Explore release gates
Release gates in Azure DevOps provide enhanced control over the initiation and completion of deployment pipelines, incorporating aspects of security and governance into the process. They designate conditions which must be satisfied in order for the deployment to either continue (pre-deployment gates) or to be considered successful (post-deployment gates).
One of the important benefits of release gates is streamlining processes such as, for example, deploying a new version of an API, which would traditionally require manual intervention or dependency meetings. This way, instead of convening meetings, the gate mechanism allows stakeholders to indicate their approval to proceed with the click of a button, considerably reducing time and effort.
In addition, gates can leverage scripts and APIs to automate the approval process and provide objective, data-driven assessments, extending beyond manual approvals. These automatic approvals facilitate a wide range of other scenarios, including:
- Incident and issues management: Gate mechanisms ensure that deployment proceeds only if the required status for work items, incidents, and issues is met. For instance, deployment may be contingent on the absence of software bugs.
- Approval integration with collaboration systems: Integration with platforms like Microsoft Teams or Slack promotes communication with stakeholders for deployment approval, awaiting their response before proceeding.
- Quality validation: Gates can query metrics from tests on build artifacts, such as pass rate or code coverage, and deploy within specified thresholds to maintain quality standards.
- Security scan on artifacts: Gate mechanisms verify completion of security scans, such as anti-virus checks, code signing, and policy validation for build artifacts, ensuring compliance with security requirements before deployment.
- User experience monitoring: Leveraging product telemetry, gates validate that the user experience remains consistent with baseline standards, preventing deployment if regression is detected.
- Change management integration: Gates wait for change management procedures in systems like ServiceNow to conclude before proceeding with deployment.
- Infrastructure health checks: Post-deployment, gates execute monitoring processes and validate infrastructure compliance against predefined rules, ensuring resource utilization and security standards are met.
Effectively, approvals and gates offer granular control over deployment pipelines, accommodating both manual and automated verification processes. Automation expedites deployments while, at the same time, helps incorporate security measures, governance protocols, and stakeholder approvals into software delivery processes. Support for manual approvals accommodates pausing deployments in environments that require additional scrutiny before resuming or rejecting the deployment process.