DEVOPS THAT MATTERS Demystifying CI/CD and Build Pipelines

Melissa McKay @melissajmckay DEVELOPER ADVOCATE at JFROG

WHY SHOULD A DEV CARE ABOUT DEVOPS? ● Define DevOps ● Describe Components ● Your IT Value Stream ● Some Stories/Suggestions ?? ?

WHAT IS DEVOPS … DEVSECOPS? The Phoenix Project Gene Kim, Kevin Behr, George Spafford “Every person involved in a failed IT project should be forced to read this book.” ―TIM O’REILLY, Founder & CEO of O’Reilly Media The Unicorn Project Gene Kim The DevOps Handbook Gene Kim, Patrick Debois, John Willis, Jez Humble, John Allspaw

5 4 Commit the changes CI Servers Take VCS changes 6 Build Version Control System Dev. Team DRONE Declare new Resolve dependencies 1 dependencies Build Tools/Dependency Managers Build Tools/Dependency Managers 8 Deploy module Artifacts 7 MSBuild and Buildinfo BOM Resolve 2 dependencies ARTIFACTORY Roll out for Internal Analyze 10 Distribution DISTRIBUTION XRAY Contribute QA/QC 9 Metadata Updat e MSBuild External Data Sources Remote Repositories Resolve ARTIFACTORY EDGE ARTIFACTORY EDGE ARTIFACTORY EDGE 3 dependencies 10 Deploy to Provisioning Tools Production Production Servers

DEV(SEC)OPS COMPONENTS Source Code Repository Continuous Integration Single Source of Truth Build and test on every integration Package Manager Security Scanner Full bill of materials and binary history for traceability Deep scanning of dependencies and containers Continuous Deployment Automated deployment to the edge and beyond

WHAT DO YOU REALLY CARE ABOUT? ● Fast? ● Efficient? ● Reliable? ● Economical?

LOGGER.info(“In function transformMedia”); 12

ELIMINATE SILOS! 13

YOUR IT VALUE STREAM 14

LET’S TALK PIPELINES 15

IMPROVE BY 1% ● ● ● ● Fast Enough? Efficient Enough? Reliable Enough? Economical Enough? 16

RECOGNIZE THE PROBLEM 17

CODE, TEST, CHECK-IN, REPEAT

KNOW YOUR BUILD!

TEST, TEST, & TEST www.testcontainers.or g 20

HOW DO YOU DEPLOY?

SUMMARY 1. Understand your project’s business value and goals (eliminate silos). 2. Document your flow/pipeline. 3. Prioritize and improve by 1%. 4. Make your work and your metrics for success visible. 5. Master your CI/CD (source control management, testing, artifact management, and deployment). 6. Automate where it makes sense.

Q&A THANK YOU!