White Paper Dimensions CM Five DevOps CM Practices Supported by Dimensions CM Ashley Owen, Product Management
Table of Contents Introduction... 1 Version Everything... 2 Maintain Prioritized Backlogs... 3 Shift Left with Continuous Inspection... 3 Automate Everything... 5 Dashboard Everything... 5 Conclusion... 6 page
Customers investing in Dimensions CM have consistently seen an increase in the speed and quality of the development of new and changed functionality for more complex environments and its delivery. Introduction Modernizing application development and delivery practices has become essential to meet the growing demands for business innovation and agility. Software change and configuration management tools are fundamental in implementing a set of disciplines used to stabilize, track, and control the versions and configurations of a set of software items and often includes development change management, defect tracking, peer review, integrated build management, integrated test management, automated deployment, and other related processes. Micro Focus Dimensions CM is an established process-based SCM solution that has been subject to considerable innovation and investment in accommodating today s Agile and DevOps practices. Customers investing in Dimensions CM have consistently seen an increase in the speed and quality of the development of new and changed functionality for more complex environments and its delivery. Dimensions CM offers improved scale, performance, security, and integration over open-source distributed version control while offering familiar and rapid modern development processes and practices supporting very high release velocities and common programmer benefits. Meanwhile, smaller projects and local teams across the enterprise who are using Git are accommodated through the Git Connector while providing improved scale, performance, security, and integration. Today s centralized Dimensions CM management practices are now increasingly needed to match the experience of DVCS practices to the discipline required by large scale globally distributed teams and enterprise deployments accommodating downstream test and release processes while maintaining the required levels of visibility, control, and traceability. In this paper, we will discuss and highlight five DevOps practices that are central tenets of a software change and configuration management implementation. www.microfocus.com 1
White Paper Five DevOps CM Practices Version Everything It might seem obvious but versioning has become a commodity, or is that it? Beyond source code, software applications and products often have images, audio, binary files, manifests, modules, cookbooks, and more. Files that, while not your code, are an integral part of your applications and need to be versioned alongside the code. The Agile dictum that the version control system should provide a single source of truth now extends to infrastructure, configuration, and database and enables you to view the software system as a holistic unit. Dimensions CM has successfully serviced some of the most sophisticated and complex products and programs and in doing so has versioned a wide variety of information types. With the increasing adoption and use of containerization, shouldn t we also be versioning the images and their content and ensuring the container is approved for reuse or deployment? While there are many advantages in the use of technologies such as Docker, which provide development and ops with uniformity of deployment images, there are enterprise concerns around trust and information security. In versioning everything, you should neither sacrifice immutable commit history for developer flexibility nor place too high a degree of trust among developers to ensure your security and compliance risks are addressed at source and not downstream where the costs of change can remain high. Teams that version everything aren t constantly challenged with tracking the history and dependency for files that might span multiple repositories. This ensures that files that make up the system or product are not located on shared servers, hidden in folders on an individual s laptop, or embedded in a non-versioned database. Dimensions CM has successfully serviced some of the most sophisticated and complex products and programs and in doing so has versioned a wide variety of information types. With Dimensions CM, QA and Release managers enjoy a consolidated view of all application development and delivery artifacts, enabling deployment automation tools to operate from a single version of the truth. Increasing adoption of DevOps is demanding a secure, scalable version control system that delivers on the security, compliance, and performance needs of enterprises with critical and complex applications. 2
Dimensions CM supports traditional, modern, and Agile development practices such as the management of backlogs, release and iteration planning, collabo rative peer review, and a continuous inspection toolchain. Maintain Prioritized Backlogs A well prioritized backlog not only makes release and iteration planning easier, but it also broadcasts all the things your teams intend to spend time on. This helps set expectations with stakeholders and other teams and improves communication and collaboration. Rank the backlog continuously, and once committed to an iteration plan, focus on execution and delivery and not changing the rank of those committed items. Of course, all other items can be re-ranked as you learn new information, usually in the form of feedback or information gathered from the team or stakeholders. Leveraging techniques for prioritization include the product owner ranking the backlog, initially prioritizing backlog items into Must-Should-Could-Or-Won t have buckets, and individually ranking each item in the backlog so that the team can always start with the prioritized stories. Consider also the relative mix of features, defects, and technical debt when roadmap planning and enabling development teams to employ a continuous (Kanban) or iterative (Scrum) approach. Once executing an iteration or sprint, estimate and track the remaining effort and identify any blocking issues for resolution to maintain velocity. Dimensions CM supports traditional, modern, and Agile development practices such as the management of backlogs, release and iteration planning, collaborative peer review, and a continuous inspection toolchain that automates not just the build but also your selected code-centric tools such as static analysis, open-source identification, and web and security vulnerability tools providing rapid feedback to development. Shift Left with Continuous Inspection A shift left is the practice of focusing on quality from day one in order to identify and fix defects, vulnerabilities, or findings as quickly and expediently as possible. Adopting a shift left approach is also key to delivering systems and applications 25% faster, with higher customer satisfaction, lower development costs, and greater quality and higher production availability. www.microfocus.com 3
White Paper Five DevOps CM Practices With shift left, the build-test-deploy cycle of activities is accelerated, providing rapid feedback to development and a high degree of readiness in preparation for automated deployment and delivery. Automating continuous integration and unit test with your preferred code-centric tool chain substantially reduces defects, resolves defects and vulnerabilities, and optimizes release readiness and deployment success. Dimensions CM includes a configurable continuous inspection tool chain that is easily sequenced with Dimensions Build or a CI Build tool such as Jenkins, automated code review, static analysis, open-source identification, and web vulnerability tools for example. By providing immediate feedback to developers as findings and vulnerabilities are decorated in their files for code review, Dimensions CM encourages speedy resolution and significant reductions in rework. By providing immediate feedback to developers as findings and vulnerabilities are decorated in their files for code review, Dimensions CM encourages speedy resolution and significant reductions in rework. Fig. 1 Continuous inspection toolchain Offering the flexibility to define and schedule the continuous inspection tool chains, application teams can evolve their adoption of shift left at a pace that makes sense in their DevOps journey. Furthermore, Dimensions CM aggregates the metrics and KPIs from the continuous inspection toolchain, providing insight into the quality and release readiness of development streams and associated change sets. This aggregation offers a unique DevOps perspective across Development, Security, and Operations. 4
With over 100 plug-ins, Micro Focus Deployment Automation offers extensive support for environment provisioning, testing, and coordinated software and infrastructure updates. Automate Everything In DevOps, everything often refers to error-prone manual efforts around testing and deployment, and the provisioning, cloning, and sharing of environments. Automating this sequence of deployment tasks and activities frees up countless hours for higher value tasks such as automated testing and improved DevSecOps collaboration. Automation is of paramount importance in an organizational DevOps culture and companies practicing DevOps have a strong desire to automate everything possible. Automation allows them to remove human error and standardize processes across the entire software development and delivery lifecycle. Combining continuous inspection, automated testing, and deployment automation lies at the heart of DevOps principles for a consistent and routine code deployments. Without automation, reliable code deployments, in particular, would not be possible. As such, automation is a crucial element to adopt when driving toward a DevOps culture. All too often, when introducing DevOps practices, one might hear We don t have time to automate. The reality is that even though it may take more time to introduce automation up front, it will pay off through more reliable and faster code deployments and less high-level and costly interrupts that characterize today s deployments. Dimensions CM, together with Deployment Automation, marries the benefits of continuous inspection with automated deployment and delivery to on-premises, virtual, and cloud environments. With over 100 plug-ins, Micro Focus Deployment Automation offers extensive support for environment provisioning, testing, and coordinated software and infrastructure updates. Dashboard Everything With all the automated capture of metadata and audit trails associated with development and deployment tasks and activities, the CM system of record can readily provide many of the dashboard KPIs and metrics across the software and development lifecycle proving insight into progress, status, and readiness of your application development and delivery pipelines. www.microfocus.com 5
www.microfocus.com Fig. 2 Aggregated KPI metrics Dimensions CM s ability to provide rapid feedback to development through the continuous inspection toolchain and to aggregate the associated metrics enables organizations to significantly improve throughput and agility metrics. Customers upgrading to Dimensions CM 14.x are now reporting higher rates of change success rates, significant increased frequency of releases, and improved developer productivity and efficiency. Micro Focus UK Headquarters United Kingdom +44 (0) 1635 565200 U.S. Headquarters Rockville, Maryland 301 838 5000 877 772 4450 Additional contact information and office locations: www.microfocus.com Conclusion With the above Agile and DevOps practices available in Dimensions CM 14.x, customers are reminded that an automated upgrade is available to all those on maintenance. In addition, we offer a free Upgrade Lab for those customers that have significant CM investments, removing the burden of testing and validating the upgrade and providing the opportunity to adapt and modernize any legacy CM practices. In our most recent Dimensions CM 14.3.2 release, we have extended the Continuous Integration toolchain to include the management and security of open-source components, introduced the ability for our enterprise customers to manage the challenges and risks with Git sprawl, and provided a Docker Private registry with versioning and approvals for images and containers. 162-000119-002 S 04/17 2017 Micro Focus. All rights reserved. Micro Focus and the Micro Focus logo, among others, are trademarks or registered trademarks of Micro Focus or its subsidiaries or affiliated companies in the United Kingdom, United States and other countries. All other marks are the property of their respective owners.