David Dang, DevOps Automation expert, explains 7 DevOps quality gates to include in your DevOps pipeline to help ensure your code is mature and high quality.
“Most companies are building out some sort of DevOps group or assigning people to do DevOps within their organization. Part of that DevOps process includes automating as much as possible; usually achieved by building out a dev, quality, or production pipeline. Many companies are struggling with the creation of their DevOps pipeline and often ask, ‘How can I accomplish continuous integration and continuous deployment so my code can be built and deployed automatically?'”
DevOps Quality Gates
Often times it’s not building the pipeline that companies actually struggle with but instilling quality within that pipeline. When building out a development pipeline, we aren’t just talking about building and deploying code, but ensuring quality gates are within that pipeline. What are quality gates? Quality gates are the things you want your pipeline to verify and do automatically to ensure you have quality code. To name, here are some quality gates you should take into consideration when building your DevOps pipeline.
DevOps Quality Gates:
- Unit Testing – For starters, you want to make sure that the unit tests within your pipeline has quality. For example, does it have enough scenarios to cover the positive, negative, and boundary scenarios of the unit tests within your pipeline? Incorporating a solidified unit testing strategy into your CI/CD pipeline helps guarantee that all the units of code introduced into your build system are valid and reliable.
- Unit Integration Testing – Unit Integration Tests allow you to test the code you have changed or built in to make sure it interacts with the other components of the code. For instance, say you created, updated, or changed a method – that method will call upon another method. To ensure quality in your pipeline you will want to make sure that the interactions between those two methods work appropriately.
- Deployment Environment – Make sure you have measures in place that will set up the environment appropriately so that if there are any failures you can identify whether or not the failure is related to the environment.
- Building the Code – Have a process in place for building code correctly. Incorporating a code coverage strategy with the appropriate tools (depending on your needs) provides live updates and more visibility into the overall validity of new code being introduced into your pipeline.
- Static Code Analysis – Integrating a static code analysis strategy to run with your automated testing will expedite the process of uncovering defects and infrastructure issues earlier in the pipeline. This process acts as tools that will scan your code to make sure there is code quality and no vulnerabilities.
- Vulnerability – Keep aware of any possible vulnerabilities within your code or anything in the code that could create vulnerabilities. For example, if a developer where to declare everything as public class, it may make the code interaction a little bit easier but it creates vulnerabilities in the code because other people have access that code base.
- Post Deployment Testing – (AKA smoke testing, sanity testing) Make sure the core functionality of your application works. For example, if it is a UI application, make sure you can bring it up in the right URL or complete a simple interaction.
Instilling these quality gates within your DevOps pipeline, with more mature and higher quality code, will greatly increase the success of your software.
>> Subscribe to Zenergy on YouTube for more videos.