DevOps Using SpiraTeam, TaraVault and AWS CodeBuild

DevOps Background

DevOps represents a comprehensive suite of practices designed to bridge the gap between software development (Dev) and IT operations (Ops). By integrating these disciplines, DevOps accelerates the systems development life cycle and facilitates continuous delivery with exceptional software quality. The DevOps approach focuses on enhancing collaboration between development and operations teams, automating and optimizing processes, and driving superior speed and efficiency in both software development and deployment. With DevOps, organizations can achieve faster innovation cycles, higher quality deliverables, and a more agile operational framework.

Implementing DevOps using Inflectra & Amazon Web Services (AWS)

In the following sections of the whitepaper, we discuss each of the key steps in DevOps and how you can use the Inflectra product suite along with core services from Amazon Web Services (AWS) to create an integrated DevOps toolchain.

1. Plan

In this section, we will explore the Planning dimension of DevOps and demonstrate how leveraging a combination of Inflectra products along with other tools and plugins can optimize the Plan component of the DevOps Toolchain. Within the DevOps framework, the Plan element encompasses two critical components: "Define" and "Plan."

The "Define" phase involves establishing a unified understanding of the application's requirements and its associated business value. Meanwhile, the "Plan" phase translates these requirements into a structured set of activities, complete with milestones and assigned roles, to effectively realize the defined requirements. By integrating these processes with the right tools, you can enhance the efficiency and effectiveness of your DevOps planning strategy.

The nature of the plan is directly influenced by the project management methodology in use. In Agile projects, planning involves higher-level requirements known as user stories, which are adaptable and may evolve throughout the project lifecycle. Conversely, in Waterfall projects, planning is based on well-defined requirements and fixed deadlines, which remain relatively stable throughout the project's duration. By aligning your planning approach with the appropriate methodology, you can better manage project scope and adapt to changing needs or maintain consistency as required.

Definition

Defining the vision, goals, and requirements for a project can be approached through various methodologies. For projects with numerous stakeholders, a highly effective technique is to conduct workshops. These live forums bring together stakeholders from diverse user communities, along with product owners, UX designers, developers, and testers, in a series of cross-functional meetings.

This collaborative environment facilitates the definition and refinement of high-level objectives, constraints, and measurable goals, ensuring early identification of impediments and fostering collective ownership of the project.

Alternatively, project vision and goal setting can be accomplished through smaller, informal brainstorming sessions. These sessions can be held in person using whiteboards and other hands-on tools, or virtually via online collaboration platforms that support shared video, audio, and interactive workspaces. Both approaches are designed to enhance clarity and alignment while adapting to the needs of the project and its stakeholders.

Once the high-level vision and goals have been described, the more detailed requirements for the system are defined. For agile projects, a simple list of user stories grouped by theme and epic often suffices:

For more complex situations, you may want to use more formal methods such as UML modelling using a dedicated modelling tool, a traditional requirements management system, or a use case repository:

Many of our customers leverage SpiraTeam extensively during the define phase of their projects, utilizing it to capture requirements, user stories, epics, use cases, and non-functional requirements such as constraints. SpiraTeam integrates seamlessly with UML modeling tools like Sparx Enterprise Architect and offers connectors for other requirements capture utilities, including Jama, DOORS, and RequisitePro, allowing you to adopt the format that best suits your project needs.

Furthermore, for most applications, attention to the user interface is crucial. UX designers will initiate the development of UX wireframes and other mockups to visually represent and refine the intended functionality, ensuring alignment with user expectations and project goals.

SpiraTeam is available on the AWS Marketplace as a SaaS solution, hosted exclusively in Amazon Web Services (AWS).

Planning

The planning aspect is significantly influenced by the software development lifecycle (SDLC) methodology in use. For instance, a Scrum-based Agile project utilizes user stories, backlog items, releases, sprints/iterations, tasks, and acceptance tests. Scrum ensures that increments of fixed scope are delivered at regular, predefined intervals. At the conclusion of each sprint, the scope for subsequent sprints is refined based on feedback gathered during a retrospective, allowing for continuous improvement and adaptation throughout the project lifecycle.

In contrast, a Waterfall project features a prescriptive project plan characterized by substantial releases of fixed functional scope. This approach includes a comprehensive requirements specification, detailed upfront design, test plan, and a work breakdown structure. The project plan is meticulously organized with numerous interdependent tasks, each with clearly defined dependencies, milestones, and critical paths, ensuring a structured and sequential approach to project execution.

Selecting the appropriate tools for planning and managing your project should align with the chosen SDLC methodology. Certain tools are designed to support specific Agile frameworks, such as Lean, Scrum, Kanban, or SAFe, while others are tailored exclusively for Waterfall projects.

SpiraTeam provides a versatile solution for comprehensive project management, offering robust support for all Agile methodologies, as well as Waterfall and hybrid approaches that combine Agile and Waterfall practices. This flexibility ensures that SpiraTeam can adapt to your project's unique needs and methodologies.

2. Code / Build

The development facets of DevOps are frequently the most recognized aspects of the DevOps revolution, as they focus on empowering software developers with tools and techniques that streamline their work and reduce reliance on traditional IT infrastructure.

In this section, we will explore tools designed to assist developers in the various stages of the software lifecycle, including design, writing, compiling, debugging, managing, versioning, building, and integrating code. Deployment activities will be addressed in detail in sections 4 and 5.

Writing & Debugging Code

The selection of tools for designing, writing, compiling, and debugging code is typically guided by the technologies chosen for system development. For instance, if you are building a web application using HTML, React, JavaScript, Apache, Tomcat, NodeJS, and Postgres, you will require a distinct set of tools compared to those needed for an application developed with HTML, Angular, JavaScript, IIS, Microsoft .NET, and SQL Server.

In general, it is essential to select an Integrated Development Environment (IDE) that supports the programming languages you will be using, which may include multiple IDEs depending on your tech stack. Additionally, you will need a compiler that targets your specific platform, debugging tools to facilitate code troubleshooting and stepping through when issues arise, and design tools that streamline documentation, code refactoring, and comprehension. This comprehensive toolset ensures an efficient development process and effective management of your codebase.

SpiraTeam includes add-ons for the most popular IDEs including Microsoft Visual Studio, JetBrains IDE family, and Eclipse. This lets developers work inside their IDE to see the requirements they have to build as well as the code they are writing, all in the same place.

Managing & Versioning Code

The code used to create an application is the lifeblood of most software businesses; and is valuable intellectual property (IP) for any organization that develops software. Consequently, you need to make sure you have a robust set of tools and work practices to store and manage your source code.

TaraVault® from Inflectra provides an enterprise-grade Source Code Management (SCM) solution based on the two-leading industry standard platforms – Git and Subversion.

The choice between Subversion and Git will depend on your work needs, if you have a small team and you primarily work in a small number of code branches, and your merging needs are limited, Subversion is often simpler to deploy and manage. For larger (or geographically distributed) teams, where you need to have multiple work streams in parallel, with lots of branching and merging, Git is by far the superior solution. TaraVault® lets you choose the repository type (Git vs. Subversion) per-project, giving you the most flexibility.

SpiraTeam includes source code folder and file browsing:

SpiraTeam also includes a source code commit list view, that lets you see the most recent commits to the source code repository and the associated artifacts:

With SpiraTeam, you can not only access and view the contents of your source code repository but also link system artifacts to specific source code revisions. This capability enables you to associate implemented requirements, completed tasks, and resolved defects or incidents with their corresponding code changes. By doing so, SpiraTeam ensures end-to-end traceability, seamlessly connecting requirements to the underlying software code.

You can view the revision log and see the list of associated artifacts associated with each file or with a specific revision. If you didn’t link the artifact when you committed the change, it’s easy to simply add the association directly from within SpiraTeam:

SpiraTeam lets you view the details of a specific commit made in the source code repository, with links to the related artifacts as well as other information entered by the developer:

SpiraTeam lets you select a specific file in the commit to see exactly what code changes were performed in an easy to read “DIFF” format called the “unified” mode:

You can also choose to see the changes in an alternate “split” by mode as well:

With this, SpiraTeam lets you see exactly what changes were made in the code, with the changes being traced back to the requirement, task or incident that was being implemented.

Building & Integrating Code

The next aspect of the development side of DevOps is the ability to quickly and easily build and integrate the software code from different developers and teams. AWS CodeBuild is a fully managed build service that compiles source code, runs tests, and produces software packages that are ready to deploy. It's part of the Amazon Web Services (AWS), cloud computing platform.

AWS CodePipeline and AWS CodeBuild are both parts of Amazon Web Services' suite of developer tools, but they serve different purposes within the realm of continuous integration and continuous delivery (CI/CD).

SpiraTeam and TaraVault integrate seamlessly with the AWS Code tools in a variety of ways. You can easily configure your AWS CodeBuild projects to fetch code from a TaraVault Git repository, and report back against a SpiraTeam release by creating a new build each time they run. This lets you see the health of your CI/CD process within SpiraTeam.

You can easily configure your AWS CodeBuild projects to report against a release by creating a new build in Spira each time they run. This let's you see the health of your CI/CD process within Spira. You can record the results of a build against a single release, or multiple releases, even if they are in different products. Any CodeBuild project that is set up to report to Spira will also report to Spira if the project is run as part of an AWS CodePipeline. This gives a lot of flexibility in how to track builds from AWS in Spira.

The flexibility is enabled by the use of AWS environment variables:

AWS CodeBuild can pass environmental variables into the build process and send these as part of the recording process in Spira.

Whenever the AWS CodeBuild project runs - manually, automatically, or as part of an AWS CodePipeline, the build will be recorded against the specified release(s) in Spira (as long as the user has permissions to create a build in the relevant product(s)).

Spira creates a build against that release with the key information, including the build status.

3. Test / Verify

The testing and verification component of the DevOps toolchain is crucial for mitigating technical risks and providing management with insights into the quality of the developed software. It offers metrics and indicators to assess whether the software is ready for deployment and production. We strongly recommend leveraging a suite of continuous testing tools and processes that deliver real-time feedback on technical risks within the system.

This approach, often referred to as Quality Engineering (QE), extends beyond traditional Quality Assurance (QA) by encompassing a broader range of testing practices. It is important to balance the time invested in writing tests and checks with the time saved through their execution, ensuring effective management of quality throughout the development lifecycle. A common metaphor is the “testing pyramid”:

We shall discuss each of the different types of testing, however for a fuller discussion, we have several whitepapers on Testing Methodologies and Automated Testing that provide more detail.

Unit & Integration Testing

In most Agile environments, developers are responsible for testing their own work. Many organizations adopt Test Driven Development (TDD) to ensure comprehensive test coverage and to avoid focusing solely on the "happy path" of their code. Ideally, you should also employ the same unit testing frameworks used for individual code tests—such as jUnit or TestNG for Java, or UnitJS / Mocha for NodeJS—for automated integration tests. This approach allows you to validate multiple modules of code simultaneously, ensuring robust and consistent testing throughout the development process.

SpiraTeam provides plugins for the most popular unit testing frameworks so that the results of the automated tests are visible directly inside your requirements and test management platform for risk analysis. You should make sure your chosen ALM solution supports your unit test frameworks.

User Interface Testing

In an ideal scenario, you could validate all logic and business rules without needing to test the user interface (UI). However, the UI is integral to most systems, and issues in this area can significantly impact customer satisfaction, loyalty, and overall business performance.

Given that the UI is often the most frequently changing and challenging component to test, it is crucial to utilize the right tools tailored to your specific UI type—whether web, mobile, desktop, or console. Additionally, identify which UI elements should be automated, focusing on those that change less frequently and require extensive data permutations. For further guidance on this topic, refer to our whitepaper that offer detailed recommendations.

Rapise is a powerful automation tool that integrates with SpiraTeam to enable you to automate the testing of web, mobile, desktop and other applications faster than coding by hand, and providing a scriptless interface that lets the business / functional users collaborate more easily with the automation engineers.

Rapise is available to be deployed as an Amazon Machine Image (AMI) from the AWS Marketplace.

AWS Device Farm is an application testing service that lets you improve the quality of your web and mobile apps by testing them across an extensive range of desktop browsers and real mobile devices; without having to provision and manage any testing infrastructure. The service enables you to run your tests concurrently on multiple desktop browsers or real devices to speed up the execution of your test suite, and generates videos and logs to help you quickly identify issues with your app.

AWS Device Farm’s integration with Rapise lets you run your mobile (iOS and Android) tests on Device Farm. If your organization has an existing account with AWS, you can author mobile tests in Rapise, and then run those tests on AWS Device Farm’s cloud devices.

API Testing

Testing your Application Programming Interfaces (APIs) is crucial, especially as products increasingly integrate into broader ecosystems. In today's landscape, where monolithic applications are becoming obsolete, well-maintained, versioned, and thoroughly tested APIs can set your products apart. Ensuring robust API testing not only enhances the stability and reliability of your integrations but also improves the experience for external developers who rely on your APIs. By providing stable and predictable APIs, you avoid forcing developers to rewrite their code with every new product version, fostering stronger partnerships and smoother integrations.

Rapise includes powerful tools for testing both REST and SOAP style APIs, with integrated reporting back into our SpiraTeam ALM suite. We recommend making sure your API testing tools integrate back into your DevOps toolchain and ALM platform.

Exploratory & Manual Testing

Despite the claims often made, automated tests alone cannot uncover all issues. It is essential to involve skilled human testers throughout the development process—and not just post-development. These testers serve as advocates for end users, helping to prevent your users from becoming de facto testers without compensation.

In industries with stringent regulatory or legal requirements, traditional scripted manual testing or User Acceptance Testing (UAT) may be necessary to ensure every path is tested. However, in other scenarios, focusing on freeform, unscripted, exploratory testing allows testers to leverage their intuition and creativity to identify issues that automated tests might miss.

SpiraTest (which is part of SpiraTeam) provides world-class support for both traditional test case-based manual testing and freeform exploratory and session testing. Make sure that your test management solution will support the types of test activity that you will be performing.

Performance & Security Testing

In addition to verifying that the product works as intended, you will usually need to test other aspects such as performance (how well it works under different user loads) and security (how vulnerable it is to security penetration). They are out of the scope of this whitepaper, but you should make sure that tools you choose for your ALM and DevOps toolchain will interoperate cleanly with these tools. For example, SpiraTeam integrates with several different load testing tools (OctoPerf, JMeter, and WebLoad to name a few).

Depending on your industry and the nature of the application, there may be other specialized forms of testing needed (e.g. Section 508 testing for accessibility, Sarbanes-Oxley, FDA Testing, etc.)

4. Package

This component of the DevOps toolchain is critical yet frequently overlooked. Establishing a repeatable and reliable process for packaging all built and integrated code, documentation, data, and other artifacts from your CI build pipeline is essential for effective deployment and release.

Your packaging strategies and choices will largely depend on your delivery model and user needs. For installable software that customers deploy themselves, whether on-premise or within their own cloud platforms (Platform as a Service, or PaaS), the packaging process differs significantly from that used in a Software as a Service (SaaS) model. In SaaS, where you control the environment and users access your application via a provided URL, the packaging approach is tailored to this centralized delivery model.

Artifact Repository

For effective packaging, it’s essential to have tools and processes that automate the identification of changes in your software and ensure proper packaging of these items. For instance, when preparing a release with specific user stories, requirements, and bug fixes, you can track all relevant source code revisions and commits linked to these artifacts. This allows you to incorporate the appropriate source files and, ideally, documentation into the final package.

Additionally, leveraging your artifact repository can enable automated generation of release notes, system documentation, API documentation, and user guides, minimizing the risk of omissions or errors. Often, however, documentation generation and packaging are secondary to binary code, leading to potential frustrations for users and third-party developers.

SpiraTeam provides a robust API and set of reports that let you auto-generate documents such as the release notes as well as generate the final set of product binary code and installation process files that will be bundled together into the final product.

Cloud Deployment Strategies

For cloud-based deployments, it is crucial to package your software and associated artifacts to ensure seamless distribution to your chosen cloud platform, support rollback capabilities in case of deployment issues, and streamline the release process (as discussed in section 5). Unlike on-premise packages, cloud deployments offer more control over the environment and provide insights into the training level of your IT staff.

However, the packaging process must be adapted based on your tenancy model—whether single-tenant or multi-tenant. For single-tenant systems, the packaging process may resemble that of releasing a downloadable product. In contrast, multi-tenant systems require additional considerations, such as using "feature flags," to deploy updates to all customers while enabling new features only for those who are ready.

AWS CodeDeploy is a service offered by Amazon Web Services (AWS) that automates the process of deploying applications to a variety of compute services, including Amazon EC2 instances, on-premises servers, and AWS Lambda functions.

It helps you:

• Automate Deployments: Streamline the deployment process for your applications, reducing manual intervention and potential errors.

• Manage Rollbacks: Automatically roll back to a previous version if the deployment encounters issues.

• Control Deployment Strategies: Use strategies like rolling updates, blue/green deployments, or canary deployments to manage how your updates are rolled out.

• Monitor Deployments: Gain insights into deployment progress and status, and get notifications on deployment events.

• Integrate with Other AWS Services: Work seamlessly with services like AWS CodePipeline, AWS CloudFormation, and others to support continuous integration and delivery (CI/CD) workflows.

Containers, Images, Applications

When it comes to how to package cloud applications, in addition to simply providing the application as a package that is deployed, you can choose to package up a copy of the entire operating system, pre-requisite services (e.g. web server, database server) and your application. This is often called a “machine image” or virtual machine (VM) image. This has the advantage of being the quickest to deploy and restore, however it results in significant duplication of the stack, incurs additional license fees, and makes maintaining the OS and infrastructure costlier.

As a consequence, another strategy is to containerize your application, which is to package the application and a minimal set of infrastructure services into a single unit (called a container) that can be deployed multiple times in the same Operating System machine image.

This promises to give the deployment and scalability advantages of virtual machines, with reduced infrastructure overhead.

On-Premise Strategies

For on-premise deployments, it is essential to consolidate all build artifacts into a single package that facilitates easy delivery to the customer. Ideally, this final package should be self-installing (e.g., using Microsoft Installer (MSI) for Windows servers) and allow IT staff to configure the installation according to their specific environment. The package should also provide clear guidance on necessary prerequisites and include comprehensive documentation to support deployment and ongoing maintenance.

Alternatively you can simply create a Virtual Machine (VM) that can be deployed as a single image onto your on-premise virtualized infrastructure:

Our ALM product SpiraTeam and our automation tool Rapise are available for on-premise use, so we have first hand experience of some of the pitfalls. The main areas you should focus your attention on are: how the installation package will handle missing pre-requisites, upgrades from older versions, incorrect platform versions, and atypical security or environment settings that may affect the installation.

5. Release

When it comes to the release part of DevOps, there are several different components that need to be considered:

• Release Management

• Configuration Management

• Change Management

• Deployment Automation

Release Management

The release aspect of DevOps is built on the foundation of effectively describing, documenting, and managing all software versions. Your approach to release management will vary depending on your software lifecycle and release cadence.

For continuous delivery, you might release each build and user story directly into production as soon as they are completed. Alternatively, you may adopt a more incremental approach, where requirements from one or more sprints are packaged and released as a cohesive unit. This flexibility allows you to align your release strategy with your development processes and operational needs.

Regardless of your release strategy, it is essential to document planned releases, maintain a history of released versions, and detail the functionality included—such as requirements, user stories, defects, and bugs. Additionally, you need a method to track which packages are to be deployed, as defined in the Package phase of DevOps. Ideally, automate this process to dynamically adjust assets (code, tests, documentation, etc.) if features are removed or altered at the last minute.

For some organizations, completing a release allows you to shift focus to the next one. However, in regulated industries like Healthcare, Government, and Banking, managing multiple release baselines in parallel may be necessary. This includes the ability to compare release baselines and audit all changes.

When selecting a release management tool, ensure it aligns with your process and requirements. Some tools offer release baselining features, but these can introduce additional complexity and overhead if not properly managed or if the feature cannot be disabled.

Similarly, some customers need a formal release approval workflow, with signatures, signoff, and auditing; other customers can simply create a new release and deploy against it immediately. SpiraTeam has a built-in release workflow system, but it can be disabled for customers that need a more fluid, less process-driven approach.

Configuration Management

This aspect of the toolchain closely resembles the source code management features outlined in section 2. Once release plans are in place, it is crucial to maintain a comprehensive history of different product configurations.

For many customers, this typically involves managing source code, documentation, packages, and artifacts within the SCM system. However, for clients in regulated environments such as Healthcare, Defense, and Industrial Systems, it’s essential to maintain a detailed inventory of all items associated with each release. This includes versioning and tagging requirements, tasks, defects, issues, and related design artifacts with each release branch.

Depending on your needs, you might use your SCM tool to handle these additional items or leverage your ALM tool if it offers configuration management capabilities.

In addition, you should define your configuration branching and merging strategy. Do your teams work in multiple branches that are then integrated into a “main” or “develop” branch, or do you have primary development in the main branch, with patches and hotfixes solely in the other branches.

Change Management

Change management, closely related to configuration management, involves overseeing modifications to the final system, including tracking bugs and issues, and managing the approval of change requests and product enhancements. It is vital to establish a well-documented change management process that is endorsed by management and adheres to relevant quality or security standards (e.g., ISO 9001, PCI-DSS, SSAE 16).

Change management approaches can vary from lightweight, simple bug or issue triaging workflows to more complex strategies requiring multiple approval levels, external audits, and regulatory oversight (e.g., FDA validated systems). Ensure that your change management tools are equipped to support your specific process requirements.

Finally, you should make sure you have a well-defined production environment release and communications strategy, so that your users know and expect when product updates will be released, how the changes will affect them, and if you will have a standard or ad-hoc maintenance outage window (if the changes will necessitate a planned outage).

Deployment Automation

The final aspect involves automating the deployment of the release itself. For cloud customers, this may include pushing the package to a production environment, applying changes, triggering alerts and notifications for users, and/or adjusting feature flags to activate new functionality.

For on-premise customers, the process could involve uploading an installation package to a customer portal, emailing it directly, or utilizing an automated update process that retrieves the package from a central update service.

Regardless of the approach, maximizing automation and integrating it with other components of the release process—such as release management, configuration management, and change management—will help minimize the risk of avoidable errors. Tools like Octopus can streamline these steps by integrating with your CI tools and ALM platform, ensuring a smooth and efficient deployment process.

6. Configure

This component of the DevOps toolchain highlights the shift from traditional, fixed infrastructure resources—requiring substantial upfront investment and extended lead times—to a model of flexible, on-demand infrastructure provisioning.

The initial phase of this transformation involved moving from physical servers running a single Operating System (OS) to virtualized environments like VMware or Microsoft Hyper-V. These platforms enable the execution of multiple virtual machine images on a single physical server, significantly enhancing resource utilization and flexibility.

The second phase in this evolution was the adoption of Infrastructure as a Service (IaaS) platforms, such as Amazon Web Services (AWS) Elastic Compute Cloud (EC2). This transition transformed the provisioning of a new server from a lengthy, month-long project involving purchasing and installation into a quick, five-minute task—achieved with just a click of a button or a REST API call.

The third phase, known as Infrastructure as Code (IaC), advances this model further by allowing you to design, implement, and deploy infrastructure entirely through code. This approach provides the same level of control over infrastructure as you would have over databases, web services, and existing software components.

The final phase is called Continuous Configuration Automation (CCA) and is made popular by tool such as Chef or Puppet. It lets you change, configure, and automate infrastructure provisioning in the same way that AWS CodeBuild, AWS CodePipeline and other CI tools let you automate the building of software packages.

7. Monitor

Deploying packages and configuring infrastructure is just the beginning. A critical element of DevOps is implementing a comprehensive suite of monitoring, tracing, and event reporting tools. These tools are essential for detecting and addressing unanticipated changes before they affect end users.

Effective monitoring encompasses several key aspects, including technical environment monitoring, security monitoring, end-user experience monitoring, performance monitoring, business event notifications, trend analysis, and predictive maintenance. Additionally, end-user support plays a vital role in the DevOps lifecycle, closing the feedback loop with customers and users. We categorize these elements into three primary groups:

System Monitoring

When it comes to system monitoring, you usually need to ensure you have real-time automated monitoring of your systems and infrastructure that covers the following:

• Functional Monitoring – are all the systems working correctly, are the APIs available, do you have any outages. You can build your own tools (e.g. calling a sample of your APIs) or use commercial monitoring tools and services. You need to make sure you are testing realistically, for example having the testing tools outside your network to ensure network equipment failures are being monitored.

• Performance Monitoring – is the system responding normally to the current user load. Based on prior performance testing, is the system near its expected operational load and additional resources should be provisioned pro-actively to be ready to handle potential additional load. For example, tools such as Dynatrace allow real-time synthetic monitoring.

• Security Monitoring – is your system secure, with no exploitable vulnerabilities or active cyberattacks. There are a variety of commercial (and some limited open source) tools that can scan for vulnerabilities, perform penetration testing, monitor intrusion detection, and detect unusual network patterns that could indicate a cyberattack. For example, tools by Saint, and SecurityMetrics can be connected into your monitoring platform.

Business Monitoring

Incorporating business metrics into your DevOps monitoring platform is crucial for comprehensive oversight. Business events can often serve as early indicators—akin to a "canary in the coal mine"—alerting you to potential underlying technical issues.

For instance, if your e-commerce platform experiences a 20% decline in orders compared to the same period the previous week, it may signal a usability or performance problem (or even a partial outage) that hasn't yet been formally identified. To monitor these business metrics, you can utilize free tools like Google Analytics for real-time user behavior insights, as well as various commercial applications that provide monitoring and alerts based on business transactions and other key metrics.

User Monitoring

Your users play a vital role in the monitoring process. It is considered a best practice to integrate user support tools with your monitoring environment. For instance, your help desk system can provide valuable metrics, such as the number of support tickets per release package. A sudden increase in tickets for a particular area of the system may indicate insufficient test coverage or improper configuration for the current load.

In addition to offering insights into system stability and usability, user feedback and suggestions are essential resources that should be incorporated back into the DevOps toolchain. When planning your next release (refer to Section 1: Plan), leverage feedback collected through your support team and help desk to guide future enhancements and functionality.

Conclusion

Using SpiraTeam and TaraVault alongside AWS CodeBuild and Device Farm can enhance your DevOps toolchain by integrating capabilities that complement and extend the functionality of AWS services. Here’s why you might consider incorporating SpiraTeam and TaraVault:

1. Enhanced Project and Test Management

• SpiraTeam: Provides robust project management, requirement tracking, and test management features. It helps you manage project requirements, plan sprints, and track progress, offering end-to-end visibility from requirements through to release.

• AWS CodeBuild: Focuses primarily on building and testing code. While it handles continuous integration, SpiraTeam can manage and track test cases, defects, and overall project health more comprehensively.

2. Advanced Test Management

• SpiraTeam: Offers integrated test management tools that can work alongside AWS Device Farm, enabling you to create, manage, and execute test cases and track results more effectively.

• AWS Device Farm: Allows you to run automated tests on real devices. Combining it with SpiraTeam ensures detailed tracking of test results and defects, improving test coverage and reporting.

3. Improved Configuration and Release Management

• TaraVault: Provides advanced configuration management, version control, and release management features. It integrates with your existing DevOps tools to manage configuration changes, versioning, and deployment artifacts efficiently.

• AWS CodeBuild: Manages build processes but doesn’t provide extensive configuration management. TaraVault can fill this gap by handling configuration files, environment variables, and version control, ensuring consistency across deployments.

4. Integrated Feedback and Reporting

• SpiraTeam: Facilitates comprehensive reporting and dashboards that offer insights into project health, defect trends, and test coverage. It ensures that feedback from testing and user experiences is integrated into the development cycle.

• AWS Device Farm: Provides test results and performance data but integrating this data with SpiraTeam ensures it’s actionable and aligned with overall project metrics and goals.

5. Enhanced Collaboration and Traceability

• SpiraTeam: Offers features for better collaboration among development, QA, and project management teams. It ensures that all project artifacts and test results are linked to requirements and user stories, providing clear traceability.

• AWS CodeBuild: Focuses on build automation but may not offer the same level of collaboration and traceability features. SpiraTeam enhances these aspects, ensuring that everyone involved has access to relevant project information.

6. Customizable and Scalable Solutions

• SpiraTeam and TaraVault: Provide customization options to fit various development workflows and project needs. They scale with your project as it grows, offering flexible solutions that adapt to your requirements.

• AWS Services: Are highly scalable and integrate well with various tools but may not offer the same level of customization for project and configuration management.

In summary, SpiraTeam and TaraVault complement AWS CodeBuild and Device Farm by providing advanced project management, test management, and configuration management capabilities. They enhance the overall efficiency of your DevOps toolchain, offering a more integrated and comprehensive approach to managing development and deployment processes.