DevOps defines 8 capabilities that cover most of the important aspects for ensuring successful DevOps in practices, these capacities are:
- Continuous Planning
- Continuous Integration
- Continuous Delivery
- Continuous Operations
- Continuous Quality
- Continuous Security
- Continuous Collaboration
- Continuous Improvement
This ensures that planning for software releases is not something fixed and can change by time according to the delivered value. During the planning, all team members are actually involved in planning the work that needs to be delivered, prioritizing what is important to be in the next release or sprint. This capability including its practices is the best fit with Agile methodology to ensure incremental value creation through sprints.
The main idea of continuous integration is to minimize the time between code developed by one of the team members to be integrated with the main code repository for the whole software. So, each team member is integrating his/her work more frequently.
The benefits from that are huge, for example, ensuring that actually, the code is working with other components, nothing is broken, minimizing the bugs and errors that can be found during the code integration process, also minimizing the time to recover from issues as well, and other benefits too.
It is mainly the frequency of software releases after the testing to be deployed to the production for usage by the end-users.
Most of us can relate this experience with massive daily updates in mobile applications, each day, I found at least 5 to 10 apps need an update. This implies how those applications’ owners are rapidly adding daily new features and enhancements to their applications.
Most of the legacy systems require manual deployment steps and if one step fails, it may require repeating the whole time-consuming process and it was a nightmare for the operations team and can take days and maintenance notice for customers which disrupts the business and harms companies revenue and in most cases produces huge losses.
When the final production deployment step needs to be triggered manually, we call this a Continuous Delivery, if the production deployment is automated without manual triggers and through automated pipelines, we call that a continuous deployment.
This capability needs an entire culture shift in how the organization is managing the software quality, it is about instead of assuring quality to continuous quality by not waiting until the acceptance test to ensure quality but embedding the quality early in the process which is known as Shifting left quality. This left-shift does not mean that we will not perform the normal testing process but it is important to balance them and start early in the process by ensuring requirements quality, code quality, and test automation across all types of testing, for example, unit, integration, system, regression, …etc.
Using a framework like Test Driven Development can enhance the quality of written code and also ensure that the requirements and user stories are testable. This will require also shared quality responsibilities between teams not only the testing team, so the quality is becoming each team member’s job.
Continuous operations is a capability to make sure that the organization is avoiding system downtime and outages due to any issue, fault, or damage. How will the system be resilient and reliable to be used? And how to maintain the system without affecting its operations and usage from the end-user.
Updates from operating systems, security patches, and integration services are almost changing every day. Managing these kinds of updates with even new deployments are important to ensure system availability without interruption. Technologies like cloud computing helped in achieving that.
Some important practices to achieve this capability are auto-failover, applications monitoring, and auto-scaling. Blue/green deployment is one of the famous practices to prevent having any downtime while upgrading or maintaining the system.
The secure development life cycle is more important than ever, similar to the quality the security requires also a mindset shift and to become each role responsibility. This also needs to shift these security procedures, standards, policies, and assurance to the left of the life cycle. So, not having the security testing and code scanning at the end of the development.
Now, many tools can detect vulnerabilities in code while developing to highlight any security risks and ensure that the security policies and standards are followed. Not only that but even how to design the system from architecture, used technology, infrastructure, and data to be secured.
As we saw earlier that having all of these capabilities in place, will need strong team collaboration and alignment, from planning, testing, deployment, operations, …etc. to create this harmony. Most of the DevOps tools are now equipped with different collaboration tools and can integrate with other tools.
the collaboration on planning, task assignment, providing wikis for teams for the faster onboarding process. This will enable the involved team members to respond to the required changes even faster and prompt the interactions between them.
Improvements are always required and most of the time, the team is very busy to pause and take some time to think about what needs to be improved.
So, this capability is important for the team to look over all the processes and practices used and spot what needs to be improved. Without proper measurement, you will not know exactly what needs improvement, so Defining proper metrics is important for continuous improvement.