From the text: "Traditionally, security was often an afterthought in the development process. We'd build our apps, throw them over the wall to ops or the security team, and hope for the best. But as our industry has evolved, so too has our approach to security.
Has the shift-left movement in DevOps already pushed us to consider these operational concerns earlier in the development cycle?"
With the link that @itake posted above, you can definitely use CircleCI to do the deploy automatically. Now if you're concerned about missing something in QA, you could add an approval step (https://circleci.com/docs/workflows#holding-a-workflow-for-a...) in your CircleCI pipeline so that the browser extension is deployed locally for testing, and once it's been tested you can have the next steps approved where it deploys to Production (Google). This concern is really the same for anyone, regardless of if you use CircleCI or not.
Having done this in the past, what worked for us was Slack communication along with quick, bi-weekly calls to just catch everyone up. These calls were absolutely no longer than 15 minutes, and served the purpose well. Reviewing of code was essential through CI/CD that Gitlab offers, and we kept a repository/wiki of all shared libraries and such so that everyone knew where things were.
Freelance Technologist and Community-Builder based in the US. Having spent a vast proportion of my career in software engineering, for the last 6+ years have been leading the developer community outreach program for XDA-Developers. I am passionate about communities and the processes involved in building and sustaining their unique character.
The story is a bit light on details and it seems no sources went on record. Perhaps it'd be better if the title reflected that it's just a rumor at this point.
Has the shift-left movement in DevOps already pushed us to consider these operational concerns earlier in the development cycle?"