12 ways to incorporate AI into CI/CD processes

The intersection of AI and CI/CD can improve DevOps practices.

Artificial Intelligence (AI) is showing up everywhere these days. And continuous integration and continuous delivery (CI/CD) processes are no exception. Like any other application, AI holds the potential to help simplify complex tasks, and reduce the amount of everyday work that humans have to do.

In general, we can define artificial intelligence as computer applications that do problem-solving, learning, and reasoning in a way that simulates human processing and intelligence. With CI/CD, we can envision using AI to fill in and replace the gaps that have kept many organizations from achieving the ideals of DevOps. AI integration could also help anticipate and correct issues encountered running the software delivery pipeline, and help ensure a higher quality of content going in, and coming out of, those pipelines. In the rest of this article, I’ll share some thoughts on potential areas where AI could be incorporated into CI/CD processes.

Improved automation

Automation plays a crucial role in CI/CD processes. Automation is the mechanism that supports the main goals of CI/CD including fast, reproducible releases. But even with all the automation, there will still likely be manual processes that are either too costly or too inconvenient to automate in the software development lifecycle (SDLC).

An example might be automating the decision on whether to deploy a release from the pipeline right away or hold it for any of a number of reasons. Instead of relying on extensive human cycles to evaluate, the AI could be charged with gathering info on changes, assessing the changes, predicting any positive or negative impacts and automatically deciding when the software is truly ready.

Simplifying routine development work

One of the applications that AI can be really helpful with is handling routine tasks that engineers would otherwise have to spend cycles doing. Examples in a software development context include writing boilerplate code, generating tests, and documenting code. These are all things that coding assistants like GitHub Copilot can do for engineers now so they can have additional time to focus on the things that need their brainpower. See Figure 1. This provides more cycles for engineers to work on the more innovative, custom, higher-value changes that are needed to help the products evolve.

Simplifying routine testing work

In a similar way to simplifying development tasks, AI can be used to help generate test cases for all phases in the pipeline from unit to functional tests, given enough information about the product and user scenarios. It could also generate test mocks, test cases for a particular vulnerability or bug, etc. Figure 2 shows a simplified example for some basic unit test generation with GitHub Copilot.

Optimized test selection

Another dimension of using AI with testing is optimizing test selection. AI could be used to determine which tests would be most relevant to run, based on the changes made with recent code commits. This could potentially reduce testing time and speed up the CI/CD process by targeting only the minimum testing resources needed.

Both of the above options could help reduce the load on testing organizations so that they can focus more on the areas that need their specialized knowledge and expertise.

Analyzing pipeline runs and predicting/mitigating issues

AI could be used to automate the collection and analysis of logs from builds, testing, and deployment done in the pipeline. From there, it could proactively predict where problems might occur in later steps or future runs.

This information could also be integrated as insights directly into development processes to inform future goals—for example, identifying recurring gaps in testing coverage. Taken a step further, the AI could be allowed to head off or mitigate such gaps when it sees the same patterns happening, thus increasing the pipeline’s reliability.

Optimizing use of resources

AI can help DevOps teams to optimize their use of infrastructure, analyzing usage and allocation of resources to find areas where resources may not be needed or may not be used fully. This is especially beneficial for cloud-based resources. Taken a step further, AI could help optimize resource allocation based on the pipeline requirements it detects, reducing costs and improving efficiency by dynamically scaling resources up or down as warranted.

Security

Security scanning is (or at least should be) commonplace in CI/CD processes today. But beyond the basic scanning, AI can look across the wider pipeline implementation to help find patterns that might indicate potential cross-system vulnerabilities before they can be exploited. The AI could then summarize vulnerabilities and suggest ways to remediate them. A step beyond that is to allow AI to automate threat responses, via automatically updating/isolating vulnerable code, if enough information or a suitable fix is available.

Fixing code on the fly

In addition to making code suggestions and analyzing code, AI can also help fix code. This is generally used prior to making code changes, but it could also be used to help fix code on the fly. Imagine a scenario where a failure occurs in recent code that’s been merged and brings the current run of the pipeline to a halt. If the AI has sufficient training, it could attempt to make a fix to the code on the fly, or roll back changes in the pipeline to keep things running. And, it would still alert the maintainers to the failure. It could even generate a pull request automatically with its suggested changes. AI assistants like GitHub Copilot can already find errors and describe how to fix them. See Figure 3.

Documenting deltas between runs

With appropriate access to sets of changes, AI can be used to summarize the larger set of changes introduced between runs of a pipeline. This could be driven from commit messages, process updates, sets of tests chosen, etc. This information could then serve at a high level as release notes. At a more detailed level, it could to help identify and zero in on root causes for any issues that occur in a run.

Smart rollouts

Several common deployment approaches rely on directing all, or a portion of, traffic from users to one of multiple running versions of a product. AI could be used to monitor the real-time feedback, issues, etc. and intelligently decide when to redirect more or less of the traffic from one version to another. It could then make the adjustments automatically. Likewise, it could decide when to roll back changes, thus minimizing the risk associated with deployments.

A corollary of this could be managing when feature toggles are activated. The AI could determine when use cases or tests or customer scenarios would benefit from having a feature toggle activated or deactivated.

Assisting with code reviews and approvals

AI can be used to identify relevant reviewers to add for code changes based on previous contributions. As well, it can automatically create summaries of sets of changes on pull requests. (GitHub Copilot in the Enterprise can do this now. See Figure 4.) AI could also be used to analyze code commits for potential issues, enforce coding standards, and suggest improvements, thereby reducing manual review time and improving code quality.

Chatting with your pipeline

With all of the suggested uses of AI above in the realm of CI/CD, the AI would learn a lot about your processes and workflows, and thus about the pipeline overall. It’s training and insights could be very valuable in the key areas previously mentioned. But one of the other benefits of having an AI with domain knowledge and the ability to understand and respond in a human-like way is the ability to ask free-form questions and get reasoned answers—a.k.a chat. Imagine using a standard chat interface and being able to ask your pipeline’s AI interface questions like the following:

• Why did the last run of the pipeline fail?
• Summarize the most recent set of changes to the code, data, tests, and pipeline processes.
• Create an infrastructure-as-code specification to deploy our pipeline into cloud X.
• Are any of the dependencies in the pipeline out of date?
• How can I make the pipeline more efficient?
• Is there an alternative tool to that would work better in our CI/CD use case?

Of course, any responses would need to be reviewed for accuracy and to make sure they made sense in context.  But, the overall possibilities of gaining insights and saving cycles through this kind of interaction could be significant.

Summary

These are just a few of the ideas of how AI can benefit CI/CD processes and ultimately bring us closer to the ideals of DevOps. While we’ve phrased these in terms of what “could” be done mostly, a number of these capabilities are already commonly available today through tools like GitHub Copilot. Others need more development and consideration. But with a suitable investment to integrate AI into CI/CD pipelines, organizations can achieve faster deployments, higher code quality, improved security, and better resource management, ultimately leading to more reliable and efficient development cycles and a better end product for the customer.