You are here

You are here

7 trends changing continuous delivery and release automation

Chris Ward Tech Writer and Blogger, Gregarious Mammal

Many teams have moved their software delivery pipelines to some form of continuous integration and continuous delivery (CI/CD). Some are moving to a fully automated delivery process, while others are still considering and planning for the switch.

But once you're experienced CI/CD and are comfortable with it and release automation, you might wonder what's next. Here are seven trends to follow.

1. The path ahead is open

Open source and open standards are nothing new to the CI/CD landscape, but thanks to organizations such as the Cloud Native Computing Foundation (CNCF) and the Linux Foundation, they are slowly consolidating. Some of this is thanks to foundations bringing credibility and marketing potential to many of the companies that sponsor or donate a project's governance to them.

Having representatives of major projects connected means they form steering committees and interest groups to work on interoperability standards and on consolidating projects with similar functionality.

Most specific to CI/CD is the app delivery technical advisory group (TAG). It meets monthly, so if you have an opinion or input to add, join its next meeting.

2. Self-serve developer environments

Fast-moving development teams are increasingly turning to internal developer platforms. Also known as self-serve or branch environments, these platforms are typically based on a version control branch. A self-built or SaaS process triggers building the temporary environment and infrastructure that the code changes need for running an entire test suite.

The environment is then torn down when tests finish running and, crucially, there could be dozens of these temporary environments coming and going at any one time. There's no need to maintain long-running test environments that block team members or need constant maintenance; making this change alone can massively improve developer productivity.

3. CI and CD at the edge

Edge computing aims to bring computation and data storage closer to the sources of data to improve response times and save bandwidth. An edge device is frequently an IoT device, but that hasn't always been the case, and what constitutes an IoT device continues to evolve.

Getting up-to-date versions of applications and services to these devices reliably will become increasingly important for development teams. A handful of services (primarily from Azure) offer to help with edge delivery, but expect to see more tools and plugins to add to existing pipelines.

4. Everything as code

Typically, "continuous" practices have applied to software development, but other closely related teams and roles are starting to adopt similar practices. As those teams see results in flexibility and productivity, this trend will continue to grow. Once you represent something as code, you can (probably) automate the process of getting updates into the hands of users.

Companies such as Liquibase and Snowflake aim to bring database changes to the same level as code, with the ability to push out schema changes from repository to a production database with the same confidence as a developer.

Teams maintaining machine-learning (ML) data and models are investigating the same approaches with concepts such as continuous delivery for ML (CD4ML) and MLFlow.

HashiCorp's Sentinel and the open policy agent aim to treat policies as code, again automatically making an impact on business decisions after code changes.

5. Artificial intelligence and machine learning

As an increasing number of projects add code to continuous pipelines there's greater opportunity to scan that code and perform a variety of checks and processes on it. At a more basic level, you have tools such as linters that scan code against common best practices to produce recommendations for improvement. These typically don't use any ML or AI, and they check code against a series of pre-defined rules with no context about the application that the code is part of.

Tools such as static or dynamic analysis detect potential vulnerabilities in your code. Static and dynamic analysis tools typically don't use AI or ML today, but there are some clear advantages to enhancing them. Adding more context around how vulnerabilities relate to each other or having these systems learn from applying code to different situations are just two examples.

Another application of AI and ML that's useful to CI/CD power users are optimizations that help you identify and reduce waste in cloud-hosted environments and infrastructure, such as those offered by Yotascale and Google's Recommender. One could argue that paying for a service to tell you you're paying too much for other services is a sign the ecosystem has gone too far, but they can provide a great overview of where your money is going.

6. Observability

Developing and deploying fixes and features fast is pointless if you have little insight into what effect they have on an application. Observability is a broad, and relatively new term for a handful of tools, including application performance monitoring (APM), logs, metrics, and tracing.

These tools have been with us for some time, but CI/CD, along with microservices and containers, increased the quantity of metrics generated, and those tools could no longer keep pace. Prometheus has established itself as a standard in the world of metrics storage and querying, and many open-source projects and companies have emerged in the past few years to scale and enhance what Prometheus offers out of the box.

Another interesting trend is observability piggybacking on eBPF, a kernel-level technology that extends kernel functionality without the need to change source code or load kernel modules. Among eBPF's many use cases is observability, since the kernel has a privileged overview of a whole system.

Many vendors and open-source developers are scrambling to produce tools and businesses to take care of eBPF. Most notable, New Relic bought one of the most innovative projects in the space—the open-source observability tool Pixie—to add to its product offerings.

7. Global delivery

While developers and companies are global, they tend to turn to US-founded companies for the projects and infrastructure providers they use. Granted, these companies have infrastructure in other territories, and there are contributors to open-source projects all over the world. Still, there has been a clear US-centric focus in the governance and style of the infrastructure that companies rely on.

That's starting to change, as organizations become more open to using other providers, especially those based in China. For example, Alibaba Cloud is already among the five most popular cloud vendors, has acquired many commercial and open-source teams worldwide to enhance its offerings, and before 2020 was emerging as a sponsor of a handful of tech conferences.

Also based in China, Huawei has a cloud that offers all the services you expect for a CI/CD pipeline, as does Tencent. And OVH (based in France) powers far more of the Internet than you might think.

While other regions may lack large names you've heard of, India, Africa, and South America host many smaller companies that are building useful tools and services. In short, for a variety of push and pull reasons, consider looking beyond companies founded in the United States for your next service provider, and you might be surprised by what you find.

Expect continuous change

Many of these trends for continuous integration, delivery, and release automation will broaden where and how teams apply continuous practices, and this may feel overwhelming.

For future flexibility, try to represent as much of your infrastructure, policies, and ancillary services as possible in code. With those resources codified, it becomes simpler to move between tools, service providers, or formats—and to automate more parts of your workflows.

Keep learning

Read more articles about: App Dev & TestingDevOps