SCM (Software Configuration Management) doesn’t just refer to version control for the software you’re building. It also means controlling the versions of software you depend on. This includes operating system and programming runtimes. Sometimes even minor version differences can cause issues in running your software. I have two example stories to share:
- One of our clients asked us for help with an upgrade their production servers from CentOS 6.4 to 6.9. It was supposed to be a straightforward yum upgrade, which meant of course there would be a problem. The problem turned out to be one of the SOAP calls to a third-party service. After a bunch of retries and log checking, we found that OpenSSL was complaining that the third party’s certificate didn’t have enough bits in the Diffie-Hellman (DH) parameters. Complaining to the third party would have taken forever, so we had to find a workaround ourselves. I had previously been told that OpenSSL was the same version before and after the upgrade, but after we did our own checking, we found that there was a minor version difference. That led to a lot of searching until I managed to find release notes from Red Hat (which was upstream of CentOS). The release notes linked us to this bug which gave us the workaround we needed.
- I had been working on a Python script that would fetch JSON from an external URL and process it. Local dev environment was running Python 3.6. Everything worked well. When I went to deploy it to my server, I found that my host only supported Python 3.5. I was like surely there wouldn’t be a problem, so of course there was. It turns out the json load functions added support for binary inputs in 3.6, which I had been using all this time. I ended up using a codecs workaround from this Stackoverflow post which happened to work well in both versions.