What should CI/CD look like in a modern business?

clock • 1 min read
CI/CD is an essential part of the DevOps pipeline
Image:

CI/CD is an essential part of the DevOps pipeline

CircleCI's Sam Olukotun explains how to use CI/CD for success

CI/CD is a key part of DevOps methodologies, supporting the continual development and delivery of code using automation. It is a way to counter the problems introducing new code can create for your dev and ops teams.

Sam Olukotun, senior solutions engineer at CircleCI, spoke about CI/CD at Computing's recent Deskflix: DevSecOps event, explaining what it is and the best practices around adoption and use.

CI/CD has two parts: continuous integration and continuous delivery. The first (CI) part is the practice of merging all developers' working copies to a shared code repository. Olukotun says, "When developers check code into your source control system, the CI/CD runtime handles testing, scans for vulnerabilities and automatically builds the images to make sure all the changes coming through to your source code repository are validated and are not going to break the build when it comes time to deploy."

Continuous delivery makes heavy use of automation to automatically deploy new software releases to target environments. "When continuous integration is done and you've built an image successfully that meets all your team's standards, you automatically release that to your production environment so that your consumers and users can access the applications."

There are four key benchmarks to evaluate the success of your CI/CD implementation. They are workflow duration; throughput; mean time to recovery; and success rate. For example, an ideal workflow duration is less than 10 minutes, and success rates above 90 per cent should be the default.

Olukuton also described best practices in CI/CD (containerisating applications, segregating test environments, and automating test and delivery), before elaborating on how CircleCI could help to achieve them.

Keep an eye on Computing for our next round of Deskflix events, coming in 2022!

More on Management

Industry Voice: Digital transformation: Leaders need to form the new tech landscape carefully

Industry Voice: Digital transformation: Leaders need to form the new tech landscape carefully

Intel
clock 12 January 2022 • 3 min read
Log4j is a vulnerability in Apache, which powers the http engine behind almost half of the world's websites

How to protect your website from Log4j

Follow these six rules to insure yourself against becoming the low-hanging fruit

Christopher Baker
clock 11 January 2022 • 15 min read
Three steps to good security hygiene

Three steps to good security hygiene

Organisations need to harmonise people and technology, not focus on one or the other

Dominic Trott
clock 11 January 2022 • 5 min read