Contributed by Michael Winser, Google
2020 challenged some of the best-laid plans by enterprises. Specifically, with the shift to online, COVID-19 accelerated the adoption of digital technologies and movement to the cloud by several years. Not surprisingly, an increase in remote work and an ability to respond quickly to customer needs became crucial to adapt to the new normal. The pace of digitization is unlikely to slow down and many of the changes we experienced in 2020 are here to stay. From a continuous integration and delivery (CI/CD) perspective, here are some trends that will define 2021:
1. Zero Trust approach to security & compliance: The move to work from home in 2020 highlighted the need to move away from a traditional perimeter-based security model, to a user- and device-based authentication and authorization model. Even with vaccines on the way, in 2021, we will see a hybrid model, with few days working from home and few days from the office. Essentially teams will split their time between working remotely and working in-house, making a zero-trust approach even more critical. When it comes to CI/CD specifically, the build phase continues to be a new hotspot for security risks. Especially given the exponential growth of open-source software. Addressing security early on and baking in security from the get-go can help make security cheaper and safer. The idea of shifting left, where concerns are addressed earlier in the software development lifecycle, will get embraced even more in 2021.
2. Opinionated Continuous Delivery (CD). The CI/CD industry has traditionally leaned towards low-level, very flexible solutions. This allowed software teams to integrate and incrementally improve within their existing environments and toolchains. As we look to the cloud and are deploying to sophisticated, declarative environments, that flexibility turns into complexity and becomes a problem. The pendulum is starting to swing back towards opinionated, simpler to use solutions, especially for continuous delivery. Release management should be predictable, and easy to understand and maintain. Boring and simple is a feature.
3. Serverless continues to be indispensable: Serverless solutions proved themselves to be indispensable in 2020. Organizations of all sizes and industries leveraged serverless solutions to introduce brand new products and deliver new features to respond to market demands. In particular, pay-per-use along with automatic scaling allowed teams to meet surges while reducing operating expenses. The ease of deploying serverless applications doesn’t eliminate the need for CI/CD of those applications. We’ve seen more and more CI/CD pipelines delivering into serverless runtimes. Primarily because businesses don’t want to spend their valuable engineering resources building, maintaining and operating their application delivery infrastructure. This trend will not stop in 2021.
4. Declarative approach to CI/CD: The trend towards config as code has been underway for a while. The core principle is that the source of truth for everything about an application is represented as text in a source repo. This means that the application itself; documentation; runtime policy and config; and critically, the CI/CD pipeline that delivers the application are all changed and managed in the same way. This allows all CI/CD practices to be applied to any change made to an application. As the source, all changes can be managed through a progression of environments from dev to staging to prod. In a well-integrated, fast-moving organization, this culminates in GitOps where even the business processes for approving releases happen in and are recorded in git. This approach increases velocity safely. Newly discovered mistakes (let’s just call them gaps in our test suite) can be turned into tests and shifted left to catch them sooner. Recovery or even creating new environments is predictable and safe. These practices directly support team productivity, and we have the science to prove it.
5. Linking CI/CD metrics to business results: While DevOps has certainly crossed the chasm, demonstrable business impacts continue to be top-of-mind for IT and business decision-makers considering investments in CI/CD. Enter DevOps Research and Assessment (DORA). With its six years of insights across over 31,000 professionals worldwide, DORA has identified four key metrics that can help organizational leaders measure the effectiveness of the development and delivery process. These metrics include:
- Deployment Frequency – How often an organization successfully releases to production
- Lead Time for Changes – The amount of time it takes a commit to get into production
- Change Failure Rate – The percentage of deployments causing a failure in production
- Time to Restore Service – How long it takes an organization to recover from a failure in production
For IT and business decision-makers looking to quantify the long-term business value of driving technology transformation, the white paper How to Measure ROI of DevOps Transformation can be a good starting point.
6. Tekton continues to emerge as a standard: Standardizing CI/CD tooling and driving interoperability across vendors, languages, and deployment environments continues to be an urgent industry need. Interoperability is critical both from an end-user and vendor perspective. It would allow teams to choose CI/CD tools best suited to their needs without worrying about vendor lock-in. Likewise, with CI/CD building blocks being vendor agnostic, CI/CD vendors can focus on value-added activities that, in turn, drive impactful business results.
In 2021, we will continue to see Tekton emerge as a leading standard to drive interoperability within the industry. There’s an obvious parallel to Kubernetes here. Just as Kubernetes provides an open platform for runtimes, Tekton will provide a standard vendor-agnostic platform for CI/CD. We already see Tekton already being adopted by several projects, including Jenkins X, RedHat, Relay by Puppet, IBM, and of course, Cloud Build.
Listen to Michael Winser talk about the 2021 Technology Trends and Predictions on the latest The Pipeline: All things CD & DevOps Podcast episode.