Releasing software today is often a fast and furious affair. DevOps engineers are designing the application build, improving processes for software delivery and more. Meanwhile, Build Engineers are creating and maintaining the build system, using a variety of tools and frameworks to make software building and deployment easier. A significant challenge in today’s development environment is figuring out how to connect these two functions.
Before the DevOps trend came into its own, there was a discrete division between coding, done by developers and engineers, and deployment, done by Ops. However, it became apparent that for companies to optimize benefits including productivity, development and operations shouldn’t be so disparate. DevOps is the result.
Several changes have occurred due to the adoption of DevOps. Organizations have traded security for speed, certainty for agility and proprietary code for open source:
- Time-to-market has become a competitive necessity. Speed now takes greater priority over fixing vulnerabilities, which can always be addressed in the next release (hopefully). And retrofitting for security and vulnerabilities after the fact becomes a big blocker for Development and Engineering teams. At the end of the day, the risk of lost profits is greater than the risk of potential unknown threats.
- To get to market faster, agility trumps certainty. For instance, iterative pushes to production do away with fixed, known roadmaps in favor of implementing whatever this week’s most important feature/functionality is. The trend toward immutability is also important here; it’s generally simpler and quicker to throw away something that’s broken or outdated rather than trying to fix or update it.
- Open source has beaten out proprietary code because of the greater innovation, lower costs and transparency it delivers. Rather than focusing on creating proprietary code, developers can quickly iterate on a solution by assembling open source code, accelerating time-to-market. Plus, the ability to take from what has already been created can free up your dev teams to innovate and build IP for your enterprise efforts.
Not all organizations fare equally after agreeing to such trade-offs. The winners are usually organizations that have mature DevOps processes. For most, the tension between fixing something and knowing if it will break something upstream hasn’t been eliminated. You may be able to quickly update and patch a single solution, but how will this impact you once you push to your CI stream? Even for mature DevOps organizations, there’s a hidden opportunity cost associated with two factors that are overlooked: open source programming languages and Build Engineering.
More work is piled onto your DevOps teams as you retrofit your open source language of choice with new versions, dependencies, security patches and so on. Teams should be focused on the things that matter: creating and delivering the latest release.
Your Build Engineering suffers every time you have to retrofit the underlying open source language. You need to rebuild all your developer environments, CI/CD systems and production environments. All of this Build Engineering work is manual, slows down time-to-market and eats up valuable engineering resources. Plus, you’re not certain your rebuild and update will provide performance improvements that warrant the update.
DevOps engineers are used to creating automated development practices, so why not automate the retrofitting and building of your open source languages and seamlessly connect to the rest of your DevOps cycle? You could ensure build reproducibility, dependency management and compliance with your corporate security and license criteria. For example:
- Packaging: Consider the changes to your workflow if each continuous build could be packaged in multiple ways — any form factor for any operating system.
- Build Validation: Imagine being able to vet every continuous build against your smoke test, inclusive of compliance with your security and license criteria, so you knew whether it was ready to deploy?
- Continuous Builds: You could keep up with your continuous deployments if, every time a new version of a library or patch for a vulnerability was found, a new build was kicked off and you were notified when it was done.
- System Update: Imagine being able to update all of your impacted systems across dev, test and even production environments with the latest build using a single command.
- Build Impact: Consider the benefit of being able to understand the performance improvements (if any) that could be gained by taking the latest build.
As the latest software release gets rushed to market, DevOps teams frequently find themselves plugging holes in the dike that they themselves inadvertently created. Automation is a tremendous ally in overcoming such challenges. Automating your build pipeline for open source languages makes ensuring build reproducibility and dependency management possible. It also affords the business benefit of remaining compliant with your corporate security and license criteria. In this way, DevOps and Build Engineering tie together to bring the true promise of both functional areas to life.
Feature image via Pixabay.