Automation Development Life Cycle
Vishal Patel
Engineering leader | DevOps | DevSecOps | Platform Engineering | Product Management | Product Delivery | Automation
Following are the obvious major advantages of automation ,viz., Cost reduction in development & operations, increase productivity & efficiency, higher system availability, reliability & performance. Yet there are different reasons as to why automation practice is not adopted. Varying reasons like,
- We don't have enough budget for automation
- We don't know what to automate
- We don't have enough time for automation
- Surprisingly many think, "automation is not necessary, since we are writing our own code"
Two factors that are key to automation are, Cost & People. There is nothing like free lunch in this world. Every piece of automation code has a cost associated with it. There is development, implementation & maintenance cost associated with automation. Skilled staff on automation tools & technologies is required to develop & maintain automation.
The question then arises, when hundreds of tools are available in the market, then why would someone need to develop inhouse automation by themselves. This is a bigger trade-off, to choose between in-house developed automation vs packaged app & tools available in the market. There is no straight forward answer to this question. Answers to the following questions would help you get an answer.
- What do you want to automate?
- Are there any tools available in the market that suffices your automation needs?
- Do you have budget available to purchase & support these tools? Are these tools secure & robust enough?
- How much effort does it take to develop in-house automation that suffices your need? Does this effort fall in place with your project timelines?
Yet many organizations feel that in-house automation best suits their budget & timelines.
Every automation solution is unique to a particular project/application, hence the same automation solution cannot be used for different applications/projects. Many a times we think that with minor tweaks the same automation can be made to work for multiple projects. This doesn't work always and by doing this we often compromise the real need of automation.
With the advent of DevOps & DevSecOps, automation has gained a significant focus in the software life cycle and it is gaining a special attention within software development organizations. Automation development teams are setup and separate budget is allocated for them. The automation effort is baked into the total project effort and automation is also part of the total project tracking & reporting.
Automation life cycle:
Analogous to the software development life cycle, automation life cycle goes the full round of different activities, viz., requirements, design, development, testing & implementation.
Automation life cycle typically starts, mid way thru the project's requirements baseline, where you start gathering requirements for the automation solution. While the project's is going thru design , start designing the automation solution and almost at the start of the projects development, the automation development should kick start. While the project is progressing thru various tests, the automation solution developed also gets tested, since they are used for deployment in these different test environments. Finally the automation solution should be code & test complete before the project launch / prod deployment. From there on, both the project and the automation code gets into maintenance phase.
Candidates of automation:
Almost every part of development life cycle is automated, viz., Code builds, code scans, Unit tests, binary source management, smoke testing, integration testing, functional testing, acceptance testing, performance testing, user acceptance testing, business acceptance testing, boundary value tests, build verification tests, infrastructure verification tests, environment verification tests, UI testing, browser testing, SAST (Static app security testing), IAST (interactive app security testing), DAST (dynamic app security testing), threat modelling & analysis, vulnerability scans etc. A lot of infrastructure activities, viz., access management, log management, monitoring, alerting, disk space management, environment creation etc. could be a good candidate for automation.