Many find themselves under immense pressure to deliver rapid value to customers, while also maintaining a flexible framework of governance and risk controls to protect the business.
Moving from traditional release practices to a more Agile/DevOps release practice can feel like its introducing chaos and risk. This leads to continued focus on methods around centralized release management practices to mitigate risk; however these monolithic governance models depend on time-consuming manual approval processes that inhibit agility.
How can you implement more adaptive release governance to accomplish your twin goals of enabling customer agility and mitigating risk? A focus on decentralized, collaborative and automated release governance is required that empowers DevOps teams to deliver customer value faster.
Improve Release Agility
- Reduced size of releases, small regular releases = lower risk
- Pre-authorize low risk changes – team ownership / code loose coupled
- Review and remove constraints to Release Velocity
- Automate Testing via toolchains
- Blameless Root Cause Analysis – what is causing the issues
- Visualize and Manage Work – Kanban – interrupt work vs planned work
- Instill a continuous improvement mindset
- Reduce toil though automation – when process is lean
- Improve Organizational Learning & Adaptive Governance (Establish Communities of Practice)
- Invest in Tools with Application Release orchestration (ARO) capabilities to manage and automate multiple release pipeline
Build Around Four Areas
Verification
- Verify change can be deployed and risks are acceptable
- Utilize certified toolchain to perform verification
- Review and approve toolchains, access and change controls to asset risk level acceptable
Security
- Integrate scans into teams toolchains
- Feedback loops in teams Development Tools and Environments
- Security Included in definition of done, known vulnerabilities high priority
Recovery
- Quick path back to safety
- Automation – Blue/Green, Canary
- Dark Launches – Feature Flags
Ownership
- Minimum product team support release
- Next support a warranty period to support updated application meets a stability criteria
- Product team handles all production tickets, respond immediately to critical issues
Application Release Orchestration (ARO)
Tools enabled with ARO capabilities combine deployment automation, and pipeline and environment management with release orchestration to simultaneously improve the quality, velocity and governance of application releases. ARO enable organizations to scale release activities across multiple diverse teams, technologies, development methodologies, delivery patterns, pipelines, processes and toolchains. – See Market Guide for Value Stream Delivery Platforms
This article originally appeared on the Gartner Blog Network.
