Steps You Should Be Automating in the SDLC - Part 2
November 06, 2018

DEVOPSdigest asked experts from across the IT industry for their opinions on what steps in the SDLC should be automated. Part 2 covers the coding process.

Start with Steps You Should Be Automating in the SDLC - Part 1

CODING

Companies should automate development as much as possible without compromising security. Key to this is reducing the amount of manual coding through low-code platforms, or eliminating it entirely with a no-code system.
Colin Earl
CEO, Agiloft

Automation has permeated many aspects of the software development life cycle. You need infrastructure? Operating systems? Applications? No problem — all it takes is the click of a button. Testing? Deployment? Monitoring? Plenty of automation going on there also. But what about that large bit in the middle — the development. Most organizations still write code by hand and this is biggest opportunity when we're talking about automation. Low-code or high-productivity platforms help organizations bring automation to this, the most significant part of the SDLC, through a visual assembly approach to development. This isn't about replacing developers. This is automation to empower developers to do more — to focus on delivering business value instead of the syntax of a language that, in a few years, will probably be considered "legacy technology."
Mike Hughes
Principal Platform Evangelist, OutSystems

CODE CHECK IN AND CHECK OUT

As part of your DevOps process, an area that would benefit from automation: Code check in and check out process to eliminate circumventing critical tests and steps in the CICD pipeline.
Jeanne Morain
Author and Strategist, iSpeak Cloud

FIXING ERRORS

The bureaucratic toil associated with large-scale software efforts should be fully automated. Adherence to policy and governance practices is important for scaling software development, but it often results in a lot of toil for human developers. This toil — fixing small errors detected by linters, almost-but-not-quite adhering to the style guide — is the kind of thing that is tedious to do manually. It adds friction to development, which slows things down. It's important, but not urgent, so it tends to get put off unless you have super-human levels of discipline.We have robots to vacuum the lint off our floors, so why not do the same thing with the codebase? Automated repairs of common errors are like Roombas for code: they keep things clean so developers are free to work on other, more interesting, tasks.
Ryan Day
Co-Founder and COO, Atomist

THE BUILD

The most straightforward and valuable area to automate is the build, deploy. These tasks provide the greatest opportunity to remove waste and also highlight potential friction points when deploying into production. Removing people from these activities not only increases quality but improves the architecture by shining a spotlight on the way in which the software is constructed. Great way to test this automation is to get EVERYONE in the team to do the build and NOT leave it to a single person, or small group. That would ensure that the kick off process is simple, documented and with luck transparent to everyone.
Dave West
CEO and Product Owner, Scrum.org

DevOps groups should seek to automate processes that eliminate "spaghetti code" that agile programming is supposed to address in the code-building practice itself. Lack of standardized workflows can slow down the overall development process with bad check-ins, integration errors and Q/A out of sync with production. To begin with, they should automate the multitude of objects, packages and pieces of code that need to stay working together.
Steve Garrison
VP Marketing, ZeroStack

API MANAGEMENT

Automating the API management process will help developers increase their velocity of pushing out new API releases as well as streamline access to partner API clients. Developers should look to API automation for creating or importing their own API definitions when rapid releases are demanded. Developers should choose an API gateway that can effortlessly scale with their business needs as well snap into their existing DevOps workflow.
Nick Tran
VP, Developer Relations, Akamai

When an API signature changes, or an API version is retired, the application could become unstable or lose functionality. Implementing automated identification of API dependencies and monitoring for changes in signature and availability help insulate from API contract issues. When coupled with an understanding of data flowing to and from the API, supporting increasingly complex data management and privacy regulations becomes simpler.
Tim Mackey
Technology Evangelist, Synopsys

APPLICATION WORKFLOW

Companies should automate testing of workflows, making sure these processes function properly and nothing is broken or missed when the code comes together.
Anand Subramanian
SVP of Delivery, Ness

One area getting more focus from DevOps teams is automating and orchestrating the workflows that actually run the application in the operational stage. Too often application workflow orchestration is still being done right before release to production. This typically causes a fire-drill because the workflows were not tested with the rest of the code through the earlier phases. DevOps teams are now adopting a Jobs-as-Code approach that simply adds application workflow instrumentation as a code artifact with the business logic. This means one complete code set flows through the full CI/CD automation pipeline and is ready for production, with automation and orchestration governance already built it. Avoiding the fire-drill means DevOps teams avoid unplanned rework and deliver the business service into production faster.
Gur Steif
President, Digital Business Automation, BMC Software

PROJECT MANAGEMENT

Other non-obvious, but extremely helpful automation can be applied around software project management like automated state transition for tasks on a project board (e.g. move all newly added issues to "To-do" or to move all reopened issues to "In-Progress").
Lee Calcote
Head of Technology Strategy, SolarWinds

Read Steps You Should Be Automating in the SDLC - Part 3, covering the development environment and the infrastructure.

The Latest

November 14, 2018

What to automate? Which parts of the delivery process are good candidates? Which applications will benefit from automation? At first, those sound like silly questions. Automate all your repetitive processes. If you think that you'll do the same thing manually more than once, automate it. Why would you waste your creative potential and knowledge by doing things that are much better done by scripts? Yet, an average company does not adhere to that logic. Why is that? ...

November 13, 2018

I'd love to see more security automation deeply integrated into the development process. Everybody knows since the 1990s that security as an afterthought just doesn't work, yet we keep doing it. The reason, I think, is because it's very hard to automate security ...

November 09, 2018

DEVOPSdigest asked experts from across the IT industry for their opinions on what steps in the SDLC should be automated. Part 5, the final installment, covers deployment and production ...

November 08, 2018

DEVOPSdigest asked experts from across the IT industry for their opinions on what steps in the SDLC should be automated. Part 4 is all about security ...

November 07, 2018

DEVOPSdigest asked experts from across the IT industry for their opinions on what steps in the SDLC should be automated. Part 3 covers the development environment and the infrastructure ...

November 06, 2018

DEVOPSdigest asked experts from across the IT industry for their opinions on what steps in the SDLC should be automated. Part 2 covers the coding process ...

November 05, 2018

Everyone talks about automating the software development lifecycle (SDLC) but the first question should be: What should you automate? With this question in mind, DEVOPSdigest asked experts from across the IT industry for their opinions on what steps in the SDLC should be automated. Part 1 starts with by-far the most popular recommendation: Testing ...

October 31, 2018

Halloween is a time for all things spooky, but not when it comes to your mobile app experience. A poor experience can not only scare off your customers but keep them away for good ...

October 30, 2018

As organizations have embraced open source, they have become polyglot — using multiple programming languages and technology stacks to accomplish software and hardware related tasks. Enterprises are caught between the benefits provided by a polyglot environment and the complexities and challenges these environments bring. Ultimately, if the situation remains unchecked, polyglot will kill your enterprise ...

October 29, 2018

Factor 5 of the Twelve-Factor App relates more to processes and advises strictly separating the build and run stages. The emphasis is on identifying and separating each stage of app development, and encouraging automation between each so as to accelerate the process ...

Share this