Jobs As Code: Selecting the Best Tools and Deconstructing the CI/CD Pipeline

Who wants to mow the lawn with a pair of scissors? No one. Nothing compares to the ease of using the right tool for the job.

Tools have always been part of software development and operations. As organizations transition to DevOps, or to CI/CD, or mature and grow as organizations, tools are essential to assist growth. Whomever has the power to choose the tools often brings the tools they know along with them. A potential problem that emerges is that many tools are often specific to one domain.

Without critical thinking, many people have the notion that whatever hammer they have is the right hammer.


Selecting the Best Tools

As DevOps professionals, how do we make sure we have the right tools for the jobs? Joe Goldberg, an Innovation Evangelist at BMC Software, introduced the idea of jobs-as-code at the All Day DevOps conference.

Joe observes there is a lot of talk of “shifting left” (moving security earlier in the pipeline). As DevOps advocates he suggests that we also need to think about shifting development right. Specifically, by evaluating our tools.


As organizations evolve into DevOps, CI/CD, cloud operations, and more, one challenge is the diversity of users and the different environments in which they operate. Operations needs to make sure the environments scale, are secure, and meet compliance standards. The tools also have to work well with non-technically savvy users. Early in the software development life cycle (SDLC), users are relatively tech savvy. However, along the process, business users might be tech savvy but don’t have the luxury of time to learn the tooling.

The tooling needs to support these new demands. They must have the flexibility to evolve with the business. Tools have to be integrated with modern development and deployment techniques. By building and managing (Read more...)

*** This is a Security Bloggers Network syndicated blog from Sonatype Blog authored by Derek Weeks. Read the original post at: