The Shippable Blog

Q&A with Eric Vanderburg - A Cyber Security Expert

We recently had the pleasure of talking to Eric Vanderburg, the cyber security and DevOps expert to understand his viewpoints on DevOps, the digital transformation of workforces and legacy systems to cloud and community-based models. 

The Difference Between CI Pipelines and DevOps Assembly Lines

What's in a name? wrote the greatest Bard that ever lived.

He was wrong. If someone ever asked me a hypothetical question about which dead person I'd want to have a conversation with, it'll definitely be Shakespeare. Let me explain why.

When we launched Shippable Pipelines last year, we wanted to highlight the difference between plain vanilla CI and the capability to put together a deployment "pipeline" that spans orchestration across multiple environments and supports all tasks involved in software delivery like CI, infrastructure provisioning, test automation, deployments, security patching, release management, config mgmt, service discovery, etc. 

However, shortly after we launched, other CI providers launched their own interpretations of "pipelines"! For example,

How did everyone come to the same exact place so rapidly? As we found out, they didn't. Pipelines was being used as a fancy name for CI, with features that Shippable had supported for over two years, like Matrix builds for splitting tests or testing against multiple environments for example. 

We needed a way to explain why Shippable is different. This blog explains why we landed on DevOps Assembly Lines as the perfect way to describe our approach to DevOps and CI/CD. 

Why DevOps Efforts Fail

[This article was originally published on SDTimes as a contributed article.]

The main goal of DevOps is simple: ship software updates frequently, reliably, and with better quality. This goal is somewhat 'motherhood and apple pie', and every organization will agree that they want to get there. Many will tell you they've already embarked on the DevOps journey by following some commonly followed frameworks, such as CALMS

However, very few will express satisfaction with the results. After speaking to 200+ DevOps professionals at various stages of the adoption lifecycle, we found that organizations generally fall in one of 3 categories:

We were most interested in groups 2 and 3 since they were actually in the middle of their DevOps journey. When asked to better explain the challenges and roadblocks, here is what we found:

  • 68% said the lack of connectivity between the various DevOps tools in their toolchain was a very frustrating aspect.
  • 52% said a large portion of their testing was still manual, slowing them down 
  • 38% had a mix of legacy and modern applications, i.e. brownfield environments. This created complexity in terms of deployment strategies and endpoints, toolchain, etc.
  • 27% were still struggling with silo'ed teams that could not collaborate as expected
  • 23% had limited access to self-service infrastructure.
  • Other notable pain points included finding the right DevOps skillset, difficulty managing the complexity of multiple services and environments, lack of urgency/budget, and limited support from executive leadership.

Let us look at each of these challenges in greater detail.

The Future Of DevOps Is Assembly Lines

Last week, we announced the General Availability of Shippable Server, the behind-the-firewall version of our hosted platform. We also articulated our vision around where DevOps is today and why Assembly Lines is the future of DevOps.  

As I think about our journey from CI to Assembly Lines, it mirrors the journey of most organizations as they mature their DevOps efforts. In a nutshell, DevOps has created an awareness of the need to automate and be more efficient in terms of software delivery. However, most of the focus around the how has been around cultural changes and tools that help automate bits and pieces of the end-to-end software delivery workflow. This has led to the formation of "islands of automation" that are optimized for specific tasks but do not enable the holy grail of Continuous Delivery or Continuous Deployment. To achieve those goals, you need an Assembly Line platform that takes all these tools and connects them into end-to-end workflows with complete visibility, traceability, and auditability.

So let's take a look at this journey, and dig in a bit deeper into why Assembly Lines are the essential factor to DevOps success. 

Demystifying DevOps terminology

Last week, we announced the General Availability for Shippable Server. With the announcement, we also articulated how we see DevOps: both as it is today and where the next wave is headed. For more context on our vision for the next wave, aka DevOps Assembly Lines, you can read our whitepaper.

However, before discussing evolution of DevOps, we found that most folks we spoke to were confused about the plethora of terms that are thrown around. A few are Continuous integration, Continuous Delivery, Continuous Deployment, CI/CD, Application Release Automation (ARA), and Pipelines. Tool vendors seem to use these terms interchangeably, but they each have distinct meanings that you should understand so you can also figure out which part of the DevOps puzzle is addressed by the vendor. 

This blog provides definitions for each term along with some examples. We are working on a detailed whitepaper that will also include an opinionated list of tools available for each term below.