Sonatype Introduces Next Generation Dependency Management | Press Release

blog-logo Sonatype Blog

Nexus Innovator: David Radford-Grant of Achievers

January 16, 2020 By Katie McCaskey

Everyone knows that when the boss is happy, you’re happy.

0David Radford-Grant knows more about this than the average person, and for good reason. He is someone with a unique view into employee moods and behavior. That’s because, as Manager of DevOps Engineering at Achievers, he builds and refines an employee recognition and engagement platform that helps employees earn kudos from their bosses and build careers.

And just like the rest of us, David has a boss to keep happy, too.

Before he saved the day -- and his boss untold time, money, and frustration -- David was embracing DevOps, an approach some considered radical in its early years.

Discovering DevOps and Sonatype Nexus

“I'd say in 2012 was when I was first really exposed to a CI/CD and the underpinnings of DevOps. It just sort of grew from there. By the end of 2014 I was spearheading the DevOps evolution at work,” he says, recalling his time at Shoppers Drug Mart, Canada’s biggest drugstore chain.

He quickly found and implemented Sonatype’s Nexus Repository.

“I put Nexus in place as part of a whole pipeline solution for one of [Shoppers Drug Mart’s] flagship products. I was using it at that time, initially, for proxying the Java libraries that they were importing from the internet and it just worked right out of the box. It integrated with the Mercurial instances we had set up, and with the Jenkins I had set up. It was just a dream to work with. Nexus was so easy, so well laid out, so well-documented, and lots of use cases from people out there using it,” he recalls.

Instead of failing to meet expectations, Nexus exceeded them. “I never had a problem with it. It integrated with our active directory, no problems. A backup was no problem. It was just a really solid, wonderful product and the upgrades were seamless and painless. Never had a problem with that. It was exactly what I needed as a systems integrator. The product did exactly what it's supposed to do. If there was an issue it's because I didn't read properly, and I have no problems with that.”

He adds: “I think that's the way products should work across the board.”

Unfortunately, that’s not always the case with all products. He learned this soon after his move to Achievers.

His Boss Gets ‘Hopping Mad’

Early on, there was trouble. Not with his team or his boss or with Nexus, but with the company’s software composition analysis tool.

Not once, but twice, during David’s first four months the software composition analysis tool wiped all the platform’s user permissions. This forced his team to scramble and reestablish the connections without disrupting Achievers' customers. He discovered this was an intermittent issue.

There were a few more problems. One was the licensing model. The tool didn't give Achievers any useful amount of technical support. This struck David as being unreasonable. “That was significant,” he says. “A question mark in my mind is like, ‘Well, why would you buy something without support?’"

Incredulously, support was available -- if his boss agreed to pay 10x more to ensure “high availability” (HA) uptime.

“So when they heard that number I said, ‘Well let me go look around’" says David. He knew he could count on Nexus but wasn’t sure how that would work in his new company’s budget.

“My personal favorite is Nexus because I've been using it for many years and I've never, ever had a problem with it and I've put it through so many hideous circumstances,” he says, chuckling. Few compliments are as sweet as the ones earned from destruction-oriented engineers.

“So when I got the initial pricing, went back to my director and said, ‘If we switched products to this [Sonatype Nexus Pro], this problem goes away, support is there, and HA is included.’ And he said, ‘Sold.’”

Soon after, David was onboarding his favorite platform at Achievers. His boss was pretty happy, too: no more intermittent outages and no more exorbitant pricing to get adequate support service.

Achieving More in 2020

David’s mission for the year ahead involves demonstrating the value of additional DevOps practices. He also plans to introduce more team members to the real-time benefits of the Nexus platform.

“By putting security in the hands of the developers, everybody is better off,” David says. “But it is a paradigm shift for a lot of people. For some people it's very painful. Fortunately the people that I'm working with here are much, much younger than me, so they're a little more open to these new ideas and new ways of doing things.”

He continues to challenge himself and his team to shift left. “I want to push as much to the left as I humanly can right now,” he says. “My goal next year is to get everything right next to the developer, if not accessible from their desktops.

“I’m working with my superiors to get things like SonarLint on developers’ desktops, where I'm giving them all the tools they could possibly ever use. When they do their first commit to the master branches, the code is as clean as any human can make it.” (The Nexus Chrome extension is a companion tool to Nexus that sits right in the browser.)

In the works for Achievers is developing a Software BIll of Materials (SBOM) process for one of the company’s products. David explains there are ongoing reporting needs. The SBOM will help inventory and monitor any open source components in his software supply chain.

“Having that bill of materials will be awesome and by having it, the whole security aspect of the pipeline in place, to me is as close to compliance as code because I'll be able to enforce it through the pipelines. It's just the ideal scenario as far as I'm concerned.”

Ultimately, it all circles back to the collaborative aspect of DevOps. This approach to software manufacturing yields more effective teams and better software results. David says of the DevOps approach: “I've done a few things that [the team] all raise their eyebrows at, but at the end of the day they're like, ‘Oh, that works out much better.’” He sees making developers’ lives easier and better central to his managerial role.

“This [security emphasis] is not to put their work down. It's to elevate it to new heights they never could have had before. Once they start seeing that, there's no issues at all.” The Nexus platform facilitates these cultural shifts by illuminating all parts of the pipeline.

Luckily, his bosses agree.

“We got a new CTO who is only a little bit older than I am. He and I have very similar experiences. So we actually have very similar goals. He's behind all this as well, of uniting as one big team instead of a whole bunch of small fragmented teams.”

With that, the Achievers team expects great success ahead.

Tags: devops best practices, Nexus Repository, Nexus Repository Pro, featured, News and Views, Customer Stories, Nexus Innovators

Written by Katie McCaskey

Katie is an experienced technology writer and entrepreneur. At Sonatype, she's focused on creating and finding great content.