Topic
5
Release 1
3
tion with a flip of a flag. See “Phase the Features of Your Application with Feature Flags” (bit.ly/2yDSepA) for a discussion of feature flags and A|B testing with our release pipelines, using the LaunchDarkly (launchdarkly.com) Software as a Service.
Pipeline health visualization.
Visualize the health of your CI builds using the Team Project Health extension (bit.ly/2hgFk9A), which adds a visual cue to your dashboards informing you about the status of your builds and releases. Codify/ build-light (github.com/Codify/build-light) is a Raspberry Pi-based solution
2 1
Manage Debt 3-Week Sprints
“Shippable”
4
Master
Figure 6 Keep Your Master in a Good and Shippable State
via pull requests. You can selectively enforce policies, for instance that pull requests must have approval from a specified number of reviewers, or that work items are linked to improve traceability. Resolution of comments and a specific merge strategy upon com- pletion are two more examples. Beyond the pre-merge validations, you can add build policies to automatically trigger a build that must succeed to complete pull requests, and invalidate builds when the master branch changes.
Security is paramount. It’s vital that security be confirmed contin- uously throughout the process, that applications are safe, and that data stays secure and private. Here are just a few of the ways that DevOps and an automated pipeline can work with CD to improve security:
• Simulate attacks and system stress during the build to detect vulnerabilities and failures. Take remedial action or block releases as necessary.
• Create a dynamic infrastructure to avoid a persistent place for vulnerabilities to hide. Quickly recreate the infrastructure and re-deploy new packages when vulnerabilities are detected.
• Automate tests for security and continuously monitor in production to ensure your solution is secure.
Check out the article “Adding Continuous Security Validation to Your CI/CD Pipeline” for an in-depth exploration of how security should be implemented in a CI/CD scenario at bit.ly/2j6GHIs.
Vet your open source components. Tools such as WhiteSource (whitesourcesoftware.com) can be immensely useful. It integrates seam- lessly into the release pipeline and continuously checks the security, licensing and quality of open source components. The ALM | DevOps Rangers have been dogfooding this tool with all its VSTS extension release pipelines and shared its outcomes at bit.ly/2yD8yqU.
Use feature flags. Feature flags help keep feature branches shorter and let you integrate them into the master more often. Feature flags and the ring deployment model are symbiotic. Rings limit the exposure (blast radius) to predefined user groups, while feature flags provide a granular way to expose or hide a specific feature to all or selected users. Feature flags are invaluable for delivering value and receiving feedback on features easily, quickly and continuously.
You roll out code across the entire ring topology before you en- able the feature flag. This allows you to release and test features while still in development, or to switch on verbose telemetry in produc-
that visualizes the health of your CI builds.
Greenlighting feature. New to VSTS is greenlighting, which
intelligently automates approvals. It lets you define a set of gates in your pre- and post-deployment options that integrate signals from monitoring systems and other external services. Greenlighting not only visualizes your pipeline health, it uses gates to determine RED/GREEN/BLUE status based on real-time signal sampling.
New to VSTS is greenlighting, which intelligently automates approvals.
Greenlighting can trigger an Azure function to ensure a suc- cessful completion, match work item query results to thresholds, and define a time and schedule, among a host of other things. By greenlighting your pipeline, you enable automation and faster feedback loops. You’re able to focus on your deployment speed, supporting faster time to mitigate issues and faster time to value.
Wrapping Up
CD is an ongoing and endless process of innovation. Now that we’ve covered the concepts of CD, you should feel confident exploring ways to improve your release pipelines. It’s all about taking incremental steps to improve your process. Reducing time to test and time to deployment, minimizing integration debt, and raising release quality may feel like a daunting challenge. By taking small, early steps, it all becomes achievable. DevOps isn’t a desti- nation, it’s a journey of continuous, rapid improvement. n
Willy-Peter Schaub is a program manager in VSTS, working at Microsoft Vancouver in beautiful British Columbia. Since the mid-’80s, he’s been striving for simplicity and maintainability in software engineering. You can follow him on LinkedIn aka.ms/willysli or Twitter at @wpschaub.
thankS to the following Microsoft technical experts for reviewing this article: Ryan Britton, Rui Carrilho de Melo, Edward Fry, Vijay Machiraju,
Tiago Pascoal and Martin Woodward
6
Release 2
Release 3
40 msdn magazine
Visual Studio Team Services