CloudBees Brings Feature Flags, Compliance to DevOps Software Delivery

CloudBees is expanding its software delivery platform with a series of updates announced at the company's DevOps World 2021 virtual conference on Sept. 29.

One of the updates is the addition of feature flag control capabilities that are integrated with both continuous integration and continuous deployment within the CloudBees platform. Using a feature flag approach, developers can incrementally add features to a release in a gradual rollout. Feature flags enable developers to test out new capabilities quickly, with the ability to roll back functionality if things don't work as planned.

CloudBees is also adding a new compliance service to its platform to provide more control and governance over the software development lifecycle.

CloudBees has actually had feature flag capabilities for several years, Nick Rendall, a senior product marketing manager at the company, said in a media briefing at DevOps World. The challenge though was that, until now, feature flags were handled with a separate set of tools that weren't tightly integrated with CloudBees' continuous integration/continuous delivery (CI/CD) services.

"We really believe feature flags cannot occur within a silo that is separate from the rest of the software delivery processes," Rendall said. "So our focus right now is, how can we automate and bridge that gap between a feature flag management tool and CI/CD with the required visibility and governance across DevOps teams?"

CloudBees Integrates Feature Flags with CI/CD for DevOps

What CloudBees is now adding to its platform is the ability to create, delete or update flagging progressions as part of CI/CD jobs, Rendall said.

Prior to the new integration, managing feature flags as part of CI/CD was a more manual process. With the update, Rendall said the goal is to automate feature flag management within a CI/CD development pipeline. As such, feature flags will be subject to the same policy rules for code integration, including automated testing, as non-feature flag code.

CloudBees is now providing developers with a centralized feature flag configuration, visibility and control for code integration and deployment, he said.

CloudBees Set to Boost DevOps Compliance

Beyond integrating feature flags into the CI/CD process, CloudBees is also looking to integrate compliance.

Prakash Sethuraman, chief information security officer at CloudBees, explained during a DevOps World keynote that even though all organizations take security and compliance seriously, there has not really been a centralized way to manage compliance in the CI/CD DevOps process. Developers often use multiple disconnected tools, which can complicate compliance efforts, he said.

The CloudBees compliance service provides a prebuilt library of industry best practices and compliance rules. The new service also integrates with open-source security compliance scanners, as well as a best-of-breed security solutions on the market, Sethuraman said. CloudBees compliance will look at the whole software deployment environment, including source code, network configuration, data and user identities.

"Compliance enables compliance teams to simply and declaratively state what good, safe and secure is all about," he said.