This is a 5 articles series on how to design and implement more scalable, agile-aligned, and futuristic βDevsecopsβ.
This is the 1st article in the series.
Design and Implementation of Scalable, Agile and Futuristic Devsecops
Purpose of Devsecops implementation is to automate software development and operation, blending nicely with Agile process and should be future looking.
A devsecops stack should mimic your full stack.
Devsecops should automate infrastructure deployment for various environments (dev, validation, staging, production) providing different flavours. Besides this it should be able to manage and monitor those platforms and should manage secrets too centrally. There should be a tight control in terms of reviews and approval who can deploy infrastructure components.
Same way if you are building your own microservices for platform that too should be centrally developed, managed, and deployed falling through full agile process.
Application and feature development should facilitate agile aligned ci-cd and should provide central release management too.
If your platform supports multiple clients, then tenant creation for customer and any policy, rules and customer specific configuration too should be automated and centrally managed.β
Top comments (1)
Helpful π