[{"data":1,"prerenderedAt":797},["ShallowReactive",2],{"/en-us/blog/how-to-keep-up-with-ci-cd-best-practices":3,"navigation-en-us":41,"banner-en-us":441,"footer-en-us":451,"blog-post-authors-en-us-Itzik Gan Baruch":691,"blog-related-posts-en-us-how-to-keep-up-with-ci-cd-best-practices":705,"assessment-promotions-en-us":747,"next-steps-en-us":787},{"id":4,"title":5,"authorSlugs":6,"body":8,"categorySlug":9,"config":10,"content":14,"description":8,"extension":27,"isFeatured":12,"meta":28,"navigation":29,"path":30,"publishedDate":20,"seo":31,"stem":35,"tagSlugs":36,"__hash__":40},"blogPosts/en-us/blog/how-to-keep-up-with-ci-cd-best-practices.yml","How To Keep Up With Ci Cd Best Practices",[7],"itzik-gan-baruch",null,"insights",{"slug":11,"featured":12,"template":13},"how-to-keep-up-with-ci-cd-best-practices",false,"BlogPost",{"title":15,"description":16,"authors":17,"heroImage":19,"date":20,"updatedDate":21,"body":22,"category":9,"tags":23},"How to keep up with CI/CD best practices","In this post, we look at continuous integration/continuous delivery (CI/CD), how to implement some best practices, and why it is important.",[18],"Itzik Gan Baruch","https://res.cloudinary.com/about-gitlab-com/image/upload/v1756989645/fojzxakmfdea6jfqjkrl.png","2022-02-03","2025-09-29","\nContinuous integration and continuous delivery (CI/CD) are at the heart of any successful DevSecOps practice. Teams wanting to achieve modern software development must keep up with [CI/CD](https://about.gitlab.com/topics/ci-cd/) best practices. Here's what you need to know to make sure your team is on the right track.\n\n## What is CI/CD?\nIt's a tech process, it's a mindset, it's a series of steps... CI/CD is all of those things. Put simply, continuous integration (CI) enables DevSecOps teams to streamline code development using automation. CI simplifies software builds and source code integration, enables version control, and promotes greater collaboration via automation. Where CI leaves off, continuous delivery (CD) kicks in with automated testing and deployment. Not only does CD reduce the amount of hands-on time ops pros need to spend on delivery and deployment, it also enables teams to drastically reduce the number of tools required to manage the lifecycle. By integrating security scanning and compliance checks early in the pipeline, CI/CD enables a shift-left security approach that identifies and resolves issues before they reach production.\n\n## What are the best practices for CI/CD?\nIf you want to be successful with CI/CD, make continuous integration, delivery, and deployment your mantra as they are the cornerstones of software development practices. The goal of DevSecOps is to get software to users more quickly than traditional methods, and these development practices will help make that happen.\nHere are the most essential practices, ranked by importance:\n1. **Use a unified DevSecOps platform:** Consolidate your CI/CD tools into a single platform to reduce maintenance overhead, minimize context switching, and improve collaboration. Fewer tools mean less integration complexity and better user experience across development, security, and operations teams.\n2. **Automate everything:** Keep tweaking the CI/CD pipeline to ensure the \"continuous automation\" state is achieved. This includes automated testing, security scanning, deployment, and infrastructure provisioning.\n3. **Fail fast:** On the CI side, developers committing code need to know as quickly as possible if there are issues so they can roll the code back and fix it while it's fresh in their minds. The idea of \"fail fast\" helps reduce developer context switching too, which makes for happier DevSecOps professionals.\n4. **Commit frequently:** The more regular the code commits, the more benefit DevSecOps teams will see. Small, frequent changes are easier to review, test, and deploy safely.\n5. **Shift left on security:** CI/CD offers a good opportunity to integrate security scanning, vulnerability assessments, and compliance checks earlier in the process.\n6. **Leverage AI for pipeline troubleshooting:** Use AI-powered tools to automatically diagnose pipeline failures, identify root causes, and suggest fixes, reducing resolution time from hours to minutes.\n7. **Use feature flags/toggles:** Decouple deployment from release by using feature flags. This allows you to deploy code to production without exposing new features to users, enabling safer rollouts and instant rollbacks.\n8. **Monitor everything:** Implement comprehensive observability including application metrics, logs, and business KPIs. Set up alerts for both technical and business-critical thresholds.\n9. **Maintain pipeline as code:** Store your CI/CD pipeline configuration in version control alongside your application code. This ensures pipeline changes are tracked, reviewed, and can be rolled back.\n10. **Enable feedback loops:** Make sure there's an easy way for the entire team to receive (and contribute to) feedback. This includes monitoring, alerting, post-deployment validation, and continuous improvement processes.\n    \n## Continuous delivery best practices\nContinuous delivery/deployment feels like it deserves its own deep dive into best practices because CI often steals most of the headlines. Here are essential CD best practices:\n- **Start with your current setup:** Don't wait for a perfect platform. Begin by identifying bottlenecks in your existing deployment process and automate the most painful manual steps first.\n- **Embrace deployment strategies:** Implement progressive delivery techniques like [**blue-green deployments**](https://docs.gitlab.com/ci/environments/incremental_rollouts/#blue-green-deployment), [**canary releases**](https://docs.gitlab.com/user/project/canary_deployments/), or [**feature flags**](https://docs.gitlab.com/operations/feature_flags/) to reduce risk and enable safe rollbacks.\n- **Maintain environment parity:** Ensure development, staging, and production environments are as similar as possible. Use infrastructure as code to eliminate configuration drift.\n- **Automate deployment validation:** Build automated smoke tests and health checks that verify deployments immediately after release. Failed validations should trigger automatic rollbacks.\n- **Implement comprehensive monitoring:** Monitor both technical metrics (response times and error rates) and business KPIs (user engagement and conversion rates) to catch issues early.\n- **Practice zero-downtime deployments:** Design your applications and deployment process to handle updates without service interruption, using techniques like rolling updates or load balancer switches.\n- **Keep rollbacks simple:** Ensure you can quickly revert to the previous version. Test your rollback process regularly and make it a one-click operation when possible.\n- **Separate deployment from release:** Use feature flags to deploy code without immediately exposing new functionality to users, allowing for safer testing in production.\n## How to optimize the CI/CD pipeline\nA CI/CD pipeline is the automated series of steps that takes code from development to production. The typical pipeline includes: **build**, **test**, **security scan**, **deploy**, and **monitor**. While these steps can be done manually, automation is what makes CI/CD truly valuable. If it's time to optimize your CI/CD pipeline, consider these performance enhancements:\n### Optimize pipeline performance\n- Implement [build caching](https://docs.gitlab.com/ci/caching/) to avoid rebuilding unchanged components.\n- Use [conditional job](https://docs.gitlab.com/ci/jobs/job_rules/#rules-examples) execution to skip unnecessary steps when code hasn't changed\n- Optimize Docker images with multi-stage builds and smaller base images.\n### Enhance pipeline visibility\n- Add pipeline duration tracking to identify slow stages.\n- Implement detailed logging and artifact collection for troubleshooting.\n- Leverage [pipeline dashboards](https://docs.gitlab.com/user/operations_dashboard/) showing success rates and performance trends.\n### Optimize resource efficiency\n- Right-size your CI runners based on actual resource consumption.\n- Use spot instances or [auto-scaling](https://docs.gitlab.com/runner/runner_autoscale/) for cost-effective compute resources.\n- Clean up temporary resources and artifacts after pipeline completion.\n### Scale for team growth\n- Use [pipeline components](https://docs.gitlab.com/ci/components/) for consistency across projects.\n- Use dynamic environments that spin up and tear down automatically.\n- Set up [pipeline approval](https://docs.gitlab.com/ci/environments/deployment_approvals/) workflows for production deployments.\n## CI/CD deployment strategy\nRemember that CI/CD is about getting a software application into the hands of a customer that is better and done quicker than before. Organizations that adopt CI/CD find their productivity improves significantly. The trick is coming up with a deployment strategy that works for the individual organization. \nHere are some strategies to help make a deployment successful:\n- **Commit small changes:** Deploy small, incremental changes frequently rather than large releases. Small changes are easier to test, review, and roll back if issues arise, reducing deployment risk.\n- **Start small and scale:** Begin with less critical applications to build confidence and refine processes before tackling mission-critical systems\n- **Implement automated rollbacks:** Define clear criteria for automatic rollbacks based on error rates, performance metrics, or health checks\n- **Practice deployment rehearsals:** Regularly test your deployment process in staging environments that mirror production\n- **Establish deployment windows:** Schedule deployments during low-traffic periods initially, then move toward continuous deployment as confidence grows\n- **Monitor deployment impact:** Track both technical metrics (response time, error rates) and business metrics (user engagement, conversion rates) after each deployment\n## How to measure the success of CI/CD\nDevSecOps teams can't know how well their CI/CD practices are going unless they measure them. Metrics play an important role in improving system performance and helping to identify where value can be added. Here are the essential metrics to employ:\n### The four DORA metrics\nModern teams rely on the [DORA framework](https://docs.gitlab.com/user/analytics/dora_metrics/), which identifies four key metrics that correlate strongly with organizational performance:\n### Deployment frequency\nHow often your team successfully releases code to production. Elite performers deploy multiple times per day, while high performers deploy daily to weekly. This metric indicates your team's ability to deliver value and respond to market demands.\n### Lead time for changes\nTime from code commit to production deployment. Elite performers achieve lead times under one day, high performers range from one day to one week. If commits take weeks to reach production, your pipeline needs optimization.\n### Change failure rate\nPercentage of deployments causing production failures requiring hotfixes or rollbacks. Elite performers maintain up to 15% failure rates, high performers see 16%-30%. High failure rates indicate quality problems in your testing and deployment practices.\n### Mean time to recovery\nHow quickly your team restores service after deployment failures. Elite performers recover in under one hour, high performers in under one day. Fast recovery requires robust monitoring and automated rollback capabilities.\n### Additional CI/CD metrics\nBeyond the core DORA metrics, teams often track these operational indicators:\n### Infrastructure costs\nCloud-native CI/CD can result in significant expenses if not managed properly. Efficient practices that reduce build times and optimize resource usage directly impact operational costs.\n### Team retention\nHappy developers stick around. When teams collaborate effectively on CI/CD practices, retention follows. Declining retention rates can signal problems with tooling or deployment workflows that developers may hesitate to voice directly.\n### Business impact of CI/CD metrics\nThese technical metrics directly translate to business outcomes:\n- Faster deployment frequency reduces time-to-market and improves customer responsiveness. This represents the **speed of innovation and market responsiveness**.\n- Shorter lead times enable quicker feature delivery and bug fixes, enhancing customer satisfaction. This measures the **time from idea to customer value**.\n- Lower change failure rates reduce support costs and minimize customer impact from production issues. This indicates **quality and customer experience reliability**.\n- Improved mean time to recovery protects revenue during outages and maintains service reliability. This reflects **business continuity and risk mitigation capability**.\n### Competitive advantage\n\n The [DORA research program](https://cloud.google.com/blog/products/ai-machine-learning/announcing-the-2025-dora-report) has found that high-performing organizations consistently demonstrate better business outcomes across multiple dimensions. \n\n> **Teams with strong CI/CD metrics report improved productivity, better customer satisfaction, and enhanced ability to compete in fast-moving markets**.\n## What are the benefits of following CI/CD best practices?\nWhen best practices are followed, the benefits of CI/CD are felt most importantly by your customers, and then throughout your organization. Here are the key benefits:\n- **Customers get features and fixes faster.** CI/CD enables rapid delivery of new functionality and bug fixes, directly improving the user experience and keeping customers satisfied with continuous improvements.\n- **Higher quality, more reliable software.** Automated testing and gradual rollouts mean fewer bugs reach production, resulting in more stable applications that customers can depend on.\n- **Faster response to customer feedback.** Short development cycles allow teams to quickly implement customer requests and address issues, showing customers their input is valued and acted upon rapidly.\n- **Better uptime and performance.** Automated monitoring and quick rollback capabilities mean customer-facing issues are resolved faster, minimizing service disruptions.\n- **More innovative features.** When developers spend less time on manual processes and firefighting, they can focus on building features that truly add customer value and differentiate your product.\n- **Improved customer support.** Faster deployment cycles mean customer-reported issues can be fixed and deployed quickly, rather than waiting for the next major release cycle.\n\nThe internal benefits naturally follow: happier developers, better collaboration between teams, reduced operational overhead, and easier talent retention — all of which ultimately contribute to delivering better customer experiences.\n    \n## How can I implement CI/CD in my organization?\nBefore any software is implemented, it's key to determine what the business drivers are and the same goes for adopting CI/CD. All development stakeholders should be involved early on in the implementation process. Developers should provide input since they will be the main users of a product. \n\nMake sure to do your due diligence when researching software that enables CI/CD, and ask about free trials. \n\nWhile it may seem counterintuitive since CI/CD is about accelerating the pace of software delivery in an automated fashion, start the process with a mentality of slow and steady. The boost in efficiency will decline if bugs are steadily moving into the finished application. \n\nIt's important to have consistency in the integration process. Perform unit tests, trigger releases manually and track metrics. Then determine what can and should be automated.\n> Get started today with CI/CD by signing up for [a free trial of GitLab Ultimate with Duo Enterprise](https://about.gitlab.com/free-trial/devsecops/).\n",[24,25,26],"CI","CD","DevSecOps","yml",{},true,"/en-us/blog/how-to-keep-up-with-ci-cd-best-practices",{"title":15,"description":16,"ogTitle":15,"ogDescription":16,"noIndex":12,"ogImage":19,"ogUrl":32,"ogSiteName":33,"ogType":34,"canonicalUrls":32},"https://about.gitlab.com/blog/how-to-keep-up-with-ci-cd-best-practices","https://about.gitlab.com","article","en-us/blog/how-to-keep-up-with-ci-cd-best-practices",[37,38,39],"ci","cd","devsecops","iRu5S4t6dn8tQZGgxb9GagO4NFfatUbTZ6WOzMkSd_A",{"data":42},{"logo":43,"freeTrial":48,"sales":53,"login":58,"items":63,"search":371,"minimal":402,"duo":421,"pricingDeployment":431},{"config":44},{"href":45,"dataGaName":46,"dataGaLocation":47},"/","gitlab logo","header",{"text":49,"config":50},"Get free trial",{"href":51,"dataGaName":52,"dataGaLocation":47},"https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com&glm_content=default-saas-trial/","free trial",{"text":54,"config":55},"Talk to sales",{"href":56,"dataGaName":57,"dataGaLocation":47},"/sales/","sales",{"text":59,"config":60},"Sign in",{"href":61,"dataGaName":62,"dataGaLocation":47},"https://gitlab.com/users/sign_in/","sign in",[64,91,186,191,292,352],{"text":65,"config":66,"cards":68},"Platform",{"dataNavLevelOne":67},"platform",[69,75,83],{"title":65,"description":70,"link":71},"The intelligent orchestration platform for DevSecOps",{"text":72,"config":73},"Explore our Platform",{"href":74,"dataGaName":67,"dataGaLocation":47},"/platform/",{"title":76,"description":77,"link":78},"GitLab Duo Agent Platform","Agentic AI for the entire software lifecycle",{"text":79,"config":80},"Meet GitLab Duo",{"href":81,"dataGaName":82,"dataGaLocation":47},"/gitlab-duo-agent-platform/","gitlab duo agent platform",{"title":84,"description":85,"link":86},"Why GitLab","See the top reasons enterprises choose GitLab",{"text":87,"config":88},"Learn more",{"href":89,"dataGaName":90,"dataGaLocation":47},"/why-gitlab/","why gitlab",{"text":92,"left":29,"config":93,"link":95,"lists":99,"footer":168},"Product",{"dataNavLevelOne":94},"solutions",{"text":96,"config":97},"View all Solutions",{"href":98,"dataGaName":94,"dataGaLocation":47},"/solutions/",[100,124,147],{"title":101,"description":102,"link":103,"items":108},"Automation","CI/CD and automation to accelerate deployment",{"config":104},{"icon":105,"href":106,"dataGaName":107,"dataGaLocation":47},"AutomatedCodeAlt","/solutions/delivery-automation/","automated software delivery",[109,113,116,120],{"text":110,"config":111},"CI/CD",{"href":112,"dataGaLocation":47,"dataGaName":110},"/solutions/continuous-integration/",{"text":76,"config":114},{"href":81,"dataGaLocation":47,"dataGaName":115},"gitlab duo agent platform - product menu",{"text":117,"config":118},"Source Code Management",{"href":119,"dataGaLocation":47,"dataGaName":117},"/solutions/source-code-management/",{"text":121,"config":122},"Automated Software Delivery",{"href":106,"dataGaLocation":47,"dataGaName":123},"Automated software delivery",{"title":125,"description":126,"link":127,"items":132},"Security","Deliver code faster without compromising security",{"config":128},{"href":129,"dataGaName":130,"dataGaLocation":47,"icon":131},"/solutions/application-security-testing/","security and compliance","ShieldCheckLight",[133,137,142],{"text":134,"config":135},"Application Security Testing",{"href":129,"dataGaName":136,"dataGaLocation":47},"Application security testing",{"text":138,"config":139},"Software Supply Chain Security",{"href":140,"dataGaLocation":47,"dataGaName":141},"/solutions/supply-chain/","Software supply chain security",{"text":143,"config":144},"Software Compliance",{"href":145,"dataGaName":146,"dataGaLocation":47},"/solutions/software-compliance/","software compliance",{"title":148,"link":149,"items":154},"Measurement",{"config":150},{"icon":151,"href":152,"dataGaName":153,"dataGaLocation":47},"DigitalTransformation","/solutions/visibility-measurement/","visibility and measurement",[155,159,163],{"text":156,"config":157},"Visibility & Measurement",{"href":152,"dataGaLocation":47,"dataGaName":158},"Visibility and Measurement",{"text":160,"config":161},"Value Stream Management",{"href":162,"dataGaLocation":47,"dataGaName":160},"/solutions/value-stream-management/",{"text":164,"config":165},"Analytics & Insights",{"href":166,"dataGaLocation":47,"dataGaName":167},"/solutions/analytics-and-insights/","Analytics and insights",{"title":169,"items":170},"GitLab for",[171,176,181],{"text":172,"config":173},"Enterprise",{"href":174,"dataGaLocation":47,"dataGaName":175},"/enterprise/","enterprise",{"text":177,"config":178},"Small Business",{"href":179,"dataGaLocation":47,"dataGaName":180},"/small-business/","small business",{"text":182,"config":183},"Public Sector",{"href":184,"dataGaLocation":47,"dataGaName":185},"/solutions/public-sector/","public sector",{"text":187,"config":188},"Pricing",{"href":189,"dataGaName":190,"dataGaLocation":47,"dataNavLevelOne":190},"/pricing/","pricing",{"text":192,"config":193,"link":195,"lists":199,"feature":279},"Resources",{"dataNavLevelOne":194},"resources",{"text":196,"config":197},"View all resources",{"href":198,"dataGaName":194,"dataGaLocation":47},"/resources/",[200,233,251],{"title":201,"items":202},"Getting started",[203,208,213,218,223,228],{"text":204,"config":205},"Install",{"href":206,"dataGaName":207,"dataGaLocation":47},"/install/","install",{"text":209,"config":210},"Quick start guides",{"href":211,"dataGaName":212,"dataGaLocation":47},"/get-started/","quick setup checklists",{"text":214,"config":215},"Learn",{"href":216,"dataGaLocation":47,"dataGaName":217},"https://university.gitlab.com/","learn",{"text":219,"config":220},"Product documentation",{"href":221,"dataGaName":222,"dataGaLocation":47},"https://docs.gitlab.com/","product documentation",{"text":224,"config":225},"Best practice videos",{"href":226,"dataGaName":227,"dataGaLocation":47},"/getting-started-videos/","best practice videos",{"text":229,"config":230},"Integrations",{"href":231,"dataGaName":232,"dataGaLocation":47},"/integrations/","integrations",{"title":234,"items":235},"Discover",[236,241,246],{"text":237,"config":238},"Customer success stories",{"href":239,"dataGaName":240,"dataGaLocation":47},"/customers/","customer success stories",{"text":242,"config":243},"Blog",{"href":244,"dataGaName":245,"dataGaLocation":47},"/blog/","blog",{"text":247,"config":248},"Remote",{"href":249,"dataGaName":250,"dataGaLocation":47},"https://handbook.gitlab.com/handbook/company/culture/all-remote/","remote",{"title":252,"items":253},"Connect",[254,259,264,269,274],{"text":255,"config":256},"GitLab Services",{"href":257,"dataGaName":258,"dataGaLocation":47},"/services/","services",{"text":260,"config":261},"Community",{"href":262,"dataGaName":263,"dataGaLocation":47},"/community/","community",{"text":265,"config":266},"Forum",{"href":267,"dataGaName":268,"dataGaLocation":47},"https://forum.gitlab.com/","forum",{"text":270,"config":271},"Events",{"href":272,"dataGaName":273,"dataGaLocation":47},"/events/","events",{"text":275,"config":276},"Partners",{"href":277,"dataGaName":278,"dataGaLocation":47},"/partners/","partners",{"backgroundColor":280,"textColor":281,"text":282,"image":283,"link":287},"#2f2a6b","#fff","Insights for the future of software development",{"altText":284,"config":285},"the source promo card",{"src":286},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1758208064/dzl0dbift9xdizyelkk4.svg",{"text":288,"config":289},"Read the latest",{"href":290,"dataGaName":291,"dataGaLocation":47},"/the-source/","the source",{"text":293,"config":294,"lists":296},"Company",{"dataNavLevelOne":295},"company",[297],{"items":298},[299,304,310,312,317,322,327,332,337,342,347],{"text":300,"config":301},"About",{"href":302,"dataGaName":303,"dataGaLocation":47},"/company/","about",{"text":305,"config":306,"footerGa":309},"Jobs",{"href":307,"dataGaName":308,"dataGaLocation":47},"/jobs/","jobs",{"dataGaName":308},{"text":270,"config":311},{"href":272,"dataGaName":273,"dataGaLocation":47},{"text":313,"config":314},"Leadership",{"href":315,"dataGaName":316,"dataGaLocation":47},"/company/team/e-group/","leadership",{"text":318,"config":319},"Team",{"href":320,"dataGaName":321,"dataGaLocation":47},"/company/team/","team",{"text":323,"config":324},"Handbook",{"href":325,"dataGaName":326,"dataGaLocation":47},"https://handbook.gitlab.com/","handbook",{"text":328,"config":329},"Investor relations",{"href":330,"dataGaName":331,"dataGaLocation":47},"https://ir.gitlab.com/","investor relations",{"text":333,"config":334},"Trust Center",{"href":335,"dataGaName":336,"dataGaLocation":47},"/security/","trust center",{"text":338,"config":339},"AI Transparency Center",{"href":340,"dataGaName":341,"dataGaLocation":47},"/ai-transparency-center/","ai transparency center",{"text":343,"config":344},"Newsletter",{"href":345,"dataGaName":346,"dataGaLocation":47},"/company/contact/#contact-forms","newsletter",{"text":348,"config":349},"Press",{"href":350,"dataGaName":351,"dataGaLocation":47},"/press/","press",{"text":353,"config":354,"lists":355},"Contact us",{"dataNavLevelOne":295},[356],{"items":357},[358,361,366],{"text":54,"config":359},{"href":56,"dataGaName":360,"dataGaLocation":47},"talk to sales",{"text":362,"config":363},"Support portal",{"href":364,"dataGaName":365,"dataGaLocation":47},"https://support.gitlab.com","support portal",{"text":367,"config":368},"Customer portal",{"href":369,"dataGaName":370,"dataGaLocation":47},"https://customers.gitlab.com/customers/sign_in/","customer portal",{"close":372,"login":373,"suggestions":380},"Close",{"text":374,"link":375},"To search repositories and projects, login to",{"text":376,"config":377},"gitlab.com",{"href":61,"dataGaName":378,"dataGaLocation":379},"search login","search",{"text":381,"default":382},"Suggestions",[383,385,389,391,395,399],{"text":76,"config":384},{"href":81,"dataGaName":76,"dataGaLocation":379},{"text":386,"config":387},"Code Suggestions (AI)",{"href":388,"dataGaName":386,"dataGaLocation":379},"/solutions/code-suggestions/",{"text":110,"config":390},{"href":112,"dataGaName":110,"dataGaLocation":379},{"text":392,"config":393},"GitLab on AWS",{"href":394,"dataGaName":392,"dataGaLocation":379},"/partners/technology-partners/aws/",{"text":396,"config":397},"GitLab on Google Cloud",{"href":398,"dataGaName":396,"dataGaLocation":379},"/partners/technology-partners/google-cloud-platform/",{"text":400,"config":401},"Why GitLab?",{"href":89,"dataGaName":400,"dataGaLocation":379},{"freeTrial":403,"mobileIcon":408,"desktopIcon":413,"secondaryButton":416},{"text":404,"config":405},"Start free trial",{"href":406,"dataGaName":52,"dataGaLocation":407},"https://gitlab.com/-/trials/new/","nav",{"altText":409,"config":410},"Gitlab Icon",{"src":411,"dataGaName":412,"dataGaLocation":407},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1758203874/jypbw1jx72aexsoohd7x.svg","gitlab icon",{"altText":409,"config":414},{"src":415,"dataGaName":412,"dataGaLocation":407},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1758203875/gs4c8p8opsgvflgkswz9.svg",{"text":417,"config":418},"Get Started",{"href":419,"dataGaName":420,"dataGaLocation":407},"https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com/compare/gitlab-vs-github/","get started",{"freeTrial":422,"mobileIcon":427,"desktopIcon":429},{"text":423,"config":424},"Learn more about GitLab Duo",{"href":425,"dataGaName":426,"dataGaLocation":407},"/gitlab-duo/","gitlab duo",{"altText":409,"config":428},{"src":411,"dataGaName":412,"dataGaLocation":407},{"altText":409,"config":430},{"src":415,"dataGaName":412,"dataGaLocation":407},{"freeTrial":432,"mobileIcon":437,"desktopIcon":439},{"text":433,"config":434},"Back to pricing",{"href":189,"dataGaName":435,"dataGaLocation":407,"icon":436},"back to pricing","GoBack",{"altText":409,"config":438},{"src":411,"dataGaName":412,"dataGaLocation":407},{"altText":409,"config":440},{"src":415,"dataGaName":412,"dataGaLocation":407},{"title":442,"button":443,"config":448},"See how agentic AI transforms software delivery",{"text":444,"config":445},"Watch GitLab Transcend now",{"href":446,"dataGaName":447,"dataGaLocation":47},"/events/transcend/virtual/","transcend event",{"layout":449,"icon":450},"release","AiStar",{"data":452},{"text":453,"source":454,"edit":460,"contribute":465,"config":470,"items":475,"minimal":680},"Git is a trademark of Software Freedom Conservancy and our use of 'GitLab' is under license",{"text":455,"config":456},"View page source",{"href":457,"dataGaName":458,"dataGaLocation":459},"https://gitlab.com/gitlab-com/marketing/digital-experience/about-gitlab-com/","page source","footer",{"text":461,"config":462},"Edit this page",{"href":463,"dataGaName":464,"dataGaLocation":459},"https://gitlab.com/gitlab-com/marketing/digital-experience/about-gitlab-com/-/blob/main/content/","web ide",{"text":466,"config":467},"Please contribute",{"href":468,"dataGaName":469,"dataGaLocation":459},"https://gitlab.com/gitlab-com/marketing/digital-experience/about-gitlab-com/-/blob/main/CONTRIBUTING.md/","please contribute",{"twitter":471,"facebook":472,"youtube":473,"linkedin":474},"https://twitter.com/gitlab","https://www.facebook.com/gitlab","https://www.youtube.com/channel/UCnMGQ8QHMAnVIsI3xJrihhg","https://www.linkedin.com/company/gitlab-com",[476,523,575,619,646],{"title":187,"links":477,"subMenu":492},[478,482,487],{"text":479,"config":480},"View plans",{"href":189,"dataGaName":481,"dataGaLocation":459},"view plans",{"text":483,"config":484},"Why Premium?",{"href":485,"dataGaName":486,"dataGaLocation":459},"/pricing/premium/","why premium",{"text":488,"config":489},"Why Ultimate?",{"href":490,"dataGaName":491,"dataGaLocation":459},"/pricing/ultimate/","why ultimate",[493],{"title":494,"links":495},"Contact Us",[496,499,501,503,508,513,518],{"text":497,"config":498},"Contact sales",{"href":56,"dataGaName":57,"dataGaLocation":459},{"text":362,"config":500},{"href":364,"dataGaName":365,"dataGaLocation":459},{"text":367,"config":502},{"href":369,"dataGaName":370,"dataGaLocation":459},{"text":504,"config":505},"Status",{"href":506,"dataGaName":507,"dataGaLocation":459},"https://status.gitlab.com/","status",{"text":509,"config":510},"Terms of use",{"href":511,"dataGaName":512,"dataGaLocation":459},"/terms/","terms of use",{"text":514,"config":515},"Privacy statement",{"href":516,"dataGaName":517,"dataGaLocation":459},"/privacy/","privacy statement",{"text":519,"config":520},"Cookie preferences",{"dataGaName":521,"dataGaLocation":459,"id":522,"isOneTrustButton":29},"cookie preferences","ot-sdk-btn",{"title":92,"links":524,"subMenu":533},[525,529],{"text":526,"config":527},"DevSecOps platform",{"href":74,"dataGaName":528,"dataGaLocation":459},"devsecops platform",{"text":530,"config":531},"AI-Assisted Development",{"href":425,"dataGaName":532,"dataGaLocation":459},"ai-assisted development",[534],{"title":535,"links":536},"Topics",[537,542,547,552,557,560,565,570],{"text":538,"config":539},"CICD",{"href":540,"dataGaName":541,"dataGaLocation":459},"/topics/ci-cd/","cicd",{"text":543,"config":544},"GitOps",{"href":545,"dataGaName":546,"dataGaLocation":459},"/topics/gitops/","gitops",{"text":548,"config":549},"DevOps",{"href":550,"dataGaName":551,"dataGaLocation":459},"/topics/devops/","devops",{"text":553,"config":554},"Version Control",{"href":555,"dataGaName":556,"dataGaLocation":459},"/topics/version-control/","version control",{"text":26,"config":558},{"href":559,"dataGaName":39,"dataGaLocation":459},"/topics/devsecops/",{"text":561,"config":562},"Cloud Native",{"href":563,"dataGaName":564,"dataGaLocation":459},"/topics/cloud-native/","cloud native",{"text":566,"config":567},"AI for Coding",{"href":568,"dataGaName":569,"dataGaLocation":459},"/topics/devops/ai-for-coding/","ai for coding",{"text":571,"config":572},"Agentic AI",{"href":573,"dataGaName":574,"dataGaLocation":459},"/topics/agentic-ai/","agentic ai",{"title":576,"links":577},"Solutions",[578,580,582,587,591,594,598,601,603,606,609,614],{"text":134,"config":579},{"href":129,"dataGaName":134,"dataGaLocation":459},{"text":123,"config":581},{"href":106,"dataGaName":107,"dataGaLocation":459},{"text":583,"config":584},"Agile development",{"href":585,"dataGaName":586,"dataGaLocation":459},"/solutions/agile-delivery/","agile delivery",{"text":588,"config":589},"SCM",{"href":119,"dataGaName":590,"dataGaLocation":459},"source code management",{"text":538,"config":592},{"href":112,"dataGaName":593,"dataGaLocation":459},"continuous integration & delivery",{"text":595,"config":596},"Value stream management",{"href":162,"dataGaName":597,"dataGaLocation":459},"value stream management",{"text":543,"config":599},{"href":600,"dataGaName":546,"dataGaLocation":459},"/solutions/gitops/",{"text":172,"config":602},{"href":174,"dataGaName":175,"dataGaLocation":459},{"text":604,"config":605},"Small business",{"href":179,"dataGaName":180,"dataGaLocation":459},{"text":607,"config":608},"Public sector",{"href":184,"dataGaName":185,"dataGaLocation":459},{"text":610,"config":611},"Education",{"href":612,"dataGaName":613,"dataGaLocation":459},"/solutions/education/","education",{"text":615,"config":616},"Financial services",{"href":617,"dataGaName":618,"dataGaLocation":459},"/solutions/finance/","financial services",{"title":192,"links":620},[621,623,625,627,630,632,634,636,638,640,642,644],{"text":204,"config":622},{"href":206,"dataGaName":207,"dataGaLocation":459},{"text":209,"config":624},{"href":211,"dataGaName":212,"dataGaLocation":459},{"text":214,"config":626},{"href":216,"dataGaName":217,"dataGaLocation":459},{"text":219,"config":628},{"href":221,"dataGaName":629,"dataGaLocation":459},"docs",{"text":242,"config":631},{"href":244,"dataGaName":245,"dataGaLocation":459},{"text":237,"config":633},{"href":239,"dataGaName":240,"dataGaLocation":459},{"text":247,"config":635},{"href":249,"dataGaName":250,"dataGaLocation":459},{"text":255,"config":637},{"href":257,"dataGaName":258,"dataGaLocation":459},{"text":260,"config":639},{"href":262,"dataGaName":263,"dataGaLocation":459},{"text":265,"config":641},{"href":267,"dataGaName":268,"dataGaLocation":459},{"text":270,"config":643},{"href":272,"dataGaName":273,"dataGaLocation":459},{"text":275,"config":645},{"href":277,"dataGaName":278,"dataGaLocation":459},{"title":293,"links":647},[648,650,652,654,656,658,660,664,669,671,673,675],{"text":300,"config":649},{"href":302,"dataGaName":295,"dataGaLocation":459},{"text":305,"config":651},{"href":307,"dataGaName":308,"dataGaLocation":459},{"text":313,"config":653},{"href":315,"dataGaName":316,"dataGaLocation":459},{"text":318,"config":655},{"href":320,"dataGaName":321,"dataGaLocation":459},{"text":323,"config":657},{"href":325,"dataGaName":326,"dataGaLocation":459},{"text":328,"config":659},{"href":330,"dataGaName":331,"dataGaLocation":459},{"text":661,"config":662},"Sustainability",{"href":663,"dataGaName":661,"dataGaLocation":459},"/sustainability/",{"text":665,"config":666},"Diversity, inclusion and belonging (DIB)",{"href":667,"dataGaName":668,"dataGaLocation":459},"/diversity-inclusion-belonging/","Diversity, inclusion and belonging",{"text":333,"config":670},{"href":335,"dataGaName":336,"dataGaLocation":459},{"text":343,"config":672},{"href":345,"dataGaName":346,"dataGaLocation":459},{"text":348,"config":674},{"href":350,"dataGaName":351,"dataGaLocation":459},{"text":676,"config":677},"Modern Slavery Transparency Statement",{"href":678,"dataGaName":679,"dataGaLocation":459},"https://handbook.gitlab.com/handbook/legal/modern-slavery-act-transparency-statement/","modern slavery transparency statement",{"items":681},[682,685,688],{"text":683,"config":684},"Terms",{"href":511,"dataGaName":512,"dataGaLocation":459},{"text":686,"config":687},"Cookies",{"dataGaName":521,"dataGaLocation":459,"id":522,"isOneTrustButton":29},{"text":689,"config":690},"Privacy",{"href":516,"dataGaName":517,"dataGaLocation":459},[692],{"id":693,"title":18,"body":8,"config":694,"content":696,"description":8,"extension":27,"meta":700,"navigation":29,"path":701,"seo":702,"stem":703,"__hash__":704},"blogAuthors/en-us/blog/authors/itzik-gan-baruch.yml",{"template":695},"BlogAuthor",{"name":18,"config":697},{"headshot":698,"ctfId":699},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1749658921/Blog/Author%20Headshots/iganbaruch-headshot.jpg","iganbaruch",{},"/en-us/blog/authors/itzik-gan-baruch",{},"en-us/blog/authors/itzik-gan-baruch","bz9VMiTQ1ixvnoxUFk0jiUcnLG3oQsymgXNCqyRqfsk",[706,721,734],{"content":707,"config":719},{"title":708,"description":709,"authors":710,"heroImage":712,"date":713,"body":714,"category":9,"tags":715},"How we overhauled GitLab navigation","Users weren't getting what they needed from our navigation. Here are the steps we took to turn that experience around.",[711],"Ashley Knobloch","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749682884/Blog/Hero%20Images/navigation.jpg","2023-08-15","\nGitLab navigation was complex and confusing - that was the message we received from our users through issues and other feedback channels. Initially, to address these concerns, we conducted research around proposed solutions, but quickly found they wouldn't help users achieve their goals well enough to warrant implementing them. In the process of learning what wasn't working and what wouldn't work, we still didn't have clarity around *why* the navigation wasn't working. This article chronicles our journey to finding that clarity and developing navigation that is easier to use and better suited to our users' needs.\n\n## Our approach\nAs a first step, we reviewed past research and user feedback to ensure we had a solid understanding of what we had done and learned already. We found that we still needed more insight into why proposed changes weren’t receiving enough positive feedback to implement them.\n\nOur goals were straightforward:\n- understand what users are doing in GitLab\n- study how they navigate the platform\n- learn why they need certain navigation elements\n\nOur perspective shifted from validating proposed solutions to going back to revalidate the problems that exist with our navigation experience. Our hypothesis was that with a deeper understanding of our users’ behavior and mental models for how they navigate around GitLab, we could develop concepts to better match their needs and improve their overall experience.\n\nThe scope of features in GitLab and the number of user personas across GitLab made this challenging. We have [16 personas](https://handbook.gitlab.com/handbook/product/personas/#user-personas) to represent different types of users, all with unique goals and techniques to achieve those goals. We focused our efforts on a subset of those personas that best represented usage across GitLab to ensure a holistic understanding of different user needs. We wanted to learn how navigation among different personas was similar and where it differed, what worked well with the current navigation, and what challenges users faced.\n\n## Studying key persona cohorts\nWe conducted [diary studies](https://handbook.gitlab.com/handbook/product/ux/ux-research/diary-studies/) with cohorts of our key personas to learn what their primary tasks and workflows were at a deeper level. This provided us with many real-world examples of how they navigate to their tasks and why. We also learned what worked well with their current workflows, what pain points existed, and what workarounds were being used (such as creating browser bookmarks, typing in the URL to pull browser history, or keeping a bunch of browser tabs open) to streamline their tasks in GitLab.\n\nWe learned that for some users, many of their primary tasks don’t require much navigation within GitLab because they use outside tools that link into GitLab through notifications (e.g., Slack and email) or use direct links through other tools. We also learned that often users’ work is quite scoped in GitLab, and they would like easier access to some of their core features without having to wade through all of the other features they don’t use. This illuminated some unmet needs that would improve their workflows, such as having the ability to customize navigation to access things important to them more quickly and streamline their path to relevant projects.\n\nLearning more about our users from a foundational perspective ensured that we had a solid base to build upon when considering changes to the navigation.\n\n## Anchoring to a North Star\nTo anchor the redesign process in user problems more broadly, a review of past feedback was analyzed that revealed three overarching themes with navigation-related feedback. These themes helped to guide the process and to remind us of the key problems we were trying to solve:\n- minimize feeling overwhelmed (ability to customize left sidebar)\n- orient users across the platform (differentiating groups and projects)\n- pick up where you left off (switching contexts)\n\nThe team continually mapped back design concepts to these themes to ensure potential solutions were rooted in user problems.\n\n## Evaluating and iterating\nNext, several navigation design concepts were developed and shared with users for feedback. Multiple rounds of [solution validation testing](https://handbook.gitlab.com/handbook/product/ux/ux-research/solution-validation-and-methods/) were conducted with our key personas to determine which design concepts to move forward with. The testing revealed how users felt about each design and also how well each design supported users completing core tasks. We identified a final concept that supported mature and new GitLab users with common workflows.\n\n## Understanding mental models for sidebar organization\nWe wanted to revisit our groupings in the left sidebar because we’ve heard over time that the organization can be confusing and unintuitive, especially some categories such as Operations. We needed to understand our users’ mental models for how they would group these items, and why. Learning the thought processes behind their organization was critical for us to know what changes to make that would align with user expectations.\n\nWe ran facilitated [card sort](https://handbook.gitlab.com/handbook/product/ux/ux-research/mental-modeling/#card-sorting) studies with our key personas to understand how they would group items in the left sidebar, and why. This helped us learn some areas that could benefit from readjusting, such as the Manage and Operate categories. We learned that users most often preferred to have analytics items together, for example, which is reflected in the Analyze tab. This insight, combined with patterns in analytics data, informed changes to the groupings in the left sidebar to better support workflows.\n\n## Launching and learning\nPrior to launching to external users, the new navigation was released to internal team members and we collected [feedback](https://gitlab.com/gitlab-org/gitlab/-/issues/403059) to help iterate and improve the experience.\n\nNext, we launched the new navigation to external users as a toggle that could be turned on optionally. During this initial launch, a [longitudinal study](https://handbook.gitlab.com/handbook/product/ux/ux-research/longitudinal-studies/) was conducted with a sample of GitLab users to learn how they experienced the change in the context of their real work. Over time, the study would provide insight into adoption among the entire user base.\n\nWe interviewed users prior to the monthlong study to learn more about their experience with the existing navigation. Then, they began using the new navigation while completing surveys and participating in interviews at checkpoints in the beginning, middle, and end of the month. This enabled us to capture their initial impressions of the new navigation, what they liked/disliked, how the new experience compared to the previous one, and if their sentiment changed over the course of the month as they continued to use the new navigation.\n\nUsers in this study found the new navigation to be an improvement from the previous one, and most preferred its features, including:\n- the ability to pin items streamlined common workflows\n- the new task-based sidebar categories in the sidebar, which they said felt more approachable, especially for newer users\n- the new navigation changes, which they said weren’t too overwhelming and felt familiar\n\nWe also learned about some opportunities to iterate and improve the new experience. For instance, some users pointed out:\n- the inability to pin entire Projects, Groups, or specific pages makes it difficult to streamline other workflows\n- some users unpin items accidentally\n- the overall lack of color can cause some features to blend in or be missed\n- it's not always easy to know what’s new in GitLab\n\n## What’s next: Iterate, listen, and iterate again\nTo capture large-scale feedback on navigation over time, we launched a new navigation-focused quarterly survey in Q1 (February) of this year. This first quarter data established a baseline of our old navigation, and beginning in Q2 (May), we began collecting data on the new navigation experience. We will monitor this closely, and look for themes to help us learn what is working well and what may need further iteration.\n\nThis survey, along with our longitudinal study feedback and various other user feedback sources, will provide insights to help prioritize iterative improvements to the new navigation experience. Stay tuned for changes, and keep sharing [your navigation feedback](https://gitlab.com/gitlab-org/gitlab/-/issues/409005) with us!\n",[716,717,718],"inside GitLab","UX","research",{"slug":720,"featured":12,"template":13},"navigation-research-blog-post",{"content":722,"config":732},{"title":723,"description":724,"authors":725,"heroImage":727,"date":728,"body":729,"category":9,"tags":730},"Beautifying our UI: Giving GitLab build features a fresh look","Get an inside look at how we are improving the usability of GitLab build features with multiple visual design improvements.",[726],"Veethika Mishra","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749682807/Blog/Hero%20Images/beautify.jpg","2023-07-05","\n\nThe current technical landscape is completely different from what it was this time last year. As the software development industry is busy evolving its understanding of _automating early and often_ in the presence of new AI capabilities, we have been focused on feature work. However, it's equally important to make sure we are adapting our UI to match up to the experience and addressing, where necessary, the misalignment between the two.\n\nIn a scaling product, where issues are competing to be prioritized, it might feel convenient to tackle the next feature issue as opposed to focusing on small visual design improvements. Advocating for the value that a small visual design change in isolation brings to the product is never easy for all the practical reasons, and this is where [the \"Beautifying our UI\" initiative](https://handbook.gitlab.com/handbook/product/ux/product-design/#beautifying-our-ui) becomes useful at GitLab. It allows a product designer and a frontend engineer to voluntarily pair up, like we did, and make self-directed improvements to the usability of GitLab.\n\nWe collaborated on many pipeline-related features in the past three years. As our responsibilities pulled us in different directions, we had to put many of our aspirational plans for improving the presentation of CI/CD features in GitLab on hold in favor of other more important things.\n\nHowever, once those were addressed, we decided to volunteer for a session of Beautifying our UI in the 16.1 milestone. To make the most of a single milestone, we began preparing a couple months in advance, soliciting ideas from team members and getting the design proposals ready in [an issue](https://gitlab.com/gitlab-org/gitlab/-/issues/394768/). After a quick prioritization exercise to understand which of the suggested improvements would be most meaningful to our users, we made a number of contributions to the product.\n\nHere are some of those contributions:\n\n### Improvement to pipeline detail page\nIn the process of troubleshooting a failing pipeline, users often have to visit their detail page for better insight into what's causing the failure. The top of the page previously had a table with all the metadata around that pipeline. Over the years, a lot of information was added to this table but the layout was never optimized to accommodate that information, which in return impacted the usability of the page. The page headers were also very different from other examples found in GitLab.\n\nBy critically looking at every piece of information displayed on the page, we made informed decisions using the qualitative insights and the usage data at hand to completely redesign the pipeline header.\n\n![image of pipeline detail page before](https://about.gitlab.com/images/blogimages/Beautifying-of-our-ui-16-1/pipeline-detail-before.png)\nBefore\n\n\n![image of pipeline detail page after making changes](https://about.gitlab.com/images/blogimages/Beautifying-of-our-ui-16-1/pipeline-detail-after.png)\nAfter\n\n\nThis work was substantial and while we did our best to avoid any negative impact to our users, we realize there might be a few issues. Please share your comments in this [feedback issue](https://gitlab.com/gitlab-org/gitlab/-/issues/414756) about the redesign and we'll prioritize addressing them.\n\nRedesigning the pipeline header came with a few technical challenges because a lot of the code was a mix between HAML and Vue. We had to slowly refactor the pipeline header over to Vue/GraphQL to allow our code to be more performant and maintainable. It’s pretty much like building a completely new feature — we had to get creative with passing data to the Vue app from Rails.\n\n### Harmonizing badges and link styles on pipeline list view\nThe pipeline index page (list view) is one of the most visited pages in GitLab because users need to make sure any failing pipelines are identified quickly for troubleshooting. Since there's a lot going on on this page, it is critical that the UI leads users' attention to the right areas. Previously, almost every link presented in the pipeline column had a different visual treatment, which made the page visually noisy and harmed the usability and scannability of the information. Our goal was to remove anything that isn't required and harmonize the visual language so it is easy for CI/CD users to perform their jobs effectively.\n\n![image of pipeline detail page before](https://about.gitlab.com/images/blogimages/Beautifying-of-our-ui-16-1/pipeline-index-page-before.png)\nBefore\n\n\n\n![image of pipeline detail page after making changes](https://about.gitlab.com/images/blogimages/Beautifying-of-our-ui-16-1/pipeline-index-page-after.png)\nAfter\n\n\n### Linking runner number to runner admin page\nTo allow easy management of runners across an instance, we've now provided easy access to the runner admin page right from the job detail page. Previously a static test, now the runner number can directly take users with the runner admin page where they can make changes to the specific runner's configuration.\n\n![image of cancel pipeline label](https://about.gitlab.com/images/blogimages/Beautifying-of-our-ui-16-1/runner-link-from-job-logs.png)\nLinking runner admin page from job logs page\n\n\n### Improving tooltips and button text\nThe tooltips on the jobs list view were using native browser tooltips. We've changed those to use a design-system-compliant tooltip for consistency and better readability.\n\nWe gathered some useful feedback on the usability of the button labels and took this as an opportunity to improve a few of them. Here's one example where we changed the label text for the button for canceling a running pipeline from **Cancel running** to **Cancel pipeline** and added an appropriate tooltip to clearly communicate the action.\n\n![image of cancel pipeline label](https://about.gitlab.com/images/blogimages/Beautifying-of-our-ui-16-1/cancel-pipeline-label.png)\nButton with new label text\n\n\n## More to come\nWe are not stopping with this list! We will continue our partnership to bring in more visual and usability improvements to the continuous integration area in the coming months. If you are interested in taking a look at the complete list of changes we have made and the ones we still plan to make, [you can find the issue here](https://gitlab.com/gitlab-org/gitlab/-/issues/394768/).\n\n\n",[717,731],"design",{"slug":733,"featured":12,"template":13},"beautifying-of-our-ui",{"content":735,"config":745},{"title":736,"description":737,"authors":738,"heroImage":740,"date":741,"body":742,"category":9,"tags":743},"4 best practices leading orgs to release software faster","GitLab's 2023 Global DevSecOps Survey illuminates the strategies that organizations deploying more frequently have in common.",[739],"Kristina Weis","https://res.cloudinary.com/about-gitlab-com/image/upload/v1749663908/Blog/Hero%20Images/2023-devsecops-report-blog-banner2.png","2023-06-08","\nReleasing software faster is one of the biggest goals of many organizations — and for good reason. It helps them keep up with competitors, land and keep more customers, improve employee satisfaction, and much more. But maintaining that velocity requires investment in processes and technologies that help DevSecOps teams deliver, secure, and deploy software faster without compromising quality.\n\nIn our [2023 Global DevSecOps Survey](https://about.gitlab.com/developer-survey/) we asked more than 5,000 development, security, and operations professionals about everything from deployment frequency to the practices teams have adopted – all to learn what the most agile and efficient organizations have in common. One respondent, a director of IT security in the retail sector, summed up the challenge as follows: “Software customers are increasingly vocal and demanding, expecting faster releases and greater customizability. Developers will need to keep up with these demands while still maintaining stability and usability.”\n\nSo what’s helping organizations be more productive and efficient? Here are four of the best practices that, according to the survey, help organizations release software faster and deploy more frequently:\n\n## 1. Running applications in the cloud\nOne of the benefits people commonly attribute to deploying to the cloud is increased development speed. As it turns out, this year’s survey shows there’s some serious truth to that. Respondents with at least a quarter of their applications in the cloud were 2.2 times more likely to be releasing software faster than they were a year ago — and respondents with at least half of their applications in the cloud were 4.2 times more likely to deploy to production multiple times per day.\n\nSeveral respondents commented on the value of the cloud while also acknowledging the complexities cloud computing can bring to software development. An IT operations manager in the industrial manufacturing sector shared that “developing software that is designed for the cloud-native environment” is one of the top challenges facing software development this year. Likewise, an IT operations manager in the telecommunications sector said: “With the increase in the use of cloud computing and IoT devices, there is a greater need for secure coding practices to protect sensitive data from cyber attacks.” As organizations move to a cloud-first model for software development, they will need to adopt technologies that allow them to build natively in the cloud while keeping security top of mind throughout the development process.\n\n## 2. BizDevOps\nThough DevOps and DevSecOps mostly steal the show in terms of methodologies, some organizations go a step further and [practice BizDevOps](https://about.gitlab.com/blog/a-snapshot-of-modern-devops-practices-today/) — that is, incorporating business teams alongside development, security, and operations teams. An IT operations manager in the software sector emphasized the importance of collaboration with the business, sharing that “as software projects become larger and more complex, developers will need to work closely with other team members, including designers, testers, project managers, and business stakeholders.” This approach appears to be paying off for some: Respondents whose organizations practice BizDevOps were 1.4 times more likely to be releasing software faster than they were a year ago.\n\n## 3. CI/CD\nIt’s not surprising that automating the software development lifecycle with [CI/CD](https://docs.gitlab.com/ee/ci/) would help teams release software faster and more efficiently; however, it’s nice to see confirmation and put some numbers to the difference it can make. The survey shows that respondents [practicing CI/CD](https://about.gitlab.com/blog/how-to-keep-up-with-ci-cd-best-practices/) were twice as likely to deploy multiple times per day and 1.2 times more likely to release software faster than they did a year ago.\n\nDespite the value of CI/CD for driving efficiency, respondents also identified challenges. For instance, an IT operations associate in the aerospace/defense sector pointed to “management that doesn't understand CI/CD at all” as a blocker to more efficient software development. Meanwhile, a software development intern in the biotech sector shared that “tools to automate CI/CD, together with code editors, APM software, and defect trackers, can help with a faster and quality development cycle,” but “companies are hesitant to spend on tools that can help increase their developers’ productivity.” These responses underscore the value of investing in tools that unify CI/CD with other DevSecOps practices — such as incorporating security early in the development process and creating tighter feedback loops — to help organizations break down development silos.\n\n## 4. DORA and other metrics\nOrganizations that [make a conscious effort to track key development metrics](https://about.gitlab.com/blog/how-zoopla-uses-dora-metrics-and-your-team-can-too/) are more likely to improve them, according to the survey. This makes sense because by virtue of an organization choosing to track a metric, they’re signaling to their teams that it’s important, likely reminding them of whether the metric is improving (or not) periodically, and quite possibly prioritizing initiatives aimed at improving those metrics. We found that respondents whose organizations track their [DORA metrics](https://docs.gitlab.com/ee/user/analytics/dora_metrics.html) and other similar metrics were 1.4 times more likely to deploy multiple times per day.\n\n## A deeper dive on productivity and efficiency\n\nFor a deeper look into release velocity and deployment frequency, and all the practices that made respondents more likely to release software faster and deploy multiple times per day, check out our [2023 DevSecOps Report: Productivity & Efficiency Within Reach](https://about.gitlab.com/developer-survey/).\n\nThe report also digs into two other key factors that can have a big impact on productivity and efficiency: how long it takes to onboard new developers and how difficult or easy it is for organizations to attract, hire, and retain developers. We’ll show you where things stand and the practices that made respondents more likely to be successful.\n\n_[Read the highlights from “Security Without Sacrifices,” the first report in our 2023 Global DevSecOps Report series.](/blog/gitlab-survey-highlights-wins-challenges-as-orgs-adopt-devsecops/)_\n",[744,110,564,26],"developer survey",{"slug":746,"featured":12,"template":13},"best-practices-leading-orgs-to-release-software-faster",{"promotions":748},[749,763,775],{"id":750,"categories":751,"header":753,"text":754,"button":755,"image":760},"ai-modernization",[752],"ai-ml","Is AI achieving its promise at scale?","Quiz will take 5 minutes or less",{"text":756,"config":757},"Get your AI maturity score",{"href":758,"dataGaName":759,"dataGaLocation":245},"/assessments/ai-modernization-assessment/","modernization assessment",{"config":761},{"src":762},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1772138786/qix0m7kwnd8x2fh1zq49.png",{"id":764,"categories":765,"header":767,"text":754,"button":768,"image":772},"devops-modernization",[766,39],"product","Are you just managing tools or shipping innovation?",{"text":769,"config":770},"Get your DevOps maturity score",{"href":771,"dataGaName":759,"dataGaLocation":245},"/assessments/devops-modernization-assessment/",{"config":773},{"src":774},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1772138785/eg818fmakweyuznttgid.png",{"id":776,"categories":777,"header":779,"text":754,"button":780,"image":784},"security-modernization",[778],"security","Are you trading speed for security?",{"text":781,"config":782},"Get your security maturity score",{"href":783,"dataGaName":759,"dataGaLocation":245},"/assessments/security-modernization-assessment/",{"config":785},{"src":786},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1772138786/p4pbqd9nnjejg5ds6mdk.png",{"header":788,"blurb":789,"button":790,"secondaryButton":795},"Start building faster today","See what your team can do with the intelligent orchestration platform for DevSecOps.\n",{"text":791,"config":792},"Get your free trial",{"href":793,"dataGaName":52,"dataGaLocation":794},"https://gitlab.com/-/trial_registrations/new?glm_content=default-saas-trial&glm_source=about.gitlab.com/","feature",{"text":497,"config":796},{"href":56,"dataGaName":57,"dataGaLocation":794},1772652077422]