When you first hear about Value Stream Management, you might think of metrics, Key Performance Indicators (KPIs), and visibility, but HCL Accelerate is taking it up a notch with the release of 2.1.

In 2.0 we provided a single place where a user could manually approve or deny a version, but we knew we could make the experience better. So, we quickly enhanced gates by leveraging our DevOps data lake and our deep complex relationships of data to introduce Security and Quality Rules.

For many dev teams, pipelines are the Wild West with disjointed CI/CD tools and complex process, which creates an area where information can be lost. For example, you could have a situation where the Pull Request that was not planned actually got included in the final build for the release. Then, this small change could have introduced a catastrophic vulnerability. Since no one was expecting a change to go in because there was no Work Item, no one went back and checked the Security Vulnerability results before it was too late.

These are the things that keep most of us up at night! Even worse is when we have to delay the release to go check the reports in the tools, contact another department, wait for a response…you get the point. The only way to go faster with better quality is to automate the process. Let’s dive into what you can do with automated rule-based gating.

The first thing you will notice is that the new rules build upon the manual rules from 2.0, which allows you to start small and set goals. A lot of our customers have been using this in BETA mode. They did not have all their tools hooked up to HCL Accelerate but used manual rules to start with setting goals of what tools they need and when they could hook up the ones they have. On that note, if you are looking for an application security scan tool, I highly recommend AppScan – the results you get are going to work seamlessly with HCL Accelerate!

Automated rules can check all sorts of metrics that you are familiar with in HCL Accelerate, such as Code Coverage, Functional Test, Unit Test, Application Vulnerabilities, Container Vulnerabilities, Static Code Analysis, and much more. The best part is once these are set, you can trust that no version will pass through these gates unless they meet the criteria because they run fully automated analyzing the data tied to the version. Don’t worry though – we have all had to ship code so there is always an “Are you sure?” work around, but it will be captured in the Audit Report. This feature is really to put the checks and balances in place to make sure that your team has full autonomy to release to the customer as fast as possible, while also making sure no one is lying awake saying “did I look at the right build when I said there were 0 Blockers?”

As always, reach out to me or anyone on my team with questions. We would love to give you a demo and show you how HCL Accelerate and Value Stream Management can make your teams stop focusing on tasks and deliver more value.

Comment wrap
Further Reading
Secure DevOps | November 23, 2021
What we mean when we talk about Day 2 DevOps
Global research and advisory firm, 451 Research, wrote a Market Insight Report evaluating the HCL Software DevOps portfolio and our efforts to create an end-to-end platform supporting Day 2 DevOps.
Secure DevOps | September 29, 2021
The Value Stream Management Market & Certifications
Demand for efficient software delivery and business value is giving rise to an emerging market, value stream management. Certifications for value stream management are now available through the DevOps Institute and the VSMC.
Secure DevOps | September 3, 2021
Leadership’s Influence on Human Capital – DOIS Panel Discussion Recap
Get insight from DevOps experts on leadership’s influence on human capital in this DevOps India Summit session recap.