Examine individual changes

'{{short description|Set of software development practices}} {{pp-pc1}} {{Use dmy dates|date=December 2020}} '''DevOps''' is a set of practices that combines [[software development]] (''Dev'') and [[IT operations]] (''Ops''). It aims to shorten the [[systems development life cycle]] and provide [[continuous delivery]] with high [[software quality]].<ref name="loukides-2012">{{Cite web|url=http://radar.oreilly.com/2012/06/what-is-devops.html|title=What is DevOps?|last=Loukides|first=Mike|date=7 June 2012|publisher=[[O'Reilly Media]]}}</ref> DevOps is complementary with [[Agile software development]]; several DevOps aspects came from the Agile way of working. ==Definition== Other than it being a cross-functional combination (and a [[portmanteau]]) of the terms and concepts for "development" and "operations", academics and practitioners have not developed a universal definition for the term "DevOps".{{efn|Dyck et al. (2015) "To our knowledge, there is no uniform definition for the terms release engineering and DevOps. As a consequence, many people use their own definitions or rely on others, which results in confusion about those terms."<ref>{{cite journal |first1= Andrej |last1= Dyck |first2= Ralf |last2= Penners |first3= Horst |last3= Lichter |title= Towards Definitions for Release Engineering and DevOps |journal=Proceedings of the 2015 IEEE/ACM 3rd International Workshop on Release Engineering |date=2015-05-19 |page= 3 |publisher=[[Institute of Electrical and Electronics Engineers|IEEE]] |doi= 10.1109/RELENG.2015.10 |isbn= 978-1-4673-7070-7 |s2cid= 4659735 }}</ref>}}{{efn|Jabbari et al. (2016) "The research results of this study showed the need for a definition as individual studies do not consistently define DevOps."<ref>{{cite journal |first1=Ramtin |last1=Jabbari |first2=Nauman |last2=bin Ali |first3=Kai |last3=Petersen |first4=Binish |last4=Tanveer |journal=Proceedings of the 2016 Scientific Workshop |date=May 2016 |publisher=[[Association for Computing Machinery]] |title=What is DevOps?: A Systematic Mapping Study on Definitions and Practices }}</ref>}}{{efn|Erich et al. (2017) "We noticed that there are various gaps in the study of DevOps: There is no consensus of what concepts DevOps covers, nor how DevOps is defined."<ref name="erich-2017">{{cite journal |title=A Qualitative Study of DevOps Usage in Practice |first1=F.M.A. |last1=Erich |first2=C. |last2=Amrit |first3=M. |last3=Daneva |journal=Journal of Software: Evolution and Process |volume=29 |issue=6 |date=June 2017 |pages=e1885 |doi=10.1002/smr.1885 |s2cid=35914007 }}</ref>}}{{efn|Erich et al. (2017) "We discovered that there exists little agreement about the characteristics of DevOps in the academic literature."<ref name="erich-2017"/>}} Most often, DevOps is characterized by key principles: shared ownership, workflow automation, and rapid feedback. From an academic perspective, [[Len Bass]], [[Ingo Weber]], and [[Liming Zhu]]—three computer science researchers from the [[CSIRO]] and the [[Software Engineering Institute]]—suggested defining DevOps as "a set of practices intended to reduce the time between committing a change to a system and the change being placed into normal production, while ensuring high quality".<ref>{{cite book|title=DevOps: A Software Architect's Perspective|author1=Bass, Len|author2=Weber, Ingo|author3=Zhu, Liming|isbn=978-0134049847|year=2015}}</ref> However, the term is used in multiple contexts. At its most successful, DevOps is a combination of specific practices, culture change, and tools.<ref>{{cite journal|title=A guidance to implement or reinforce a DevOps approach in organizations: A case study|author1=Muñoz, Mirna|author2=Negrete Rodríguez, Mario| date=April 2021}}</ref> ==History== {{prose|section|date=July 2022}} In 1993 the Telecommunications Information Networking Architecture Consortium ([[TINA-C]]) defined a Model of a Service Lifecycle that combined software development with (telecom) service operations.<ref>Chapman, M., Gatti, N: A model of a service life cycle, Proceedings of TINA '93, pp. I-205–I-215, Sep., 1993.</ref> In 2009, the first conference named devopsdays was held in [[Ghent]], [[Belgium]]. The conference was founded by Belgian consultant, project manager and agile practitioner Patrick Debois.<ref name="devops-name">{{cite web|last=Mezak|first=Steve|title=The Origins of DevOps: What's in a Name?|url=https://devops.com/the-origins-of-devops-whats-in-a-name/|publisher = devops.com|access-date=6 May 2019|date=25 January 2018}}</ref><ref name="jediblog">{{cite web|last=Debois|first=Patrick|title=Agile 2008 Toronto|date=9 October 2008|url=http://www.jedi.be/blog/2008/10/09/agile-2008-toronto-agile-infrastructure-and-operations-presentation/|publisher=Just Enough Documented Information|access-date=12 March 2015}}</ref> The conference has now spread to other countries.<ref name="devopsdays">{{cite web|last=Debois|first=Patrick|title=DevOps Days|url=http://www.devopsdays.org/|publisher = DevOps Days|access-date=31 March 2011}}</ref> In 2012, the State of DevOps report was conceived and launched by Alanna Brown at Puppet.<ref name="2016 State of DevOps Report">{{cite web|url=https://devops-research.com/assets/state-of-devops-2016.pdf|title=2016 State of DevOps Report|author1=Alana Brown|author2=Nicole Forsgren|date=2016|publisher=Puppet Labs, DORA (DevOps Research|access-date=2019-05-06|author3=Jez Humble|author4=Nigel Kersten|author5=Gene Kim}}</ref><ref name="Alanna Brown">{{cite web|title=Puppet - Alanna Brown|url=https://puppet.com/people/alanna-brown|publisher=Puppet Labs|access-date=2019-04-27}}</ref> As of 2014, the annual State of DevOps report was published by [[Nicole Forsgren]], Gene Kim, Jez Humble and others. They stated that the adoption of DevOps was accelerating.<ref name="2014 State of DevOps Report">{{cite web|author1=Nicole Forsgren|author2=Gene Kim|author3=Nigel Kersten |author4=Jez Humble|title=2014 State of DevOps Report|url=https://devops-research.com/assets/state-of-devops-2014.pdf|date=2014|publisher=Puppet Labs, IT Revolution Press and ThoughtWorks |access-date=2019-04-27}}</ref><ref name="2015 State of DevOps Report">{{cite web|title=2015 State of DevOps Report|url=https://devops-research.com/assets/state-of-devops-2015.pdf|date=2015|publisher=Puppet Labs, Pwc, IT Revolution Press|access-date=2019-05-06}}</ref> Also in 2014, Lisa Crispin and Janet Gregory wrote the book More Agile Testing, containing a chapter on testing and DevOps.<ref name="More Agile Testing - TOC">{{cite web|title=More Agile Testing|url=https://agiletester.ca/wp-content/uploads/sites/26/2014/09/TOC.pdf|date=October 2014|access-date=2019-05-06}}</ref><ref name="More Agile Testing">{{cite book|title=More Agile Testing|url=https://www.oreilly.com/library/view/more-agile-testing/9780133749571/|last1=Crispin|first1=Lisa|last2=Gregory|first2=Janet|date=October 2014|isbn=9780133749571 |access-date=2019-05-06}}</ref> In 2016 the DORA metrics for throughput (deployment frequency, lead time for changes), and stability (mean time to recover, change failure rate) were published in the State of DevOps report.<ref name="2016 State of DevOps Report"/> ==Relationship to other approaches== Many of the ideas fundamental to DevOps practices are inspired by, or mirror, other well known practices such as [[Lean manufacturing|Lean]] and [[W. Edwards Deming|Deming's]] [[PDCA|Plan-Do-Check-Act]] cycle, through to [[The Toyota Way]] and the [[Agile software development|Agile]] approach of breaking down components and batch sizes.<ref name=":1">{{Cite journal|last=Klein |first=Brandon Thorin|date=2021-05-01|title=The DevOps: A Concise Understanding to the DevOps Philosophy and Science. |url=https://www.osti.gov/biblio/1785164/|language=English|doi=10.2172/1785164|osti=1785164|s2cid=236606284}}</ref> Contrary to the "top-down" proscriptive approach and rigid framework of [[ITIL]] in the 1990s, DevOps is "bottom-up" and a flexible practice, created by software engineers, with software engineer needs in mind.<ref>{{Cite web|title=The History and Evolution of DevOps {{!}} Tom Geraghty|url=https://tomgeraghty.co.uk/index.php/the-history-and-evolution-of-devops/|access-date=2020-11-29|language=en-GB}}</ref> ===Agile=== {{Main|Agile software development}} The motivations for what has become modern DevOps and several standard DevOps practices such as automated build and test, [[continuous integration]], and [[continuous delivery]] originated in the Agile world, which dates (informally) to the 1990s, and formally to 2001. Agile development teams using methods such as [[Extreme programming|Extreme Programming]] couldn't "satisfy the customer through early and continuous delivery of valuable software"<ref>{{Cite web|title=Principles behind the Agile Manifesto|url=https://agilemanifesto.org/principles.html|access-date=2020-12-06|website=agilemanifesto.org}}</ref> unless they subsumed the operations / infrastructure responsibilities associated with their applications, many of which they automated. Because [[Scrum (software development)|Scrum]] emerged as the dominant Agile framework in the early 2000s and it omitted the engineering practices that were part of many Agile teams, the movement to automate operations / infrastructure functions splintered from Agile and expanded into what has become modern DevOps. Today, DevOps focuses on the deployment of developed software, whether it is developed using Agile oriented methodologies or other methodologies. ===ArchOps=== ArchOps presents an extension for DevOps practice, starting from [[software architecture]] artifacts, instead of source code, for operation deployment.<ref>{{cite book |last1=Castellanos |first1=Camilo |last2=Correal |first2=Dario |date=15 September 2018|title=Executing Architectural Models for Big Data Analytics |journal=Lecture Notes in Computer Science |volume=11048 |pages=364–371 |doi=10.1007/978-3-030-00761-4_24 |isbn=978-3-030-00760-7 }}</ref> ArchOps states that architectural models are first-class entities in software development, deployment, and operations. ===CI/CD=== {{Main|CI/CD}} Automation is a core principle for achieving DevOps success and CI/CD is a critical component.<ref name="CD_HJ">{{cite book|title=Continuous Delivery: reliable software releases through build, test, and deployment automation|last1=Humble|first1=Jez|last2=Farley|first2=David|date=2011|publisher=Pearson Education Inc.|isbn=978-0-321-60191-9}}</ref> Plus, improved collaboration and communication between and within teams helps achieve faster [[time to market]], with reduced risks.<ref name="CD_LC">{{Cite journal |doi = 10.1109/MS.2015.27|title = Continuous Delivery: Huge Benefits, but Challenges Too|journal = IEEE Software|volume = 32|issue = 2|pages = 50–54|year = 2015|last1 = Chen|first1 = Lianping|s2cid = 1241241}}</ref> ===Site-reliability engineering=== {{Main|Site reliability engineering}} In 2003, [[Google]] developed [[site reliability engineering]] (SRE), an approach for releasing new features continuously into large-scale high-availability systems while maintaining high-quality end-user experience.<ref>{{cite book|title=Site Reliability Engineering|date=April 2016|publisher=O'Reilly Media|first1=Betsy|last1=Beyer|first2=Chris|last2=Jones|first3=Jennifer|last3=Petoff|first4=Niall Richard|last4=Murphy|isbn=978-1-4919-2909-4}}</ref> While SRE predates the development of DevOps, they are generally viewed as being related to each other. ===Toyota production system, lean thinking, kaizen=== {{main|Toyota Production System}} Toyota production system, also known under the acronym TPS, was the inspiration for [[lean thinking]] with its focus on [[continuous improvement process|continuous improvement]], [[kaizen]], flow and small batches. The [[Andon (manufacturing)|Andon cord principle]] to create fast feedback, swarm and solve problems stems from TPS.<ref>[https://opensource.com/article/18/11/analyzing-devops Analyzing the DNA of DevOps], Brent Aaron Reed, Willy Schaub, 2018-11-14.</ref><ref>The DevOps Handbook: How to Create World-Class Agility, Reliability, and Security in Technology Organizations, Gene Kim, Patrick Debois, John Willis, Jezz Humble, 2016</ref> ===DevSecOps, Shifting Security Left=== DevSecOps is an augmentation of DevOps to allow for security practices to be integrated into the DevOps approach. Contrary to a traditional centralized security team model, each delivery team is empowered to factor in the correct security controls into their software delivery. Security practices and testing are performed earlier in the development lifecycle, hence the term [[Shift-left testing|"shift left"]] can be used. Security is tested in three main areas: static, software composition, and dynamic. Checking the code statically via [[static application security testing]] (SAST) is [[white-box testing]] with special focus on security. Depending on the programming language, different tools are needed to do such static code analysis. The software composition is analyzed, especially libraries and their versions are checked against vulnerability lists published by [[Computer emergency response team|CERT]] and other expert groups. When giving software to clients, licenses and its match to the one of the software distributed are in focus, especially [[copyleft]] licenses. Dynamic testing is also called [[black-box testing]]. The software is tested without knowing its inner functions. In DevSecOps it is on one hand called [[Dynamic application security testing|dynamically]] (DAST), or penetration testing. The goal is to catch, amongst others, errors like [[cross-site scripting]], or [[SQL injection]] early. Threat types are for example published by the [[OWASP|open web application security project]], e.g. its TOP10.<ref>[https://owasp.org/Top10/ OWASP TOP10], Open web application security project, accessed 2021-11-25.</ref> On the other hand, especially with [[microservices]] interactive application testing (IAST) is helpful to check which code is executed when running automated functional tests, the focus is to detect vulnerabilities within the applications. Contrary to SAST and DAST, IAST works inside the application. ==Cultural change== DevOps initiatives can create cultural changes in companies<ref>{{cite report |title=Emerging Technology Analysis: DevOps a Culture Shift, Not a Technology |publisher=Gartner}}</ref> by transforming the way [[Information technology operations|operations]], [[Software developer|developers]], and [[Software testing|testers]] collaborate during the development and delivery processes.<ref name="loukides-2012" /> Getting these groups to work cohesively is a critical challenge in enterprise DevOps adoption.<ref>{{cite web|title=Gartner IT Glossary {{ndash}} devops|website=Gartner|url=http://www.gartner.com/it-glossary/devops/ | access-date= 30 October 2015}}</ref><ref name="Jones et al">{{Cite book| first1 = Stephen| title = Proceedings of the 2nd International Workshop on Quality-Aware Dev ''Ops'' - QUDOS 2016| pages = 7–11|last1 = Jones| first2 = Joost| last2 = Noppen|first3 = Fiona| last3 = Lettice| date = 21 July 2016| doi = 10.1145/2945408.2945410 | isbn = 9781450344111| s2cid = 515140| url = https://ueaeprints.uea.ac.uk/id/eprint/59131/4/Accepted_manuscript.pdf}}</ref> DevOps is as much about culture, as it is about the toolchain.<ref name="Building a DevOps culture">{{cite web|url=https://www.oreilly.com/ideas/building-a-devops-culture|title=Building a DevOps culture|author= Mandi Walls|date=25 September 2015|publisher=O'Reilly}}</ref> ===Microservices=== Although in principle it is possible to practice DevOps with any architectural style, the [[microservices]] architectural style is becoming the standard for building continuously deployed systems. Small size service allows the architecture of an individual service to emerge through continuous refactoring.<ref name="Ach_Chen">{{cite conference |chapter=Towards an Evidence-Based Understanding of Emergence of Architecture through Continuous Refactoring in Agile Software Development|first1=Lianping |last1=Chen |first2=Muhammad|last2=Ali Babar|title=2014 IEEE/IFIP Conference on Software Architecture |date=2014 |pages=195–204 |book-title=The 11th Working IEEE/IFIP Conference on Software Architecture(WICSA 2014) |publisher=IEEE|doi=10.1109/WICSA.2014.45|isbn=978-1-4799-3412-6 }}</ref> ===DevOps automation=== It also supports consistency, reliability, and efficiency within the organization, and is usually enabled by a shared code repository or version control. As DevOps researcher Ravi Teja Yarlagadda hypothesizes, "Through DevOps, there is an assumption that all functions can be carried out, controlled, and managed in a central place using a simple code."<ref>{{cite ssrn |last1=Teja Yarlagadda |first1=Ravi |title=DevOps and Its Practices |date=9 March 2021 |ssrn=3798877}}</ref> ==== Automation with version control ==== Many organizations use version control to power DevOps automation technologies like [[virtual machines]], containerization (or [[OS-level virtualization]]), and [[CI/CD]]. The paper "DevOps: development of a toolchain in the banking domain" notes that with teams of developers working on the same project, "All developers need to make changes to the same codebase and sometimes edit even the same files. For efficient working, there has to be a system that helps engineers avoid conflicts and retain the codebase history,"<ref>{{cite thesis |last1=Morisio |first1=Maurizio |title=DevOps: development of a toolchain in the banking domain |journal=Politecnico di Torino |date=16 April 2021 |url=https://webthesis.biblio.polito.it/18120/ |access-date=16 August 2021|type=laurea }}</ref> with the Git version control system and the GitHub platform referenced as examples. ==GitOps== {{expand section|date=April 2022}} GitOps evolved from DevOps.<ref>{{Cite web|url=https://thenewstack.io/getting-started-with-gitops/|title=Getting Started with GitOps|date=13 December 2021|website=TheNewStack.io |access-date=5 April 2022}}</ref><ref>{{Cite web |access-date=5 April 2022 |website=ContainerJournal.com |url=https://containerjournal.com/features/gitops-workflows-and-principles-for-kubernetes/ |title=GitOps Workflows and Principles for Kubernetes|date=1 April 2022}}</ref><ref>{{Cite web |url=https://thenewstack.io/kubernetes-at-scale-without-gitops-is-a-bad-idea/|title=Kubernetes at Scale without GitOps Is a Bad Idea |date=7 March 2022|website=TheNewStack.io |access-date=5 April 2022}}</ref> The specific state of deployment configuration is [[version-control]]led. Because the most popular [[version-control]] is [[Git]], GitOps approach has been named after [[Git]].<ref>{{Cite web|url=https://thenewstack.io/top-5-challenges-in-modern-kubernetes-testing/|title=Top 5 Challenges in Modern Kubernetes Testing|date=11 March 2022|website=TheNewStack.io |access-date=5 April 2022}}</ref><ref>{{Cite web|url=https://www.weave.works/blog/deutsche-telekom-explain-why-they-chose-gitops-for-5g|title = The world's largest telcos are now embracing GitOps. Deutsche Telekom explains why}}</ref><ref>{{Cite web |url=https://www.techtarget.com/searchitoperations/news/252515529/Can-shift-left-in-DevOps-pipelines-go-too-far|title=Can 'shift left' in DevOps pipelines go too far?|website=[[Techtarget.com]] |access-date=5 April 2022}}</ref> Changes to configuration can be managed using [[code review]] practices, and can be rolled back using version-controlling. ==See also== * [[DataOps]] * [[DevOps toolchain]] * [[Twelve-factor app]] * [[Infrastructure as code]] * [[Lean software development]] * [[Value stream]] ==Notes== {{notelist}} ==References== {{Reflist|30em}} ==Further reading== * {{Cite book|title=Effective DevOps : building a culture of collaboration, affinity, and tooling at scale|last1=Davis|first1=Jennifer|last2=Daniels|first2=Ryn|publisher=O'Reilly|isbn=9781491926437|location=Sebastopol, CA|oclc=951434424|date=2016-05-30}} * {{Cite book|title=The DevOps handbook : how to create world-class agility, reliability, and security in technology organizations|last1=Kim|first1=Gene|last2=Debois|first2=Patrick|last3=Willis|first3=John|last4=Humble|first4=Jez|last5=Allspaw|first5=John|isbn=9781942788003|edition=First|location=Portland, OR|oclc=907166314|date=2015-10-07}} * {{Cite book|title=Accelerate: The Science of Lean Software and DevOps: Building and Scaling High Performing Technology Organizations|last1=Forsgren|first1=Nicole|last2=Humble|first2=Jez|last3=Kim|first3=Gene|isbn=9781942788331|edition=First|publisher=IT Revolution Press|date=27 March 2018}} {{Authority control}} {{DEFAULTSORT:Devops}} [[Category:Agile software development]] [[Category:Software development process]] [[Category:Information technology management]]'