Delivery Group

1. You are here:
2. Engineering
3. Infrastructure
4. Team
5. Delivery Group

Maintained by:

On this page

• Common Links
• Mission
• Vision
  • Short-term
  • Mid-term
  • Long-term
• Strategy
• Top-level Responsibilities
• Teams
  • Delivery:Orchestration
  • Delivery:System
  • Team Members
• Team counterparts
• Performance indicators
• Delivery domain ownership between Delivery teams
  • Release Manager ownership
  • Delivery:Orchestration ownership
  • Delivery:System ownership
• How we work
  • Reaching our Team
    • Release Management Escalation
  • Project Management
  • Epics
  • Issue Boards
  • Labels
    • Workflow
    • Priority Labels
    • Other Labels
  • Choosing something to work on
• Project demos
  • Team training
• History

Common Links

Mission

The Delivery Group enables GitLab Engineering to deliver features in a safe, scalable and efficient fashion to both GitLab.com and self-managed customers. The group ensures that GitLab's monthly, security, and patch releases are deployed to GitLab.com and publicly released in a timely fashion.

Vision

By its own nature, the Delivery Group is a backstage, non-user feature facing team whose product and output has a direct impact on Infrastructure's primary goals of availability, reliability, performance, and scalability of all of GitLab's user-facing services as well as self-managed customers. The group creates the workflows, frameworks, architecture and automation for Engineering teams to see their work reach production effectively and efficiently.

The Delivery Group is focused on our CI/CD blueprint by driving the necessary changes in our software development processes and workflows, as well as infrastructure changes, to embrace the benefits of CI/CD.

Each member of the Delivery group is part of this vision:

• Each team member is able to work on all team projects
• The team is able to reach a conclusion independently all the time, consensus most of the time
• Career development paths are clear
• The team creates a database of knowledge through documentation, training sessions and outreach

Short-term

• Automate release generation, removing most of the manual work
• Automate deployment process, managing and limiting impact on production
• Simplify security releases
• Streamline the process of limiting feature impact in production environments
• Enable feature testing at production-environment scale
• Create detailed architecture blueprints and design for CD on GitLab.com
• Develop and track KPIs to measure the team's impact on GitLab product delivery

Mid-term

• Drive the implementation of infrastructure changes to prepare GitLab.com for CD
• Eliminate the need for feature-freeze blackouts during the development cycle
• Shorten build times to allow for faster release times

Long-term

• Drive necessary changes that will lead to Kuberenetes-based infrastructure on GitLab.com
• Fully automated releases for self-managed users

Strategy

The Delivery Group significantly contributes to the Platforms Infrastructure department direction for FY23 in the following ways:

1. Achieve 50% growth year-on-year in engagement surveys results compared to FY22
   • By the end of Q1FY23: Mature and align the Delivery hiring process with the overall Platform process
   • By the end of Q2FY23: Run regular pulse engagement surveys and complete at least one meaningful action from the results
2. Prepare self-servicing for stage group teams to enable end-to-end development
   • By the end of Q2FY23: Enable automated deployments without impacting reliability
   • By the end of Q2FY23: Extend rollback capability to all deployments
   • By the end of Q2FY23: Move one additional Kubernetes-hosted service into auto-deploys to reduce the effort required to deploy and to pave the way towards self-serve deployments
3. Increase use and accuracy of Platform team metrics, and feed them into enablement processes
   • By the end of Q3FY23: Extend the Deployment SLO metric to measure the full deployment pipeline; from package to Production deployment
4. Increase GitLab.com resilience to planned and unplanned growth, while keeping the cost of running the platform in check
   • By the end of Q2FY23: Support growth by measuring and reducing the amount of manual work needed to safely deploy to GitLab.com
   • By the end of Q4FY23: Migrate at least three additional services to the Kubernetes platform

Top-level Responsibilities

The group regularly works on the following tasks, in the order of priority:

1. Ensuring continuous delivery of GitLab application software to GitLab SaaS.(e.g. GitLab SaaS auto-deploy)
2. Coordination and preparation of GitLab releases for self-managed users for the monthly patch and security releases.
3. Participating in incident resolution and acting on corrective actions for SaaS and self-managed software delivery.
4. Increasing velocity of both SaaS and self-managed software delivery through foundational project work (e.g. Running GitLab SaaS on Kubernetes).
5. Improving the robustness of SaaS software delivery by creating and improving tooling (e.g. Deployment rollback).
6. Minimizing the use of custom tooling by building or enhancing features within GitLab (e.g. Create a Changelog feature).
7. Support other teams' needs related to software delivery on GitLab SaaS (e.g. New Container Registry deployment).

Teams

The Delivery Group is composed of two teams: Delivery:Orchestration and Delivery:System.

The Delivery:Orchestration and Delivery:System OKRs, while contributing to the wider GitLab objectives, are tailored and structured to achieve the Delivery Group Strategy as a single team.

Delivery:Orchestration

The primary goal of the Orchestration team is to provide functionality to enable stage groups to adopt self-serve deployments and releases.

Delivery:System

The primary goal of the System team is to provide a flexible and stable deployment platform onto which the application can be effectively and efficiently deployed.

Team Members

The following people are members of the Delivery:Orchestration Team:

The following people are members of the Delivery:System Team:

Team counterparts

The following members of other functional teams are our stable counterparts:

Performance indicators

Delivery Group contributes to Engineering function performance indicators through Infrastructure department performance indicators. The group's main performance indicator is Mean Time To Production (MTTP), which serves to show how quickly a change introduced through a Merge Request is reaching production environment (GitLab.com). At the moment of writing, the target for this PI is defined in this key result epic.

MTTP is further broken down into charts and tables at the Delivery Team Performance Indicators Sisense dashboard.

Delivery domain ownership between Delivery teams

The Delivery Group owns the tools and capabilities needed for GitLab deployments and releases. The diagram below shows the split of domain ownership between the two teams and the current release managers. Where the domain overlaps with teams outside of the Delivery Group, we focus primarily on the deployments and releases capabilities and needs.

• Diagram source

Release Manager ownership

Release Managers are members of the Delivery group but during their time as release managers they're wearing a different hat. The primary customer is GitLab users

1. Auto-deploys: Release Managers operate the auto-deploy process. Largely this will make use of capabilities provided by the Orchestration team, but the Orchestration tools will be making use of the System team capabilities. Environment health checks are an example of a System capability that will be integral to the process and tools the release managers use.
2. Self-managed releases: Release Managers operate the release processes (patch and security) using the capabilities provided by the Orchestration team.
3. Post-deploy migrations: Release Managers operate the PDM process using the capabilities provided by the Orchestration team.
4. Hot patch process: Release Managers, working with EOCs, will manage the hot patch process. Hot patch capabilities are provided by the Orchestration team with heavy dependence on System capabilities due to the shortened process and therefore reduced pipeline jobs.
5. Deployment blockers: Release Managers are responsible for identifying, and reporting on deployment blockers in order to provide Orchestration and System with data needed to plan improvements.
6. Release Manager dashboards: Release Managers own https://dashboards.gitlab.net/d/delivery-release_management/delivery-release-management?orgId=1 plus have the freedom to create any additional dashboards that they think would be useful for release management. The data needed for dashboards will be made available from a centralized place, owned by System (see point 18).

Delivery:Orchestration ownership

The primary customers of the Orchestration team are the internal GitLab users who want to deploy & release changes i.e., Release Managers and Stage Groups.

1. Deployment changelock: Orchestration will make sure that all deployments observe planned and ad-hoc changelocks. Examples include PCLs, S1/S2 incidents, as well as other Change Requests.
2. Pipeline visibility: Providing visibility of pipeline configuration, status, and outcome.
3. Deployment change management tooling: Providing the ability for changes to be included, or excluded from deployments.
4. Release change management tooling: Providing the ability for changes to be included, or excluded from releases to Self-Managed users.
5. Deployment execution log: Ensuring that an accurate log of deployments is maintained.
6. Deployment & release metadata: Tracking component versions and dependencies to allow for quality gates to be accurate, and to ensure predictable releases.
7. QA test execution & results visibility: Ensuring that all deployments and releases pass the required testing. Orchestration will be particularly concerned with timing of test execution and making sure that the correct dependencies are in place for reliable results.
8. Deployment dashboards: Orchestration will own a set of dashboards to guide the team's work on designing effective deployment and release processes. Dashboards, or templates, will also be needed to evaluate the effectiveness of individual deployment and release pipelines.

Delivery:System ownership

The primary customer of the System team is the Delivery::Orchestration team.

1. Environment changelock: System will make sure that environments can be locked to schedule, or on an ad-hoc basis if required by planned maintenance or poor environment health. Guaranteeing that changes are rolled out in a predictable way will also be a System responsibility.
2. Environment health: Ensuring that environment health is assessed and available to guide deployment decisions.
3. Release & deployment metrics: Providing A centralized store for metrics related to deployments & releases. System will primarily be concerned with providing a metrics capability to allow all deployment and release pipelines to record metrics in a useful way to fuel all required dashboards.
4. Application rollout: System will be responsible for applying changes to the required clusters and environments. Rollout strategies, e.g., canary, blue/green, with gradual traffic increase etc, will be capabilities provided by System.
5. Release Publishing: publishing packages to various distribution sites (e.g., packages.gitlab.com, Docker Hub, etc.), publishing tooling, and guaranteeing a reliable publishing process.
6. Rollout dashboards: System will own a set of dashboards to guide the team's work on managing effective rollouts to all environments. Examples could include the timing of changes applied to individual servers and visibility into environment use.
7. Canary environments: System will own the rollout capability of the canary environments. They'll work closely with Reliability to ensure full environment management.
8. Deployment and release test environments: Pre, Staging, Release: System will own the rollout capability of the test environments. They'll work closely with Reliability to ensure full environment management.
9. Deployment and release production environment: System will own the rollout capability of the Production environment. They'll work closely with Reliability to ensure full environment management.

How we work

Reaching our Team

Release Managers have a weekday follow-the-sun rotation and can be reached via the @release-managers handle on Slack. For weekend support or other escalations please use the Release Management Escalation steps below to reach Delivery Leaders.

Release Management Escalation

During weekday working hours you can reach the current Release Manager via the @release-managers handle on Slack.

For release management support outside of working hours, or if you need to escalate to Delivery Leadership please follow the steps below to page using PagerDuty.

1. Open the PagerDuty app in Slack and use the /pd trigger slack command to trigger a new incident
2. Select the Release Management Escalation service and provide request details in the Title field. You can leave all other fields empty
3. Click Create and one of the Delivery leaders will respond

Project Management

The Delivery Group's work is tracked through a number of epics, issues, and issue boards.

Epics and issue boards are complementary to each other, and we always strive to have a 1-1 mapping between a working epic and an issue board. Epics describe the work and allows for general discussions, while the issue board is there to describe order of progress in any given epic.

Each project should have a project-label applied to all epics and issues to allow issue boards to show a full project view.

Epics

The Release Velocity epic tracks all work related to the group mission.

Any working epic that the team creates should be directly added as a child to one of these two top level tracking epics.

Working epic should always have:

1. A Problem Statement.
2. Directly responsible individuals responsible for the project completion.
3. Defined exit criteria
4. Issue admin section to provide the issue priority, labels and epic for quick actions. Example.
5. Status YYYY-MM-DD to indicate what is being worked on, why, and planned next steps. The DRI is responsible for updating the epic status every Wednesday. Note, this must be the last heading in the epic to support automated epic summary updates
6. Start date and estimated due date
7. Labels:
   • 
   • or
   • Label used as part of the project scope (eg. kubernetes, security-release).
   • Epic status label using the 'workflow-infra::triage', 'workflow-infra::proposal', 'workflow-infra::in-progress', 'workflow-infra::done'

In cases where the work is tracked in a project in a different group outside of our canonical project location, we will create two epics for the same topic and state in the epic description which one is the working epic.

Issue Boards

Each working epic should be accompanied by an issue board. Issue boards should be tailored to the specific project needs, but at minimum it should contain the workflow labels shown on the workflow diagram.

Labels

The canonical issue tracker for the Delivery group is at [gl-infra/delivery][issue tracker]. Issues are automatically labeled if no labels are applied using the triage ops project. The default labels defined in the labeling library.

The Delivery Group has team specific labels:

• for Delivery:Orchestration team
• for Delivery:System team

By default, an issue needs to have a:

1. Workflow Label - Default: workflow-infra::Triage
2. Priority Label - Default: Delivery::P4
3. Team Label - team::Orchestration or team::System
4. Other Label - project or team management related label.

Workflow

The Delivery group leverages scoped workflow-infra labels to track different stages of work.

Not every issue will be prioritised for building as soon as it is ready. Instead we manage a Build board with all workflow-infra::In Progress, and workflow-infra::Ready issues focused on the team's current goals.

The standard progression of workflow is described below:

There are three other workflow labels of importance omitted from the diagram above:

1. workflow-infra::Cancelled:
   • Work in the issue is being abandoned due to external factors or decision to not resolve the issue. After applying this label, issue will be closed.
2. workflow-infra::Stalled
   • Work is not abandoned but other work has higher priority. After applying this label, team Engineering Manager is mentioned in the issue to either change the priority or find more help.
3. workflow-infra::Blocked
   • Work is blocked due external dependencies or other external factors. After applying this label, issue will be regularly triaged by the team until the label can be removed.

Label workflow-infra::Done is applied to signify completion of work, but its sole purpose is to ensure that issues are closed when the work is completed, ensuring issue hygiene.

Priority Labels

The Delivery group uses priority labels to indicate order under which work is next to be picked up. Meaning attached to priorities can be seen below:

The group uses priority labels differently to the general issue triage priority definition in order to avoid ambiguity that comes with difference in timelines between Stage teams and Infrastructure teams. We have different timelines (release brings different expectations for Delivery), different DRI's (no PM for Delivery), and different importance (Blocked release means that no one can ship anything).

Other Labels

Some of the labels related to the team management are defined as:

1. onboarding - issues are related to granting access to team resources.
2. team-tasks - issues related to general team topics.
3. Discussion - meta issues that are likely to be promoted to a working epic or generate separate implementation issues.
4. Announcements - issues used to announce important changes to wider audience.

Project labels are defined as needed, but they are required unless the issue describes a team management task.

Incidents impacting Delivery may optionally include an impact label.

Choosing something to work on

The Delivery group generally has working epics assigned to a DRI who is responsible for making sure work is broken down into issues, and appropriate issues are moved onto the Build board to keep the project on track. However, anyone is welcome to pick up any tasks from the Build board regardless of which project it belongs to.

Project demos

As part of the project, we might decide to organize project demos. The decision on creating a demo depends on the expected longevity of the project, but also on the complexity of it.

The purpose of the demo is to ensure that everyone who participates in the project has a way of sharing their findings and challenges they might have encountered outside of the regular async workflow. The demos do not have presentations attached to them, and they require no prior preparation. The demoer shouldn't feel like they have to excuse themselves for being unprepared, and expect that their explanation without faults. In fact, if what is being demoed is showing off no weaknesses, we might have not cut scope in time.

It is encouraged to show and discuss:

1. The imperfectness of the specific code implementation.
2. How broken the used tool might be.
3. How an estabilished process breaks down.
4. How challenging a problem being resolved might be.

Team training

Every Delivery Group member is responsible for sharing skills either through creating a training session for the rest of the group or through paired work. See the page on team training for details.

History

The Delivery team officially came into existence on 2018-10-23. This was the culmination of a larger alignment that was happening throughout that year, exposed by the need to streamline releases for self-managed users and creating a better experience for GitLab.com users.

All throughout GitLab's existence, Release Management had been a monthly rotating role served by developers. The idea behind it was to keep developers close to the whole lifecycle of the software they create, and ensure that they automate their work. This worked well until the number of application changes, and developer tasks grew too large for anyone to handle as a secondary task. The event that indicated the need for a change was a near miss event near the end of 2017, when the first Release Candidate was deployed to GitLab.com just 2 days before the 22nd. That whole month was riddled with challenges, from release managers struggling to deliver their day to day development tasks and RM tasks, to multiple unsuccessful deployments to GitLab.com. Most importantly, this was a first indication that the company was growing and that the processes that worked previously, might need to change to accommodate the larger growth that was planned.

After some internal discussions, we entered 2018 with an attempt to work on process improvements, rather than changing everything in one go. We went from a monthly rotation to two month release manager rotation, started noting down spent time. Over the next several months we'd seen general stabilization of the process but it became apparent that spending 4 engineers time in Release Manager rotation was not getting us anywhere closer to improving the deployment process for GitLab.com, and with each developer we hired the task list grew bigger.

The initial discussion on what is in front of us to achieve Continuous Delivery on GitLab.com exposed a clear need for a team focused on this specific task.

With the team created, we set out to work on the release we designed, change the way we deploy to GitLab.com, merge GitLab Rails codebases and many more other tasks.

After a successful team onsite (aka Fast boot) where we executed on our tasks while being in the same room together for the first time, we announced the first step towards Continous Delivery on GitLab.com. This was a very large change that changed the deployment frequency from deploying from the default branch once per month (for the total of 4-6 deploys to include bug fixes), to taking commits from the default branch once per week.

The team focus then shifted to getting deployment time measured in hours, and migration of GitLab.com to Kubernetes.

Prior to 2020, the team impact overview was created in Slack, and in the years that followed the overview was logged in issues:

1. Year overview for 2020
2. Year overview for 2021
3. Year overview for 2022