CI/CD pipelines are a key part of the DevOps process. They allow you to automate the process of getting your code from development to production through CI/CD. CI/CD stands for Continuous Integration and Continuous Deployment. This helps to speed up the process and ensure that your code is always in a ready-to-deploy state. There are a number of different tools that you can use for creating DevOps pipelines. You can think of it like an assembly line where technology components and quality checks and gates are passed on the way to production. A more apt analogy would be the assembly line in the manufacturing industry where physical products are made. Think of a car made of parts going down a conveyor belt to different stations where it is assembled. A DevOps pipeline is kind of like that. But instead of cars, DevOps pipelines are for software and applications. And instead of physical parts, they are for software components like source code and automated scripts.
There are several key parts of the assembly line that must be considered. The key parts of a successful DevOps pipeline are all continuous; integration, delivery, testing, monitoring, feedback, and operations.
- DevOps Cloud Security Best Practices - Part 1
- Unlock the Secrets to Becoming a Successful DevOps Engineer
- Unleashing the Power of DevOps: The Role of the DevOps Architect
Assembly Line CI/CD Pipeline
Integration is the process whereby all developers make their code changes available to other team members. This is often done using a source code repository and an automated build step. Developers, ops, qa, etc. all contribute to the same process which enhances the same product with everybody moving the same automobile down the assembly line together.
Most organizations have a "git" repository that holds all the source code. This can be a private repository, shared publically, or a combination of both. It is commonly referred to as a "GitHub" or "GitLab" repository. Utilizing feature branching strategies, build or feature flags, and a myriad of other code organization strategies; the code repository becomes the central hub for all work happening in and around the technology product.
Delivery is the process whereby the integrated code changes are deployed to a test or production environment. It involves package or container creation, deployment, and feature enablement in a production environment. The overall scope of work is narrowed down from large unwieldy projects to something more complementary to a single bolt being added to a car or truck. In the physical world, those incremental steps are not only performed, but in our modern industrial assembly lines, the impact wrench which is utilized will measure and record the torque applied while the car is being assembled. Continuous delivery is no different. Code should always be ready to be deployed to production because every minor tweak, change, or enhancement is fully tested as it is added to the code repository.
Testing is the stage where the output of delivery is tested to ensure that it performs as expected in a testing environment. The gold standard here is to ensure that 100% of your application is fully tested on every single commit. Full coverage testing is often used when developing in an agile or Scrum environment, where developers will have small, incremental changes to the code. When modernizing an application where automated testing was not done from the start, you may see much lower percentages as you get your application up to spec. This is OK! Make sure testing is a focus and a breakpoint is added where it no longer becomes acceptable to not test changes.
Continuous Monitoring and Feedback
I am going to let you in on a secret, "humans are not robots". This means that we are going to make mistakes. It is just part of the job. Mistakes should always be an acceptable part of the work done in the technology sector. Here is what should really drive people crazy instead of mistakes, not knowing when mistakes were made or when something fails. So, what can we do about it? Simply put, build some observability!
Observability, a common NFR in technology, is the concept that not only should your technology have some up/down state monitoring behind it, but you should be able to also get good telemetry around the full set of business processes as well. Looking at some basic observability items such as activity counters, page performance and event timing, errors, failures, success, etc. you can build a set of observability around key metrics which tell you can line up to show the differences between how you expect your application to be performing versus the reality of how it is performing.
When it comes to Continous Feedback, now that we are in this panacea of speedy and rigorously tested application deployments, we can get this observability feedback into the hands of our DevOps teams to ensure that appropriate changes are put into the application. Without good early feedback supported by a mountain of data, the team will be left guessing. Let's be honest, everyone on the team needs this feedback. The DevOps team doesn't need to know everything. They do need to know enough to assess whether or not the changes they make to the application are safe and meet business requirements.
Regardless of whether you're building a standalone product or a company, the key takeaway here is that you want to be thinking about observability in terms of the business process as a whole paired directly with technology. A car company is not going to set out to produce the next top-of-the-line pickup truck and end up with a Pontiac Aztec unless something goes very wrong while nobody is looking.
Everyone is responsible for operations. Product Managers, Developers, CEOs, Finance and Accounting, and Operations; everybody shares some role in the responsibility. When it comes to DevOps the role of operations is filtered directly into the central workstreams of the team. When an outage occurs, RCAs and post-mortems do not stop at a ceremonial activity. They are carried through to completion with real changes being put in place. Utilizing all of the aforementioned steps of the assembly line, the DevOps team is able to more quickly remediate issues that either show up due to mistakes or show up due to the growth of a system over time.
One of the core things to remember about operations is that technology does not age well. The longer something is running in the wild, the frailer it will get. Think about it this way; if you never service your car, the engine will start to overheat, your tires will start to go bald, and you may run out of blinker fluid. As time goes on, the car gets more and more unreliable. This is true of any technology as well. Operations needs to be accessible to everyone, and it needs to be prioritized in a way that allows for a healthy mix of feature functionality and operations to coexist.
In conclusion, DevOps Pipelines can be easily attributed to an assembly line of technology. Through a set of core principles, like always being ready for production, along with integrated technology which promotes testing, monitoring, feedback, and observability the pipeline approach enables organizations to achieve rapid time-to-market and continuous delivery of software products and services (and they can enjoy the velocity and quality benefits at a fraction of the cost).