Steps You Should Be Automating in the SDLC - Part 3
November 07, 2018

DEVOPSdigest asked experts from across the IT industry for their opinions on what steps in the SDLC should be automated. Part 3 covers the development environment and the infrastructure.

Start with Steps You Should Be Automating in the SDLC - Part 1

Start with Steps You Should Be Automating in the SDLC - Part 2


It is critical for any aspiring high velocity engineering organization to automate the set up of development environments. Every manual step and every moment spent on development environment set up is a moment your engineers are not yet creating business value. A new contributor should have a complete environment setup and be able to code within one hour. Additionally, the development environment should match the production environment as much as possible — it is far better to discover an environmental bug in development than after a deploy to production. Fast and automated development environment setups equal more engaged engineers, which equals more engineering business value delivered at a faster pace.
Nell Shamrell-Harrington
Principal Software Development Engineer, Chef

Use containers to automate the creation and sharing of your developer environments. Today too many developers still build code on their own machines locally and end up with hard-to-trace problems due to differences in dependencies and runtime package versions. That can be avoided by creating a developer container image for each project based on and perhaps even identical to the production container image. This gets rid of costly "but it works on my machine" problems and, if saved in the project repo, makes it easier for someone to quickly reproduce an older dev environment to address a legacy customer's bug.
Brad Micklea
Senior Director of Developer Experience and Programs, Red Hat

There is usually a disconnect between development and production environments, which adds friction when an application needs to be deployed. Using automation to make development look like production, by sharing tools and configurations helps avoid this problem. For example, using a tool to codify and automate the setup and teardown of development in a way that matches production, makes it easier to test applications and avoid them breaking in production due to subtle differences.
Armon Dadgar
Founder and Co-CTO, HashiCorp


DevOps groups should eliminate error-prone processes like infrastructure and tool upgrades and maintenance through infrastructure management automation and machine learning.
Steve Garrison
VP Marketing, ZeroStack

In terms of development lifecycle automation, the biggest bang-for-buck for most organizations is infrastructure. This entails codifying system configurations and providing infrastructure-on-demand, with infrastructure-as-a-service for application teams. For many organizations, standing up infrastructure for development is manual, and the entire lifecycle is bottlenecked waiting for infrastructure to be configured as needed to support internal development, QA and production team activities. Automating infrastructure enables other pipeline processes that depend on infrastructure. In addition, focusing on infrastructure automation is a great starting point for improving collaboration between Dev, QA and Ops as part of a DevOps transformation.
Marc Hornbeek
Principal Consultant – DevOps, Trace3

As part of your DevOps process, an area that would benefit from automation: Infrastructure as Code to eliminate rework, nonstandard configurations and enforce company policies for better cost, compliance and agility.
Jeanne Morain
Author and Strategist, iSpeak Cloud


We should be automating scalability. Today’s cloud provides virtually limitless capacity, so by making automation part of cloud-native architectures, we can pre-authorize scalability, allowing it to happen automatically, without human intervention.
Sharan Gurunathan
EVP and Principal Solutions Architect, Coda Global


You should automate the way you build dashboards, and like other automation, dashboard configuration should follow best practices around software development, including versioning and change control. Automation lets you create standard patterns cheaply, which in turn facilitates communication across teams and helps new engineers get up to speed quickly.
Daniel "Spoons" Spoonhower
Co-Founder and CTO, LightStep


Development teams are on-boarding site reliability engineers (SREs) to transform applications to become more resilient. SREs feed off detailed telemetry data from the application to anticipate problems and get ahead of them. Thus, one of the most important automation steps is to embed a monitoring data collector into your application run time early on during the development phase. Later, when the application is in production, the data collector will send telemetry to your monitoring severs regardless of where your application ends up running, in a private or public cloud.
Mike Mallo
Offering Management Lead - Hybrid Cloud DevOps, IBM Cloud Unit, IBM Corporation

Any process or handover that requires duplicating data in two systems (tools) should be automated to remove the waste and overhead that slows software delivery teams down and takes time away from value-adding work. For example, copying incident details from an ITSM tool used by the service desk to the Agile planning tool used by developers, and then manually synchronizing the status of both, or copying requirements into Agile stories, or defects into an issue tracker. Automation can flow and synchronize the necessary data across the best-of-breed tools used for planning, design, development, testing, release and operation, providing every role with the information they need in near-real time and directly in their tool of choice. By standardizing and normalizing the data as it flows, software delivery organizations can also get visibility into their big picture metrics — within a single product and across multiple products — and insights into their value creation process.
Naomi Lurie
Director of Product, Tasktop Technologies


Automation in software development has traditionally been restricted to front-end applications. The database is now entering the picture because changes to applications often mean the code behind the database schema needs to be updated as well. Companies should therefore think about including the database in continuous integration. By automating the build and testing of code changes every time they are committed to version control, errors will be caught earlier in the development process and the database will no longer be a bottleneck during deployments.
Simon Galbraith
CEO & Co-Founder, Redgate

Continuous Delivery is already highly adopted (83%) for Application Development. Yet, with a competitive landscape and a need to continue and improve, companies need to identify other existing bottlenecks in their application release. Databases are the ideal candidate when it comes to accelerating application releases, and are lagging behind application delivery with only 36% CI/CD adoption. In 2019, companies will turn to automate their database releases. While allowing faster database releases is a goal, companies must remember the true goal is to go as fast as possible without the risk of costly re-work and downtime. This can be achieved by adopting DevOps best practices for the database, setting safety nets to negate database risk, as well as manage security aspects to make sure short feedback loops are handled across Dev, Sec & Ops.
Yaniv Yehuda
Co-Founder and CTO, DBmaestro

Time and time again, we hear technology leaders say they should have addressed the database release management problem before tackling the easy problem of application release automation. But the reality is — database deployments are often forgotten about. Pushing out the application is the easy part of DevOps, but managing and automating database changes are the real challenges. As development teams continue moving quickly, there is a need to support the high rate of change. Through automation, database administrators (DBAs) have enormous impact on how quickly software gets into the hands of customers, shortening the time it takes to bring application innovation to market innovation to market while eliminating the security vulnerabilities, costly errors, data loss and downtime often associated with manual database deployment methods.
Robert Reeves
CTO and Co-Founder, Datical

Read Steps You Should Be Automating in the SDLC - Part 4, all about security.

Share this

Industry News

November 30, 2020

Shipa is open sourcing Ketch, Shipa's deployment engine, under Apache License Version 2.0.

November 30, 2020

Portworx by Pure Storage announced its qualification and support of Portworx Enterprise for Google Cloud's Anthos on bare metal.

November 30, 2020

SnapLogic now supports SaaS contracts in AWS Marketplace, a digital catalog with thousands of software listings from independent software vendors that make it easy to find, test, buy, and deploy software that runs on Amazon Web Services (AWS).

November 24, 2020

Red Hat announced new capabilities and features for Red Hat OpenShift, the company's enterprise Kubernetes platform.

November 24, 2020

Sectigo released Chef, Jenkins, JetStack Cert-Manager, Puppet, and SaltStack integrations for its certificate management platform.

November 24, 2020

DataStax released K8ssandra, an open-source distribution of Apache Cassandra on Kubernetes.

November 23, 2020

Spectro Cloud has released a new, self-hosted version of its flagship product, Spectro Cloud.

November 23, 2020

GitLab completed integration of Peach Tech, a security software firm specializing in protocol fuzz testing and dynamic application security testing (DAST) API testing, and Fuzzit, a continuous fuzz testing solution providing coverage-guided testing.

November 23, 2020

Fugue announced the availability of its SaaS product in AWS Marketplace, further simplifying the process for Amazon Web Services customers to use Fugue to bring their environments into compliance quickly, demonstrate compliance at any time, and Shift Left on cloud security.

November 19, 2020

Rollbar announced AI-assisted workflows powered by its new automation-grade grouping engine.

November 19, 2020

Buildkite expanded its integration with GitHub and introduced a new onboarding experience.

November 19, 2020

Rancher Labs launched a new Partner Program for the OEM and embedded community.

November 18, 2020

Puppet announced its evolution to an integrated automation platform to enable key business initiatives such as scaling DevOps, risk reduction, policy as code, and evolving cloud strategies.

November 18, 2020

Adaptavist has joined the GitLab partner program as a Select partner.

November 18, 2020

Postman launched the beta version of public workspaces, a hub that makes it possible for both API producers and consumers to seamlessly communicate and collaborate in real time without team or organizational boundaries.