Introducing DevOps and CI/CD
Before we get into the principles of DevSecOps, we need to have a good understanding of DevOps. There are a lot of views on DevOps, but this book sticks to the definition and principles as defined by the DevOps Agile Skills Association (DASA). It defines a DevOps framework based on six principles:
- Customer-centric action: Develop an application with the customer in mind: what do they need and what does the customer expect in terms of functionality? This is also the goal of another concept, domain-driven design, which contains good practices for designing.
- Create with the end in mind: How will the application look when it’s completely finished?
- End-to-end responsibility: Teams need to be motivated and enabled to take responsibility from the start to the finish of the application life cycle. This results in mottos such as you build it, you run it and you break it, you fix it. One more...