Delivering software quickly, reliably, and safely is at the heart of every digital transformation and application modernization journey. After all, an increase in speed generates powerful business outcomes. As showcased by research from DevOps Research and Assessment (DORA),software speed, stability, and availability contribute directly to organizational performance (including profitability, productivity, and customer satisfaction).
Today, we are announcing new additions to our application development and delivery platform to help developers, operators, and security professionals deliver better quality software to production, faster. These new capabilities embed best practices we’ve learned at Google over the years while building applications at scale. They’re also consistent with research performed by DORA over the past six years with over 31,000 IT professionals.
Let’s take a closer look at the new features and services that can help you accelerate application development and delivery today.
Driving developer productivity
First, we’ve added support for Cloud Run, our fully managed container platform, into our Cloud Code IDE plugins. Now you can write, deploy, and debug containerized applications directly from your IDEs such as VS Code and IntelliJ onto our fully managed serverless runtime. The integration comes with starter templates in various languages including Java, Node.js, Python, and Go—making it easy to get started and observe best practices. This in turn helps you rapidly explore the core benefits of Cloud Run such as automated day 2 operations, and cost-effective, automatically scaled containerized applications.
Second, we built in extensive support for fast feedback as part of the local development loop. To achieve this, Cloud Code includes a new Cloud Run emulator for VS Codeand IntellIJ that runs on your local machine to let you quickly validate changes, thereby taking away the toil of iterating on and redeploying changes. Once you’ve vetted the changes locally, you can push the changes directly as an update/revision to Cloud Run right from within the IDE. With the ability to rapidly iterate on your code locally as well in the cloud, you can catch issues early and resolve any issues discovered in the live application.
Third, to further enable you to start building applications quickly we’ve added built-in support for Google Cloud Buildpacks in Cloud Code. Developers should focus their effort on translating business requirements into code—not working out how to containerize that code. Today, developers spend a lot of time writing Dockerfiles and defining how a container should be built. This process is error-prone and requires skills and time that are better spent developing new functionality. Google Cloud Buildpacks pull together all the dependencies and frameworks required to run your application without a Dockerfile. These buildpacks also provide a great way for security teams to validate what runs on the platform, ensuring compliance and an enhanced security posture. Cloud Buildpacks are fully supported by Google Kubernetes Engine (GKE), Cloud Run and Anthos.
The above enhancements in Cloud Code and Cloud Run streamline application development and delivery. As you build larger applications and automate increasingly complex business processes, you may need to integrate Google Cloud APIs, External APIs, and our serverless runtimes. We are announcing two new products to assist with this process.
Events for Cloud Run is now available in beta. Events for Cloud Run allows you to connect Cloud Run services with events from a variety of sources, including GCP services, your own software, GitHub, etc. We are also excited to introduce Workflows in beta, to help you integrate custom actions, Google APIs and third-party APIs. This includes support for advanced features such as passing values between steps, parsing JSON responses to objects, iterating arrays, error handling and retries, and more. Workflows are serverless, so there is no infrastructure to manage and the product takes care of rapid scaling, following your business demand. Events and Workflows allow you to automate even the most complex business requirements.
Securing the software supply chain
Accelerated software delivery goes hand in hand with “shifting left” on security. And in an era of ubiquitous threats, securing the software supply chain is vitally important. However, you don’t want security reviews to slow you down. DORA’s research highlights how the highest performing “Elite” teams are able to conduct security reviews in days, by building security throughout the software development process. The same process can take weeks for low performers.
To help you improve your security posture and employ practices implemented by Elite performers, Artifact Registry is now available in beta. With Artifact Registry, you can now manage and secure artifacts like maven and npm language packages, along with Docker images. Artifact Registry also provides greater visibility and control over the different types of artifacts that go through your software supply chain, and now supports regional repositories and creating multiple repositories per project. Enterprises can also now use VPC-SC to restrict access to the repository to callers within a security perimeter, and leverage customer-managed encryption keys to encrypt the contents of the repositories.
Built-in deployment best practices
When it comes time to push your code to production, automating your deployments is a game changer. That’s reflected in DORA’s research: 69% of Elite teams automate their deployments, in comparison to 17% of low performers. Automating deployments also reduces the stress of pushing changes and frees teams up for important refactoring, design, and documentation work.
To help you more easily automate your deployments, Cloud Run now supports traffic splitting and gradual rollouts. Before, changes were pushed to all users in production, but now you collect feedback from a small percentage of users. This way, you can limit the “blast radius” of a problematic code change and perform a rollback if need be. We follow a similar process internally to roll out changes to google.com, Gmail, and many other services.
To further drive deployment automation, we have also made it easy to set up Continuous Deployment directly from the Cloud Run user interface. Simply connect a git repository, specify the branch to watch for changes, and your code will be automatically deployed to Cloud Run when new changes are pushed.
Enterprise additions to serverless services
Recently we announced Serverless VPC access that allows serverless services to access resources in a VPC network, and now we are excited to announce that it supports Shared VPC, enabling enterprises to connect their serverless services to Shared VPC networks and any on-prem resources connected by VPN or Cloud Interconnect.
Deliver better software, faster
Our goal with these releases is to give you the speed, security, and stability you need to implement application development and deliver practices employed by Elite DevOps teams. You can see all of these new features in action here.
We have also incorporated the best practices as a part of our Google Cloud App Modernization Program (CAMP). To learn more about CAMP along with more about these new features, join us at the following Next OnAir sessions: