DevOps in a Serverless Environment — Beyond CI/CD: QA Automation and Account Creation
We’ve talked in previous posts about the importance of DevOps in a serverless environment. Of course, when DevOps is mentioned, many people immediately think of Continuous Integration and Continuous Delivery (CI/CD). That’s fair — CI/CD is an integral part of DevOps and getting the most out of your serverless environment.
However, DevOps doesn’t stop at CI/CD. A well-designed and implemented DevOps pipeline extends beyond integration and deployment automation. CI/CD simply lays the foundation to unlock repeatable, automated potential for your organization, and once you have a good CI/CD pipeline set up, you can start to extend it in a variety of ways.
A typical CI/CD pipeline usually looks something like one of the two examples, below.
But stopping there only gains you some of the benefits of using DevOps with your serverless environments. Adding additional testing and validation automation into the pipeline will increase the value you see from your DevOps process by reducing manual QA efforts.
Adding automated unit testing into your process adds some quick hit wins into its value. Doing so can enforce quality in the code being developed, and it forces the developers to create unit tests and not ignore this step. By requiring automated unit testing within your DevOps process, you can then enforce policies like having greater than 90% unit test code coverage, which in turn will be reflected in some of the metrics we’ve previously discussed.
Your code dependencies can be a big source of security vulnerabilities. Integrations may be using older versions of libraries, or ones that have been expressly disallowed because of security concerns. Automating dependency scanning is one step closer to having secure apps.
There is some out-of-the-box dependency scanning out there that can be included, like if you’re using GitLab’s CI/CD. You can also develop your own custom scripts to inject into the workflow that tests your API’s security.
Alerts are a significant benefit to teams looking to streamline their operations. Alerts enable proactivity and prevent sitting around waiting for a process to complete when there is an error or requiring an engineer to babysit a build or deployment.
Alerts can also monitor policies to make sure integrations are meeting governance or other requirements. For instance, alerts can be created to ensure code coverage is good enough, or if a security test fails.
QA Testing Automation
Testing can be a time sink. By planning ahead and placing the right hooks into your system and properly scripting your tests you can create an automated test pipeline as part of your CI/CD process, including regression, end-to-end, and so on, reducing the likelihood of introducing new bugs.
This can also lead to self-documenting tests and lessens the amount of time needed for manual testing.
For details on adding automated testing in your pipeline, we’ve created the following video to walk you through implementation:
Automated Account Creation
More and more of our customers are looking to create new AWS accounts. Scaling out the number of accounts your have on AWS, however, significantly increases the complexity and time needed to create, manage, and provision assets for them.
This is another area where leveraging your CI/CD automation saves the DevOps team time and build efficiency into the process. Activities like auto-provisioning your cloud stack to new accounts or removing those assets when an account is deleted removes the need for DevOps engineers to micromanage accounts and resources.
To dig deeper into how to leverage your CI/CD pipeline to facilitate account creation, check out our hands on video:
The purpose of DevOps is efficiency and speed, and CI/CD is just the tip of the iceberg. Together, they create the foundation for so much more. Truly investing in DevOps is the gateway to driving more and better processes and automation across development, testing, security, deployment, and every other step of your implementation lifecycle.