From theory to practice: Understanding DevOps culture and mindset

Abstract

DevOps is a potential solution to time and quality restrictions in software development. It aims to increase the frequency, quality, and speed of software delivery using automated procedures. DevOps is a culture transformation, not just a toolchain. DevOps emphasizes cooperation, automation, measurement, information sharing, and web service utilization. It positively impacts IT development, online services, and quality assurance. Before commencing the DevOps journey, it is necessary to understand DevOps principles, practices, tools, benefits, and underlying issues. Such vital parameters are critically reviewed in this article. This systematic review addresses gaps and recommendations related to DevOps, aiming to provide a comprehensive understanding of its culture and mindsets. The article presents an in-depth examination of DevOps, covering topics like architecture, components, tools, principles, and security challenges. It establishes a conceptual framework for practical implementation. Security has also been discussed in the paper, which is one of the difficult problems in DevOps implementations. The research findings aid in a better understanding of the phenomenon from a human factors perspective. The state-of-the-art discussion on several tools covering architectural and networking aspects in DevOps is included in this article to attract practitioners and researchers for DevOps adoption. Our analysis revealed three key themes related to DevOps culture and mindset: collaboration, continuous improvement, and automation. Moreover, DevOps is not immune to challenges. The proposed work presents the existing gaps and future research directions to address the same.

Keywords:

• DevOps
• culture
• workplace
• uses
• information technology process enhancement
• mindsets

1. Introduction

Software development has undergone a significant transformation in recent years, with the emergence of new practices and methodologies. These practices and methodologies aim to improve the efficiency, speed, and reliability of software delivery. One such approach that has gained significant traction in the industry is DevOps (Akbar et al., 2022). The term “DevOps” is a combination of the terms “development” and “operations”. DevOps benefits include shortening development cycles, increasing software shipment frequency, and creating a better working atmosphere. When it comes to testing and deployments, automation is a significant aspect of DevOps, enabling speed and agility at scale (Lwakatare et al., 2019).

Cloud computing is the practice of accessing, managing, storing, and processing data through the Internet via a network of distant servers. Companies can now use Cloud Computing to acquire nearly infinite storage and processing capacity through third-party providers rather than purchasing and owning data centers (Christensen, 2016). DevOps and Cloud Computing are becoming more intertwined. The cloud provides for the automated supply and scaling to manage application changes, while DevOps aims to optimize the incorporation of user specifications into application output. Cloud computing IT experts occasionally make mistakes that may easily be avoided. The issue is that best practices have yet to be defined. These sectors are very new, yet the issue may be more about people than technology, and the barrier is sometimes more difficult to overcome for people. DevOps is altering the face of IT processes, and there are new tools and features that companies are introducing to help the DevOps pipeline expand; it is a never-ending process.

DevOps represents a culture, philosophy, and set of practices that bring together the development and operations teams, breaking down the traditional silos between them. By integrating the workflows of both teams and leveraging automation tools, DevOps enables organizations to deliver software faster, more frequently, and with greater confidence in its quality (Ebert et al., 2016). DevOps enables formerly isolated disciplines, including development, IT operations, quality engineering, and security, to interact and create better, more dependable products. By embracing a DevOps culture and implementing DevOps principles and technologies, teams may better respond to customer demands, boost trust in the apps they produce, and accomplish business goals more quickly.

The challenge of building a DevOps culture is that it necessitates significant shifts in how people work and cooperate. On the other hand, organizations that embrace a DevOps culture can foster the growth of high-performing teams (Riungu-Kalliosaari et al., 2016). Teams bring DevOps to life by following particular practices and developing a DevOps culture across the application lifecycle. Some of these methods aid in accelerating, automating, and improving a process. Others help teams create efficient processes that increase production by covering numerous phases.

There is a paucity of literature focusing on DevOps from various perspectives. In particular, DevOps culture, architecture, tools, methodologies, and mentality receive little attention in the literature. A search of one of the world’s largest databases, SCOPUS, identifies the significance of various features of DevOps. Looking at the number of publications in the SCOPUS database that focus on DevOps architecture and trends, shown in Figure 1, it can be seen that the analysis of DevOps architecture is underrepresented in the literature.

Figure 1. Literature statistics on DevOps year-wise.

From the Scopus database shown in Figure 1, it can be corroborated that DevOps has attracted much research in recent times, and as a result, steady growth is observed in the number of publications yearly. Nonetheless, these DevOps from various key characteristics are rapidly gaining the attraction of researchers, as seen by published papers on DevOps trends. Moreover, as shown in Figure 2, the increasing interest of academics and industries can be observed in the paradigm of DevOps across diverse areas such as Business, Management, and IT processes. The security aspects of this paradigm are scarcely researched, which is also one of the objectives of current research work. The current research work is developed based on four prime goals enumerated in (Rowe, 2014): theory, breadth, systematicity, and argumentative strategy.

Figure 2. Literature statistics based on subjects covered from the SCOPUS database.

Due to a lack of interoperability, DevOps is lagging behind in fulfilling its full potential. One of the possible ways to overcome interoperability concerns in DevOps and other challenges is to evaluate existing architectures, tools, and mindsets fully. The current paper is a comprehensive assessment that reviews prior work and proposes feasible recommendations based on identified gaps in the existing literature within the context of culture and DevOps paradigm changes.

The manuscript is organized into the following sections.

Related work and contribution of the article are presented in Section 2. In Section 3, an elementary overview of DevOps is included. The culture, adoption, measurements and sensing related discussions and other DevOps aspects are comprehensively analysed in Section 4. The state-of-the-art tools for DevOps are discussed and analysed in Section 5. Recent trends on DevOps in literature are presented in Section 6. Lastly, the conclusion and future work is presented in Section 7 of the manuscript.

2. Related work and contribution

Related work on DevOps has been extensive, with researchers and practitioners exploring various aspects of this approach to software development. In this section, related work on DevOps is reviewed. From the reviewed work, research gaps are identified, and potential recommendations are made in this manuscript.

2.1. Research methodology

The SCOPUS database is used to carry out the research presented in this work. In the SCOPUS database, the articles and trends were analysed. The keyword used in the search bar is “DevOps” to analyse the various articles on DevOps. To restrict the search results, the results were restricted from 2011 onwards. Some of the articles were eliminated, which carry irrelevant keywords in order to search result precise and narrow. Further, journals were prioritised over the conference to maintain the quality. Some of the journals were further analysed in the SCI database, and only those of high quality were selected for the analysis purpose. The research methodology followed in the articles revolved around grounded theory. Grounded theory analysis is a research methodology used to develop theories and frameworks based on empirical evidence. In DevOps, grounded theory analysis can be used to better understand the underlying factors contributing to successful DevOps implementation and develop models and frameworks for effective DevOps practices.

The process of grounded theory analysis in DevOps typically involves collecting and analysing data from various sources, such as surveys, interviews, and observations. The data is then analysed using a grounded theory approach, which involves identifying recurring themes and patterns in the data and developing a model or framework based on these themes. Some notable work in this direction can be found in (Webster & Watson, 2002).

For example, grounded theory analysis can be used to understand the factors contributing to successful collaboration between development and operations teams in a DevOps context. Data analysis shows that factors such as open communication, shared goals, and a culture of continuous improvement are critical to success. This knowledge can then be used to develop a model or framework to guide organizations in fostering these factors in their DevOps practices.

Grounded theory analysis can also be used to identify barriers to successful DevOps implementation, such as organizational resistance to change or lack of resources. By understanding these barriers, organizations can develop strategies to overcome them and achieve successful DevOps implementation (Wolfswinkel et al., 2013).

2.2. Related work

One area of focus has been on the benefits of DevOps, with studies highlighting the improved speed and quality of software delivery, increased collaboration between teams, and higher levels of customer satisfaction. To precisely use the references from abundantly available in literature, the six steps review approaches are followed, i.e., review plan, literature search, literature selection, quality assessment of selected literature, data extraction, and conclusion from data (Paré et al., 2016). This ensures systematicity and transparency in the review methods.

In (Jha & Khan, 2018), the fundamental of DevOps is presented and discussed DevOps as a conceptual study for integrating operational and development reviews to improve the deployment frequency rate and maintain the quality of software. A review report on DevOps is presented in (Erich et al., 2014c), in which about 139 articles reviewed. In this, Erich et al. conclude that DevOps has immense capability but is scarcely explored. DevOps can benefit researchers, engineers, and managers and thus can be analysed from each perspective. A thorough review of DevOps from each perspective is presented in (Leite et al., 2019), where Leite et al. addressed research directions on DevOps, covering several perspectives such as practices, experience, impact, concept, challenges, adoption and training. Though literature (Erich et al., 2014c; Jha & Khan, 2018; Leite et al., 2019) covers DevOps, the different tools and adopting technologies together were scarcely explored. Specifically (Jha & Khan, 2018), covers the conceptual framework (Erich et al., 2014c), reviewed 139 articles and existing gaps, whereas (Leite et al., 2019) attempts to cover the theoretical and business paradigm of DevOps.

In order to enable a converged technological stack, the essay emphasises the value of abstracting the configuration required to launch server instances into reusable recipes or manifests. With respect to the deployment of DevOps in the networking paradigm, s systematic review is presented by J. Shah et al. in (Shah et al., 2018), where authors also proposed different DevOps tools for networking. However, only the networking aspect was considered while proposing the tools and developments and business aspects were completely ignored. Some of the standards networking tools that were proposed include Ansible for configuration management, Jenkins for configuration integration, vagrant for provisioning, and Docker for containerization are among the tools mentioned in the article as being essential for creating a continuous integration and continuous delivery pipeline which is the main objective of DevOps. In (Gokarna & Singh, 2021), M. Gokarna et al. reviewed the challenges towards adopting DevOps in the current scenario. Several examples were included without a case study to corroborate the adopting technologies and tools. Further, the authors conclude that DevOps cannot be integrated into an existing pipeline in a single step. It ought to be implemented in gradual steps. In literature, it is observed that DevOps is not just a toolset but also a culture shift that is not yet fully understood. In order to solve this problem and to offer a better understanding of the DevOps culture from the viewpoint of human factors, the authors in (Sánchez-Gordón & Colomo-Palacios, 2018) carried out a thorough literature review. Nevertheless, the development and integration into the existing aspects of DevOps were not covered in this literature.

A multifocal literature review is presented in (Lie et al., 2020), where authors examined the present level of DevOps adoption in the regulated medical device environment and also suggested a checklist for implementing DevOps in that environment based on that review. This review is exemplary work for a regulated environment. However, the adoption of DevOps for unregulated environments was not critically analysed. With respect to the DevOps framework, a systematic review is presented in (Gall & Pigni, 2022) in which authors analysed all articles relevant to DevOps covering software engineering and information system domains from 2012 to 2020. The proposed work further augments the existing work by incorporating state-of-the-art tools and technology for DevOps adaptation. A conceptual model is designed as a result of an extensive review that logically classifies and defines the conceptual components of DevOps. A review to systematically map the different DevOps paradigms is carried out in (Waseem et al., 2020) where authors identified 24 problems and proposed solutions for microservice architecture related to DevOps.

Software test automation, a key component of continuous integration in DevOps, is one of several elements that influence the success and advantages of DevOps. Pando et al. in (Pando & Dávila, 2022) conducted a comprehensive mapping analysis based on eight research topics to compile and organise the literature on automated testing in the DevOps setting. Machine learning (ML) techniques are increasingly used to solve real-world problems, and even these methods effectively handle difficult issues and are applied in various domains. The other burgeoning technologies in a similar context, such as artificial intelligence, neural network and deep learning, could also have been explored, which is missing in the existing article. The software development community is using modern DevOps practices to enhance the quality and deliverability of ML-based apps. However, there is a knowledge gap about the adoption trends, maintenance requirements, and advantages of DevOps among ML-based projects. Authors in (Rzig et al., 2022) presented a systematic review in this direction. Further, the traits and areas of potential improvement in ML DevOps are also comprehensively analysed. It is essential to comprehend the elements that affect the decision to use DevOps. In this direction, another review of the adoption of DevOps across various sectors is presented by Muyet et al. in (Muyet & Sahibuddin, 2022). But, the aspects of communication and computation technologies are not covered. Six similar models are found after thoroughly analysing the literature on DevOps adoption models. The implication of different elements of DevOps and actors responsible for the successful deployment of DevOps are critically analysed by Azad et al. in (Azad & Hyrynsalmi, 2023).

The systematic analysis of all reviews in the literature reveals that DevOps surveys primarily cover topics such as the reference model, methodologies, applications, and implementation. The architecture of DevOps and its applications are the core topics of these publications. Despite covering a large percentage of the subject in various papers, only a few of these publications present all the information in one document paper. There is not a complete evaluation of all DevOps information in one location. A comparison between the existing surveys with the present one is comprehensively shown in Table 1.

Table 1. The coverage of some of the significant literature reviews and research articles

References	Architecture	Culture	Measurement	Sharing	Services	QA	Adoption	DevSecOps	Year
Jha and Khan (2018)	✓	X	X	X	X	X	X	X	2018
Erich et al. (2014c)	✓	✓	X	X	X	X	✓	X	2014
Leite et al. (2019)	✓	✓	✓	X	X	X	X	X	2020
Shah et al. (2018)	✓	✓	X	X	X	X	✓	✓	2018
Gokarna and Singh (2021)	✓	✓	X	X	X	X	X	X	2021
Sánchez-Gordón and Colomo-Palacios (2018)	✓	✓	✓	✓	X	X	✓	X	2018
Lie et al. (2020)	✓	✓	✓	✓	X	X	X	X	2020
Gall and Pigni (2022)	✓	✓	X	X	X	X	✓	X	2022
Waseem et al. (2020)	✓	✓	X	X	✓	✓	✓	X	2020
Pando and Dávila (2022)	✓	✓	✓	✓	✓	X	X	X	2022
Rzig et al. (2022)	X	X	✓	✓	✓	✓	✓	X	2022
Muyet and Sahibuddin (2022)	✓	✓	X	✓	✓	✓	✓	X	2023
Azad and Hyrynsalmi (2023)	X	✓	✓	✓	✓	✓	✓	X	2023
This paper	✓	✓	✓	✓	✓	✓	✓	✓	2023

2.3. Contributions

DevOps is a cultural and collaborative movement that emphasizes integrating software development and IT operations to achieve faster and more reliable software delivery. While many organizations are adopting DevOps practices, there is still a lack of clarity around what DevOps culture and mindset entail. The rapidly evolving DevOps landscape, limited comprehensive studies on culture and mindset, and practical challenges in adopting DevOps have necessitated further research in this domain. Understanding the impact of culture and mindset on collaboration, performance, and long-term sustainability is crucial. Investigating the psychological and behavioural aspects and contextual variations in different organizations can provide valuable insights for creating conducive environments. A thorough analysis can offer actionable insights to foster effective DevOps practices, enhance software development, and improve organizational performance and competitiveness. Accordingly, this article presents a grounded theory analysis of DevOps culture and mindset.

Based on the comprehensive discussion on related work, this manuscript envisages contributing to the existing ocean of literature through its following vital contributions.

• This present work analyses the seminal review and surveys to identify research gaps and difficulties in DevOps.

• In this article, an elementary overview of DevOps is presented in a comprehensive manner.

• The contemporary gaps, issues, and challenges related to culture, automation, measurement and sharing of DevOps are presented in this paper.

• The state-of-the-art discussion on several tools covering architectural and networking aspects in DevOps is included in this article to attract practitioners and researchers for DevOps adoption.

• Our analysis revealed three key themes related to DevOps culture and mindset: collaboration, continuous improvement, and automation.

3. Elementary overview of DevOps

3.1. Introduction of DevOps

DevOps is a software development methodology that emphasizes collaboration, communication, and automation between software development teams and IT operations teams to achieve faster and more reliable software delivery. A company’s development and operations are critical components. Both of them are constantly working to improve the efficiency of a company. Developers create and improve apps while operations oversee the process of developing products and services.

In traditional software development, there is often a disconnect between development teams and operations teams, which can result in slow and unreliable software delivery. DevOps aims to bridge this gap by promoting collaboration and communication between these teams and breaking down silos that can lead to delays and errors. Previously, both teams worked independently, with the code being turned over to operations. Both teams are now operating in tandem, which is referred to as DevOps. Many firms are abandoning the traditional methodology in favour of DevOps (Pang et al., 2020).

Previously, developers and administrators had separate objectives. Developers were primarily concerned with creating or developing features, while operations were concerned with maintaining the features’ availability, performance, reliability, and security. Outages, blame-shifting, firefighting, consumer dissatisfaction, internal stress, and, on rare occasions, corporate loss resulted from the disparity. DevOps, which stands for Development + Operations, is a partnership of developers and operations that works with improved collaborations and automation. It is a set of methods, tools, or a mindset that is used to solve a problem:

• The iteration cycle is shortened.

• New features are made available.

• Collaboration between developers and operations is improved.

DevOps is a combination of approaches, tools, and a mentality that automates and combines the activities of software development and IT teams. The importance of team empowerment, cross-team communication and cooperation, and technological automation is emphasized (Marrero & Astudillo, 2021). DevOps also emphasizes automation, which can help to streamline processes, reduce errors, and increase efficiency. Automation can be used for tasks such as testing, deployment, and monitoring, freeing up time for more strategic tasks and enabling faster software delivery.

DevOps refers to a cultural transformation in which teams embrace a software engineering mindset, methodology, and toolset that prioritizes operational needs alongside architecture, design, and development. When software engineers also run it, they better grasp the user’s requirements and demands. Increased openness, communication, and team collaboration are among the values of a DevOps culture (Macarthy & Bass, 2020).

3.2. DevOps working and architecture

A DevOps team is made up of developers and IT operations workers who work together to increase software deployment speed and quality across the product lifecycle. It is a different way of operating, a cultural shift with far-reaching implications for teams and their organisations. Development and operations teams are no longer “silos” in a DevOps design. These two teams may occasionally combine into a single team, with engineers working across the whole application lifecycle—from development and testing to deployment and operations—and holding a wide range of skills (Wahaballa et al., 2015).

DevOps teams utilize tools to automate and accelerate procedures, increasing dependability. A DevOps toolchain aids teams in tackling key DevOps principles such as continuous integration, continuous delivery, automation, and collaboration. DevOps values are sometimes applied to non-development teams. Security becomes an active and integrated component of the development process when security teams adopt a DevOps strategy. This is known as DevSecOps (McCarthy et al., 2015).

In order to deliver apps, both development and operations are required. Analysing requirements, designing, developing, and testing software components or frameworks are part of the deployment process. The administrative processes, services, and software support are all part of the business. DevOps architecture is the way to close the gap between deployment and operation terms when both development and operations collaborate. As a result, delivery can be faster (Agrawal & Rawat, 2019). DevOps architecture is utilized for cloud-based applications as well as extensive dispersed systems. Agile development is utilized in the DevOps architecture to allow seamless integration and delivery. It takes longer to create, test, and deploy when the development and operations teams work independently. Furthermore, if the terms are out of sync, the delivery may be delayed. As a result, DevOps enables teams to improve their inadequacies while increasing productivity.

The complexity of modern software systems requires a more sophisticated approach to software development and delivery. The decision-making in a complex system is based upon several parameters, including internal and external factors. A guide on decision-making in the complex system using fuzzy logic is provided by Aslan et al. in (Tatarkanov et al., 2022). DevOps enables organizations to manage this complexity by providing a framework for continuous improvement, rapid experimentation, and faster feedback loops. We need architecture for DevOps because it provides a structured approach to implementing and managing the various tools and processes involved in DevOps. An effective DevOps architecture can help to streamline and automate the software delivery process, reduce errors, and increase efficiency. DevOps architecture also enables organizations to scale their DevOps practices more effectively. As organizations grow and their software delivery requirements become more complex, architecture can help to ensure that DevOps practices remain consistent and effective across different teams and projects.

The various components utilized in the DevOps architecture are listed below and are also shown in Figure 3. It is worth to recall that the DevOps working architecture can vary depending on an organisation’s specific needs and goals, but generally, it includes the following key components.

• Build: Without DevOps, the cost of resource consumption was calculated using pre-determined individual utilization and set hardware allotment. Moreover, with DevOps, the cloud is used, resources are shared, and the build is based on the user’s needs, which is a technique to govern the use of resources or capacity.

• Code: Many good practices, like Git, allow code to be utilized, ensuring that it is written for business, tracking modifications, being notified of the cause for the difference between the actual and expected output, and, if required, reverting to the original code generated. The code can be properly organized in files, folders, etc. They can also be reused.

• Test: After testing, the application will be ready for production. Manual testing takes longer to complete since it requires more time to test and move the code to the output. Testing can be automated, which reduces testing time and hence reduces the time to release code to production, as automating the execution of scripts eliminates several manual stages.

• Plan: Agile technique is used by DevOps to plan development. When the operations and development teams work together, it is easier to organize work and plan ahead to boost productivity.

• Monitor: Any risk of failure is identified by continuous monitoring. It also aids in correctly tracking the system so that the application’s health may be assessed. Monitoring gets easier with services that allow log data to be watched using a variety of third-party tools such as Splunk.

• Deploy: The scheduler can be used by a variety of systems to automate deployment. By deploying dashboards, the cloud management platform allows users to gather accurate insights and examine the optimization scenario and trend analytics.

• Operate: The old approach of developing and testing independently is changed by DevOps. The teams work together collaboratively, with both teams contributing actively throughout the service lifecycle. The operation team collaborates with developers to build a monitoring strategy that meets both IT and business needs.

• Release: Automation can be used to deploy to a specific environment. However, manual triggering is used when it comes to deploying to the production environment. To minimize the impact on customers, many release management systems are used to execute the deployment in the production environment manually.

Figure 3. DevOps architecture.

In an ideal scenario, DevOps architecture fosters high collaboration and eliminates silos, allowing operations and development to thrive and build on requirements quickly. Nevertheless, no two DevOps companies are alike, and things rarely go as planned (Govil et al., 2020). Using DevOps principles in an organization has increased productivity, improved delivery, and provided consumers more frequent and reliable outcomes. Implementing a DevOps approach to software design has become an important trend in enterprise firms and is unlikely to fade away anytime soon (Hemon-Hildgen et al., 2020).

DevOps architecture is essential for implementing and managing DevOps practices effectively. It provides a structured approach to software delivery, enables scalability, addresses security and compliance concerns, and supports continuous improvement. Nevertheless, DevOps architecture enables organizations to improve their DevOps practices continuously. By monitoring and analysing key metrics, such as deployment frequency and lead time, organizations can identify areas for improvement and make changes to their architecture and processes accordingly.

3.3. History of DevOps

The history of DevOps can be traced back to the early 2000s when there was a growing need to address the challenges of traditional software development methodologies. In the early days of software development, developers and operations teams worked in silos, which often resulted in slow and unreliable software delivery. This led to a demand for a new approach that could enable faster and more reliable software delivery. If DevOps had a birth certificate, Patrick Debois would be listed as the father’s name. Patrick was eager to learn everything about IT, so he started working on a huge data centre move in 2007 as the testing lead (de Aguiar Monteiro, 2021). During this project, he realized that the frustrations he was experiencing stemmed from the continual moving back and forth between the development side of the problem and the operations silo on the other side of the fence (Waseem & Liang, 2017). He acknowledged that much effort had gone into sailing the project between two worlds, but the chasm looked too large to traverse.

Later, in 2008, during an agile conference in Toronto, Canada, Andrew Shafer attempted to organize a meetup session called “Agile Infrastructure.” Patrick was the only one in the room when he arrived for the session. Andrew’s posting had gotten so much criticism that he did not even attend his session. On the other hand, Patrick was so pleased to meet a like-minded individual that he tracked him down at the conference and struck up a conversation with him in the hallway. Later that year, they started a discussion group where others may share their ideas for bridging the gap between development and operations (Bou Ghantous & Gill, 2017).

Initially, there was only a smidgeon of interest, and nothing came of it. John Allspaw and Paul Hammond gave a lecture addressed “10+ Deploys a Day: Dev and Ops Cooperation at Flickr” in June of 2009. At his home in Belgium, Patrick happened to be watching the streaming video of that presentation, and it struck a chord with him right away. He knew this was the very solution he sought (Ghantous & Gill, 2020). He was so inspired by this talk that he organized a meeting of developers and system administrators to explore the best strategies to begin bridging the gap between the two disciplines (Khan et al., 2022).

DevOpsDays was the name he gave to the event, which took place in the last days of October in 2009. This incident drew much attention from professionals in both industries, and it created much discussion on Twitter, where the hashtag was quickly reduced to DevOps. It was not long before some smaller software companies attempted to put together DevOps practices and tools to help these newly formed teams (Guşeilă et al., 2019). DevOps has built a grassroots following that began to put its ideals into practice.

Finally, Gartner’s Cameron Haight outlined his projections for DevOps’ trajectory over the next few years in March 2011. His upbeat assessment of the industry’s influence drew even more attention to the DevOps movement, and it wasn’t long before businesses of all sizes began to implement these new techniques. DevOps had firmly established itself as the IT industry’s next big thing after Agile (Cruz & Albuquerque, 2018).

In the years that followed, the DevOps movement gained momentum, with more and more organizations adopting DevOps practices to improve their software delivery capabilities. In 2012, the State of DevOps report was first published, providing empirical data on the benefits of DevOps practices. The rise of cloud computing and containerization technologies, such as Docker and Kubernetes, has also played a significant role in the evolution of DevOps. These technologies have enabled more efficient and scalable infrastructure management, a key component of DevOps practices. Today, DevOps is a widely adopted approach to software delivery, with many organizations embracing DevOps principles and practices to enable faster and more reliable software delivery. The DevOps ecosystem includes a wide range of tools, technologies, and practices, and continues to evolve rapidly to meet the changing needs of modern software development.

Comprehending what DevOps is and why it is vital requires knowing how DevOps originated. Developers and operations leaders came together to share their views and concerns about the industry and how to get work done more efficiently, and DevOps was created. The idea arose from the types of people it’s meant to assist. The power of DevOps lies in the culture that surrounds it, which encourages people to think outside of their silos (Valani, 2018). It is not as straightforward as purchasing new business software tools to transform your company into a DevOps culture (though many can aid the process). DevOps is not a single product; it grew out of the necessity for constant improvement and adaptation (Chen, 2019). As a result, the DevOps transformation process will never be complete, as the system should constantly evolve and improve. DevOps teams are made up of multi-disciplined individuals working toward the same goal: improving collaboration (Batra & Jatain, 2020).

DevOps enables teams to build, test, and deploy faster and with a higher level of quality, thanks to the collaboration that the tools enable, not the technologies themselves. Leveraging a technological stack for DevOps can only get you so far (Chapman, 2014). DevOps’ strength is in the team’s ability to communicate and work toward common goals.

3.4. DevOps principles

DevOps principles are a set of guiding values and beliefs that underpin the DevOps approach to software development and delivery. These principles are intended to promote collaboration, communication, and automation between development and operations teams, and to enable faster and more reliable software delivery. DevOps techniques are best understood by looking at the concepts that DevOps adheres to. To name a few, we have the following key principles.

3.4.1. Principle 1: Customer-oriented actions

Brief responses from genuine customers and end-users are critical nowadays, and all effort in producing IT products and services focuses on these clients. To fulfil the demands of these customers, DevOps organizations should have the courage to function like lean start-ups, constantly inventing, pivoting whenever a single strategy is not effective, and regularly investing in goods and services that give the highest degree of customer pleasure (Ambler, 2011).

3.4.2. Principle 2: Consider options with the final goal

Organizations must forsake waterfall and methodology models whereby each system or employee is solely responsible for a specific job or responsibility and is not accountable for the big picture (Saugatuk Technology, 2014). They must run like product companies, with a clear objective of developing useful items for actual users, and all employees need embrace the technical mentality necessary to create and produce those things (Khaled Aljundi, 2016).

3.4.3. Principle 3: Responsibility from beginning to end

Teams are systematically organized in a DevOps context such that they must be ultimately liable from concept to grave. DevOps teams are vertically organized, as opposed to traditional organizations, which design IT solutions and then pass them over to Operations to install and maintain, so they are entirely accountable from idea to the grave (de Feijter, 2017). These steady organizations retain responsibility for the IT goods or services these teams develop and provide. These teams also provide programs or services until the objects reach the end of their useful life, significantly improving the sense of duty and the durability of the developed products (Riungu-Kallosaari, 2016).

3.4.4. Principle 4: Multifunctional autonomous teams

Vertical, fully responsible divisions in product organization must be self-contained throughout the entire lifecycle. This needs a varied set of skills and stresses the need for T-shaped all-around profiles instead of old-school IT workers who are only trained or skilled in one or perhaps more domains, including testing, requirements analysis, or programming. These groups serve as a testing ground for individual development (Susarla et al., 2009).

3.4.5. Principle 5: Continuous enhancement

The end-to-end role entails continual adaptation to changing conditions (e.g. customer needs, changes in legislation, and new technology become available). In a DevOps culture, there is a strong emphasis on continuous improvement to avoid waste, optimize for speed, cost, and convenience of handover, and continually enhance the products/services offered. Experimentation is thus an essential task for embedding and building a way of learning from mistakes. If it aches, performing it very often is a great slogan to abide by in this situation (Fox & Patterson, 2014).

3.4.6. Principle 6: Automate as much as you can

Many businesses have such an amount of trash to get rid of in adopting a culture of continuous learning with high load rates and building an IT division that receives quick feedback from the client or consumers. Fortunately, in recent years, considerable progress has been made in IT design and implementation (Dyck et al., 2015). The ability to automate the software development life cycle (continuous delivery, including consistent dynamic provisioning) and the entire network landscape by building succeeding container-based virtualization platforms that allow the framework to be versioned and considered as code. The ambition to reimagine how the team offers its services is linked to automation (Debois, 2011).

The DevOps principles are summarized in Figure 4. These principles work synergistically to enable organizations to deliver high-quality software more efficiently and respond rapidly to changing requirements. By adhering to these principles, organizations can improve their software delivery capabilities and respond more quickly and effectively to changing market demands and customer needs.

Figure 4. DevOps principle.

3.5. DevOps cycle

DevOps is typically organized around a continuous cycle of planning, development, testing, deployment, and monitoring. This cycle, often referred to as the “DevOps pipeline,” enables organizations to deliver software changes more quickly and reliably, while maintaining a focus on quality and stability. The specific stages of the DevOps pipeline may vary depending on the organization’s specific needs and requirements, but the following stages are typically included in DevOps. Further, its cycles are shown in Figure 5.

Figure 5. DevOps process flow.

3.5.1. Continuous integration

Engineers are expected to include code in a shared repository a few times per day as part of a continuous integration process. A Robotized assembly confirms each check-in at that stage, allowing organisations to spot errors early in the cycle. Coherent testing is a process of automating and incorporating component, productive, and not-so-useful (execution, security, and so on) inspections into the order fulfilment chain, and then executing those assessments against every other version of the backend (Bass et al., 2015). Customized evaluations and operational conditions can be designed to guarantee that just the most pertinent experiments are conducted according to each form, or the whole testing procedure can be run among each form. Ongoing testing can be used to supplement test-driven development (Rowe & Marshall, 2012).

3.5.2. Continuous delivery and deployment

A continuous conveyance is where you will likely build dependable programming that can be transmitted to production at any moment. You may accomplish continuous conveyance by automating the transmission spill from prototype to manufacturing. Operationalizing foundation setup and regulating arrangement subtleties in a similar way to supervising source code are critical components of continuous conveyance (Loukides, 2012).

3.5.3. Continuous operation

Administering software or hardware upgrades in a way that is not disruptive to end-users. Patch management and compliance are two processes that fall within this category. Even though software and servers can be taken offline for scheduled maintenance, continuous operations allow consumers to continue receiving service from the prior version of the program until the new version is properly tested and delivered (Allspaw, 2016).

3.5.4. Continuous assessment

Continuously evaluating an application in light of three types of criticism

• Feedback loops—Regularly evaluate the software’s accessibility, health, and performance and capture and report on the customer service experience throughout the product lifecycle (i.e., evolution, quality standards, planning, and generation). The application and end-user experience may be streamed and modified in real-time (Rembetsy & McDonnell, 2016).

• Planning prioritization— As information is received, the planning team can continue to assess and organize new features, capabilities, and deformity resolutions in response to business demands and requests from end-users (Erich et al., 2014a).

• Portfolio Company— As information is acquired, the planning team can survey and organize hypotheses from the business drivers’ perspective.

By following this continuous cycle, organizations can ensure that software changes are delivered quickly, reliably, and with a focus on quality and stability. This can help to improve customer satisfaction, reduce costs, and increase competitiveness in today’s fast-paced digital marketplace

4. DevOps: Key aspects from diverse perspective

DevOps CAMS is a framework that highlights the four key pillars of DevOps: Culture, Automation, Measurement, and Sharing. Each of these pillars plays a critical role in enabling the success of DevOps initiatives. The discussion on these aspects are covered in this section. In addition, the other vital aspects such as services, quality assurance, etc. are also analysed in this section.

4.1. DevOps CAMS

DevOps CAMS stands for Culture, Automation, Measurement, and Sharing. It is a set of principles and practices that underpin the DevOps approach to software delivery.

4.1.1. DevOps culture

A DevOps culture, at its core, implies deeper cooperation and shared ownership of the goods created and maintained by development and operations. This is illustrated in Figure 6. This allows businesses to better align their people, processes, and tools to focus on the consumer. Increased openness, communication, and collaboration amongst teams that formerly functioned in silos are at the heart of DevOps culture. DevOps is a movement in corporate culture that prioritizes continuous learning and improvement, particularly through team autonomy, quick feedback, high empathy and trust, and cross-team collaboration (Erich et al., 2014b).

Figure 6. DevOps culture.

4.1.2. DevOps automation

DevOps automation is the activity of automating manual and repetitive DevOps tasks so that they can be completed without human intervention. Automation can be used at any point in the DevOps lifecycle, including:

• Project planning and development

• Deployment and distribution of software

• Monitoring

DevOps automation is illustrated in Figure 7. DevOps automation aims to reduce the manual burden and streamline the DevOps lifecycle. This automation yields several significant benefits:

Figure 7. DevOps automation.

• It does away with the necessity for huge teams

• Significantly lowers the number of human errors

• Improves team efficiency

• Establishes a fast-paced DevOps lifecycle

Automation mostly relies on software tools and presetting parameters to automate important procedures and operations.

4.1.3. DevOps measurement

Measurement is so important when done properly. It is the secret ingredient in any DevOps transformation and is illustrated in Figure 8. It is an important part of every technological transformation (Cruzes & Dyba, 2011). Simply put, measurement entails four steps:

Figure 8. DevOps measurement.

• Continuous performance during the whole software development lifecycle, monitoring, and tracking are carried out

• Gathering, analysing, and recommending ways to act based on responses

• Assessing faults and determining ways to avoid committing them in the future

• Facilitating teams to assist them in working toward a common purpose.

Continuous improvement is only possible with DevOps if particular metrics are gathered, monitored, and analysed regularly. MTTR (mean time to repair), cycle time (i.e., lead time), expenditures, income, and employee happiness are all factors to consider are some of these indicators and KPIs (Petersen et al., 2008).

4.1.4. DevOps sharing

The DevOps culture includes continuous delivery, continuous testing, continuous integration, and continuous improvement. It helps identify and resolve bottlenecks in continuous improvement, automate against their happening, incorporate solutions into the DevOps production process, and communicate changes to stakeholders (and customers). This is illustrated in Figure 9.

Figure 9. DevOps sharing.

Together, these four pillars form the foundation of successful DevOps initiatives. By focusing on culture, automation, measurement, and sharing, organizations can build a collaborative, efficient, and effective DevOps culture that enables them to deliver software changes quickly, reliably, and with a focus on quality and business value.

4.2. Services

Services are one of the areas where DevOps makes a significant contribution. Two distinct developments are referred to by the term “services.” For starters, software companies are shifting from a product to a service model. The software might previously be purchased after the fact, in a store, or as custom-made software. Today, the software is typically delivered to clients as a service or relies on third-party services. Second, previously controlled by enterprises, resources are now available as services. This can be seen in software as a service (SaaS), platform as a service (PaaS), and infrastructure as a service (IaaS).

There are two key conclusions when it comes to services: To begin, corporations can employ a range of third-party cloud computing services instead of traditional libraries. Just a few examples are storage, logging, mail, and caching. Second, behaviour-driven operations can test third-party service communication (as explained under automation). Service management is aided by the usage of unified frameworks.

Because services rely on collaboration between development and operations workers, including DevOps principles in service management frameworks is beneficial. As a result of service-based models like SaaS, businesses must rethink their business strategies. DevOps should also be implemented into the business plan; given that it is frequently cited as a competitive advantage. As development and operations activities grow increasingly interwoven, businesses must rethink their business models.

DevOps services can help organizations improve their software delivery processes, reduce costs, increase agility, and deliver more value to their customers. By leveraging DevOps tools and practices, organizations can build a more collaborative, efficient, and effective software development and delivery pipeline.

4.3. Quality assurance

A whole other domain wherein DevOps has a considerable influence is quality assurance. Quality assurance in information systems connects the sides of development, operations, customer support, and the customer themselves. As a result, these four parties share responsibility for quality assurance (Mishra & Otaiwi, 2020). Agile software development and DevOps may be both a benefit and a burden in terms of quality assurance.

Quality assurance in DevOps refers to the process of ensuring that software is developed, tested, and deployed in a way that meets the desired level of quality. This is achieved by incorporating quality checks and testing throughout the DevOps pipeline, rather than as a separate step at the end of development. Quality assurance is facing a challenge: their workload has gotten increasingly uncertain. The adoption of agile software development has impacted quality assurance. While organizations still used a waterfall-style software development technique, quality assurance could readily anticipate their workload. The software was distributed regularly, with considerable gaps in between. DevOps makes quality assurance easier by bringing these parties closer together through cooperation and tooling. As a result, DevOps allows quality assurance personnel to collect more data than they previously could. In DevOps, quality assurance is a shared responsibility between development, operations, and testing teams. Developers write automated tests and perform code reviews to ensure that code changes meet the required quality standards. Operations teams ensure that infrastructure and deployment processes are reliable and secure. Testing teams create and run automated tests to validate the functionality and performance of the software.

Real-time User Monitoring is also a pattern that may be used to detect end-user issues early on. Quality assurance might be assigned to a person who performs development and operational tasks. Several roles can use BDOps in quality assurance to indicate how the system should provide the desired user experience. Furthermore, by managing software settings as source code, users get a more consistent experience, the software is released faster, and new features are released more frequently.

4.4. Advantages

Following are the some of the key advantages which it offers.

• Ensure a quicker deployment: Upgrades and enhancements that are faster and more regular will satisfy the customers and help the firm stand out in a crowded industry.

• Maintain a consistent work atmosphere: It is stressful to integrate new features, updates, or upgrades. They can destabilize the workspace and lower overall productivity. The work environment can be improved by using DevOps methodology to take a consistent and well-balanced approach to operations.

• Product quality is much improved: Product quality improves significantly due to collaboration between development and operations teams, as well as regular user input collecting.

• Repetitive tasks can be automated, giving more time to be creative: DevOps has greater advantages than the traditional paradigm since it enables faster discovery and rectification of problems. Because the challenges are regularly tested through automation, the team has more time to develop new ideas.

• Improves the organization’s adaptability: It is no surprise that being agile in business may help to remain ahead of the competition. DevOps has enabled the scalability required to transform the business.

• Consistent provision of software: All teams are responsible for keeping stability and implementing new features under the DevOps model. As a result, software distribution is quick and unaffected.

• Techniques for resolving issues in a timely and consistent manner: One of the main advantages of DevOps is that it enables a speedy and stable solution to software management technical flaws.

• Transparency boosts productivity: By reducing silo(ing) and increasing collaboration, this strategy facilitates communication among team members, allowing them to focus more on their specialized sector. As a result of incorporating DevOps practices, a company’s employees’ productivity and efficiency have increased.

• Production costs as low as possible: DevOps helps departments save money on administration and production by combining maintenance and new upgrades under one umbrella with clear communication.

By integrating quality assurance into the DevOps pipeline, teams can catch defects earlier and ensure that software is delivered with fewer bugs and defects. This helps to improve the overall quality of the software, reduce the risk of production issues, and enhance customer satisfaction.

4.5. Challenges/Misinterpretations about DevOps

Like any other technologies, DevOps also plagued with several challenges related to static, lack of skills, toolchain complexity, security, compliance issues, architecture, scalability, etc. By addressing these challenges, organizations can improve their adoption of DevOps practices and realize the benefits of faster delivery, improved quality, and increased collaboration and communication across teams. In broad categories, these challenges are discussed below.

4.5.1. It’s a no-ops situation

It’s not true to say, “They’re snatching our jobs!” Some people feel that DevOps means that designers take charge of projects and finish them without the help of others. Some of it is correct, while others are not. DevOps and its predecessors in dexterous activities are frequently birthed from activity groupings. It is a common misconception that DevOps evolved from the developer side of the structure to reduce duties. This is because those involved in activities (including me) have recognized that our current standards, procedures, and practices fall short of what is required for progress. We’ve been giving less as we try to deal with our problems in a more unbending manner, and we require a central reorientation to supply framework foundations powerfully as businesses and improvement groups demand increased vigor as the work environment becomes increasingly fast-paced. As far as we can tell, a few areas of jobs should be automated, which might mean that we operations staff boost computerization, engineers build “activities” code, or both. While this may surprise some, it is part of the community-oriented approach’s overall assessment. Two people with significant experience are present in every successful group led using this method. Two people with profound DEV and profound operations ranges of abilities work together to create a greater overall product in every successful group utilizing this strategy.

4.5.2. It is not just (apparatuses)

DevOps is much more than assembling a set of tools. One of the reasons for the need for a more commonly acknowledged definition of DevOps is because having numerous puzzling and poorly organized definitions raises the likelihood that people may deploy DevOps procedures or tools without prioritizing standards, which is an anti-pattern. Computerization is a lively and impulsive activity. Robotization can cause as much harm as it has the potential to benefit. Similarly, seasoned experts will advise that simply starting to work in groups or implementing other specific strategies without putting in a significant amount of cooperative effort is unlikely to succeed. A couple of organizations obtained some of the dexterous methods and apparatus but not the standards, which led to disastrous results. Without a question, an instrument can help in Deft (or DevOps), but if you don’t know how to use it, you’re giving an incompetent person an ambush weapon. However, the discussion about whether “devices” should be referred to as DevOps is finally ended. Is poker strategizing “coordinated” because it makes you Spry in a magical way? No. In any case, it’s a popular gadget used in several short processes; therefore, it’s reasonable to call it “light-footed equipment.” Also, just because DevOps is not a comprehensive collection of tools doesn’t rule out the use of tools built to run frameworks from a DevOps perspective.

4.5.3. It is not (just) culture

Many people argue that DevOps is “simply culture” and that the term cannot be applied to a specific law or practice; however, this is oversimplified and inaccurate. Coordinated has not benefited many DEV shops because the focus on it ended at “culture,” with advice to welcome collaborators and the lead experts who differentiated the recommended procedures simply calling it all glaringly evident and reluctant to be any more prescriptive. (Even though some of it is accurate.) DevOps encompasses all of the levels above, and it’s mostly useless without the specialized training that has developed around it. With enough social status and time to try, one might well be able to figure out each of those traditional techniques on their own, but information sharing is the purpose we have the Internet (and printing press besides).

4.5.4. It is not just (development and operations)

Furthermore, it is not biased in any way. Several people have expressed their displeasure with the situation “Isn’t there something to be said about security guards?”. The fact is that everyone participating in building an item or framework, including businesspeople of various stripes, engineers of various stripes, and activity people of numerous colors, which includes security, system, and anybody else, should operate together from the start. Commercial and engineering partners come in all shapes and sizes, and just because they don’t get a special pass (“Remember the symbol planners!”) doesn’t mean they are not welcome. Early light-footed advancement people were largely thinking about a coordinated “business + dev” attempt, and DevOps is coming up with problems and agreements on “DEV + Operations” collaboration, but in the end outcome is “everyone teaming up.” DevOps is only one teacher in a larger culture of light-footed coordinated labour that all orders should share in an organization. As a result, DevOps encompasses anybody involved in delivering a product or service.

4.5.5. DevOps is not the same as automation

DevOps requires IT expertise to help establish the new culture of DevOps and the processes that are structured under this approach. Automation is vital for supporting software development and testing because it reduces human error while speeding up delivery times.

4.6. Implementing DevOps

Implementing DevOps requires a well-defined roadmap. The first step is to assess your current state by evaluating your software development and delivery processes, tools, and culture. Once you’ve identified areas for improvement, establish goals and key performance indicators (KPIs) for your DevOps implementation. Building a cross-functional DevOps team is also crucial for implementing DevOps practices and driving cultural change. To improve efficiency and reduce errors, set up a continuous integration and delivery (CI/CD) pipeline and embrace infrastructure as code (IaC). Implementing monitoring and feedback loops can help you gain insights into how your software performs in production, and foster a culture of collaboration and continuous improvement. Finally, it’s essential to continually evaluate your processes, tools, and culture to identify areas for improvement and drive continuous improvement. Some key steps in this context are listed below. Moreover, the adoption of DevOps in the year 2020 is illustrated in Figure 10. The follow-up of these steps will ensure the systematic integration of DevOps into other field of business including assistive learning with improved problem solving skills (Arnawa & Fitriani, 2022).

Figure 10. DevOps adoption in the year 2020.

4.6.1. Putting together a DevOps effort

A CIO of the company designs a DevOps project as part of the IT department’s agenda. As a result, the IT department may change development and operations while causing the least amount of disruption to the rest of the firm. As a result, the CIO can efficiently allocate financial investments and human resources. A project manager is in charge of establishing and implementing the DevOps strategy.

4.6.2. The creation of a DevOps structure

The agenda manager should follow best practices to set up an effective DevOps approach that encourages cross-departmental collaboration and allows for new means of providing infrastructure, software development, and tests. Some important practices are as follows:

• Combine the company’s testing, development, design, operations, and other teams into a unified DevOps environment so that everyone is focused on the software development cycle’s goals and knows what motivates and responsibilities each other. Establish a common goal for teams involved in software development and operations. Reduce the software development cycle while maintaining high software quality.

• Use IaC to ensure that developers and test engineers have immediate access to IT infrastructure to make new builds or assess their quality. DevOps practitioners will be able to obtain new infrastructures for production or testing with a single click and to avoid human errors that are frequent when IT infrastructures are configured manually.

• Automate the software development-testing-release cycle by automating the software construction, unit testing, application testing via UI, application integration, deployment, and release procedures.

4.6.3. Involving containerization

Containerization, as deployed using tools like Docker, solves issues such as software stability as it progresses from development to testing to production. Containers include all of the program’s dependencies, libraries, and configuration files. The program’s containerized portions are segregated from the rest of the IT sector, allowing for stable operation irrespective of the environment. Furthermore, because the project’s components (database, frontend end, etc.) are separated into several containers, an ops team can easily manage the program because they do not have to completely rebuild software when one of its components needs to be changed.

4.6.4. Integrating infrastructure automation with continuous integration and deployment (CI/CD) tools

The containerized application must be efficiently managed when software is packed in containers. Infrastructure automation solutions such as Kubernetes, Ansible, Chef, or Puppet are used along with CI/CD platforms like Jenkins, Bamboo, or GoCD to improve version control and software deployment. Jenkins, is used to develop, test, and deploy new releases into Kubernetes, while Kubernetes (for big sectors) and Ansible (for small infrastructures) provide fault tolerance, health monitoring, and rolling software updates.

4.6.5. Increased test automation and integration of quality assurance and development

To accomplish quick delivery with DevOps, adequate unit testing must be ensured. Not all sorts of testing, however, must be automated. Hand testing, for example, is still suggested for exploration, usability, and security testing. Depending on the effort required to create test automation, the testing phase may be mostly manual. Development and testing are done concurrently to avoid bugs after the release. While the program is still being built, automated tests should be run 1–2 times daily. If any flaws are found, developers make every effort to address them before releasing the next build.

4.6.6. Monitoring the program’s overall execution

DevOps teams can see all performance issues, such as delayed response times, memory leaks, and errors during runtime, with application performance monitoring. Monitoring of application servers, monitoring of user experience, and other methods could be used to identify the issues. Using customized application monitoring tools such as Nagios, Zabbix, or Prometheus set for monitoring a certain application, it is feasible to identify, priority, and isolate software faults before end users see them, as well as quickly find the underlying causes of the failures.

Before deploying DevOps, consider all of the time, organizational effort, and new technologies required. DevOps’s most tangible benefit is the capacity to deploy software more quickly without sacrificing quality. To realize this benefit, one must change both the software development process and IT architecture. DevOps approaches such as CI/CD, IaC, test automation, entire software monitoring, and others improve the stability and agility of IT infrastructure.

Creating a roadmap for implementing DevOps provides several benefits. Firstly, it helps to identify areas where improvements can be made in software development and delivery processes. By setting goals and KPIs, organizations can track progress and measure the success of their DevOps implementation. Building a cross-functional team fosters collaboration and communication, improving efficiency and reducing errors. Implementing CI/CD pipelines and infrastructure as code can lead to faster delivery and increased quality. Monitoring and feedback loops provide insights into performance, enabling organizations to quickly identify and address issues. Finally, a DevOps culture encourages experimentation and continuous improvement, driving innovation and growth.

4.7. DevOps security

Security is essential in DevOps because software applications and systems are increasingly becoming cyberattack targets. With the rise of cloud computing and agile development, software is being developed and delivered faster than ever before, leading to increased security risks. By integrating security into the DevOps process, organizations can identify and address potential vulnerabilities early in the development cycle, reducing the risk of breaches and cyberattacks.

Integrating security as an inherent component of the entire software life cycle has always been ideal. DevOps security is shown in Figure 11. DevOps Security, or DevSecOps, emphasizes a shift-left approach to security, where security is built into the development process from the planning stage to the deployment phase. This approach ensures that security is not an afterthought but an integral part of the development process. Implementing security in DevOps can help organizations meet compliance requirements, reduce risks, and improve customer trust.

Figure 11. DevSecOps.

DevSecOps is about built-in security rather than perimeter security surrounding programs and data. DevOps-adopting firms may find themselves back in the protracted development cycles they hoped to avoid in the first place if security is left to the end of the development pipeline (Mohan & Ben Othmane, 2016). DevSecOps combines software and security architecture into Agile and DevOps methods and technologies. It addresses security issues when they are easier, faster, and less expensive to correct (before they are put into production). DevSecOps also makes the application and infrastructure security a collective responsibility of developers, security, and IT operations teams rather than the sole responsibility of a security silo. It achieves the DevSecOps goal of “software, safer, sooner” by automated delivery of secure software without halting the software development cycle (Rahman et al., 2016).

DevOps Security, also known as DevSecOps, is a practice that integrates security principles and practices into the DevOps process. With the rise of cloud computing and agile development, DevOps has become an increasingly popular methodology for software development and delivery. However, security has often been an afterthought in this process, leading to potential vulnerabilities and breaches. DevSecOps aims to address these issues by building security into the entire development process, from planning to deployment. This abstract will provide an overview of DevSecOps, its benefits, and best practices for implementing it. By embracing DevSecOps, organizations can ensure that their software is secure and compliant while also accelerating delivery and reducing risks.

5. DevOps tools

DevOps is a set of practices that aims to combine software development and IT operations to enable faster and more reliable software delivery. The key to successful DevOps implementation lies in using appropriate tools and technologies that enable collaboration, automation, and continuous feedback and improvement. DevOps tools are designed to streamline the software delivery pipeline, reduce errors, increase efficiency, and improve team collaboration. With the right set of DevOps tools, organizations can automate the entire software development lifecycle, from code creation to deployment, monitoring, and maintenance (Akshaya et al., 2015). In this context, selecting the right tools is critical to achieving faster delivery, higher quality, and improved customer satisfaction. This article will explore some of the essential DevOps tools and technologies that can help organizations achieve their DevOps goals.

Visibility, autonomy, and collaboration are at the heart of DevOps systems. These technologies make it easier for all stakeholders, including development, operations, security, and business teams, to share and discuss information and technical know-how to build better products.

DevOps uses various tools and technologies to streamline the software delivery pipeline and improve collaboration and efficiency between development and operations teams. Some of the most commonly used DevOps tools are included in this section (Kersten, 2018). In addition, other tools, such as IoT, cloud computing, wireless sensor network, big data etc., can be explored from the communication and computational perspectives (Rajak, 2022).

5.1. Tools for version control

DevOps tools for version control are software tools used by teams to manage changes to code and collaborate effectively. The DevOps tools for version control help teams manage code changes effectively, collaborate efficiently, and ensure that all team members are working on the latest version of the code. Some popular DevOps tools for version control include the following.

• GitHub: GitHub is commonly regarded as one of the largest and most powerful development platforms. Many developers and businesses use GitHub to build, distribute, and maintain software. Some of the most significant aspects are as follows: coding collaboratively, automated processes/CI & CD, for commercial customers, security includes additional features, management of projects.

• Bit bucket: With more than 10 million registered users, Bit bucket is an extremely popular platform. It is not simply a platform for hosting code; it is also a platform for managing code. Teams may use a single platform to organize projects, and collaborate on coding, testing, and deployment. Some of its qualities are as follows: integration between Jira and Trello has been tightened, integrated CI/CD for development, testing, and deployment, more quickly approve pull requests and code reviews, with IP whitelisting and 2-step authentication, you can keep your code safe in the cloud.

• GitLab is an all-in-one DevOps solution that aids in the rapid deployment of software. It enables teams to carry out all tasks, including planning, supply chain management, delivery, monitoring, and security. Some of its qualities are as follows: there is a single interface, a single communication thread, and a single data repository to efficiently manage projects—a single source of truth, continuous Everything (CI/CD) enables robust, scalable, and end-to-end automation to work together efficiently, DevOps speed will never slow down thanks to built-in features for automated security, code quality, vulnerability management, and tight governance.

5.2. Tools for container management

DevOps tools for container management are software tools used to automate the deployment, scaling, and management of containerized applications. These DevOps tools for container management enable teams to deploy and manage containerized applications with ease, helping them to improve application performance, scalability, and reliability. Some popular DevOps tools for container management include.

• Docker: Docker is a lightweight solution that employs an integrated approach to simplify and expedite various SDLC operations. A Docker container image is a self-contained, executable package that contains all of the components required to run a program. Docker’s continuous Integration—component testing is shown in Figure 12. Some of the important features that have helped it emerge as a must-have among DevOps tools are listed below:

  • For a variety of purposes, a standardized packaging format has been developed.

  • A container runtime that may be used on a variety of Linux and Windows Server operating systems.

  • Developers use Docker to build, test, and collaborate.

  • Discover tons of pictures from communities and verified authors via Docker Hub.

  • Docker App allows you to package, execute, and manage distributed apps.

  Continuous integration – component testing using dockers.

  

• Kubernetes: One of the most extensively used container orchestration systems, is an open-source DevOps solution that automates the deployment and management of containerized applications. The following characteristics distinguish it from other tools DevOps has to offer:

  • Change your application’s or configuration’s settings while monitoring their health—automatic rollouts and rollbacks.

  • It offers a collection of Pods, each with its own IP address and an unique DNS name for delivery Of services and load balancing.

  • Install the storage solution of your choice instantly.

  • Possibility of self-healing.

• Apache Mesos: Mesos is a cluster management DevOps tool. It’s a distributed systems kernel that schedules and manages resources across data centres and cloud environments. It has the following characteristics:

  • Includes native support for Docker and AppC images for launching containers.

  • Utilizes pluggable scheduling policies to allow cloud-native and traditional programs to coexist in the similar cluster.

  • It runs on various systems, including Linux, Mac OS X, and Windows.

  • Scale to tens of thousands of nodes with ease.

5.3. Tools for managing application performance

DevOps tools for managing application performance are software tools used to monitor and analyse the performance of applications, identify performance bottlenecks, and optimize application performance. These DevOps tools for managing application performance enable teams to identify and resolve performance issues quickly, optimize application performance, and improve user experience. Some popular DevOps tools for managing application performance are described below.

• Splunk: Splunk is used to monitor and explore that is accessible as a SaaS solution. It has features such as:

  • Monitor and troubleshoot the whole infrastructure, whether real, virtual, or cloud-based.

  • Through faster innovation, modernise applications for better client experiences.

  • AIOps for predictive alerting and auto-remediation using Machine Learning.

  • Mobile-first, automated issue response improves MTTA efficiency.

• Datadog: It is a DevOps solution for monitoring servers and apps in hybrid cloud environments that is available as a SaaS. It also facilitates Docker container monitoring. Some of its more noticeable characteristics are as follows:

  • In real time it collects data and occurrences across the whole DevOps stack.

  • Provides end-to-end visibility of the user experience in a single platform.

  • User experience measurements are used to prioritise business and engineering choices.

  • Designed to allow teams to see one other.

• Sensu: Sensu is an open-source DevOps tool used to monitor cloud infrastructures. Using Puppet and Chef, it’s straightforward to set up. The following are its characteristics:

  • The Observability of Sensu Pipeline is a scalable, integrated, and secure system. To collaborate between development and operations, processes for self-service with associated security solutions are used.

  • Declarative settings and a service-based monitoring strategy that allows to designate the monitoring insights that are most important while automating the workflows, allowing to focus on what is truly important.

5.4. Tools for configuration management

DevOps tools for configuration management are software tools used to automate the configuration of servers, infrastructure, and applications. These DevOps tools for configuration management enable teams to automate the configuration of servers, infrastructure, and applications, reducing the risk of configuration errors, improving deployment speed, and ensuring consistency across environments. Some popular DevOps tools for configuration management are described below.

• Chef is another open-source DevOps solution based on Erlang and Ruby for automating and configuration management. Its qualities are as follows:

  • “Cookbooks” for infrastructural coding in domain-specific languages.

  • Cloud systems such as Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform, etc. are easily connected.

  • Configuration based on codes.

• Puppet: Puppet is in charge of making infrastructure and complicated procedures easier to manage and automate. Some of the characteristics of Puppet are as follows:

  • One may automate and simplify key manual operations by extracting configuration parameters from multiple operating systems and platforms.

  • It might be difficult to keep all the servers in a consistent condition whether there are many of them, a mixed environment, or plans to expand the infrastructure. Puppet can help to scale effectively while saving time and money.

• Ansible: Ansible is a basic IT automation solution that allows teams to focus on more important tasks by automating repetitive tasks. For example:

  • Configuration management—Aim to deliver the simplest solution feasible, concentrating on achieving administrators, programmers, and IT executives up and operating as quickly as possible.

  • Orchestration—Ansible’s modularity and extensibility make it simple to coordinate several conductors across multiple environments using a single language.

5.5. Tools for continuous integration and development automation

DevOps Tools for Continuous Integration and Development Automation are software tools used to automate the process of building, testing, and deploying applications. These tools enable teams to automate the integration of code changes into a shared repository, test the changes, and deploy them to production. Some popular DevOps tools for Continuous Integration and Development Automation included below:

• Bamboo: It is a DevOps tool that will guide one through the process of establishing Continuous Delivery right from development to deployment. It integrates automation builds, testing, and releases into a single procedure. Some of its most significant aspects are as follows:

  • Users can set up triggers to initiate builds depending on commits and develop multi-stage build plans.

  • Agile development is aided by parallel automated testing, making bug detection easier and faster.

  • Jira and Bit bucket integration has been improved.

• Jenkins: Jenkins is a Java-based open-source continuous integration and delivery platform that automates the release management cycle. Jenkins has become one of the most important DevOps tools due to the following features:

  • It can act as a simple continuous integration server or a CD hub for any project.

  • Its online interface is simple to set up and configure, and it has built-in help and on-the-fly error checks.

  • Distribute work across many machines to speed up builds, testing, and deployments across multiple platforms.

• IBM UrbanCode: IBM UrbanCode ensures that any mix of on-premises, mainframe, and cloud applications is deployed without interruption as an automated deployment and release management solution. Some of its qualities are as follows:

  • Build management is improved by merging a corporation solution with production, test, and delivery tools.

  • Application development, middleware configuration, and database modifications are all automated.

5.6. Tools for automated testing

DevOps tools for automated testing are software tools used to automate the testing of applications, ensuring that they meet quality and performance standards. These DevOps tools for automated testing enable teams to ensure that applications are thoroughly tested, reducing the risk of bugs and defects in production. They also help to improve the overall quality of software and reduce the time and effort required for testing. Some popular DevOps tools for automated testing are briefly described below.

• Test.ai: It is an AI-enabled automated test tool that allows developers to release products quickly and with higher quality. Artificial Intelligence-enabled bots (AI-Bots).

  • Create tests without having to code or write them.

  • Raise the testing speed to that of DevOps.

  • Experiment with any platform and app.

  • It’s critical to automate testing and improve quality in all areas.

• Ranorex is a one-stop-shop for automated testing of all kinds, including cross-browser and cross-device testing. It has the following characteristics:

  • A single license provides all of the test automation tools one need.

  • The testing is done with real equipment or simulators/emulators.

  • Easily interacts with continuous integration servers, issue tracking systems, and other systems.

• Selenium is a testing tool for online apps, but it may also be used for automating other web-based administrative operations. This is divided into three sections:

  • Selenium WebDriver may be used to build trustworthy web-based regression automated test suites and extend and deliver scripts across several environments.

  • Selenium IDE is a browser extension for Chrome and Firefox that lets to record and replay browser interactions effortlessly.

  • Selenium Grid allows scaling the testing efforts by running tests on several environments and managing multiple machines from a single location.

5.7. Tools for artefact management

DevOps tools for artefact management are software tools used to manage the lifecycle of software artefacts, including binaries, packages, and other assets. These tools help teams to store, organize, and distribute software artefacts across different stages of the software development and deployment process. Following are the some of the popular DevOps tools for artefact management.

• Sonatype NEXUS: Sonatype, which promises to be the biggest and most popular repository management solution, effectively delivers parts and containers to developers and serves as a single source of information for all the parts, packages, and build outputs. The following are its characteristics:

  • Efficiency and flexibility are required to enable development teams.

  • All popular build tools are uniformly supported.

• JFRog Artifactory: As container images, packages, and Helm charts pass through the DevOps pipeline, it is a central repository. The following are its characteristics:

  • Utilize active clustering and replication on several sites to scale DevOps configuration.

  • It allows to select the tool stack and connects with any existing configuration.

  • Businesses can release a quicker and more automated pipeline using robust REST APIs.

• CloudRepo: It is a solution that allows managing, sharing, and distributing personal Maven and Python repositories.

5.8. Tools for automating tests without using code

DevOps tools for automating tests without using code are software tools designed to help teams create automated tests without writing any code. These tools allow non-technical team members, such as product owners and business analysts, to create and run automated tests, reducing the burden on developers and enabling faster feedback cycles. Some popular DevOps tools for automating tests without using code include:

• AccelQ: AcceIQ is the industry leader in codeless test automation among DevOps products. It’s a robust codeless test automation tool that allows testers to design test logic without worrying about programming terminology:

  • Utilizes a design-first approach in producing test items, ensuring modularity and reusability.

  • Assist with iframes and some dynamic controls.

  • Supports a wide range of logic and interaction building features.

• Appvance: This AI- and machine-learning-powered platform offers end-to-end testing and ML-assisted scripting without using code. The following are its characteristics:

  • A level-5 autonomous test automation system.

  • AI-generated tests and self-healing scripts for complete application coverage and validations with 90% less effort.

  • Continuous testing is made easier in the DevOps infrastructure.

• Testim.io: It is an AI-powered user interface tool that allows you to write test code in a fraction of the time, expanding coverage and enhancing quality. It aids in the DevOps journey by providing:

  • Integration points include Saucelabs, Jira, and GitHub.

  • Flaky testing is no longer necessary, and maintenance costs are minimized.

  • Identify the root cause of mistakes so that they may be fixed and released more quickly.

  • Control, management, and insights are used to grow testing operations efficiently.

6. Conclusion

DevOps has become increasingly important in recent years as organizations seek to respond to market changes more quickly and improve their ability to innovate and compete. DevOps tools and practices can help teams streamline their development and delivery processes, reduce errors and delays, and increase their ability to respond to changing requirements and customer needs. The present work provides valuable insights into the critical aspects of DevOps culture and mindset and their impact on software development and organizational performance. The analysis highlights the significance of understanding and fostering a DevOps culture that promotes collaboration, continuous learning, and innovation. By integrating grounded theory methodology, the paper effectively captures the evolving landscape of DevOps, identifies practical challenges organisations face, and explores the psychological and behavioural dimensions underlying DevOps practices. Through this comprehensive review, practitioners and decision-makers gain a deeper understanding of the essential factors influencing the successful implementation of DevOps. Organizations can enhance communication, increase deployment frequency, and maintain software quality by aligning development and operations teams and nurturing a growth-oriented mindset. The paper underlines the significance of a balanced integration of rules, tools, and practices to effectively address existing and upcoming software development challenges. As organizations continue to navigate the rapidly changing technology landscape, the findings of this review paper offer valuable guidance on building a solid foundation for DevOps adoption. By acknowledging DevOps’s human and cultural aspects, organizations can create a collaborative environment that fosters continuous improvement and drives business value. Ultimately, this review paper contributes to the advancement of DevOps practices, enabling organizations to thrive in the dynamic and competitive world of software development and IT operations.

Despite being a comprehensive review on DevOps covering several aspects including architecture, components, tools, principles, security, etc., it is still in its nascent stage and requires further research for its maturity. The some potential areas for future work on DevOps include:

• DevOps for machine learning and artificial intelligence: As machine learning and artificial intelligence become more prevalent in software development, there will be a need to develop DevOps practices and tools specifically tailored to these technologies.

• DevSecOps: As security becomes an increasingly important concern for organizations, there will be a need to integrate security practices into the DevOps process more fully.

• DevOps for hybrid and multi-cloud environments: As more organizations adopt hybrid and multi-cloud environments, there will be a need for DevOps tools and practices that can work seamlessly across these environments.

• DevOps for regulated industries: In regulated industries such as healthcare and finance, there will be a need to develop DevOps practices and tools that can meet regulatory requirements while still enabling rapid software delivery.

• DevOps for edge computing: As edge computing becomes more prevalent, there will be a need to develop DevOps practices and tools that can support the unique challenges of this environment.

• NoOps: NoOps is an emerging trend that envisions fully automating operations to the point where traditional operations roles become unnecessary. With the rise of cloud-native technologies and managed services, NoOps aims to minimize the operational overhead and shift more responsibility to the platform providers. By leveraging server less computing, managed databases, container orchestration platforms, and other cloud-native offerings, developers can focus primarily on writing code and delivering value. While NoOps aims to minimize operational responsibilities, it doesn’t entirely eliminate the need for operational considerations. Even in a NoOps environment, there is still a requirement for some level of operational expertise and oversight. The focus shifts from managing infrastructure to utilizing managed services and cloud platforms that handle many operational tasks automatically. By adopting NoOps, organizations can benefit from reduced infrastructure management complexity, faster time-to-market, and improved scalability. Developers can focus more on building and deploying applications without getting bogged down by operational tasks. However, it’s essential to carefully consider the trade-offs and ensure that appropriate monitoring, observability, and governance mechanisms are in place to maintain system health, security, and compliance.

• Infrastructure as Code (IaC): Infrastructure as Code involves managing and provisioning infrastructure resources through code, using declarative configurations. Instead of manually configuring servers, networks, and other infrastructure components, IaC allows for defining infrastructure in code files that can be version controlled, shared, and automated. Tools like Terraform, Ansible, and AWS Cloud Formation are commonly used for IaC. This approach brings consistency, reproducibility, and scalability to infrastructure management, enabling faster deployments, reducing human error, and facilitating better collaboration between development and operations teams.

The systematic research in this direction envisioned to offer practitioners, leaders, and organisations useful information for fostering a DevOps culture and attitude that paves the way for improved teamwork, constant innovation, and long-term competitive advantage in today’s fast-moving technology environment.

Disclosure statement

No potential conflict of interest was reported by the author(s).

Additional information

Funding

There is no funding available for this work.