Sunday, 7 February 2021

Sprints 21 & 22 Going Live with V1

Presentation to Committee

On the 17th Novemember, I made a presentation to the committee of Tower Hamlets Canoe Club (THCC).  The purpose of the presentation was less of a demonstration of the application itself (the committee members had already seen the application during trialling) and more about values and motivators behind it.

BoatTrippy will always be an application that aims to make the administration side of organising club and private boating activities easier for the club members.  If it doesn't meet this aim, we need to understand why and make the application easier to use.  The tagline for the presentation was 'less admin, more fun'!

The presentation content was an 'overview' of the following areas:

  • Scope of the application - what it does (an what it it doesn't and shouldn't)
  • What is the Minimum Viable Product (MVP) and what have we developed
  • What next.  Going Live.
  • Support & Maintenance.  Low maintenance approach.
  • The future of BoatTrippy.  What new features could be added?

Deployment into THCC Subscription - We're Live!!

On 7th December, we (myself, the THCC webmaster and treasurer) created the new THCC Azure subscription and deployed the application to the subscription.  The responsibilities are now:

  • Treasurer is responsible for the Azure billing
  • Webmaster is responsible for administration oft he subscription and the availability of the app
Security

During this period, I have been learning more about web application security.  I've been working through some of the content on the OWASP site including working through the vulnerabilities in the Juice Shop App.  One area I applied to BoatTrippy was to resolve known vulnerabilities in the open source dependencies.  These were mostly in the development dependencies, but still needed to be resolved.

Monitoring And Alerts

Three monitoring alerts were added to a the application:

  • Availability Test -  This checks that the application can be loaded every 5 minutes from 5 different locations globally.  This has a nice side effect that the application is kept alive on the server, so will load almost instantly at any time.
  • Health Alerts -  This notifies if any of the Azure services that are used by the application are affected by down-time
  • Failure Anomalies -  This checks the application insights and looks for exceptions and other events that would indicate that the application had failed.
Notifications are sent by email to the users in the notification group.  Currently, this group just contains me, but once the application has been used for a while and can confirm that we are not getting too many false positives, the webmaster and others could be added.