Application Lifecycle Management (ALM) collectively represents all activity streams that lend themselves to managing the lifecycle of enterprise applications.

The ecosystem comprises the following:

• Application planning and management
• Application source repositories management
• Application build/upgrade and release management
• Application test management
• Comprehensive tracking of enterprise application workstreams and more

DevOps as a methodology and philosophy is being increasingly utilized for application lifecycle management due to its ability to weave together IT operations, development streams, and governance effectively. It can push upgrades and changes without impacting existing users/ teams/operations.

Azure DevOps provides a comprehensive native toolset that can conveniently address all dimensions of the application lifecycle management.

 Azure DevOps has emerged as a trusted and efficient toolset and platform enabling and stimulating convergence of development, operations (testing, maintenance, and more), governance, requirements- management, etc. It is also a capable application lifecycle management framework.

Perspective on Azure DevOps market share

Microsoft is in the ‘Leader’ and ‘Challenger’ segments respectively in the recent Forrester Wave and Gartner Magic Quadrant releases for ‘continuous delivery and release automation.’ It has a steadily increasing market share, which is a proof of Azure DevOps’s value creation potential.

Its key competitors are Jenkins, GitLabs, and AWS CODEPIPELINE, among others. There are, however, some competitors, such as JIRA, Confluence, etc., that can potentially integrate with Azure DevOps and complement Azure DevOps. Integration with competing products must be consciously decided on while firming up DevOps tooling strategy.

Key Azure DevOps adoption drivers are simplicity, flexibility, and interoperability.

Key Azure DevOps application lifecycle management offerings

Azure DevOps provides a comprehensive work management toolkit enabling identification, creation, and allocation. It also tracks and monitors application lifecycle tasks and responsibilities, including project management, execution management, test management, capacity management, etc.

Application project planning and management

• Azure Boards enable the creation of product backlogs that support key agile methods, including scrum and kanban for planning and executing project tasks.
• Create project plans by adding Project, Epic, Feature, User Stories, etc. work items to backlogs for well-governed execution.
• Manage (altered/moved between groups/ranked, etc.) Work items easily on Azure Board implemented backlogs.
• Track performance markers, including Velocity and Progress, etc., effortlessly on Azure Boards using available analytics tools.

Application source code management

• Azure Repos help implement source repositories via options including Git & TFVC (Team Foundation Version Control) and offers utilities like Git tags for convenient repository visualization/management.

Application build and release automation

• Azure Pipelines offer best-in-class CI and CD Automation, enabling build definition, build execution, validation-automation, release-automation, and more.

Application test management

• Azure DevOps Manual Testing tools like Azure Test Plan help weave testing/test management into the application lifecycle framework, boosting synergies.

Collaborative application tracking

• Dashboards, Project Wiki, Work item discussion tools, alerts and notifications, feedback management, etc. Azure DevOps offerings enable collaborative and agile application tracking.

Typical Azure DevOps-driven application lifecycle flow

Figure 1 : High-level Azure DevOps Driven ALM Overview

Summary of a typical Azure DevOps implemented application lifecycle:

1. New requirements capture

• Product owner/equivalent-role captures new requirements for an application/product in Azure Boards through epic, features, user stories, etc.

2. Assessment/estimation

• Architects/product engineering teams (supported by business analysts, etc.) assess requirements and prepare user-story based estimates (in Azure Boards implemented backlogs)
• Work items are organized/ranked in the order of priority
• Estimates are added to user story work items
• Test leads/engineers leverage Azure Test Plans for test planning and estimation
• Capability implementation
• Developers implement backlog user stories in accordance with priority/plan and realize required capabilities

4. Capability validation and rollout

• Code review and commit
  • Developers share code with code reviewers for review
  • Code reviewers review code, and developers incorporate comments
  • Developers commit code to Azure Repos via pull requests
• Continuous Integration (CI) pipeline
  • An Azure CI pipeline is triggered post code commit
  • The CI pipeline performs:
    • Code build
    • Automated unit testing/code coverage testing
    • Automated code quality testing
    • Build output generation/publishing
    • Success/failure notifications
• Continuous Deployment (CD) pipeline
  • The CD pipeline deploys build output to the TEST environment
• Test execution
  • Testers test the deployment driven by Azure Test Plan
  • Defects are logged in Azure Boards for a developer to act on
  • Developers fix defects and commit code to Azure Repos, which re-triggers the CI and CD pipelines
  • Upon test approval, the CD pipeline promotes the build to UAT/staging
• UAT and rollout
  • Business users perform UAT and run the usual cycle of defect-remediation (Azure Boards Driven)
  • Upon UAT approval, the build gets promoted to production

Summing it all up and a little more

Figure 2: Azure DevOps Tooling Highlights

Azure DevOps provides a comprehensive native toolset that can conveniently address all dimensions of the application lifecycle management. However, Azure DevOps is typically integrated with a few third-party tools for the enrichment of capabilities, particularly in the areas of automated code quality testing, unit testing, functional testing, etc. Of late, there has been a specific focus on weaving Security Ops into application lifecycle management.

Tools such as Microfocus Fortify, HCLTech AppScan, Veracode help fulfill the needs of automated DAST (Dynamic Application Security Testing) and SAST (Static Application Security Testing) integration with Azure DevOps pipelines. This integration makes applications and ecosystems more secure.

Also, Azure DevOps pipelines significantly help with infrastructure management (provisioning, upgrade, etc.) of cloud-hosted applications with features like ARM (Azure Resource Manager) templates, which essentially enable code-driven cloud-infrastructure management (Infrastructure as Code – IaC).

Azure DevOps is a potent option for implementing lifecycle management of enterprise applications that must be considered while making tooling decisions.