The Lucky Seven Tips Of IBM i DevSecOps

September 14, 2022 Olenka Van Schendel

The number seven has been a symbol of luck and fortune and design in many ancient cultures around the world, and so it is with the IBM i world. As it turns out, we think there are a “Lucky Seven” key tips for optimizing your own DevOps implementation, allowing you to leverage your IBM i platform for competitive advantage. And we want to share them with you.

The programmers who create applications for the IBM i platform and its decades of predecessors were given a set of development tools from IBM with augmentation from third parties such as ARCAD Software, all hooked into a sophisticated operating system with an integrated relational database that let programmers focus on applications, not on the plumbing underneath them. And to be very precise, it let them focus on creating high quality applications that are tightly coupled to the business and that can change with them, which is the real reason this platform persists at more than 125,000 customers worldwide today.

In a way, the toolchain what was created for the AS/400 nearly three and a half decades ago was a precursor to the full-blown DevOps toolchain that is available today, augmented by the software development and control technologies of the major hyperscalers and cloud builders and large scale open source projects such as the Linux operating system. To their credit, many IBM i shops now live in both of these worlds, using a mix of DevOps technologies and techniques to deliver more functionality to their applications in support of business objectives.

Knowing what we do about software development inside the IBM i ecosystem and in the broader IT market, we want everyone to experience the full power of DevOps. For that reason, we have come up with our “Lucky Seven” tips to embracing and advancing DevOps in your organization. And to be very precise, we want your organization to adopt DevSecOps, which puts security literally in the center of it all, between a hybrid development and operations system.

The move to DevSecOps is not necessarily a big bang, like the creation of the Universe, said to have taken seven days (including one day of rest). Adopting DevSecOps can be managed in a series of easy stages. Our Lucky Seven guide refers to seven “tips” rather than seven stages because we realize the order that these distinct efforts are adopted is entirely flexible.  Every company’s journey to DevSecOps is unique based on where they are, but in the longest of runs, we think every company will employ all seven techniques.

ARCAD makes this kind of progressive approach very simple, as each individual module is integrated over the same underlying metadata repository. This allows IBM i organizations to adopt new DevSecOps methods at their own pace, adding Continuous Integration, Continuous Testing, and Continuous Deployment modules if and when they need them, and demonstrating a measurable ROI at each individual stage.

When you are done, it looks something like this:

This sharing of metadata between ARCAD modules is key to the reliability of the overall CI/CT/CD system.  Dependency knowledge is used to drive greater automation right through the cycle –for example, in field-level impact analysis, a “smart” build (recompilation of only impacted components), test automation (execution of only impacted tests), and the integrity checking of releases to deploy.

If you are like many IBM i shops, you have made some initial forays as part of your DevSecOps journey, but you might need a little help trying to put together a roadmap to the future. To that end, we have put together a white paper, which you can download here, called Modern IBM i DevOps: The “Lucky Seven” Tips. We are also hosting a webinar on September 29, 2022, at 12 p.m. Eastern time called DevOps Is Not A Four-Letter Word, which you can sign up for here. DevOps obviously has six letters and DevSecOps has nine letters, and we don’t know how lucky or not those numbers are and we are not going to look, either.

The reason is simple: When it comes to DevSecOps, the luck you have is the luck you design into the process. And that is not really luck at all, is it?

This content is sponsored by ARCAD Software.

RELATED STORIES

Git Is A Whole Lot More Than A Code Repository

Learning To Drive Fast On The DevOps Roadmap

Expanding Fields Is A Bigger Pain In The Neck Than You Think

Value Stream Management: Bringing Lean Manufacturing Techniques To IBM i Development

Unit Testing Automation Hits Shift Left Instead of Ctrl-Alt-Delete Cash

It’s Time For An Application Healthcheck

The New Economy Presents New Opportunities For IBM i

Creating Web Services APIs Can Be Easy On IBM i

Jenkins Gets Closer IBM i Hooks, Courtesy Of ARCAD

DevOps Transformation: Engage Your IBM i Team

The All-Knowing, Benevolent Dictator Of Code

Software Change Management Has To Change With The DevOps Times

Attention Synon Users: You Can Automate Your Move To RPG Free Form And DevOps

Git Started With GitHub And ARCAD On IBM i

One Repository To Rule The Source – And Object – Code

Data Needs To Be Anonymized For Dev And Test

Getting Progressive About Regression Testing

Transforming The Art Of Code And The Face Of IBM i