For the last several years, GitLab has run a major survey about the trends facing the DevSecOps community. This year over 4,000 people responded to the survey, 40% who identified as a Software Developer / Software Engineer. Also about half the survey participants are based in Asia, a major region for Software Developers.
One of the biggest trends you will find throughout the survey is how much developers value speed and efficiency. The last several years some of the big DevOps techniques have made it faster than ever to check source code in and build binaries that can be run. In fact, they highlight this incredible result:
60% of devs are releasing code 2x faster than ever before
While it is great that CI systems can speed up building code and running unit tests, there is still an enormous amount of ground to cover. In order to get to a full amount of test case automation, developers need to look past unit tests into the rest of the lifecycle. You will find most of this is dominated from the UI perspective, or sometimes you will hear this called end-to-end (E2E) testing. And that’s just scratching the surface because there are other areas such as API testing, load / performance / scalability testing, and the ever popular manual testing.
Despite the fact that teams are automating their builds and deployments, there is never enough test automation to go around. The DevOps tools are doing a fantastic job orchestrating steps, but developers still need to populate these steps with configurations, docker files, and coded unit test cases.
For the third year in a row, a majority of survey takers resoundingly pointed to testing as the area most likely to cause delays.
If your team does not have a complete set of orchestrated tests, you are in good company, because nobody seems to be able to achieve that these days:
Over 75% of respondents do not have full test automation.
And it’s not just that folks are annoyed by the lack of testing, this is the kind of task that immediately gets moved to the bottom of the priority stack. The creation of strong automation gets dropped, or it is delivered after the release when it cannot do as much good.
“Automated testing is ignored ‘due to time constraints’.'”
“Testing? That’s an interesting idea.”
“We intended to do TDD but it usually ends up being after the fact.”
Many organizations want to see new features and bug fixes shipped, not more lines of unit testing delivered. This is a common trend in today’s fast-paced environment where teams celebrate how many times a day they ship – there’s not enough cycles to write robust test frameworks.
Shifting gears to some of the technologies being used by teams, a few winners appear to be microservices and Kubernetes (to orchestrate all of the services of course):
However, it’s not for everyone, as you see common objections like these:
“We’ve tried but now it’s just not needed for small production environments.”
Services are great for reducing the scope of the unit of work that needs to be deployed to prod, but they make it very difficult to test and track how services are called.
GitLab continued to dig in deeper around the shift to DevOps as well as methodologies used. These are the top 5 changes that teams have made to their software development process:
It’s very interesting to see how many teams are delivering code that has been built. But a great quote here clarifies how this is possible:
“By capturing more errors and bad practices in the development phase we are able to deploy more often and securely to production.”
And if you follow along on the microservices point above, this should come as no surprise:
“We changed our release plans so versions developed concurrently depend less on each other.”
If your components do not have to be tightly version matched with each other, you can be more flexible in how you release. This kind of thing is only possible with:
“Automation in every possible way.”
Certainly cutting away at manual toil is a clear winner in being able to push changes even faster.
There are many other great observations from the GitLab 2021 Survey. In particular there are entire sections about Security and Operations, some areas where you really don’t want to make a mistake. Interestingly, there are no clear winners in these categories, teams are still using an incredible number of different methodologies and toolchains. Look for more consolidation here in future years.
What area is your org prioritizing this year?
Speedscale helps developers release with confidence by automatically generating integration tests and environments. This is done through traffic replay, understanding the environment an application will encounter in production and replaying the calls in non-prod. If you would like more information, drop us a note at [email protected] .
Stress test your APIs with real world scenarios. Collect and replay traffic without scripting.