During the past 20 years, application programming interfaces (APIs) have evolved to become a critical component of modern life. These pieces of code allow data to readily flow between different systems and interconnect applications and databases in many other ways.
In many ways, APIs can be thought of as products, just like any other business offering. For this reason, the efficient management of their lifecycle becomes critical.
Effective API lifecycle management involves a comprehensive, step-by-step process of planning, developing, implementing, testing, and versioning. While this has been a challenging and partly manual process in the past, things are now improving.
Increasingly, automation is becoming part of the process. This enables an end-to-end solution for API lifecycle management by pairing it with the agile nature of modern software development practices such as DevOps and GitOps.
Speed vs quality
When it comes to API lifecycle management, there can be a battle between speed and quality. A business may need to get a new or upgraded API into service as quickly as possible, but this should not be done at the expense of quality.
Conventional, manual methods of API lifecycle management are not sustainable in a fast-paced business environment. Even with the most agile of processes, there is only so much that humans can do to keep pace with a complex technological ecosystem that relies on constant innovation.
If an organisation wants to move forward, efficient API lifecycle management is therefore imperative; however, existing practices cannot support such a rapid pace.
A new approach to API management
Rather than having to trade off quality for speed, growing numbers of organisations are adopting a new approach to API management. They've found a way to develop and manage the code in less time, with less human effort and without compromising quality.
The approach, dubbed APIOps, is essentially the combination of DevOps, GitOps and APIs. DevOps is designed to increase deployment speeds whilst ensuring software quality. At the same time, GitOps uses a version control system (typically Git) to provide a workflow that directs changes through a pull request and code review process. APIOps is the best of both worlds.
Organisations can now switch to APIOps and make the process of API lifecycle management automated, fast, and more reliable than ever. It works on the principle of continuous development and comprises five distinct steps:
This first phase involves the creation of an API spec and test suite in an API design tool. The API design tool should list specs automatically and support the generation of unit and governance tests based on the spec. The API is then pushed into a version control system, such as Git, triggering the first automated governance checkpoint.
APIs can be built with any tool and in any programming environment. Once development is completed, and the code is checked into version control, tests are triggered, including unit tests built in the design phase. When all tests are passed, it then progresses to the deployment phase.
When an API is ready for deployment, a declarative configuration file is automatically generated from the API's design as part of the pipeline. These files are stored in version control, making it easy to track changes and roll back deployments in case of issues.
The declarative config is used to deploy the API to an API gateway that supports APIOps by automatically registering the new (or updated) endpoints in the gateway and automatically applying security, governance, and operational policies to manage it.
When an API passes all the tests and behaves as expected, it is ready to be published to consumers. It is important to note that, with APIOps, registering an API in a developer portal, enabling self-serve access, and adding specs are all automated processes.
These steps are vital for making an API discoverable and consumable but typically require protracted or manual processes, pushing it low down the list of any engineer's favourite activities. Automating the publishing process, therefore, removes this burden and ensures every API deployed is published consistently and correctly.
Once an API has been published, it must be managed on an ongoing basis. Depending on the customers' demand and the organisation's goals, it may need to be scaled horizontally or vertically, updated, or retired.
The use of declarative configuration and automated governance throughout the API lifecycle ensures that future operations are managed seamlessly, such as scaling an API to handle peak periods of traffic.
By following an APIOps strategy to API development, organisations can be sure they're implementing APIs that will deliver anticipated business benefits. The days of having to choose between speed and quality will be over.