🌏 閱讀中文版本
PR Velocity Doubled. So Did Rollbacks.
Last week’s retrospective. The engineering lead put two charts on the whiteboard.
Left: PR merge count — jumped from 32 to 71 per week over three months.
Right: production rollbacks — up from 2 to 5 per month.
“AI definitely made us faster,” he said.
“Then why did rollbacks double too?” a senior engineer asked.
“Every rolled-back PR passed CI.”
The room went quiet for a few seconds.
This isn’t an isolated case.
Many teams hit the same feedback gap after adopting AI:
- Code gets written faster.
- But the review, testing, and deployment chain still runs at three-year-old density.
The gap isn’t tool quality. It’s whether process kept pace with tool speed.
First: SDLC Was Never Outdated
A lot of people hear “SDLC” (Software Development Life Cycle) and treat it like a relic.
“We’re Agile now — who still draws Gantt charts?”
“DevOps is fast. SDLC is slow.”
Let’s be clear: SDLC was never outdated.
It’s a framework.
It defines the phases software goes through from inception to retirement.
Whether you use Waterfall, Agile, or DevOps — you still go through these phases:
- Requirements
- Design
- Development
- Testing
- Deployment
- Maintenance
DevOps didn’t replace SDLC.
DevOps changed how you execute those phases.
DevOps isn’t a tool. It’s a culture.
Think of building a house:
- SDLC is the construction process: foundation → walls → wiring → finishing.
- DevOps is the construction culture: workers and architects in the same room, not siloed.
- CI/CD is the automated machinery: auto-laying bricks, auto-painting walls.
You can’t use the machinery (CI/CD) to replace the process (SDLC).
Without process, automation just amplifies existing bottlenecks.
Without process, automation just amplifies existing bottlenecks.
Worth repeating.
Because many teams think buying Jenkins and configuring a pipeline means they’ve done DevOps.
But in practice:
- Tests fail and engineers don’t know how to fix them.
- Production metrics look wrong after deployment.
- Dev still blames Ops for being slow. Ops still blames Dev for shipping chaos.
That’s CI/CD without DevOps culture.
It just automates the old process.
Three-Layer Architecture: Your Map
To keep this from becoming a textbook, here’s a simple three-layer model.
Layer 1: SDLC (Defines the Phases)
SDLC answers “what.”
What do we need to do?
In the traditional model, those phases are sequential.
Requirements → Design → Development → Testing → Deployment → MaintenanceIn high-change environments, that sequential feedback loop stretches — testing starts only after development finishes, deployment only after testing passes. Users get feedback months later.
In stable-requirement environments, this framework still works well.
It provides necessary discipline.
Layer 2: DevOps (Changes Execution)
DevOps answers “how.”
How do we break down silos and speed up the process?
DevOps core isn’t tools — it’s culture.
It asks development and operations to move from opposition to collaboration.
Through the DevOps lens, SDLC phases are no longer isolated islands — they become an iterative loop.
Requirements ⇄ Design ⇄ Development ⇄ Testing ⇄ Deployment ⇄ Maintenance
↑____________________________________________________↓
Feedback LoopThe key to this loop is short cycles.
Deploy multiple times a day, not every six months.
Layer 3: CI/CD (The Concrete Practice)
CI/CD answers “with what.”
It’s the concrete implementation of DevOps culture.
- CI: Continuous Integration. Every commit triggers an automated build and test.
- CD: Continuous Delivery/Deployment. Tests pass, deployment runs automatically.
CI/CD spans SDLC’s development, testing, and deployment phases.
But it’s not a phase in SDLC.
It’s an accelerator.
CI/CD doesn’t bring you DevOps. DevOps makes CI/CD work.
Many teams get the order backwards.
They buy tools first, then talk culture.
The tools become a burden.
Where Does AI Fit in These Three Layers?
Now let’s talk about AI.
A common question: “Will AI replace DevOps engineers?”
No. AI shifts where DevOps engineers spend their time — from repetitive work toward architectural judgment.
AI plays a different role in SDLC versus DevOps.
SDLC Lens: AI Optimizes Each Phase
In the SDLC framework, AI is a “super assistant” for every phase.
GitHub Copilot, Cursor, and ChatGPT have pushed code completion from keyword matching to semantic understanding — something that wasn’t possible 18 months ago. The table below maps AI entry points across SDLC phases. Each tool has its own sweet spot; the question is which cell your workflow lands in.
| SDLC Phase | Traditional Pain Point | AI Entry Point | Tool Examples |
|---|---|---|---|
| Requirements | Vague requirements, developer misinterpretation | AI assists in generating user stories, checking logic gaps | GitHub Copilot Chat, ChatGPT |
| Design | Architecture decisions depend on individual experience | AI drafts architecture diagrams, proposes candidate solutions | Mermaid AI, Lucidchart AI |
| Development | Repetitive code, context switching | AI generates boilerplate, autocompletes | Copilot, Cursor, Codeium |
| Testing | Low coverage, missed edge cases | AI generates test cases, proposes candidate fixes | Diffblue Cover, Testim |
| Deployment | Environment configuration errors, reliance on manual work | AI generates IaC code, auto-checks configs | Terraform + AI, Pulumi |
| Maintenance | Tech debt accumulates, nobody wants to touch it | AI analyzes code complexity, suggests refactoring | SonarQube + AI, CodeScene |
Key Insight:
AI’s value in SDLC isn’t “write the whole system” — it’s “shorten feedback time.”
When test specs are clear and code boundaries are defined, feedback can come as a draft in minutes rather than days.
Before, the testing team waited a week after development finished before writing tests.
Now, AI generates test cases while development is still in progress.
Feedback time drops from weeks to minutes.
That’s the essence of how AI accelerates SDLC.
DevOps Lens: AI Accelerates Continuous Delivery
Through the DevOps lens, AI is an optimizer for the entire pipeline.
DevOps core is continuous delivery.
AI makes that loop faster and more stable.
CI Phase: AI-Assisted Integration
Traditional CI: code commit → trigger Jenkins → run tests → report results.
AI-enhanced CI:
- AI pre-checks code style and potential bugs.
- AI recommends the optimal merge strategy.
- AI auto-generates the changelog.
CD Phase: AI-Assisted Deployment
Traditional CD: manual deploy confirmation → run scripts → monitor logs.
AI-enhanced CD:
- AI predicts deployment risk (based on historical data).
- AI assists with anomaly detection and rollback recommendations; actual rollbacks still require SLO compliance, deployment policy, and human authorization.
- AI optimizes resource allocation (auto-scales based on load).
But here’s the thing:
Many teams think deploying CI/CD means they’ve done DevOps.
Without DevOps culture, CI/CD just becomes “automated chaos.”
Common Confusion: Why Isn’t CI/CD Delivering?
You bought Jenkins, configured a pipeline, automated the build, test, and deploy.
Looks perfect.
But in practice:
- Tests fail and engineers don’t know how to fix them.
- Production metrics look wrong after deployment.
- Dev still blames Ops for being slow. Ops still blames Dev for shipping chaos.
That’s CI/CD without DevOps culture.
It just automates the old process.
Misconception 1: CI/CD Is a Phase in SDLC
CI/CD is a practice that spans multiple phases.
It’s not a phase — it’s a process.
Misconception 2: DevOps Is a Developer Thing
DevOps belongs to the whole team.
If Ops doesn’t participate in design, if QA doesn’t participate in deployment, DevOps’ collaboration benefits are limited.
Misconception 3: AI Will Replace DevOps Engineers
AI will take over repetitive work.
But DevOps core is judgment.
- When should we deploy?
- Which bug gets fixed first?
- How should the architecture change?
AI can’t make these calls on its own.
AI can surface candidate solutions and risk signals, but accountability and trade-offs still require a human to make the final call.
Trade-offs: The Cost of AI Speed
AI brings speed. It also brings new judgment costs.
Risk 1: Over-Reliance on AI
If engineers rely entirely on AI to generate code, their technical instincts can atrophy.
Trade-off:
- Fits: rapid prototyping, boilerplate code, learning a new language.
- Doesn’t fit: core business logic, architecture design, security-sensitive modules.
Decision criterion:
If this code fails and affects 100,000 user records, don’t rely entirely on AI.
If it’s an internal tool, use AI to accelerate.
Risk 2: Security Vulnerabilities
AI-generated code can contain security vulnerabilities.
According to OWASP’s AI Security and Privacy Guide, risk sources include insecure examples in training data and model misclassification of malicious inputs.
Trade-off:
- Fits: fast development where some risk is acceptable.
- Doesn’t fit: finance, healthcare, government, and other high-security domains.
Decision criterion:
In high-security domains, AI-generated code requires rigorous human review.
Risk 3: Technical Debt Accumulation
AI-generated code can have lower maintainability — abstraction boundaries and consistency need extra review.
If the team doesn’t prioritize code quality, technical debt accumulates fast.
Trade-off:
- Fits: short-term projects, MVPs.
- Doesn’t fit: systems maintained for the long haul.
Decision criterion:
If this system will be maintained for three or more years, you need a code review process.
AI can generate code. It can’t guarantee code quality.
Without review and practice mechanisms, teams can lose sensitivity to underlying design.
This isn’t alarmism.
I’ve seen teams where AI adoption doubled code volume and doubled technical debt.
Because nobody wanted to spend time understanding what the AI wrote.
Decision Framework: Where Do You Start?
The more reliable approach is to clarify your maturity level first.
Use this framework to decide your AI adoption strategy.
Step 1: Assess Your Maturity
| Maturity | Characteristics | Recommendation |
|---|---|---|
| Beginner | Manual deployment, no tests | Establish CI/CD first, then consider AI |
| Intermediate | Has CI/CD, but manual testing | Use AI to assist test generation |
| Advanced | Automated testing, frequent deployment | Use AI to optimize pipeline and architecture |
| Expert | Fully automated, AIOps | Use AI for prediction and self-healing |
Step 2: Choose Your Entry Point
Start with a single pain point.
Pick one, use AI to address it.
For example:
- Pain point: low test coverage.
- Solution: use AI to generate test cases.
- Expected outcome: test coverage from 40% to 70%.
Step 3: Build the Feedback Loop
AI isn’t a one-time setup.
You need to keep monitoring its impact.
- Bug rate in AI-generated code?
- How much has AI-assisted development speed improved?
- How is the team’s adoption going?
Key Insight:
Tools are amplifiers. They amplify the capabilities you already have.
If you don’t have a testing culture, AI just helps you generate more low-value tests.
If you don’t have a code review culture, AI just helps you generate more unreviewed code.
Three Low-Risk Entry Points
To reduce adoption risk, start with these three workflows.
1. Build an AI-Assisted Code Review Process
Don’t rely on AI to auto-merge.
Let AI generate review suggestions, with humans making the final call.
Concrete steps:
- Add an AI review step in GitHub Actions.
- AI generates review comments.
- Engineers review the AI’s comments.
- Engineers decide whether to accept them.
Implementation notes on code review:
I recommend tools like Copilot or CodeRabbit.
But watch out for a few things:
- Access control: make sure AI doesn’t read sensitive data.
- Data leakage: confirm company policy allows sending code to an external API.
- False positive review: AI may suggest unreasonable things — engineers need to stay sharp.
2. Use AI to Optimize Your CI/CD Pipeline
Examine your pipeline. Find the bottlenecks.
- Which step is slowest?
- Which step fails most often?
Use AI to optimize those steps.
Concrete steps:
- Use AI to analyze pipeline logs.
- AI recommends optimizations (e.g., parallel execution, caching strategy).
- Implement the optimizations.
3. Establish Team Norms for AI Use
Don’t let everyone use AI however they like.
Set norms to ensure quality and safety.
Concrete steps:
- Define which modules AI can be used for.
- Define which modules AI shouldn’t touch.
- Regularly review AI-generated code.
In the AI era, engineers’ value is shifting from “writing code” to “making judgments.”
AI can accelerate writing code. The ability to judge “whether to write it, and whether it’s right” — that’s still human.
SDLC, DevOps, CI/CD — these three layers aren’t in opposition.
They stack on each other.
- SDLC is the foundation.
- DevOps is the culture.
- CI/CD is the practice.
- AI is the accelerator.
Accelerators amplify what you already have — strengths and gaps alike.
Is your feedback loop measured in days or minutes?
Scripts for Leadership Conversations
If you need to bring your team or manager on board, these framings can help:
Scenario 1: Explaining Why AI
“We hand repetitive work to AI so people can spend their time on architectural judgment and accountability.”
Scenario 2: Pace and Commitment
“This isn’t a one-time overhaul. We start with a reversible pilot. I’ll have data for you in two weeks. If it doesn’t move the needle, we stop.”
Scenario 3: Handling Security Concerns
“I treat AI-generated code like a junior engineer’s PR. Plus a checklist to ensure no sensitive data leaks. If something goes wrong, that’s on me, not the AI.”
Scenario 4: Explaining Cost and Value
“AI is most efficient at rapid prototyping and boilerplate — let it handle those. Core business logic stays with senior engineers’ judgment.”
Sources
- From Pilots to Payoff: Generative AI in Software Development — AI across the software lifecycle
- What is DevOps? — DevOps culture and lifecycle
- Continuous Integration – Martin Fowler — CI definition, practices, benefits, FAQs
- Agile Manifesto — Agile values and founding authors, 2001
- What is Extreme Programming? — XP short-cycle delivery
- OWASP AI Security and Privacy Guide — Consensus AI security/privacy guidance
- GitHub Copilot Documentation — Setup, usage, admin, and SDK guides
- AIOps – AWS Prescriptive Guidance — AWS — AIOps operational guidance
DevOps didn’t replace SDLC. DevOps turned SDLC’s phases from a relay race into a rugby match.
AI accelerates the feedback loop, not the decision process.