<img alt="" src="https://secure.wauk1care.com/164394.png" style="display:none;">

DevOps Teams - GitLab's 2021 Global DevSecOps Survey Feedback

Posted by Mark Didehvar on 7/09/2021
Find me on:

DevOps Teams - GitLab's 2021 Global DevSecOps Survey Feedback

Is your organisation taking a long time to implement DevOps?

Don’t worry, you are not alone! GitLab held a survey for the fourth year in February-March, they asked DevOps teams to tell the truth about their practices, processes, challenges and careers. I have no doubt that many of you will recognise the results of the survey within your organisation. 

GitLab Survey  (2)

February-March, why post now?

When I read the results from the survey, I certainly made a connection with past projects but it was only when I started engaging a broader spectrum over recent months that I realised just how long it is taking organisations to fully implement CI/CD, continuous testing and DevOps.

Organisations are self-critical, I like to show them the staggering statistics such as: “Almost 25% of respondents claimed to have full test automation – up 13% from 2021”. This is from 4,300 people who completed the survey and they will be largely GitLab users of course, however I believe that doesn’t change the fact that 75% of people working in a DevOps environment don’t have full test automation and that there was an increase in 13% over a 1-year period!

I would hope that people realise that manual, particularly exploratory testing will always help in improving the quality of software and that the answers were based on what can and should be automated. Without interviewing all the participants to validate this, let us give them the benefit of the doubt...

Key Statistics

The image below shows some of the key statistics and comments.



There were many comments relating to testing issues such as:

  • testing delays everything
  • for the third year in a row, many survey takers resoundingly pointed to testing as the area most likely to cause delays
  • testing can be slow in both writing and running

When you consider all the test types and risks associated with delivery, it doesn’t surprise me that individuals view testing as a bottleneck, I’ve certainly witnessed it during my QA career.

I’m not looking to defend my fellow QA colleagues but one thing I have noticed, is that delivery personnel are often under pressure to deliver, so much that they receive the dispensation to skip unit tests, peer reviews are rushed or worse still, delayed (this came out in the survey). This scenario can quickly result in an upside automation pyramid with top-heavy QA on the GUI/UI, causing maintenance issues relating to false positives and ultimately delivery delays.

Compound this with an unhealthy dev/test relationship where developers are frustrated because of the testing delays and QA are frustrated because of the quality of development. It's easy to find yourself with an issue that becomes difficult to resolve.

Considering 43% of the survey takers have been doing DevOps for between three to five years, I shudder at the thought that they don’t have a large degree of focus and validation via CI at the bottom of the automation pyramid for unit and API tests; where the feedback is faster and covers the core logic. However, if anyone out there is in this position, it would be a priority problem statement for resolution.

I’m certainly seeing more infrastructure as code, developer ownership of unit tests and a desire for CI/DevOps. It’s also positive to see a shift to the left in certain non-functional testing areas such as performance, security and accessibility.

If I could change the world with a blog, it would be with a plea to:

  • Scrum Masters to realise that shortcuts, such as no unit tests does not speed up delivery – it may seem that way in the short term but long term, it will have a big impact on quality and speed of delivery for shippable products. 
  • Developers and QAs to work together - I’m not going to get into TDD, phrases like “quality is everyone’s responsibility” or scrum teams should work together. The theory is often very different to the reality and at the end of the day, close collaboration, an understanding of each other's areas and the associated challenges can only improve job satisfaction and result in a faster, more reliable delivery lifecycle.


“What do today’s DevOps implementations look like? CI/CD was the most likely to be part of the process, followed by DevSecOps, test automation, and a DevOps platform. In 2020, just 4% of respondents used AI/ML in DevOps; this year, 11.5% reported they do.”

I made an immediate connection with the answers to this question. AI/ML and RPA are on my learning planner and while DevOps has been around for a while, CI/CD is certainly discussed and used more than DevOps in my experience. The security element of DevSecOps, not so much...but great to see this is improving as cyber-crime is a daily threat and criminals are getting smarter!


A big thank you to GitLab for conducting the survey and sharing the results! I highly recommend that you view the report, which you can download from GitLab here.


If you require support with improving your testing chapter or with any of the supporting deliverables such as defining a robust Test Strategy for your organisation, you might be interested in having a chat with us here at nFocus.

Demystifying DevOps & Improving Software Quality

Topics: Software Testing, DevOps, DevSecOps

nFocus Blog

Welcome to the nFocus software testing blog. As thought leaders and technical innovators, we created this blog to distil our thoughts, ideas and musings on improving software quality.

Fill out the form below to receive future communications from nFocus including our latest:

  • Blog articles
  • White Papers
  • and plenty more!

Follow us

Follow us on LinkedIn to see our latest content!

Subscribe Here!

Recent Posts

Posts by Topic

see all

Posts by Topic

see all