Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Secure Continuous Delivery on Google Cloud

You're reading from   Secure Continuous Delivery on Google Cloud Implement an automated and secure software delivery pipeline on Google Cloud using native services

Arrow left icon
Product type Paperback
Published in Apr 2024
Publisher Packt
ISBN-13 9781805129288
Length 304 pages
Edition 1st Edition
Languages
Arrow right icon
Authors (3):
Arrow left icon
Nathaniel Avery Nathaniel Avery
Author Profile Icon Nathaniel Avery
Nathaniel Avery
David Dorbin David Dorbin
Author Profile Icon David Dorbin
David Dorbin
Giovanni Galloro Giovanni Galloro
Author Profile Icon Giovanni Galloro
Giovanni Galloro
Arrow right icon
View More author details
Toc

Table of Contents (19) Chapters Close

Preface 1. Part 1:Introduction and Code Your Application
2. Chapter 1: Introducing Continuous Delivery and Software Supply Chain Security FREE CHAPTER 3. Chapter 2: Using Skaffold for Development, Build, and Deploy 4. Chapter 3: Developing and Testing with Cloud Code 5. Chapter 4: Securing Your Code with Cloud Workstations 6. Part 2: Build and Package Your Application
7. Chapter 5: Automating Continuous Integration with Cloud Build 8. Chapter 6: Securely Store Your Software on Artifact Registry 9. Part 3: Deploy and Run Your Application
10. Chapter 7: Exploring Runtimes – GKE, GKE Enterprise, and Cloud Run 11. Chapter 8: Automating Software Delivery Using Cloud Deploy 12. Chapter 9: Securing Your Runtimes with Binary Authorization 13. Part 4: Hands-On Secure Pipeline Delivery and Looking Forward
14. Chapter 10: Demonstrating an End-to-End Software Delivery Pipeline 15. Chapter 11: Integrating with Your Organization’s Workflows 16. Chapter 12: Diving into Best Practices and Trends in Continuous Delivery 17. Index 18. Other Books You May Enjoy

Introduction to CD

CD is a set of practices and principles that aim to streamline and automate software delivery from commit to production. Teams and organizations practice with the goal of deploying software to production on demand at any time without impacting service availability. The main objective of CD is that software should always be in a deployable state and software release should be a fast, repeatable process.

This section is a quick overview of CD, what it consists of, and how it can help your organization achieve better and faster software delivery.

CD practices

Some of the practices that underpin CD are set out here:

  • CI: CI means that code changes are integrated into the source code repository quickly and regularly. Automated builds and tests are triggered with each code commit, providing rapid feedback to developers. Consistent, reliable builds are at the foundation of a trustworthy CD process.
  • Continuous testing: This includes unit tests, integration tests, and end-to-end (E2E) tests. Test suites are executed automatically during the pipeline to catch regressions early and increase your confidence in the quality of the system.
  • Small, frequent releases: Instead of large, infrequent releases, CD tries to break down features and changes into small, manageable chunks that can be released more frequently. This reduces the risk of introducing regressions and makes it easier to identify and fix problems.
  • Trunk-based development: A software development methodology in which developers divide their work into small batches and merge each batch into the trunk at least once a day. This approach is in contrast to more complex branching strategies such as feature branching or Gitflow, in which developers create separate branches for different features or bug fixes.
  • Deployment pipeline: The entire release process, from building the code to deploying it to production, is automated using a pipeline. The automated pipeline can run such tasks as the following:
    • Compiling code
    • Executing unit tests
    • Building software artifacts as container images
    • Progressively deploying the app on different pre-production environments where different kinds of automated or manual tests can be performed
    • Finally releasing the application to production

The following diagram represents an example pipeline, starting when there is a new commit in the source code repository. The tasks represented in the diagram and the ones listed previously are examples. The exact pipeline sequence changes depending on factors such as the application itself, the programming language, and the framework, as well as specific organizational contexts:

Figure 1.1 – A high-level look at a software delivery pipeline

Figure 1.1 – A high-level look at a software delivery pipeline

That process, with those practices, can help you achieve improved software delivery performance, as described in the next section.

The impact of CD on software delivery performance

The DevOps Research and Assessment (DORA) research program has identified CD as one of the main capabilities driving software delivery performance, as measured by DORA’s four key metrics.

The following list shows those four metrics and how they can help you improve your software delivery performance:

  • Deployment Frequency: How often code changes are deployed to production.

    CD encourages more frequent deployments because it automates the deployment process and ensures that code changes are always production ready. Teams practicing CD can deploy changes to production on demand, often multiple times a day. Compare this to traditional approaches that might have longer release cycles.

  • Lead Time for Changes: The time it takes to go from code commit to a production-ready release.

    CD streamlines the software development process, enabling faster development cycles and reducing delays. CD automates steps in the delivery pipeline, such as building, testing, and deploying, which reduces manual intervention and wait times.

    With CD, code changes are continuously integrated, tested, and delivered, shortening the time from development to production. Frequent, small releases accelerate TTM.

  • Change Failure Rate: The percentage of changes or deployments that fail or require rollback.

    CD emphasizes continuous testing, including unit tests, integration tests, and acceptance tests. This reduces the chance that defects and errors make their way into production.

    Automation, in general, makes the release process repeatable and less error-prone because almost nothing is left to interpretation. Frequent, smaller releases make it easier to identify and fix issues early in the development process, reducing the likelihood of catastrophic failures in production.

  • Time to Restore Services: The average time it takes to restore services after a production failure.

    CD practices typically include automated monitoring and alerting in production environments. This helps teams detect issues quickly. When issues do occur, CD enables rapid rollback or forward fixes. Automated deployments make it easier to apply fixes and quickly get the system back to a working state.

See https://dora.dev/ for more info on DORA and the four key metrics.

In the rest of this chapter, we describe the most important underlying CD practices in more detail, starting with CI.

You have been reading a chapter from
Secure Continuous Delivery on Google Cloud
Published in: Apr 2024
Publisher: Packt
ISBN-13: 9781805129288
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image