A Beginners Guide to Feature Management for Federal Agencies

LaunchDarkly is the first feature management solution to receive FedRAMP authorization at the Moderate level.

In this beginner’s guide, you will learn how other agencies are already using feature management and how it might benefit your agency, especially your developers.

DevSecOps challenges for federal developers

Federal developers face unique challenges often not seen in the commercial sector that make DevSecOps processes more complex. Development cycles tend to be longer, with more rigid processes and approvals. Additional security and contractual requirements also limit flexibility.

Despite best intentions, these additional constraints can hold back government projects from taking advantage of modern Continuous Integration/Continuous Delivery (CI/CD) or progressive delivery processes. Despite these limitations, it is still essential for agencies to develop faster and react quickly to late-stage executive branch policy changes, security vulnerabilities, and incidents.

Additionally, agencies are also competing against commercial organizations for top development talent but are often unable to match the salaries or growth opportunities of the private sector.

In the sections below, we’ll describe how modernizing your release management process can help you develop faster and react more quickly to incidents, reduce risk to the agency, and better support your development teams to boost morale.

Feature management vs. configuration files

So, what is feature management exactly? Simply put, feature management is the ability to control software features at a granular level.

Configuration files are a type of feature management, but they have drawbacks such as requiring redeployments to see changes. Because redeployments can be more obtrusive, developers try to minimize the frequency and batch up many changes and release software in versions.

null

Versioning software can slow down development. Developers may work in different software branches, which then need to be merged before a release. Merging can be fraught with errors especially when branches get long. Developers also may need to wait for teammates to complete their work, such as when releases are delayed to get in that “one last update.”

When a bug is discovered in production, every new feature or fix in that release will be lost with a rollback.

However, if a modern feature management solution is used, each feature is wrapped with control logic in code such that the feature can be toggled on or off in a dashboard, independently of other features. Changes won’t impact other features unless explicitly desired, such as with the use of feature prerequisites (eg., only show feature “B” when feature “A” is enabled).

Additionally, if you’re using a quality feature management platform, a simple dashboard can be used to modify the rules to determine who or what gets that feature without a redeploy. Features can even have multiple variations shown to different users. Developers can run experiments, determine winners based on metrics important to your organization, and then change the rollout of the winning variation to 100% without going back to modify code after the experiment has been completed.

The simplicity and ease of making changes in a dashboard reduces developer workloads and allows agencies to release and react faster with the least amount of impact to other functionality.

Feature management and CI/CD

What if developers could just deploy new code directly into the main application build (“trunk”) as soon as it is ready?

Feature management separates code deployments from feature releases. Trunk-based development is a requirement for true CI/CD. The “CD” part might be more intimidating for federal agencies not yet familiar with CI/CD processes, and we understand getting to this point may be a cultural shift.

However, using a modern feature management solution, agencies can perform CD with extremely low risk, and LaunchDarkly can support any release method no matter where you are at in your DevSecOps stage.

With LaunchDarkly, you can release a feature in the “off” state for all except you or your developers and QA team. Developers can test in production environments by targeting themselves without exposing new features to others until ready.

Features can also be released in a percentage-based rollout, or canary release, such that a small subset will see the new feature first. Performance monitoring tools can check that the application can handle the load, and your agency can scale to larger and larger percentages until it is rolled out to a 100% of recipients. These “dark launches,” or controlled canary releases, make it easier to test software in a real-world environment and reduces the need for so many different pre-production environments, which is a major cost savings to an organization.

LaunchDarkly also has built-in workflows for approvals as well as a tight integration with your existing tool stack ServiceNow. Agencies can specify a minimum number of approvals required per environment for a feature to be enabled. This allows non-technical managers to oversee or schedule new feature releases and fully take advantage of the benefits of CI/CD while reducing risk to the agency.

Furthermore, to assist with the cultural change in federal agencies, LaunchDarkly offers a business value assessment using metrics from the DORA (DevOps Research & Assessment) report to help feature management champions gain management buy-in.

DORA elite performers and Forrester Total Economic Impact

The DORA report states that elite performers deploy 208 times more frequently, 106 times faster lead time from commit to deploy, 2,604 times faster to recover from incidents, and have a 7 times lower change failure rate (changes are 1/7th as likely to fail).

Most agencies have a long way to go to get to these numbers, but implementing feature management with CI/CD processes is essential for improvement.

Allowing more frequent deployments means federal projects could be completed more quickly. Using feature management rules to target internal testers, built-in approvals workflows, and allowing non-technical program managers or other business stakeholders to be the ones to perform or schedule the release of the feature ensures features are exposed only to the right people at the right time.

LaunchDarkly recently commissioned Forrester Consulting to conduct a Total Economic Impact(™) study of LaunchDarkly and it concluded there was a 245% ROI realized in three years. Benefits found in the study include the reduced cost of pre-production environments, developer productivity, improved customer experience, and improved compliance with external governance.

Developer-focused

Founded in 2014, LaunchDarkly was the first commercially-available feature management platform, and now is the first federally-focused platform.

One key component to the success of the company is due to the fact that we’ve always been developer-focused. In the Forrester study mentioned above, Forrester found LaunchDarkly-using developers had improved alignment with business. LaunchDarkly provides centralized visibility of features and their status, and can easily be used by both technical and non-technical people. It can bridge the gap between development and business, and enhance communication between parties that frequently have friction in the federal space.

Additionally, the Forrester study found a reduction in developer recruitment costs. The study noted, “LaunchDarkly contributes directly to the reduction of developer stress by decreasing the risk of massive errors being found at the point of merging code.”

Moreover, having a kill switch to be able to quickly react to an incident significantly reduces the stress and pressure on developers, especially those tasked with being on-call off-hours.

Instead of being awakened by a pager alert, struggling with debugging while sleep deprived, or performing error-prone fixes or rollbacks under pressure, a kill switch can be used to buy time to thoroughly study, test, and refine the best fix. All this reduces risk to the agency while improving developer morale.

Trusted by federal agencies

LaunchDarkly is already in use by 15 federal agencies today. Recently, it has allowed federal agencies to:

Be responsive to last minute executive orders
Quickly react to incidents
Manage frequent Covid-19 messaging updates
Modify dates and deadlines for policies impacted by Covid-19
Support data sharing initiatives
Control general rollouts of new features

LaunchDarkly respects our federal agency’s logo rights and use case approval processes, so we are unable to discuss more specific examples in this posting. For more in-depth information on two approved agency use cases we recommend viewing this recorded webinar: Feature Management as a DevSecOps Best Practice or this Booz Allen Hamilton Recreation.gov case study.