.”

Every field has a certain amount of logic, that only when you immerse yourself in it do you really get it. For me personally it took almost four months of daily work to “get it”, when it came to how bids should be allowed to be placed. Your brain might tell you it’s a click of a button, but my code with 40+ different exceptions that can be thrown along a single request is saying differently.

We wouldn’t have gotten there without Tobi. It’s obvious that I have enormous respect for him, but at the same time he can drive me crazy.

I need a calm atmosphere in order to be productive. However, Tobi is all over the place. I can’t blame him - you’ve just read how many things he’s dealing with. But at times of pressure he’s sometimes expecting FOR THINGS TO BE FIXED IMMEDIATELY!!!
You probably get my point. I’m appreciative for all his input, but I need it to be filtered. Luckily me and my partners’ personalities are on slightly different spectrums that are (usually) complimenting each other:

I can code well in short sprints, where the scope is limited. I’m slightly obsessed with clean code and automatic testing, but I can’t hold it for super long periods.

Brice is hardly ever getting stressed and can manage huge scopes. He’s more of a “if it works don’t fix it”, while I have a tendency to want to polish existing (ugly) code when I come across it. His “Pragmatic” level is set all the way to maximum. So while I don’t always agree with his technical decisions, one way or another, the end result is a beast of a system that allows managing huge collections of items, with their history and along with their accounting, invoicing and much more. In short, he delivers.

Yoav’s knows the ins and outs of the auction field. On top of that his patience is only slightly higher than a Hindu cow. One can imagine the amount of pressure he has undergone in those first sales when things were not as smooth as they should have been. I surely would have cracked.

This mix of personalities isn’t something we’re hiding. In fact it’s what allows us to manage this battle field called auctions sales. Sometimes the client needs a good old tender loving care, with a “Yes, we will have it”; sometimes they need to hear a “No, we will not get to it on time” with a calm voice; and sometimes they need to see me about to start foaming from the mouth when I feel our efforts are not appreciated.

Our Stack

Our Elm & Drupal stack is probably quite unique. After almost 4 years with this stack I’m feeling very strongly about the following universal truth:

Elm is absolutely awesome. We would not have had such a stable product with JS in such a short time. I’m not saying others could not do it in JS. I’m saying we couldn’t, and I wouldn’t have wanted to bother to try it. In a way I feel that I have reached a point where I see people writing apps in JS, and can’t understand why they are interacting with that language directly. If there is one technical tip I’d give someone looking into front end and feeling burned by JS is “try Elm.”

Drupal is also really great. But it’s built on a language without a proper type system and a friendly compiler. On any other day I’d tell you how now days I think that’s a really a bad idea. However, I won’t do it today, because we have one big advantage by using Drupal - we master it. This cannot be underestimated: even though we have re-written CircuitAuction “just” three times, in fact we have built with Drupal many (many) other websites and web applications and learned almost everything that can be thought. I am personally very eager to getting Haskell officially into our stack, but business oriented me doesn’t allow it yet. I’m not saying Haskell isn’t right. I’m just saying that for us it’s still hard to justify it over Drupal. Mastery takes many years, and is worth a lot of hours and dollars. I still choose to believe that we’ll get there.

On Investments, Cash Flow, and Marketing

We have a lot of more work ahead of us. I’m not saying it in that extra cheerful and motivated tone one hears in cheesy movies about startups. No, I’m seeing it in the “Shit! We have a lot of more work ahead of us.” tone.
Ok, maybe a bit cheerful, and maybe a bit motivated - but I’m trying to make a point here.

For the first time in our Gizra life we have received a small investment ($0.5M). It’s worth noting that we sought a small investment. One of the advantages of building a product only after we’ve established a steady income is that we can invest some of our revenues in our entrepreneurial projects. But still, we are in our early days, and there is just about only a single way to measure if we’ll be successful or not: will we have many clients.

We now have some money to buy us a few months without worrying about cash flow, but we know the only way to keep telling the CircuitAuction story is by selling. Marketing was done before, but now we’re really stepping on it, in Germany, UK, US and Israel. I’m personally quite optimistic, and I’m really looking forward to the upcoming months, to see for real if our team is as good as I think and hope, and be able to simply say “We deliver.”

Pages

About Drupal Sun

Drupal Sun is an Evolving Web project. It allows you to:

  • Do full-text search on all the articles in Drupal Planet (thanks to Apache Solr)
  • Facet based on tags, author, or feed
  • Flip through articles quickly (with j/k or arrow keys) to find what you're interested in
  • View the entire article text inline, or in the context of the site where it was created

See the blog post at Evolving Web

Evolving Web