SUMMARY: Gainsight’s CSX platform helps the customer success teams at over 100 leading IT and healthcare organizations drive engagement for tens of thousands of their customers. That’s why the engineering team at Gainsight built a smarter, faster DevSecOps platform using Jenkins.
CHALLENGE: Maintain an infrastructure-as-code approach while integrating various tools and programming languages within the platform, all while securing processes with better visibility and air-tight quality control.
SOLUTION: A flexible and scalable DevSecOps infrastructure that provides Gainsight with keener operational insight, ease of collaboration, and the ability to accelerate releases to stay a step ahead of the competition.
RESULTS:
infrastructure costs reduced by 40%
builds are 30% faster
better and seamless communication on builds and releases
95% of infrastructure scalable with code
virtually no more manual processes
When developing a thriving ecosystem of the best and smartest customer success technologies, a solid DevSecOps foundation is essential. Gainsight, a leading customer success platform provider, chose to humanize the customer experience with innovative technology.
How? The answer is two-fold. First, they built a CX platform that simplifies and facilitates day-to-day operations. Second, they turn disparate customer data from multiple sources into insights and actions that drive measurable business outcomes. By presenting related data, tasks, and workflows across the customer success tech stack, Gainsight can help drive more relevant customer engagement, faster, for the hundreds of clients they serve.
With a mantra to "never stop looking for the next best thing," Gainsight is continuously creating cutting-edge products and services for their clients and their community. By empowering customer-focused businesses to deliver exceptional experiences every day, the Gainsight engineering team needs to be equally agile and deliver products and enhancements as fast as they can innovate. This drove the company’s tech team to build a more fluid, dynamic DevOps process — using infrastructure as code — with Jenkins at the helm.
"To meet our organization’s innovative needs, we chose to step up our DevOps processes to give us higher quality, greater visibility, and more control of the code we shipped to production," said Prudviraj Pentakota, Gainsight’s Lead DevOps Engineer. "We also wanted to save on infrastructure costs while accelerating build time. For that, we chose Jenkins as our go-to source for automating all of our processes."
"We work with a plethora of tools and programming languages and have rapid development cycles. Jenkins provides us with easy customization and the ability to pick and choose the right plugins for optimal performance," Pentakota continued. "We already had a reliable tool with Jenkins, but we have stepped up the game by introducing the integration between Jenkins and our database. Because of that choice, we’ve been able to ship code faster with better quality."
With more than 70 microservices at Gainsight, collaboration in code review was a critical factor for the team, so they layered in Gerrit, a free, web-based team review tool along with GitHub for version control. They now use the Gerrit Trigger Jenkins plugin and GitHub hooks combined with a custom script to validate the code and merge only when it meets the set quality gate.
To verify additional quality standards, including Sonar, the team uses pipeline jobs once the code is merged. "It’s pretty simple: if CI is green, the pipeline then starts the automation build. Based on the quality gate for an automation suite, we either deploy it to our QA environment directly or use Docker," Prudviraj said.
Additionally, they use Allure reports and JaCoCo plugins to check the code coverage and test suite information. After more quality gates, they promote the Docker build to the next environment stage. According to Pentakota, during the Major Release Regression cycle, deployments to 70 applications are triggered by Jenkins per a predefined schedule by Jenkins. At the same time, the required inputs needed by each job are provided by the database. "This amazing integration between Jenkins and database has done wonders for us," he said.
A detailed report would then be emailed to a Slack channel to ensure everyone has access, and everyone is receiving the most transparent communications.
Pentakota believes that communication is the critical factor defining a successful team: "One of our major goals was to simplify communication and collaboration. We achieved that with Jenkins, as it helps us reduce single-person communication by integrating with Slack and emails. And when we find issues with building automatic Jira tickets to be raised to the committees, we use custom logic with the Jira plugin."
Given Gainsight’s large customer base, the ability to scale was also a key factor --not just for the present but also for the future. Because the company has thousands of Jenkins jobs built with Java, Node, and Python, each requires a predefined infrastructure. Hence, the tech team decided to use auto-scaling via an Amazon Web Services EC2 plugin to scale infrastructure and avoid costs associated with static machines.
The team’s biggest challenge was figuring out how to efficiently handle regression testing on microservices for recurring major release cycles. In addition, Pentakota noted that Gainsight has a few legacy Jenkins build nodes that are used only for specific builds. Since these legacy systems can not be terminated, the team uses Jenkins REST APIs to build auto-scaling, rather than the AWS EC2 plugin.
With multiple environments within Jenkins, it was essential to automatically restrict usage to only those permitted to deploy within their unique areas. For this automation, they use the Jenkins Build User Details, but with deployment restrictions applied as appropriate.
Streamlining secure, efficient deployment was of paramount importance for the team. For that, they chose to enable their deployments with security tools that perform DAST analysis on the application. All deployment results, from project information to current status to commits, etc., are stored in the database. This allows them to compare deployed code with the latest code before launching the deployment for microservices. So, if the latest commit in a project is identical to a previously successful build for microservices, the team can ignore deployment for that specific microservice, thus eliminating unnecessary deployment iterations.
"Security is another key aspect of any product lifecycle, and at Gainsight, it is top of mind," Pentakota points out. "For clients who need to connect with tens of thousands of customers, it is of critical importance."
Pentakota also touched on how Gainsight has code deployments integrated with security tools at different stages of the release to incorporate security into the heart of the software development life cycle. This process is initiated and resolved by Jenkins. Once the deployment completes, the security tool can then analyze and report vulnerabilities upfront. Any code modifications can then be actively worked and retested before the software is released.
"Integrating Jenkins within our security tools has further enhanced the overall DevOps flow," says Pentakota, "making it more robust and ultra-secure."
"Jenkins is the epicenter of DevSecOps in our organization," Pentakota added. "It has helped us ship quality and secure end products at a faster pace with the right feedback throughout the release cycle."
And all of their hard work has paid off in dividends: Gainsight has dramatically reduced infrastructure costs by 40% with over 95% of their infrastructure being scalable by code.
"In the end, it’s always about supporting our customers with state-of-the-art, flexible technologies that allow us to innovate often," said Pentakota. "By having a robust way to ship quality releases and fixes within less time, we have happier customers – and they become a catalyst for getting new customers. That makes it a great experience for all of us."