Scribd
Upload
47 views

DevSecOps Problem Statement-Sathvik

Uploaded by

skolipaka
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
47 views

DevSecOps Problem Statement-Sathvik

Uploaded by

skolipaka
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 3

Introduction to DevOps Session

Welcome and Objectives:


 Start with a warm welcome and express the session's goals.
 Outline the objectives: to introduce DevOps, its importance in modern
software development, and how it translates to addressing client needs.
Brief Overview of DevOps:
 Define DevOps: Explain it as a set of practices that combines software
development (Dev) and IT operations (Ops) aimed at shortening the
development life cycle and providing continuous delivery with high
software quality.
 Discuss the key principles of DevOps: Automation, Continuous Integration
and Delivery (CI/CD), Collaboration, and Iterative Improvement.
 Consider using a diagram to illustrate the DevOps lifecycle and flow.
The Importance of DevOps:
 Address why DevOps is critical: faster delivery, improved reliability, better
collaboration, and more.
 Relate DevOps principles to business value: how it contributes to reduced
costs, increased efficiency, faster time to market, and improved customer
satisfaction.
Core Components of DevOps:
 Introduce the core components such as Version Control, Automated
Testing, CI/CD Pipelines, Configuration Management, Containerization,
Infrastructure as Code (IaC), Monitoring, and Logging.
DevOps Culture:
 Emphasize the cultural aspect of DevOps, promoting a culture of
collaboration, shared responsibility, learning from failures, and
transparency.
DevOps Toolchain:
 Give examples of common DevOps tools used in industry for different
aspects of the lifecycle (e.g., Git, Jenkins, Docker, Kubernetes, Ansible,
Terraform, Prometheus).
Interactive Exercise (Modifications Required “remove TSA FAST”)
DevSecOps - Continuous Integration/Continuous Delivery (CI/CD)
Pipeline

Background: The Contractor shall use automated pipelines approved by TSA for
software development, testing, integration, and continuous delivery
(deployment). At a minimum the pipeline should provide an automated process
to validate candidate code and implement software changes which are high
quality, meets organizational needs and security standards, and does not
negatively impact existing functionality. The automated process should integrate
with the code repository and complete discrete steps while evaluating output
from each step to determine if candidate code is suitable for promotion into
production.

The pipeline supports the TSA’s Development/Test Environment, Integration


Testing
Environment, and Production environment. TSA does not yet have a fully
automated pipeline
for every product, and as such, the Contractor shall understand and operate in a
hybrid
environment. TSA will continue to work with the Contractor and partners to
mature the
automated pipeline to increase the ability to deliver releases timely and
efficiently in support of
Agile development. Some tools may change during the term of the BPA and the
Contractor is
expected to adjust and adapt accordingly without major impact to the release
schedules. In
summary, the Contractor shall utilize the automated pipeline to decrease time to
delivery,
increase product delivery of quality working code, , and reduce time to remediate
deficiencies.

Client Requirement: (TSA FAST)

The Contractor shall work collaboratively and cross functionally with engineering,
operations, and security to implement and utilize continuous integration and
delivery. The Contractor shall develop and enhance its own code while in
production.

Problem Background:

The team is responsible for employing automated workflows for the


development, testing, and deployment of software. These workflows must ensure
all updates are dependable, meet security criteria, and are compatible with
existing systems. The goal is to have a system in place that checks new code
and determines if it's ready for live use.

Currently, not every piece of software is fully covered by automated processes;


there are some manual steps in the workflow. The team may have to navigate a
mix of automation and manual operations. As the automation capabilities
improve, the team's role will be to speed up and streamline the process for
updating software in accordance with Agile practices.
The main objective is to make use of automation to shorten delivery times,
enhance software quality, and quickly address any issues that arise.

29/10

DevOps

1. What is DevOps?
2. Why DevOps?

Improve SDLC with DevOps

Intro of SDLC (without DevOps)

How DevOps improved SDLC

Building – Testing – Deploy

You might also like