Translator|Li Rui
Reviewer|Sun Shujuan
Some thought leaders often say, “All companies are software companies.” This is Because over the past decade, many large and medium-sized enterprises have implemented digital transformation initiatives that have had a profound impact on the way these enterprises develop and deploy software to deliver business value.
In the past, applications were often monolithic, deployed on-premises on bare metal or virtual machines, and updates were few, high, and infrequent. Today, new application models leverage microservices, containerization, and continuous delivery, resulting in numerous updated versions in Kubernetes, virtual machines, and multi-cloud environments. This evolution has given rise to new types of business processes and business models, from “as-a-service” to full omnichannel customer engagement, to business processes driven by real-time IoT data.
Successfully implementing these new software delivery strategies in a cloud-native environment requires another shift—software development. Enterprises must deliver more software releases with speed, frequency, and accuracy without sacrificing software security or neglecting regulatory and business compliance needs. This evolution has added complexity.
And development, operations, Devops, security and compliance teams, which may be widely distributed geographically, must work faster, more accurately and with a higher degree of coordination. Similarly, complex distributed workflows must be highly coordinated to avoid errors and delays while increasing the productivity of software delivery team members. This evolution is further complicated by diverse continuous integration (CI)/continuous delivery (CD) tool chains, increasing security concerns, evolving privacy regulations, and a shortage of qualified technical personnel.
Faced with all these challenges, how can enterprises improve the productivity of their software delivery teams and maximize the business value of their releases? First, companies must adopt internal systems that allow their tools and processes to develop over time. Second, they must centralize control over Devops, security, and compliance management while giving development teams maximum flexibility in terms of processes and tools. Third, they must intelligently automate their software delivery pipeline.
Continuous delivery refers to the rapid and safe deployment of software changes into production in a repeatable and sustainable manner. This discipline is not new, but a new model of continuous delivery is emerging that can serve as the basis for improving Devops management, increasing development efficiency, and ensuring governance and security. This new model is based on three principles: open platforms, intelligent automation, and centrally controlled autonomous teams.
The open platform supports integration with existing continuous integration (CI) / continuous delivery (CD) tools and workflows seamless integration. This allows enterprises to develop without disrupting existing tool chains and processes, or risking a significant drop in development productivity, not to mention frustrating developers and managers. For example, an open integration layer using native APIs for public continuous integration (CI)/continuous delivery (CD) tools can allow development teams to continue using best-of-breed tools.
For maximum productivity and control, deep integration with existing continuous integration (CI) / continuous delivery (CD) tools can provide external releases at every stage of the software delivery process Visibility and control enable the system to identify risks and control workflow throughout the delivery process. In addition, open integration layers and native APIs for common orchestration tools such as Argo and Spinnaker can allow modifications to be made to change orchestration tools without tearing and replacing the continuous delivery platform.
Intelligent automation meets many of the core requirements for successful software delivery. Basic process automation can increase the productivity of Devops personnel by automating routine manual tasks through code. For example, a developer can run a build in Jenkins and then trigger an automated task to push the build to Artifactory and start the delivery pipeline. However, combining automation with artificial intelligence can enhance processes and improve business outcomes.
Intelligent automation can automate routine tasks and then continuously improve automated decisions as releases move through the delivery lifecycle. Intelligence applied to the release process – When combined with deep tooling integration, access to not just events but all process data automatically detects software risks and automatically flags them for remediation before release candidates go into production.
In addition to improved development efficiency and faster, more accurate software releases, intelligent automation provides a way to implement centralized, automated controls over compliance and security. By implementing security policies and automation into the software delivery process, enterprises can implement DevSecOps so that security becomes an integrated part of the development process, rather than a review phase at the end of the development process.
Establishing centralized controls is critical to support organization-wide development, security, and compliance teams to ensure compliance, consistency, and auditability of all software releases. To be successful, centralized control requires a central policy engine that can enforce security, compliance, and business rules at the enterprise and individual team levels. Role-based access control (RBAC) can provide fine-grained permissions to teams and individuals without compromising control. In order for teams to operate independently, teams must be isolated from other teams in terms of security, deployment goals, and similar factors.
Intelligent automation combined with the policy engine automates and continuously improves the enforcement of security and compliance policies, reducing the need for developers, security and compliance teams. To further improve the performance of your software development pipeline, enterprise-wide best practices and reusable deployment patterns can be implemented to increase the productivity and accuracy of development teams.
Now, these new basic elements of continuous delivery are beginning to enter the product in the following ways.
Open source continuous integration (CI) / continuous delivery (CD) projects continue to develop. For example, to meet evolving security concerns, the open source cloud-native continuous delivery solution Spinnaker now includes multiple authentication (identity management) and authorization (access management) options. To support centralized control, Spinnaker also takes an intelligent approach to these critical security functions. Rather than writing a new proprietary login solution, Spinnaker leverages modern security protocols, including OAuth 2.0, SAML, and LDAP, allowing Spinnaker to integrate with the identity and access management solutions that most enterprises already use. Spinnaker also integrates with common authorization solutions such as Google Groups, GitHub Teams, SAML Roles and LDAP groups.
Automation of routine processes is becoming more and more common in business solutions, including proprietary solutions and based on Products for open source continuous delivery solutions. For example, commercial solutions like CodeFresh, Armory and OpsMx are built on open source continuous delivery projects such as Argo and Spinnaker. Companies such as Digital.ai, Harness and Broadcom also offer proprietary business solutions.
Artificial intelligence and machine learning are emerging in business solutions such as Harness and OpsMx. An example of this is a machine learning-driven continuous verification process that learns from previous deployments and creates a baseline of good deployments, enabling anomaly detection. Likewise, continuous integration (CI)/continuous delivery (CD) tools from New Relic, Datadog, Honeycomb and Splunk use artificial intelligence/machine learning to provide more insights into software performance and quality.
Intelligent automation combines artificial intelligence and robotic process automation (RPA) technology to streamline and scale across organizations processes and decisions. Intelligent automation is emerging in a handful of commercial continuous delivery solutions such as OpsMx, enabling enterprises to go beyond the automation of routine processes and workflows.
Intelligent automation can perform risk analysis on software versions and automatically determine whether the version meets standards to be passed to the next pipeline stage without creating unacceptable risks of production failure. This level of intelligence can also automate policy compliance, ensuring compliance with all governance rules and best practices. Industry-leading enterprises go further and combine intelligent automation with advanced deployment strategies like blue-green testing, canary testing, and progressive delivery to deploy software faster and with less risk than ever before.
It is critical that the software delivery process keeps pace with the requirements of digital transformation at the enterprise level. Failure to do so will result in software delivery challenges that result in slow releases, high release error rates, security and compliance failures, and frustrated users and customers.
The good news is that Devops developers can now implement a new foundation for their continuous delivery processes to ensure faster, higher-quality software releases. As intelligent automation capabilities become more widespread, Devops developers can position themselves as key drivers of digital transformation acceleration, delivering new software capabilities faster, more frequently, and more securely in tighter timeframes.
Original link: https://www.infoworld.com/article/3658209/how-intelligent-automation-changes-cicd.html
The above is the detailed content of How Intelligent Automation is Transforming Continuous Integration (CI)/Continuous Delivery (CD). For more information, please follow other related articles on the PHP Chinese website!