Open source projects under the vendor-neutral CD Foundation umbrella supporting larger strategic focus on extending continuous delivery security
CD Foundation veteran Fatih Degirmenci joins as General Manager
San Francisco, June 7, 2022 – The Continuous Delivery Foundation (CDF), the open source software foundation that seeks to improve the world’s capacity to deliver software with security and speed, today announced its State of CD Report in 2022, a new project called CDEvents building a vendor-neutral specification for defining the format of event data, new members, and more. The announcement comes at the start of CDF’s third annual cdCon (June 7-8, 2022). cdCon 2022 is being run as a hybrid event from Austin, TX.
State of CD Report in 2022
A key function of CDF is providing vendor-neutral data on key DevOps and development metrics showing where continuous delivery stands in 2022 and beyond. The Continuous Delivery Report Series started last year; this is the third report in the series.
Key findings include:
- As of Q1 2022, less than a quarter (23%) of developers are not involved in any DevOps-related activities, indicating continued growth in the adoption of practices that increase an organization’s ability to deliver software at high velocity.
- 47% of developers use either continuous integration or deployment but only one in five use both continuous integration and deployment approaches to automate all building, testing, and deployment of code to production.
- There is an increase in DevOps adoption in every development sector. Mobile app development has now even leapfrogged desktop development, such is its shift in embracing DevOps approaches.
The full report is available for free. View the Report (PDF)
New Project CDEvents Hosted by CD Foundation
CDF recently announced it is hosting the CDEvents project, a vendor-neutral specification for defining the format of event data to provide interoperability across services, platforms and systems. Today’s CI/CD systems do not talk to each other in a standardized way. Defining a standard set of specifications is critical in solving the interoperability issues across the continuous delivery (CD) ecosystem. Having a common format for events in the CD space will enable an ecosystem of tools to collect, store, visualize and analyze events across CD platforms. This will cover use cases like measuring DevOps metrics and performance and visualizing end-to-end workflows, from the initial development all the way to operations and remediation flows. The current release of the CDEvents specification is available here.
cdCon Kicks Off Today in Austin, TX
cdCon is a two-day virtual event running June 7-8, 2022, focusing on improving the world’s capacity to deliver software with security and speed. This year’s sessions are grouped into 3 channels: Technology Teams, Enterprise Leadership, and Open Source Communities. cdCon is sponsored by IBM, JFrog, Armory, CircleCI, OpsMx, Camunda, Capital One, CloudBees, Cloudsmith, Cloud Native Computing Foundation, Liquibase, Spacelift, and more.
The full cdCon schedule is available here
“We’re excited to have our first physical event in two years. The pandemic has shown more than ever how important continuous delivery is to industries as they navigate industry and global changes. cdCon generates passionate participation and is a great platform for connecting with peers and understanding best practices,” said Fatih Degirmenci, Continuous Delivery Foundation General Manager. “CDF is committed to providing a clear path for companies to participate in a vendor-neutral structure that can greatly improve organizations’ abilities to deliver software securely and quickly. Come join us at cdCon, there’s still time to register and participate virtually!”
Keynotes include industry experts and well-known specialists like Isaac Cory Doctorow, Science Fiction Author, Activist, and Journalist; Joe Sepi, Program Director of Open Tech, IBM; Melissa McKay, Developer Advocate, JFrog; Michael Stahnke, Vice President of Platform, CircleCI; Gopal Dommety, CEO, OpsMx; Brian Behlendorf, General Manager, Open Source Security Foundation; Grace Francisco, Vice President, Developer Relations Strategy & Experience, Cisco; Stephen Atwell, Principal Product Manager, Armory; Isaac Mosquera, Principal GTM Leader, Serverless, AWS; and Fatih Degirmenci, Continuous Delivery Foundation General Manager, The Linux Foundation.
CD Foundation Welcoming New Members
Cloudsmith, Spacelift, Stackhawk and Tenable are joining the CD Foundation as new members. They join premier members AWS, Armory, CloudBees, Fujitsu, Google Cloud, Huawei, JFrog, Netflix, and Red Hat, as well as the broader open source CI/CD community, in helping to strengthen the growth and evolution of continuous delivery models.
Cloudsmith is a cloud-native, global, universal artifact management platform for engineers looking to set up a secure artifact repository in 60 seconds. Cloudsmith is a Belfast-headquartered startup that has raised $15 million in Series A funding. This is the largest ever Series A funding round in Northern Ireland.
“We are delighted to join the CD Foundation. How companies deliver software securely and quickly is key to their success, and we believe joining will provide even more value to our customers by connecting us to the broader community of continuous delivery companies and developers around the world,” said Lee Skillen, Co-Founder & CTO, Cloudsmith. “The future of cloud-native software delivery, artifact management and the whole supply chain is critical to industries everywhere, so we are excited to contribute our knowledge of continuous packaging to it.”
Spacelift focuses on collaborative infrastructure for modern software teams to manage cloud, infrastructure, or services. Its platform uses Terraform, CloudFormation, Pulumi, and Kubernetes offering features such as runtime configuration, version management, and state management. They are backed by Insight Partners, Blossom Capital, Hoxton Ventures and Inovo Venture Partners.
“We are excited to join the CD Foundation. Spacelift provides a collaboration and automation layer for infrastructure as a code, and we focus on openness, flexibility, and customization. We believe this fits well with the CD Foundation, and by contributing to the direction of open-source CI/CD development through the CD Foundation, our customers will benefit,” said Sean O’Dell, Head of Developer Relations at Spacelift. “By inviting infrastructure, security, compliance, and platform teams to collaborate on and approve workflows and policies, you can improve your infrastructure delivery platform.”
StackHawk helps developers find and fix application security bugs as part of software delivery. StackHawk makes security part of the developer workflow by running automated security testing in CI/CD and notifying developers immediately about new security issues as they emerge. StackHawk recently announced it has raised $20.7 million as part of a series B funding round.
“With the rapid pace of software development, security teams are finding it more difficult to test for vulnerabilities on an ongoing basis. At StackHawk, we are placing the ability to resolve vulnerabilities in the hands of the developer, and we see the CD Foundation as a key partner to helping us expand our reach and more broadly address this issue of shifting security left in the development cycle,” said Joni Klippert, co-founder and CEO at StackHawk. “We see the CD Foundation’s ability to guide changes in software development as a strength that will help drive the reduction in security vulnerabilities that make it to deployment.”
Tenable is a cybersecurity company known as the creator of the vulnerability scanning software Nessus. Approximately 40,000 organizations around the globe rely on Tenable to understand and reduce cyber risk. Tenable customers include approximately 60 percent of the Fortune 500, approximately 40 percent of the Global 2000, and large government agencies.
“As security is a critical component of open source software development and delivery, Tenable will provide expertise and guidance to the CD Foundation,” said Glen Pendley, chief technology officer, Tenable. “The CD Foundation is uniquely positioned to help steer the course of security-focused development in the continuous delivery space. Tenable looks forward to collaborating with this community to enable end users to influence better solutions that drive value for our customers.”
New General Manager Lead
CI/CD open source community leader Fatih Degirmenci has joined the CDF as its new General Manager. Fatih is not new to the CD Foundation. He participated in the very first public meeting during the Open Source Leadership Summit in California in March 2019 when the CD Foundation was announced. Since then, he’s been heavily involved in the community including special interest groups (SIG) like the Interoperability SIG and Software Supply Chain SIG. He also served on the Technical Oversight Committee (TOC) as an end-user representative.
Fatih will work closely with the eight CDF-hosted projects CDEvents, Jenkins, Jenkins X, Ortelius, Shipwright, Screwdriver, Spinnaker, and Tekton, and help members and the wider Continuous Delivery CI/CD community improve their software development security and speed when creating cloud-native, legacy infrastructure, mobile, IoT, and bare-metal applications.
Additional CDF Resources
About the Continuous Delivery Foundation
The Continuous Delivery Foundation (CDF) seeks to improve the world’s capacity to deliver software with security and speed. The CDF is a vendor-neutral organization that is establishing best practices of software delivery automation, propelling education and adoption of CD tools, and facilitating cross-pollination across emerging technologies. The CDF is home to many of the fastest-growing projects for CD, including Jenkins, Jenkins X, Tekton, and Spinnaker. The CDF is part of the Linux Foundation, a nonprofit organization. For more information about the CDF, please visit https://cd.foundation