CI/CD and the Promise of Agile Transformation

June 11, 2020 Julie Peterson

Continuous integration/continuous delivery, more commonly known as CI/CD, promises to help software companies become more agile by delivering software faster and more reliably. The goal of CI/CD is to reduce software development and delivery timelines from months or weeks down to days or even hours. It does this by pushing frequent updates and fixes regardless of size and using automation tools to help the process run smoothly. 

According to Gartner, CI/CD is the most common agile practice currently being adopted by organizations. As the theory goes, the quicker a company moves, the better its bottom line. So what exactly is CI/CD?

CI/CD: Two Distinct Processes

Though often lumped together, continuous integration and continuous delivery should be thought of as two distinct stages in a modern software development life cycle. Continuous integration is the process of frequently incorporating code into the build. Continuous delivery is the next step of quickly and efficiently moving code from the development stage to production using automation.

Continuous Integration

Continuous integration is the developer practice of constantly integrating code into your code base. The idea is to make small changes and commit these code changes into a shared repository frequently -- at least once daily but usually multiple times a day. Each integration is verified by an automated build, which includes testing to detect any integration errors. 

Smaller code changes have fewer unintended consequences. By checking in code continuously, problems with the build are limited and addressed much earlier in the development process. This significantly reduces integration issues and makes fixing a broken build easier. It also helps reduce the backlog of non-critical defects because these problems are remediated before the pressure for new features builds. Frequent check-ins also promote collaboration across teams and allow developers to get better quality software out the door to customers faster. 

Automation is a large part of successfully integrating and validating these continuous code changes. CI relies heavily on automation tools such as source code management systems and continuous integration servers to make it possible to build, package, and test software.

Continuous Delivery

Continuous delivery begins where continuous integration ends. Continuous delivery is the ability to deploy frequent small software changes -- new features, enhancements, bug fixes -- to end users anywhere at any time.  In essence, continuous delivery is the testing, staging, and deployment of CI code. While continuous integration is a developer practice, continuous delivery is firmly in operations’ sphere. 

There are a number of benefits to smaller, more frequent software releases. Introducing fewer upgraded features at one time is less disruptive. Smaller, more incremental changes are easier to troubleshoot or rollback should any unexpected problems occur. Improvements and new features can be added rapidly to meet customer’s changing needs, resulting in a better, more usable product. Because code changes are so frequent, customer feedback is also more immediate.

As with continuous integration, continuous delivery relies heavily on automation and testing to work. The goal of continuous integration and continuous delivery is to get the highest quality code to customers as quickly as possible. To achieve this, continuous testing is essential throughout the process to catch errors or potential security vulnerabilities as software moves through the CI/CD pipeline. It generally also includes automated regression, performance, and other tests executed within the pipeline. With CI/CD, testing is improved overall as fewer changes allow for more targeted and accurate testing.

CI/CD Challenges and How to Address Them

CI/CD requires both a shift in developer culture and the adoption of new automation technologies. If you don’t address each of these challenges individually, your move to CI/CD may not pay off as planned. Read on for strategies to avoid the most common challenges.

Cultural Changes

The focus on multiple daily code integrations represents a pivotal cultural change for developer teams. The purpose of these frequent check-ins is to ensure that any bugs or security flaws are found and fixed immediately. The more frequently you check in code, the less code you need to review when problems do occur. Checking in smaller chunks of code helps isolate errors and makes them easier to fix than having to sift through days or weeks of new code. 

Change is hard, and frequent code check-ins are a big shift for developers. You're asking them to modify the way they write, test, and build code. If you don’t have the cultural buy-in in your engineering organization, your move to continuous integration might not be a smooth one.

Technical Changes

CI/CD just isn’t possible without technical changes to your organization. CI/CD relies heavily on automation to check code as it is integrated into the repository and merged into the main line of code, and again when it is delivered to your customers. If you don’t embrace automation, you’ll find it impossible to constantly check-in, test, and deliver code. Trying to accomplish this manually would turn checkpoints into bottlenecks.

Tips for Cultural and Technical Buy-In

So how do you foster buy-in for the cultural and technical changes required by CI/CD? Here are a few tips:

  • Build collaboration and trust. Uniting teams across your organization helps foster cooperation and the sharing of knowledge between teams. This begins at the top with the highest level of management. 

  • Encourage improvement to optimize performance. If you want your developers to change the way they work, you need to provide them with training, feedback, tools, and support on the new CI/CD processes. 

  • Use failure as a learning experience. By positioning failures as opportunities to learn and improve, you give your developers permission to take risks, which leads to growth and innovation.

  • Automate everything. An automated infrastructure is key, including source code management tools and automation servers that allow developers to build, test, and deploy their software quickly and reliably.

Agile Transformation with CI/CD

Most software companies hoping to gain a competitive edge are using CI/CD practices today to help improve their DevOps pipeline. As a result, CI/CD is one of the fastest growing segments in the $15 billion DevOps tools market. CI/CD pipelines promote nimble and innovative software development while also fostering greater collaboration between development and operations teams. To deliver better quality software more frequently and reliably, a CI/CD pipeline is one of the best practices your DevOps team can adopt.

 

Previous Article
Static Application Security Testing: SAST Basics
Static Application Security Testing: SAST Basics

Learn all about SAST - what it is, how it works, its strengths and weaknesses, how it can be improved and w...

Next Article
June 2020 Open Source Security Vulnerabilities Snapshot
June 2020 Open Source Security Vulnerabilities Snapshot

×

Stay up to date, subscribe to our newsletter today!

Country
I agree to receive email updates from WhiteSource
Thank you!
Error - something went wrong!