►
Description
Swapnil Bhartiya of TFiR interviews Tracy Miranda, Executive Director of the Continuous Delivery Foundation
A
A
B
Yes
for
sure
so
continuous
delivery,
we
define
that
as
it's
a
software
engineering
approach
in
which
teams
work
in
short
cycles
and
they
ensure
that
the
code
is
always
released
at
any
point
in
time
now,
traditionally,
people
tend
to
speak
a
lot
about
continuous
integration
and
continuous
delivery,
so
cicd
now
continuous
integration
is
when
developers
regularly
commit
at
least
once
a
day
to
a
main
line
and
keep
that
main
line
up
to
date.
But
I
see
continuous
delivery
as
really
this
umbrella
of
all
the
practices.
B
A
And
if
you
look
at
the
container
delivery,
it's
not
a
problem
to
be
solved,
it's
already
a
solved
problem,
but
it
was
a
lot
of
patchwork.
It
was
a
lot
of
do
it
yourself.
You
have
to
bring
jenkins
and
all
those
things,
but
then
a
spinnaker
came
which
eased
a
lot
of
things,
and
now
we
have
a
foundation.
So
can
you
talk
about
what
role
is
the
foundation
playing
in
this
space?.
B
What
makes
things
even
more
complicated
is
very
recently,
we've
seen
the
rise
of
like
micro
services
and
cloud
native
technology,
and
now,
while
these
give
us
huge
benefits
in
terms
of
scalability
and
making
it
easier
to
to
work,
you
know
on
separate
parts
of
the
application
that
has
also
resulted
in
you
know
just
increased
challenges
like
a
proliferation
of
environments
and
teams
having
to
contend
with
all
these
different
parts
that
make
up
an
application.
B
So
the
continuous
delivery
foundation
is
really
there
to
help
support
teams
and
organizations
in
their
adoption
of
these
practices,
both
from
the
sense
of
you
know,
taking
advantage
of
open
source
projects
in
this
space,
but
also
we
look
we're
working
towards
democratizing
the
best
practices
and
we
actually
have
a
very
recent
working
group.
That's
spun
up
to
to
help
anyone
in
this
space
get
better
at
delivering
software.
You.
A
Mentioned
earlier,
security
and
security
is
really
becoming
a
serious
concern.
It's
no
longer
an
afterthought,
mostly
when
we
look
at
any
hacks
or
systems
compromised
in
most
of
the
cases
it's
about
unpatched
software,
the
patches
are
there
in
most
cases
open
source,
the
patch
is
there,
but
it
was
never
applied
because
most
companies
still
have
that
engine
model.
For
you
know,
when
you
have
already
deployed
something
on,
billions
of
machines
is
really
hard.
So
if
we
make
security
as
part
of
developers,
you
know
workflow,
it
becomes
easier.
B
Yes,
for
sure
security
is
a
super
top
concern
and
I
think
there
are
lots
of
different
elements
to
this
so
on.
On
the
one
hand,
what
we
want
to
make
sure
is
like
we
talk
a
lot
about
shift
left
of
security
and
really
we
need
to
be
making
sure
the
security
professionals
and
the
folks
focus
on
security
are
really
tightly
involved
with
the
the
rest
of
the
team.
So
there's
no
silos,
people
don't
regard
security
as
someone
else's
problem
security
starts
with
the
developers
and
then,
as
an
industry.
B
I
I
think
you
know
separate
from
how
companies
organize
themselves
around
devsecops
and
building
better
teams
as
an
industry.
I
think
it's
really
important
that
we
work
together
to
solve
kind
of
the
industry
level
problems
like.
I
think
you
raise
a
good
point
there.
When
you
say
you
know,
in
many
cases
these
patches
haven't
been
applied,
but
the
fixes
are
out
there,
which
kind
of
makes
you
think,
like
is
security
and
actually
an
outreach
problem.
Do
we
need
to
be
better
at
telling
people
update
to
this
release?
It's
super
important.
B
This
is
why
you
do
it
and
making
sure
we
cut
through
the
noise
of
all
the
different
messaging
they're
hearing,
and
I
think
that's
another
example
where
something
like
the
continuous
delivery
foundation
can
make
a
difference
in
addressing
these
broad
industry
problems
that
we
all
have
to
kind
of
come
together
to
to
tackle
and.
A
Since
you're
talking
about
the
problem,
one
more
thing
is
that
you
know
microservices,
you
know
they
are,
you
know
everywhere,
but
companies
are
kind
of
facing
a
challenge.
You
know
for
the
for
the
consistent
release,
strategies
on
scale
and
at
times
they're
not
prepared
for
it.
So
can
you
talk
about
within
the
ecosystem
or
as
part
of
the
foundation
itself?
A
What
is
being
done
around
solving
the
problem
of
continuous
delivery
for
microservices?
That's.
B
That
means
so
one
of
the
hot
topics
that's
emerged
for
us
is
configuration
management
and
how
we
think
about
this
is
before
your
application
that
the
scope
of
it
was
very
well
defined.
But
now
with
microservices,
you
know
the
definition
of
an
application
changes.
It's
a
set
of
microservices.
B
How
do
we
talk
about
which
version
of
each
microservice
goes
into
a
specific
app
and
then
how
do
we
manage?
You
know
we
are
continuously
pushing
code
and
integrating
that?
How
are
those
different
versions
changing
relative
to
each
other?
And
how
are
we
testing
that
all
together,
so
we've
definitely
seen
configuration
management
as
a
really
hot
topic?
And
people
are
looking
at
tooling
in
the
space?
I
think
we
have
a
couple
of
interesting
projects
that
might
be
coming
in
the
pipeline
to
cdf
as
well.
B
A
More
thing,
as
you're
saying,
are
talking
earlier,
that
there
are
so
many
projects
or
open
source
tools
for
cd,
which
may
also
lead
to
a
problem
of
interoperability.
So
what
first
of
all?
How
big
is
it
the
concern
for
the
foundation,
and
what
are
you
doing
to
kind
of
you
know,
increase
interoperability
within
these
tools.
B
Yeah,
so
interoperability
is
one
of
those
interesting
kind
of
problems
where,
if
you're
just
working
in
your
own
organization,
sometimes
you
know
it's
not
really
a
problem
until
perhaps
it's
time
to
adopt
a
new
tool
or
add
something
into
your
workflow.
But
if
we
step
back
and
look
at
the
industry
as
a
whole
and
and
take
a
look
across
the
whole
landscape
at
the
moment,
it's
hugely
fragmented.
B
There's
a
lot
of
tools
doing
similar
things.
It's
very
difficult
for
people
to
move
from.
You
know
different
ci
tools
or
different
pipeline
orchestration
tools
without
having
to
go
through
a
lot
of
pain,
to
figure
out
how
how
to
do
that.
So
it's
a
it's
a
big
problem
because
then
also
two
providers
are
having
to
kind
of
implement
plug-ins
for
different
systems
and
it's
you
know
kind
of
a
waste
of
time
and
it
slows
down
innovation
when
we
could
be
kind
of
moving
up
the
stack.
B
So
I
think
where
we're
at
today
there's
a
greater
appreciation
from
well
increasingly
end
users
as
well
about
saying,
okay,
we
want
to
simplify
this.
We
want
to
find
better
ways
for
tools
to
in
interoperate
and
actually
at
cdf.
One
of
the
very
first
special
interest
groups
we
had
was
an
interoperability
working
group,
and
this
is
just
a
set
of
like-minded
folks
who
got
together
and
said
hey
as
an
industry.
B
We
should
be
better
and
we
can
be
better
and
we're
all
going
to
get
talking
and
we're
going
to
figure
that
out
and
it's
a
really
good
group,
because
we've
got
the
folks
who
who
build
the
projects
like
the
jenkins
x
and
tacton
and
spinnaker,
and
we've
also
got
a
lot
of
end
user
members
represented
and
that
perspective
comes
in.
So
we've
got
folks
from
companies
like
ericsson
and
ebay
and
they
make
sure
that,
as
the
problems
are
being
solved,
they
really
apply
to
real
world
use
cases.
B
So
it's
it's
an
open
group
and
people
are
welcome
to
join
those
conversations.
There's
a
lot
at
the
moment
about
maybe
standardizing
interfaces
or
metadata
like.
Why
can't
we
have
a
standardized
way
to
express
the
all
the
metadata
around
the
release
or
all
the
metadata
around
a
set
of
testing
results.
B
Yeah,
no,
I
think
great
question,
so
it
has
definitely
increased.
Like
we've
seen
some
surveys,
which
say
you
know
it
talked
about
what
people
were
expecting
to
do
in
terms
of
cloud
adoption
and
continuous
delivery.
Adoption
and
all
those
numbers
have
increased
in
terms
of
the
expectation
of
how
they're
going
to
accelerate
that
adoption,
and
I
think
it's
become
pretty
clear
to
companies.
B
Things
like
the
pandemic
have
emphasized
the
need
to
be
more
resilient.
They've
emphasized
the
need
to
adapt
quickly
and
they've
emphasized
that
most
organizations
are
going
to
evolve
to
be
very
distributed,
and
so
for
all
these
things,
continuous
delivery
practices
work
really
well,
they
enable
all
those
things
and
they
make
all
the
difference,
and
actually
the
companies
who
were
already
doing
these
practices
have
a
significant
advantage
in
times
like
these.
B
So
it
will
be
really
interesting
and
I
think
one
of
the
benefits
we
have
as
a
foundation
is
that
open
source
has
always
been
about
that
collaboration
at
scale
and
in
distributed
way.
So
we're
hoping
we
can
take
kind
of
all
those
lessons
and
marry.
You
know
open
source
practices
to
continuous
delivery
practices
and
really
just
make
it
easier
for
everybody
to
adopt
them.
It
shouldn't
just
be
kind
of
an
elite
few
companies
who
could
do
it.
It
should
be
something
that's
possible
and
achievable
for
every
company
and
every
organization
out
there.