Around one in five business leaders indicating that their software budget had increased 50 percent or more over the past three years to support digital transformation projects. However, the increased software development investment has not translated to greater security budgets or awareness of the security risks insecure software introduces: only 50 percent of business leaders surveyed understand the risk that vulnerable software poses to their business, according to Securing the Digital Economy, a report from Veracode ...
DevOps emerged to help organizations improve their software delivery and better address the challenges put on IT by the Business to accelerate software releases. How are technology leaders conducting and directing their business’ DevOps transformation to make sure they’re on the right track?
These Are a Few of My Favorite Things
As you look to scale your DevOps adoption across the organization, you will need to analyze and (re)design your end-to- end software delivery pipeline. When doing this, take a system-wide approach and consider: “How do I scale this across all teams, applications, releases and environments?” – so that everyone can reap the benefits and play a part in the success of DevOps.
For example, software development organizations may not be aware of the entire path their code takes from check-in, through build, testing, deployment across environments, etc. Be sure to interview all the different teams and stakeholders until you have a detailed documentation of your cross-functional pipeline(s), including all the tools, technologies, infrastructures and processes involved.
Next, take a look at the bottlenecks. For example: waiting on VMs, builds, configuration drifts between environments, failed tests, bugs making it to production, failed releases, errors or lags due to manual handoffs between teams or tools.
As your organization redesigns its software delivery pipelines to eliminate friction points, here are some of my favorite things to consider on your journey – in order to strengthen your DevOps practices that support stability and scalability:
■ Make it a priority to orchestrate and automate the entire software delivery pipeline.
■ Ensure security access controls and approval gates at critical points along the software delivery process.
■ Incorporate security and compliance tests as part of your DevOps processes to ensure code is checked as it is promoted through the pipeline and into production.
■ Guarantee visibility and auditability so there is real-time reporting of the state of each task along the software delivery process and a record of exactly who did what/where/when.
■ Standardize on toolchains, technology and processes to normalize your software delivery pipelines to allow reusability across teams and applications.
■ Do this, while enabling extensibility and flexibility to support different needs across various teams or variants of the application.
■ Make sure to support bi-modal IT, enabling traditional release practices and support for legacy apps, as well as more modern container/microservices architectures and CD pipelines.
■ Support both linear release pipelines, as well as complex releases that require coordination of many inter-dependent applications and components into many environments.
■ Future-proof your solutions to make them flexible enough to be able to plug-in any new technology stack, tool, or processes as the needs arise.
■ When scaling, make sure your initial design and implementation can support the velocity that your expect across the organization.
■ Address the problem of onboarding not just one, but thousands of applications into a software delivery pipeline.
How Do You Hold a Moonbeam in Your Hand?
The biggest issues IT professionals face today are the very challenges that DevOps aims to alleviate. The fact is, enterprises need to adapt the way they serve their customers at scale. As you adopt DevOps and continue to optimize your processes, you’ll find that you are adjusting – and evolving – your practices to foster the right environment for success. You’ll do this along the lines of culture and leadership and organizational design, processes and technologies, compliance checks and balances, and more.
In this second act, DevOps is an enterprise-wide mindset. While speed and innovation are still as important as ever, companies cannot sacrifice control, visibility and compliance – which are vital to the long-term health of the organization. And balancing speed and risk is what DevOps is all about.
Taking an end-to-end approach to DevOps requires more initial planning and taking all stakeholder’s needs and processes into account, but it saves a lot of time, effort and duplicated work in the long run, and gives organizations confidence as code is being promoted through the Pipeline. The song that needs to be sung now resonates further – it has a larger choir, larger orchestra, and a bigger impact!