With Navigate around the corner, we felt now would be an opportune time to share our journey and experiences in implementing robust DevOps processes within our clients’ diverse environments. The world of Information Security is constantly evolving, and as a result, so are the tools and methodologies used to manage and automate security processes.
As organizations mature their implementations of IdentityIQ and IdentityNow, integrating a myriad of applications, crafting tailored workflows, and delineating intricate role relations, a pressing need emerges to automate the very tools designed for automation. In this blog series, we will explore how we developed a custom DevOps solution encompassing tools to streamline the development and maintenance of IdentityIQ and IdentityNow, enhancing our ability to manage rapidly growing codebases by catching errors and security risks before deployment, automating the deployment process to reduce deployment time and monitor the deployment process, and providing fully automated QA regression testing without the need of QA testing resources.
The posts for this series will start by focusing on challenges faced when standing up a pipeline for an IIQ project, discussing the infrastructure needed for building these pipelines, and then modeling how we stand up pipelines in our clients’ environments using a 3 phase approach.
Phase 1 Linting will cover how we start our pipelines by running a series of custom-built tools to perform actions such as XML and BeanShell linting, checking for plain text passwords, identifying deprecated classes/methods, and much more!
Phase 2 Deployment will focus on using clustering to speed up artifact build times, perform “snapshots” to ensure no code is ever lost due to a deployment, track ownership of changes, and the deployment itself.
Phase 3 QA Regression testing will focus on using available tools in IIQ/IDN and industry-standard testing tools to automate the manual task of navigating through the UI to ensure your changes are performing as expected.
We look forward to any questions and different approaches the community may have!