While Agile, CI/CD, and DevOps are different, they support one another. Agile focuses on the development process, CI/CD on practices, and DevOps on culture.
Agile focuses on processes highlighting change while accelerating delivery
CI/CD focuses on software-defined life cycles highlighting tools that emphasize automation
DevOps focuses on culture highlighting roles that emphasize responsiveness
You can’t build a house with a single tool. Nor can you enable your development practice with one. Agile, DevOps, and CI/CD are three distinct tools, each important in its own right. When a development organization uses all three for their intended purposes, the results are transformational. And in the context of security, only then—in our opinion—have you earned the right to call yourselves DevSecOps.
Agile, now referred to by some of its manifesto authors as agility, is focused on removing process barriers and enabling the key stakeholders, folk like developers and customers, to collaborate more closely on accelerating delivery. Agile highlights the constancy of change and acknowledges that as software producers, we don’t often know everything we need to successfully conceive, develop, and deliver high-quality software in monolithic life cycles.
So, though agile has come to mean different things over the past two decades, its fundamentals remain: Remove process barriers empowering individuals, produce working software rapidly, collaborate closely with customers, and respond to (rather than resist) change.
Continuous integration (CI) is a software engineering practice where members of a team integrate their work with increasing frequency. In keeping with CI practice, teams strive to integrate at least daily and even hourly, approaching integration that occurs “continuous-ly.”
Historically, integration has been a costly engineering activity. So, to avoid thrash, CI emphasizes automation tools that drive build and test, ultimately focusing on achieving a software-defined life cycle. When CI is successful, build and integration effort drops, and teams can detect integration errors as quickly as practical.
Continuous delivery (CD) is to packaging and deployment what CI is to build and test. Teams practicing CD can build, configure, and package software and orchestrate its deployment in such a way that it can be released to production in a software-defined manner (low cost, high automation) at any time.
High-functioning CI/CD practices directly facilitate agile development because software change reaches production more frequently. As a result, customers have more opportunities to experience and provide feedback on change.
DevOps focuses on limitations of culture and roles as agile development does process. The intention of DevOps is to avoid the negative impact that overspecialization and stovepiping roles in an organization have on preventing rapid or even effective response to production issues. DevOps organizations break down the barriers between Operations and Engineering by cross-training each team in the other’s skills. This approach improves everyone’s ability to appreciate and participate in each other’s tasks and leads to more high-quality collaboration and more frequent communication.
How are CI/CD, agile, and DevOps related in real-life development? Engineering teams often start with CI because it’s in their wheelhouse. A DevOps focus can help organizations understand what configuration, packaging, and orchestration are necessary to software-define even more of the life cycle—creating a more valuable CD practice. The practice of CI/CD in DevOps, in turn, adds to agile development.
Here’s a quick and easy way to differentiate agile, DevOps, and CI/CD:
This eBook examines how the four principles of the Agile Manifesto can be used as a starting point for holistic application security practices.