Our DevOps/SRE team follows a comprehensive change management framework that incorporates best practices in DevOps to ensure reliable, efficient, and consistent delivery of code changes. This framework includes the following processes:
Processes
Continuous Integration and Continuous Deployment (CICD): We use GitHub Actions as our CI tool to automatically build, test, and deploy code changes. Our CICD process starts with a developer creating a pull request in Git, which contains the code changes they want to merge into the main branch. GitHub Actions then automatically builds and tests the code, ensuring that any issues are identified and fixed before deployment.
Code Quality and Security: As part of our testing process, we use SonarQube to detect and prevent code smells and to ensure the quality of the code. Before deploying to production, we also run a security scan using Trivy, which scans container images for vulnerabilities.
Change Management: Our change management process is supported by Jira, which is used to track and manage all changes, and Confluence, which is used for documenting all change-related information. This includes creating a change request, performing a risk assessment, and obtaining approval for the change.
Deployment: After the code has been tested and approved in the development environment, it is promoted to the staging environment using git tags. Finally, the code is deployed to the production environment using the same Docker image tag that was used in the development and staging environments.
Best Practices: We follow industry-standard best practices in DevOps to ensure that our processes are reliable, efficient, and secure. This includes implementing infrastructure as code, implementing continuous testing and delivery, and practicing continuous improvement.
By following this comprehensive change management framework, our DevOps/SRE team is able to ensure the consistent and efficient delivery of code changes while maintaining the highest standards of quality and security.
Key Components
The overall purpose of the change management framework is to minimize the risk of service disruptions, ensure consistency and reliability in the delivery of software changes, and to provide a structured approach for communication, planning and tracking of changes.
The following are the key components of our change management framework:
Change Advisory Board (CAB): The CAB is a cross-functional team responsible for reviewing, evaluating, and approving all changes. The CAB consists of representatives from the development, operations, security, and business teams.
Change Request: A change request is initiated by a developer, when they identify the need for a change. The change request should be documented and submitted to the CAB for review.
Jira Tracking: All change requests are tracked in Jira, providing visibility into the status and history of changes. This allows the DevOps/SRE team to quickly identify and resolve issues, and to assess the impact of changes on the environment.
Impact Assessment: The CAB evaluates the impact of each change request and determines the priority of the change. The impact assessment includes considerations such as the potential impact on service availability, the complexity of the change, and the availability of resources.
Change Schedule: The change schedule is created based on the priority and impact of the change request. The change schedule outlines the dates and times for implementation, testing, and deployment of the change.
Confluence Documentation: Detailed documentation of the change is maintained in Confluence. This includes information such as the change request, impact assessment, change schedule, testing procedures, and post-implementation review.
Pre-Implementation Review: A pre-implementation review is conducted to ensure that all necessary preparations have been made before the change is implemented. This includes verifying the change schedule, testing procedures, and documenting the expected outcome of the change.
Implementation: The change is implemented in accordance with the change schedule and testing procedures. Any issues encountered during implementation are documented and addressed as quickly as possible.
Post-Implementation Review: A post-implementation review is conducted to assess the results of the change and to identify any areas for improvement. The post-implementation review is documented in Confluence for future reference.
Continuous Improvement: The change management framework is regularly reviewed and improved based on feedback from the DevOps/SRE team and the CAB. This ensures that the framework remains effective and efficient, and supports the delivery of high-quality software changes.
By following this change management framework, the DevOps/SRE team is able to consistently and efficiently deploy software changes while minimizing risk and ensuring quality. The use of tools such as Jira and Confluence helps to standardize and streamline the process, and provides the necessary visibility and documentation to ensure success.
Related Ticket: ITI-1975