Around one in five business leaders indicating that their software budget had increased 50 percent or more over the past three years to support digital transformation projects. However, the increased software development investment has not translated to greater security budgets or awareness of the security risks insecure software introduces: only 50 percent of business leaders surveyed understand the risk that vulnerable software poses to their business, according to Securing the Digital Economy, a report from Veracode ...
Since the start of this decade, Agile development patterns such as Extreme Programming (XP), Scrum and Feature-Driven Development (FDD) have been all the rage. That shift has led to massive gains in developer productivity, resulting in more applications and associated updates being delivered at increasingly faster rates. The increased volume of sheer code being moved into production environments has fostered the rise of a new approaches to managing the roll out of applications based on the principles of Continuous Integration and Continuous Delivery (CI/CD).
As part of that process, IT operations teams have embraced a plethora of technologies, ranging from open source CI tools like Jenkins, to IT automation frameworks like Puppet Labs. CI tools ensure the consistent building of application code based on developer changes, while infrastructure as code tools are employed to programmatically and consistently provision IT infrastructure.
The problem that many IT operations teams now encounter is that all these tools are not especially well integrated, which results in limited visibility into the overall application development pipeline. More applications are being built and deployed faster than ever. And more often than not, individual development teams are choosing their tools to deliver their application changes. But overall, there's not much in the way of real governance being applied to how applications are being released into production, to which team and on what schedule.
IT leaders need to be able to manage application development at scale using a factory metaphor that requires lots of instrumentation. The challenge is that, in the case of applications, the actual products being manufactured consist of as much art and craft as they do science. Optimizing the application release cycle requires adding a layer of software abstraction above and around the application development process that serves to make the overall process more efficient without adding more friction.
Application Release Automation Brings Scale and Speed
Stepping into the void is a new category of application release automation (ARA) tools that provide the framework required for managing the roll out applications at unprecedented levels of scale and speed. Application release automation frameworks provide hooks into all the products and services that make up the application development and release process. IT operations teams not only gain access to dashboards that enable them to precisely determine the status of any application development project, they can model those processes in a way that drives a desired set of best practices. In effect, application development and operations teams can now orchestrate the entire application development process on an end-to-end basis to drive development of higher-quality applications faster than ever before.
Historically, the core challenge many IT teams face when trying to implement such an application pipeline process is that it's not feasible to force a development team or IT manager to use a specific set of tools. Each developer and IT manager has their favorite set. Retraining them to use another only generates resentment and lost productivity.
Rather than trying to overcome that resistance, IT operations teams need to be able to impose order from above in a way that creates as little disruption as possible. A modern approach to application release automation requires flexibility. The days when IT leaders could impose highly-structured approaches to building and deploying applications are long over. Each team has its own core skill set that needs to be incorporated into the greater application release management process.
The good news is that most modern tools are based on open interfaces that make it simpler to gather data in a way that is unobtrusive. Instead of requiring everyone in the process to fill out reports that take away time from their core job function, a modern application release management platform automatically gathers all the relevant data based on the information surfaced up through multiple application programming interfaces (APIs). That data is then organized via a series of dashboards that enable everyone in the IT operation teams to see the status of any given project at a glance.
A New Era of Release Management
In effect, the days when project managers needed to directly interrogate or harass developers and IT managers for updates are part of a bygone era. So too are those nasty surprises that occur any time an application development project falls behind schedule with little to no warning. IT operations teams will be informed of any potential issue likely to adversely impact the application development pipeline as it happens. That not only provides peace of mind for everyone involved, it ultimately results in better applications being developed and deployed faster every step of the way.
Derek Langone is CEO of XebiaLabs.