From keeping grocery stores stocked with food, to sourcing components for the latest consumer gadgets, to delivering those gadgets to your doorstep, supply chains make the world go round. And behind those supply chains is Blue Yonder. The Scottsdale, Arizona-based company makes digital supply chain management software to help clients around the world deliver products to their customers more efficiently. With the rise of e-commerce, ever-changing global trade patterns, and of course a global pandemic, Blue Yonder and its customers have their work cut out for them. It’s little wonder then that Blue Yonder has focused on optimizing its own software development processes—its code supply chain.
In 2020, Blue Yonder switched from self-hosted installations of Bitbucket to cloud hosted GitHub Enterprise as part of a broader cloud transformation initiative. “We’re a supply chain optimization company,” Blue Yonder senior principal software engineer Gabriel Kohen says. “That’s where I want to focus our team’s time. I don’t want to focus it on managing servers or anything else.”
Blue Yonder senior project director Jennifer Ricks says GitHub met their legal and security requirements for a cloud-based code repository better than other vendors. For example, Ricks says GitHub gives them better visibility and control of user permissions and access controls than their previous solution.
But even though Blue Yonder initially only thought of GitHub as a code management tool, it soon became a core part of their development process. Automation and CI/CD play a big role at Blue Yonder. “We have a slogan on our team: don’t let a human do a machine’s job. GitHub helps us achieve that,” Kohen says.
We have a slogan on our team: don’t let a human do a machine’s job. GitHub helps us achieve that
Historically, Blue Yonder has operated Jenkins servers internally for CI/CD. But the capacity of these servers is non-elastic and limited, which causes problems when lots of developers try to commit code at the same time. Blue Yonder runs two-week code sprints with review and demos at the end. “If there was a demo on Tuesday, Jenkins would clog on Monday as everybody tried to get their new features in,” Kohen explains. “People sometimes might wait for hours to get their job running.”
That’s not a problem with GitHub Actions since developers can run unlimited numbers of Actions in parallel. “I don’t have to think about capacity anymore,” Kohen says.
Blue Yonder tried moving some instances of Jenkins to managed cloud services, which would have helped with the capacity issues. But maintaining CI/CD instances, even in the cloud, still left many hidden operational costs that don’t exist in GitHub.
Some projects at Blue Yonder still use Jenkins, but all new projects rely primarily on GitHub for CI/CD. Kohen says that when the team needs additional features to meet their requirements, Actions makes it easy to build a custom solution, or find one pre-built via the marketplace. For example, the team created an Action that could automatically push code to QA or production based on comments in the commit in a GitOps fashion.
Thanks to Blue Yonder’s GitHub-based CI/CD workflow, it takes about 30 minutes to deploy using the API and automation, something that previously took an entire day’s worth of work. They now do around 100 deploys a week, up from about 10.
GitHub’s automation tools aren’t just helping Blue Yonder deploy code faster. It’s also securing Blue Yonder’s supply chain software by rooting out vulnerabilities and helping the company fix them before they can be exploited in production. Kohen says using GitHub Code QL for automated static application security testing (SAST) is making their code not only more secure, but higher quality as well. Kohen says false positives are a big problem with other SAST products they use. “What we liked about CodeQL is that we didn’t see a lot of false positives,” Kohen says. “I didn’t find false negatives yet either. It also makes recommendations for best practices in code. It goes beyond just security, which is really cool.”
The result of these speedy deploys combined with automated code scanning is that developers get feedback quickly, which in turn helps them make their applications better. “Developers can respond to bugs, vulnerabilities, and customer requests, much faster,” Kohen says. “We wouldn’t have these tight feedback loops without GitHub.”
Besides the technical benefits, GitHub also makes onboarding new employees faster and easier. Kohen says that with GitHub, new hires can be productive and deploying code in as little as 36 hours. Before, it could take up to two weeks for new developers to ship their first code.
Kohen says part of that is GitHub’s ease of use. But another big part of it is familiarity. GitHub is the biggest host of open source repositories in the world, so many developers already know how to use it when they join the company. It requires less training to get those developers up to speed.
Indeed, today many developers see their open source contributions on GitHub as their résumé. That’s also a boon for Blue Yonder’s hiring process. “It helps me see how serious a person is,” Kohen says. “For example, automated testing is paramount for my team so I like to see whether someone writes tests. I think it says a lot about how you write code.”
Blue Yonder doesn’t just look for developers who contribute to open source outside of work. The company has been ramping up its contributions to open source in recent years, particularly through contributions in the Python community, including their database access module Turbodbc and their time series extraction tool Tsfresh. “People like to be recognized for their craft,” Kohen says. “Open source is a way to demonstrate what you’ve been doing in your career.” Additionally, it’s an important part of building software more efficiently. “I personally think open source makes your software better and more secure,” Kohen says. “When you write something for only one customer, or for yourself, it’s less tested. When you put something out there and it’s free for anyone to use, you’ll have people pointing out bugs and issues. With open source, you get more users and therefore more testing and more confidence.”
Blue Yonder is applying open source ideas internally as well. In the spirit of DevOps organizational wide learning, every employee has read access to all the company’s repos. That makes it easier for developers to take advantage of solutions to problems that other developers in the company have already solved. And they can help make those software solutions better. “Any employee can create pull requests,” Kohen says. “Anybody can shamelessly use anyone else’s ideas. And in the end, we are all better for it.”
Brett Cannon made his first open source contribution more than 15 years ago. Now a Software Engineer at Microsoft, he’s still a core contributor to Python, a project he has contributed to for more than a decade.
Start collaborating with your team on GitHub
Advanced collaboration for
individuals and organizations
* Discounted pricing is for new yearly customers paying with credit cards or PayPal. After first year, price is subject to change. GitHub will send you a notification email at least 30 days in advance of any price change.
and flexible deployment
Want to use GitHub on your own? Check out our plans for individuals