Check Point® Software Technologies Ltd. has been recognized as a leader in The Forrester Wave™: Zero Trust Platform Providers, Q3 2023 report.
What to automate? Which parts of the delivery process are good candidates? Which applications will benefit from automation?
At first, those sound like silly questions. Automate all your repetitive processes. If you think that you'll do the same thing manually more than once, automate it. Why would you waste your creative potential and knowledge by doing things that are much better done by scripts? If we can create robots that assemble cars, we can surely create a Jenkins job that builds software, runs tests, and deploys containers. Car assembly is undoubtedly harder to accomplish than building software. Yet, an average company does not adhere to that logic. Why is that?
Two main culprits prevent many companies from automating all the repetitive process: silos and legacy code.
I often encounter companies that have a lot of small pieces of the process automated, but without an overarching pipeline that joins those pieces into a fully automated process. As a result, not much is accomplished since the whole process still needs to wait for handovers and (often long) manual actions.
The reason behind missing pipeline that envelops the entire process is the lack of responsibility for a product. Different silos do their stuff (e.g., coding, testing, deployments), and nobody understands the big picture. At least, not those that are capable of redesigning and refactoring applications and writing automation scripts. Instead, silos keep introducing manual approvals and handovers because their parts are done, and they don't care or even know what's happening next. To make things more complicated, when you do decide to join those disparate pieces of automation into a product-oriented fully-automated pipeline, you'll realize that it cannot be done. You will not be able to assemble those automation snippets into a pipeline because they were not designed to work together. Even when you do, you'll face a challenge with legacy code.
The most common problem with automation is legacy code. By definition, legacy applications are those that were not refactored and those that did not keep up with the changes in the industry. That does not mean that all the apps that started their life long time ago are legacy. But, instead, that those that did not keep up with time are. Now, you might ask why does that pose problems with automation? The answer is simple. The applications that are not designed to be buildable, testable, and deployable (according to today's standards) cannot be moved through their life-cycle through automation. At least, not without too much effort that often results in slow delivery and an insufficient return of investment.
If we accept that silos and legacy applications are often preventing automation of the development process, the answer to the initial question is straightforward. Automate development processes of the new applications. Design them in a way that the are automation-friendly. Do it correctly from the start, and you'll see immediate benefits. Make sure that you pick an application that is managed by an autonomous team that is free from administrative obstacles and does not need to wait for others (silos) to continue their work. After all, why would you invest in automation with applications that you do worth the improvements? If you really want to improve older applications, you'll refactor them. You'll make their architecture better and, during the process, you'll make them more automation-friendly. Automating something that you do not want to refactor is a waste of time. Legacy means that you gave up on it so just keep it rotting. Similarly, automating a process that requires handovers from one team to another is also a waste since the lean time is going to slow you down no matter how much you automate individual pieces.
All in all, automate deployment processes of the applications managed by self-sufficient teams and those you do believe are worthy candidates, not those you let rot for too long (legacy). Once you make the decision which applications should have an automated development process, embrace automation fully. Do not pick and choose what to automate. Instead, write an automated pipeline that envelops the whole process, from a commit to a code repository all the way until a release is ready for production. If you do that, you'll embrace continuous delivery. Now, you might think that's too much, but I would argue that it's not. Writing code is always unique. It's not repeatable. Everything else, after we commit that code, is a repetition of the same steps, over and over again. As I already stated, it's silly NOT to automate repetitive steps, unless the applications are not designed to be automatable.
To summarize, pick an application that is a good candidate for automation, design it (or refactor it) to be automation-friendly, make sure that it is managed by a single team, and automate the whole delivery pipeline from a commit all the way until it reaches production. Instead of automating a segment of a pipeline for all applications, automate the entire process for a selected set of applications. Embrace continuous delivery (or deployment) entirely.
Industry News
Red Hat and Oracle announced the expansion of their alliance to offer customers a greater choice in deploying applications on Oracle Cloud Infrastructure (OCI). As part of the expanded collaboration, Red Hat OpenShift, the industry’s leading hybrid cloud application platform powered by Kubernetes for architecting, building, and deploying cloud-native applications, will be supported and certified to run on OCI.
Harness announced the availability of Gitness™, a freely available, fully open source Git platform that brings a new era of collaboration, speed, security, and intelligence to software development.
Oracle announced new application development capabilities to enable developers to rapidly build and deploy applications on Oracle Cloud Infrastructure (OCI).
Sonar announced zero-configuration, automatic analysis for programming languages C and C++ within SonarCloud.
DataStax announced a new JSON API for Astra DB – the database-as-a-service built on the open source Apache Cassandra® – delivering on one of the most highly requested user features, and providing a seamless experience for Javascript developers building AI applications.
Mirantis launched Lens AppIQ, available directly in Lens Desktop and as (Software as a Service) SaaS.
Buildkite announced the company has entered into a definitive agreement to acquire Packagecloud, a cloud-based software package management platform, in an all stock deal.
CrowdStrike has agreed to acquire Bionic, a provider of Application Security Posture Management (ASPM).
Perforce Software announces BlazeMeter's Test Data Pro, the latest addition to its continuous testing platform.
CloudBees announced a new cloud native DevSecOps platform that places platform engineers and developer experience front and center.
Akuity announced a new open source tool, Kargo, to implement change promotions across many application life cycle stages using GitOps principles.
Check Point® Software Technologies Ltd. announced that it has been recognized on Newsweek’s inaugural list of the World’s Most Trustworthy Companies 2023.
CloudBees announced significant performance and scalability breakthroughs for Jenkins® with new updates to its CloudBees Continuous Integration (CI) software.