Where are you using WebAssembly?
Wasm promises to let developers build once and run anywhere. Are you using it yet?
At work, for production apps
At work, but not for production apps
I don’t use WebAssembly but expect to when the technology matures
I have no plans to use WebAssembly
No plans and I get mad whenever I see the buzzword
CI/CD / DevOps

How to Connect Build Engineering and DevOps for Better Outcomes

Several changes have occurred due to the adoption of DevOps. Organizations have traded security for speed, certainty for agility and proprietary code for open source.
Dec 24th, 2018 6:00am by
Featued image for: How to Connect Build Engineering and DevOps for Better Outcomes

Bart Copeland, CEO and President, ActiveState
Bart Copeland is the CEO and president of ActiveState, which is reinventing Build Engineering with an enterprise platform that lets developers build, certify and resolve any open source language for any platform and any environment. ActiveState helps enterprises scale securely with open source languages and gives developers the kinds of tools they love to use. Copeland holds a Master’s of Business Administration in technology management from the University of Phoenix and a mechanical engineering degree from the University of British Columbia.

Releasing software today is often a fast and furious affair. DevOps engineers are designing the application build, improving processes for software delivery and more. Meanwhile, Build Engineers are creating and maintaining the build system, using a variety of tools and frameworks to make software building and deployment easier. A significant challenge in today’s development environment is figuring out how to connect these two functions.

Before the DevOps trend came into its own, there was a discrete division between coding, done by developers and engineers, and deployment, done by Ops. However, it became apparent that for companies to optimize benefits including productivity, development and operations shouldn’t be so disparate. DevOps is the result.

Several changes have occurred due to the adoption of DevOps. Organizations have traded security for speed, certainty for agility and proprietary code for open source:

  • Time-to-market has become a competitive necessity. Speed now takes greater priority over fixing vulnerabilities, which can always be addressed in the next release (hopefully). And retrofitting for security and vulnerabilities after the fact becomes a big blocker for Development and Engineering teams. At the end of the day, the risk of lost profits is greater than the risk of potential unknown threats.
  • To get to market faster, agility trumps certainty. For instance, iterative pushes to production do away with fixed, known roadmaps in favor of implementing whatever this week’s most important feature/functionality is. The trend toward immutability is also important here; it’s generally simpler and quicker to throw away something that’s broken or outdated rather than trying to fix or update it.
  • Open source has beaten out proprietary code because of the greater innovation, lower costs and transparency it delivers. Rather than focusing on creating proprietary code, developers can quickly iterate on a solution by assembling open source code, accelerating time-to-market. Plus, the ability to take from what has already been created can free up your dev teams to innovate and build IP for your enterprise efforts.

Not all organizations fare equally after agreeing to such trade-offs. The winners are usually organizations that have mature DevOps processes. For most, the tension between fixing something and knowing if it will break something upstream hasn’t been eliminated. You may be able to quickly update and patch a single solution, but how will this impact you once you push to your CI stream? Even for mature DevOps organizations, there’s a hidden opportunity cost associated with two factors that are overlooked: open source programming languages and Build Engineering.

More work is piled onto your DevOps teams as you retrofit your open source language of choice with new versions, dependencies, security patches and so on. Teams should be focused on the things that matter: creating and delivering the latest release.

Your Build Engineering suffers every time you have to retrofit the underlying open source language. You need to rebuild all your developer environments, CI/CD systems and production environments. All of this Build Engineering work is manual, slows down time-to-market and eats up valuable engineering resources. Plus, you’re not certain your rebuild and update will provide performance improvements that warrant the update.

DevOps engineers are used to creating automated development practices, so why not automate the retrofitting and building of your open source languages and seamlessly connect to the rest of your DevOps cycle? You could ensure build reproducibility, dependency management and compliance with your corporate security and license criteria. For example:

  • Packaging: Consider the changes to your workflow if each continuous build could be packaged in multiple ways — any form factor for any operating system.
  • Build Validation: Imagine being able to vet every continuous build against your smoke test, inclusive of compliance with your security and license criteria, so you knew whether it was ready to deploy?
  • Continuous Builds: You could keep up with your continuous deployments if, every time a new version of a library or patch for a vulnerability was found, a new build was kicked off and you were notified when it was done.
  • System Update: Imagine being able to update all of your impacted systems across dev, test and even production environments with the latest build using a single command.
  • Build Impact: Consider the benefit of being able to understand the performance improvements (if any) that could be gained by taking the latest build.

As the latest software release gets rushed to market, DevOps teams frequently find themselves plugging holes in the dike that they themselves inadvertently created. Automation is a tremendous ally in overcoming such challenges. Automating your build pipeline for open source languages makes ensuring build reproducibility and dependency management possible. It also affords the business benefit of remaining compliant with your corporate security and license criteria. In this way, DevOps and Build Engineering tie together to bring the true promise of both functional areas to life.

Feature image via Pixabay.

Group Created with Sketch.
THE NEW STACK UPDATE A newsletter digest of the week’s most important stories & analyses.