Managing and delivering a robust CI/CD pipeline at scale is a complex and evolving challenge. The term “CI/CD” holds varied meanings across different work cultures, reflecting diverse priorities and practices. As the technology landscape continues to grow, CI/CD has become just one component of the broader and increasingly significant developer enablement ecosystem.
Basic Triads of Builds (then) and CI/CD (now)
My CI/CD delivery principles and methodologies trace their roots back to discussions I had around 1997 with Paul Kramer, one of the best gatekeepers I’ve ever known. What began as casual water-cooler chats between Paul and me over morning coffees quickly grew into in-depth whiteboard sessions. Over weeks and months, these sessions focused on brainstorming two key aspects:
- How to seamlessly let good code in
- How to dynamically block risky code and flag faulty code
Those two simple triads mean quite a lot in reality. Once those two things are done right, any CI/CD system design has well begun.
Seamlessly let good code in
Some view the primary function of CI/CD—augmented with build and validation—as simply to “let good code in.” Today, this concept is often framed within broader initiatives like Developer Enablement, Developer Productivity, or Developer Experience. However, a critical requirement remains: serving a diverse range of developer personas. These personas arise from various factors, such as:
- Code change size (small to huge)
- Developer environments (IDEs, Tooling along with AI Code Generators)
- Security and access control – who can access what (for reading and/or changing)
- Developer location and/or developer geographic distribution
- Cadence of code changes
- Code delivery mode, once it passes the gate (source code, configurations, artefacts)
- Target release stream
The extent of these factors within a company or team can significantly influence the complexity of developer enablement needs, often causing them to grow exponentially. At its core, a good CI/CD system serves as a powerful enabler, allowing developers to seamlessly check in and validate their code.
Dynamically block risky code and flag faulty code
This requirement looks tough to start with and can get much tougher. The key reasons are:
- Blocking risky code is not easy primarily because risk is not constant.
- Flagging faulty code is usually part of a much bigger workflow
Why is the risk associated with a code change not constant? Because it varies significantly based on factors like the timing within a release cycle, the target release stream, changes in operating environments, and more. As a result, assessing risk often requires input from multiple roles, such as code reviewers and gatekeepers, making it a dynamic process influenced by several variables.
Flagging faulty code begins with building and testing or validating all changes. Once faulty changes are identified, they are flagged and routed to the appropriate individuals. In smaller codebases, such as microservices, this process is relatively straightforward. However, in collaborative development involving large codebases, the process becomes more challenging due to the increased resource demands of the build and validation phases.
Developer Enablement as an Overarching Goal
Once we successfully tackle the daunting task of flagging faulty code, the next step is to integrate the entire CI/CD pipeline into the broader and more intricate developer enablement ecosystem. This includes additional components such as fix-owner identification and involvement, code fault trackers, incentive systems for safe code changes, revalidation of fixes, swimlane management, and even code generation copilots—a modern and increasingly popular request. While these challenges may be relatively straightforward for small teams and codebases, their complexity grows exponentially with the scale of the team and the codebase.
In summary, the blueprint for success—whether in legacy build processes, modern CI/CD systems, or evolving developer enablement platforms—remains consistent: let good code in and keep bad code out (until it’s fixed). The true value of a developer enablement platform lies in the finesse with which it empowers developers to navigate code gates seamlessly and effectively.
More on this topic of CI/CD and Developer Enablement in the posts yet to come. Meanwhile, a good read from 2006: The Fallacies of Build Engineering