Four Key Takeaways from SUGCON Europe 2018

It was the ultimate meeting of Sitecore enthusiasts. The Sitecore User Group Conference (SUGCON) Europe 2018 conference was held in Berlin on April 23-24 with two jam-packed days of learning, networking and fun. I had the pleasure to attend as a speaker this year. I attended many sessions and had the opportunity to meet and make many friends from the Sitecore community. Here are my 4 takeaways:

#1 The aligned release cycle will change updates as we know it.

Sitecore announced a new release cycle during the opening keynote. From now on, all their products will be released at the same time twice a year. This means no more optional module lagging behind. The Sitecore Experience Management and Sitecore Experience Platform products, SXA, Experience Commerce, JSS, WFFM, and all other modules will have a new major or minor version. This also includes documentation and training courses updates.

For update revisions, Sitecore will release them anytime when needed. Update revisions will never include breaking changes anymore, a huge boon for Sitecore customers. In the past, Sitecore sometimes added breaking changes into updates, which had the potential to break solutions when the update was completed. With this announcement, Sitecore customers no longer have to worry about installing updates and there’s no excuse to not stay on top of bug fixes. Plus, Sitecore customers who are working with an implementation partner will have an easier time planning and budgeting to do the upgrade because there is no more risk of having to pay for additional development hours to fix the breaking changes.

#2 Architecture, Roles, Scaling and DevOps – oh my!

This year’s main topic was no doubt architecture. With Sitecore 9 and Sitecore Experience Commerce roles, architecture is more complex than before.

With previous versions of Sitecore, only one install package was available. It had everything you needed to run any combination of Sitecore role on a server. If you needed a content delivery or a processing instance, then you installed that same package and had to enable and disable many configuration files. With Sitecore 9, this disappears in favor of role-based installation to split roles across different servers. This is great for cloud deployments, where these roles can be scaled out. Hopefully there are tools like the Sitecore Install Framework (SIF) to help orchestrate everything.

Thanks to Jason St-Cyr and Thomas Eldblom clarity and dynamism on the main stage, we now better understand how those roles interact with each other, how the data flows between them, and how to scale them up and out. No need to say that scaling is way easier when hosting in Microsoft Azure.

The community speakers were also presenting very interesting ideas like the Sitecore Install Extensions (SIX) and Sitecore Install Platform (SIP).

With this added complexity, projects are becoming harder to deploy as well. Developers have the desire to automate those tasks. DevOps was a very popular topic with no less than 4 presentations about Visual Studio Team Services (VSTS), NuGet, AppVeyor, and Docker.

My talk was one of those. I spoke about continuous integration and delivery using the online service AppVeyor. I explained its basics and showed how flexible it was to adapt to any project. I also demoed the complete loop using Sitecore Habitat: Changes in the development environment, commit, push, build, unit tests, and deployment on a staging environment.

If you have not watched the Architecture and Scaling video series yet, take a moment to do so. They are short and concise videos explaining the roles and their links for Sitecore Experience Management, Sitecore Experience Platform, and Sitecore Experience Commerce.

#3 Security was a big concern this year.

Mikkel Rømer attracted a record number of attendees to its White Hat Hacker’s Guide to the Internet presentation. All the seats were taken and people were bringing extra chairs to attend. His talk was eye opening on the all easy exploitable attack vectors Sitecore website implementations can have. From unpatched publicly disclosed vulnerabilities to available login page with the default credentials on content delivery servers, we learned the guidelines of what to check.

He suggests every project to have post-deployment checks for known or possible vulnerabilities. That way, a simple change cannot create unwanted security issues. I know many people who will double-check their implementations very soon!

For more information, I highly recommend these two resources:

• Sitecore Security Hardening Guide
• Community-maintained Sitecore Security Hardening Checklist

#4 Farewell to some major contributors!

Shortly before the event, we learned that Alex Shyba, Todd Mitchell, and Lars Petersen were leaving the mothership to start their own Sitecore consultancy company named Altola. Just after the event, Thomas Eldblom also announced its departure to return on the side of the Sitecore community.

These 4 stars brought so much to Sitecore in the last 10 years. Seeing them leaving makes me worry about the value of innovation at Sitecore. Will they continue to innovate at the same pace?

One thing for sure, they will all continue to work with Sitecore, so they still trust and see Sitecore as a leader in the market.

This edition of SUGCON was really interesting and I am honored to have attended. It was very well organized as well. Everything was perfect, from the location to the sessions, the food and the drinks. Special thank you to the Sitecore community for organizing this event! Hope to see all my old and new friends next year in London, UK from April 4th to 5th.

What did you take away from SUGCON this year? I’d love to hear your thoughts – find me on Twitter @jflh or Slack @jflheureux!