Check out my new books that I just published...
Acceptance Testing: A high-level testing of an entire application or service to determine if the overall code quality is good enough for deployment to the production environment.
Agile: A code development methodology that emphasizes short, iterative planning and development cycles to provide better control and predictability, as well as supporting changing requirements as projects evolve.
Black Box Testing: A quality assurance testing practice that assumes no knowledge of the inner workings of a system being tested, which attempts to verify external rather than internal behavior or state.
Branching: The duplication of an object under review in source control so that the same code can be modified by more than one developer in parallel.
Build Agent: An agent used in Continuous Integration that can be installed locally or remotely in relation to the CI server. It sends and receives messages about the handling of the code builds.
Build Artifact: The results of application or other object that is created by a build process. Typically this involves source code being compiled into a runtime artifact.
Build Automation: Tools or frameworks that allows source code to be automatically compiled into releasable binaries. Usually includes code-level unit testing to ensure individual pieces of code behave as expected.
Canary Release: A go-live strategy for a new version of an application that is released to a subset of production servers, then monitored to make sure it behaves as expected. If no problems are detected, the new version is deployed to the entire production environment.
Capacity Test: A test used to determine the maximum number of users a computer, server, or application can support before failing.
Configuration Drift: The tendency of software configurations to become inconsistent (i.e. drift), from the original templated version of the configuration due to ad hoc changes (i.e. hotfixes, configuration tweaks, etc.) that were not reintegrate back into the template.
Configuration Management: An IT infrastructure automation tool that is used to establish and maintain consistent settings and functional attributes for a system that performs a specific function (such as a cluster node, database, etc), and helps prevent configuration drift.
Container (aka Containerization): A lighter-weight than machine-level virtualization and sufficient for many isolation requirements. Using resource isolation at the OS level (rather than machine), usually (in Linux-based systems) in user space. Isolated elements vary by containerization strategy and often include file system, disk quota, CPU and memory, I/O rate, root privileges, and network access. A container is an executable package that contains everything needed to execute the code, such as: runtimes, system tools, system libraries, settings, etc.
Continuous Delivery (CD): A set of processes and practices that removes waste from the code development process, that enables faster delivery of application functionality, and sets up a rapid feedback loop between the business and users.
Continuous Integration (CI): A development practice that requires developers to integrate code into a shared repository several times a day. Each check-in is verified by an automated build process, allowing teams to detect problems early.
Dark Launch: A production deployment strategy in which code that implements new features is released to a subset of the production environment but maybe only partially activated. This allows the code is exercised in a production environments without the user's awareness.
Delivery Pipeline: A sequence of orchestrated, automated tasks for implementing the code delivery process for a new version of an application or service. Each step in the pipeline is intended to increase the level of confidence in the new version to the point where a 'go' or 'no-go' decision can be made. A delivery pipeline is the result of optimizing an organization’s release process.
Deployment Automation: The streamlining of application deployments to the various environments used in the SDLC. A deployment automation solution helps teams to have a secure, self-service deployment capabilities for Continuous Integration, environment provisioning, and testing. This solution can help speed deployments, and reduce the rate of errors and failed deployments.
DevOps (Development + Operations): A set of practices that combines code development (Dev) and information-technology operations (Ops) which aims to shorten the systems development life cycle and provide continuous delivery with high code quality.
DevSecOps: The practice of integrating security into the DevOps process.
Failing Fast: A strategy used by an application development team that wants to tries something risky, and if it fails, feedback is delivered quickly, they adapt accordingly, and try again.
Feedback Loops: A foundational principle of DevOps is the creation of a continuous feedback loop between operations and development in the code delivery process. The benefits of this process can include meeting the business's and customer's needs, lessening the development load, creating a better relationship between operations and development, and increasing productivity.
Functional Testing: An end-to-end system testing to validate functionality of the application or service.
Governance: Refers to a process by an organization that evaluates their technology investments to ensure that they are performing as expected and not introducing new risks. A formal governance process helps companies ensure that IT activities are aligned with business goals, and compliance with common standards (i.e. OWASP, PCI, etc.)
Hybrid Cloud: A mixed cloud computing environment that uses on-premises, and third-party cloud infrastructure. As enterprises scale their code delivery processes, a hybrid cloud solution offers greater flexibility and deployment options.
Infrastructure as a Service (IaaS): Cloud-hosted virtualized infrastructure (i.e. servers, network, etc.), that is billed on a 'pay as you go' basis. Users of the infrastructure have full control of it, but need to install and configuring it themselves.
Infrastructure as Code (IaS): A system configuration management technique in which infrastructure components (i.e. servers, network devices, etc.) are specified in a fully automatable format that is needed to build and deliver applications and services. The specification, is regarded as code that is executed by provisioning tools, kept in version control, and generally subject to the same practices used for application code development.
Integration Testing: Testing that occurs after unit testing, but before validation testing, where individual application components are combined and tested as a single group to ensure they work as a whole.
Kubernetes: An open source system for managing containerized applications across multiple hosts, providing basic mechanisms for deployment, maintenance, and scaling of applications.
Lean: A methodology that aims to reduce waste in a production process by focusing on preserving value. Largely derived from practices developed by Toyota in car manufacturing, lean concepts have been applied to code development as part of agile methodologies.
Microservices: A code architecture in which complex applications are composed of several modular, independent processes communicating with each other using language-agnostic APIs. These services are small, highly decoupled, and focus on doing a small task.
Open Source: A program or application where the source code that can be shared, reused or modified by anyone.
Platform as a Service (PaaS): A cloud-hosted application or service (i.e. database, web, etc.), where customers provide the application code and limited configuration settings. While the cloud provider provides the rest of the infrastructure and application management.
Postmortem: With every iteration and project, a common practice to take a look back and evaluate both strong and weak points. A postmortem, more commonly known as a 'retrospective analysis', can help aid organizational learning to ensure that your team is able to further develop best practices on future projects.
Production Environment: The final stage in a deployment pipeline where the code will be used by the intended audience.
Rollback: An manual or automatic operation that restores code or a database to a previously defined state.
Regression Testing: The testing of a system from end-to-end to verify that changes to an application did not negatively impact existing functionality.
Release Coordination: An automated process in a Continuous Delivery pipeline of all the actions required for a new piece of code to go from check-in to go-live.
Release Management: The process of managing code releases from the development stage to the actual application is release.
Scrum: A methodology focuses on maximizing a developer’s ability to respond to changes quickly, such as new project parameters or shifting customer requests.
Software as a Service (SaaS): A business approach of offering software products to customers on a subscription-based payment model, as opposed to the traditional one-time payment method.
Software Chain of Custody: Provides the evidence about everything that happened in the code delivery pipeline. The concept is similar to the chain of custody used by law enforcement to handle a piece of evidence involved in a legal case to prove that evidence was handled properly. This information is used to meet compliance and security requirements of code development .
Source Control (aka Version Control or Revision Control): A system for storing, tracking, and managing changes to code. This is commonly done through a process of creating branches (copies for safely creating new features) off of the stable master version of the code and then merging stable feature branches back into the master version.
Staging Environment: Used to test the newer version of the code before it’s released to the live production environment. Staging is meant to replicate as much of the live production environment as possible, it is also used to catch any bugs before the code is released.
Technical Debt: A programming concept that reflects the extra development work that arises when code that is easy to implement in the short run is used instead of applying the best overall solution.
Toolchain: Tools that are utilized in enterprise DevOps practices, such as: source code management, continuous integration, environment provisioning, application deployment, etc. The DevOps toolchain refers to a set of tools that work together in the delivery, development, and management of an application.
Unit Testing: Code-level testing used to verify the behavior of individual pieces of code. Test-driven development extensive utilizes unit testing to verify intended behavior.
User Acceptance Testing (aka Beta Testing): The final phase of code component testing where clients and end users determine whether the program will work for the end-user in real world scenarios.
Virtualization: A systems management approach that uses physical computer to simulate running hardware, so that 'virtual machines' can be created, started, stopped, cloned, and discarded.
Virtual Machine: An isolated OS, applications and dependencies running on top of simulated hardware, that is running on top of physical hardware.
Waterfall: A code development methodology based on a phased approach to projects, from “Requirements Gathering” through “Development” and “Release.”
White Box Testing: A quality assurance practice that is based on verifying the correct functioning of a system by examining its behavior and state as it operates.
YAML (acronym for, YAML Ain’t Markup Language): A human-readable data serialization language. YAML files are often used by applications and pipelines for storing configuration information.
Zero Tolerance: Meaning that no failures are acceptable, or there is "zero tolerance for failures" generally referencing a production environment. Specifically any interruption of customer-facing services can have a catastrophic impact on customers, especially in highly regulated industries.