DevOps Research and Assessment (DORA) metrics

Tier: Ultimate Offering: GitLab.com, Self-managed, GitLab Dedicated

The DevOps Research and Assessment (DORA) team has identified four metrics that measure DevOps performance. Using these metrics helps improve DevOps efficiency and communicate performance to business stakeholders, which can accelerate business results.

DORA includes four key metrics, divided into two core areas of DevOps:

For software leaders, tracking velocity alongside quality metrics ensures they’re not sacrificing quality for speed.

For a video explanation, see DORA metrics: User analytics and GitLab speed run: DORA metrics.

DORA metrics in GitLab

GitLab provides different analytics and insights about DORA metrics, which are available in the following Analytics features:

Deployment frequency

History
  • Introduced fix for the frequency calculation formula for all and monthly intervals in GitLab 16.0.

Deployment frequency is the frequency of successful deployments to production over the given date range (hourly, daily, weekly, monthly, or yearly).

Software leaders can use the deployment frequency metric to understand how often the team successfully deploys software to production, and how quickly the teams can respond to customers’ requests or new market opportunities. High deployment frequency means you can get feedback sooner and iterate faster to deliver improvements and features.

How deployment frequency is calculated

In GitLab, deployment frequency is measured by the average number of deployments per day to a given environment, based on the deployment’s end time (its finished_at property). GitLab calculates the deployment frequency from the number of finished deployments on the given day. Only successful deployments (Deployment.statuses = success) are counted.

The calculation takes into account the production environment tier or the environments named production/prod. The environment must be part of the production deployment tier for its deployment information to appear on the graphs.

How to improve deployment frequency

The first step is to benchmark the cadence of code releases between groups and projects. Next, you should consider:

  • Adding automated testing.
  • Adding automated code validation.
  • Breaking the changes down into smaller iterations.

Lead time for changes

Lead time for changes is the amount of time it takes a code change to get into production.

Lead time for changes is not the same as Lead time. In the value stream, lead time measures the time it takes for work on an issue to move from the moment it’s requested (Issue created) to the moment it’s fulfilled and delivered (Issue closed).

For software leaders, lead time for changes reflects the efficiency of CI/CD pipelines and visualizes how quickly work is delivered to customers. Over time, the lead time for changes should decrease, while your team’s performance should increase. Low lead time for changes means more efficient CI/CD pipelines.

How lead time for changes is calculated

GitLab calculates lead time for changes based on the number of seconds to successfully deliver a merge request into production: from merge request merge time (when the merge button is clicked) to code successfully running in production, without adding the coding_time to the calculation. Data is aggregated right after the deployment is finished, with a slight delay.

By default, lead time for changes supports measuring only one branch operation with multiple deployment jobs (for example, from development to staging to production on the default branch). When a merge request gets merged on staging, and then on production, GitLab interprets them as two deployed merge requests, not one.

How to improve lead time for changes

The first step is to benchmark the CI/CD pipelines’ efficiency between groups and projects. Next, you should consider:

  • Using Value Stream Analytics to identify bottlenecks in the processes.
  • Breaking the changes down into smaller iterations.
  • Adding automation.

Time to restore service

Time to restore service is the amount of time it takes an organization to recover from a failure in production.

For software leaders, time to restore service reflects how long it takes an organization to recover from a failure in production. Low time to restore service means the organization can take risks with new innovative features to drive competitive advantages and increase business results.

How time to restore service is calculated

In GitLab, time to restore service is measured as the median time an incident was open for on a production environment. GitLab calculates the number of seconds an incident was open on a production environment in the given time period. This assumes:

  • GitLab incidents are tracked.
  • All incidents are related to a production environment.
  • Incidents and deployments have a strictly one-to-one relationship. An incident is related to only one production deployment, and any production deployment is related to no more than one incident.

How to improve time to restore service

The first step is to benchmark the team response and recover from service interruptions and outages, between groups and projects. Next, you should consider:

  • Improving the observability into the production environment.
  • Improving response workflows.

Change failure rate

Change failure rate is how often a change cause failure in production.

Software leaders can use the change failure rate metric to gain insights into the quality of the code being shipped. High change failure rate may indicate an inefficient deployment process or insufficient automated testing coverage.

How change failure rate is calculated

In GitLab, change failure rate is measured as the percentage of deployments that cause an incident in production in the given time period. GitLab calculates change failure rate as the number of incidents divided by the number of deployments to a production environment. This calculation assumes:

  • GitLab incidents are tracked.
  • All incidents are production incidents, regardless of the environment.
  • Change failure rate is used primarily as high-level stability tracking, which is why in a given day, all incidents and deployments are aggregated into a joined daily rate. Adding specific relations between deployments and incidents is proposed in issue 444295.

For example, if you have 10 deployments (considering one deployment per day) with two incidents on the first day and one incident on the last day, then your change failure rate is 0.3.

How to improve change failure rate

The first step is to benchmark the quality and stability, between groups and projects. Next, you should consider:

  • Finding the right balance between stability and throughput (Deployment frequency and Lead time for changes), and not sacrificing quality for speed.
  • Improving the efficacy of code review processes.
  • Adding automated testing.

DORA custom calculation rules

Tier: Ultimate Offering: Self-managed Status: Experiment
History
On self-managed GitLab, by default this feature is not available. To make it available per project or for your entire instance, an administrator can enable the feature flag named dora_configuration. On GitLab.com and GitLab Dedicated, this feature is not available.

This feature is an experiment. To join the list of users testing this feature, here is a suggested test flow. If you find a bug, open an issue here. To share your use cases and feedback, comment in epic 11490.

Multi-branch rule for lead time for changes

Unlike the default calculation of lead time for changes, this calculation rule allows measuring multi-branch operations with a single deployment job for each operation. For example, from development job on development branch, to staging job on staging branch, to production job on production branch.

This calculation rule has been implemented by updating the dora_configurations table with the target branches that are part of the development flow. This way, GitLab can recognize the branches as one, and filter out other merge requests.

This configuration changes how daily DORA metrics are calculated for the selected project, but doesn’t affect other projects, groups, or users.

This feature supports only project-level propagation.

To do this, in the Rails console run the following command:

my_project = Project.find_by_full_path('group/subgroup/project')
Dora::Configuration.create!(project: my_project, branches_for_lead_time_for_changes: ['master', 'main'])

To update an existing configuration, run the following command:

my_project = Project.find_by_full_path('group/subgroup/project')
record = Dora::Configuration.where(project: my_project).first
record.branches_for_lead_time_for_changes = ['development', 'staging', 'master', 'main']
record.save!

Retrieve DORA metrics data

To retrieve DORA data, use the GraphQL or the REST APIs.

The following example uses the GraphQL API to retrieve the monthly deployment frequency for a given time period:

{
  project(fullPath: "gitlab-org/gitlab") {
    dora {
      metrics(
        startDate: "2023-12-01"
        endDate: "2024-01-31"
        interval: MONTHLY
      ) {
        date
        deploymentFrequency
        leadTimeForChanges
        timeToRestoreService
        changeFailureRate
      }
    }
  }
}

You can explore the GraphQL API resources with the interactive GraphQL explorer.

Measure DORA metrics

Measure DORA metrics without using GitLab CI/CD pipelines

Deployment frequency is calculated based on the deployments record, which is created for typical push-based deployments. These deployment records are not created for pull-based deployments, for example when Container Images are connected to GitLab with an agent.

To track DORA metrics in these cases, you can create a deployment record using the Deployments API. You must set the environment name where the deployment tier is configured, because the tier variable is specified for the given environment, not for the deployments. For more information, see Track deployments of an external deployment tool.

Measure DORA metrics with Jira

Measure DORA Time to restore service and Change failure rate with external incidents

For PagerDuty, you can set up a webhook to automatically create a GitLab incident for each PagerDuty incident. This configuration requires you to make changes in both PagerDuty and GitLab.

For others incident management tools, you can set up the HTTP integration, and use it to automatically:

  1. Create an incident when an alert is triggered.
  2. Close incidents via recovery alerts.

DORA metrics availability

The table below provides an overview of the DORA metrics’ availability at project and group level:

Metric Level Comments
deployment_frequency Project  
deployment_frequency Group  
lead_time_for_changes Project Unit in seconds. Aggregation method is median.
lead_time_for_changes Group Unit in seconds. Aggregation method is median.
time_to_restore_service Project and group Unit in days. Aggregation method is median. (Available in UI chart in GitLab 15.1 and later)
change_failure_rate Project and group Percentage of deployments. (Available in UI chart in GitLab 15.2 and later)

DORA metrics data aggregation

The table below provides an overview of the DORA metrics’ data aggregation in different charts.

Metric name Measured values Data aggregation in the Value Streams Dashboard Data aggregation in CI/CD analytics charts Data aggregation in Custom insights reporting
Deployment frequency Number of successful deployments daily average per month daily average day (default) or month
Lead time for changes Number of seconds to successfully deliver a commit into production daily median per month median time day (default) or month
Time to restore service Number of seconds an incident was open for daily median per month daily median day (default) or month
Change failure rate percentage of deployments that cause an incident in production daily median per month percentage of failed deployments day (default) or month