CI/CD Pipelines

At Adhoc DevOps we understand the importance of a solid build and release pipeline. To protect the production environment and maintain security and quality code that does not meet coding standards needs to be detected early and rejected quickly. Incorporating automated testing into the continuous integration (CI) pipeline is a key mechanism for maintaining and improving quality assurance (QA) in a project. At deployment time, correct management of secrets and use of a Blue/Green deployment strategy are just two of the strategies that help make a continuous deployment (CD) pipeline a continuously successful deployment pipeline. There are in fact many aspects that need to be considered with implementing a CI/CD pipeline for a project.

CI/CD Pipeline best practices

Below is a list of the some of the CI/CD best practices we follow and recommend at Adhoc DevOps:

• Set up the CI/CD pipeline as early as possible in the life cycle of the the project. Ideally before any new code is written for the project. If development starts before the CI/CD pipeline is in place, the momentum from the project makes it harder to implement way of working changes required by the CI/CD pipeline.
• Building extra time and budget into the project for the CI/CD pipeline setup. For many projects the effort required to implement the CI/CD pipeline is underestimated. This is particularly true for "inherited" code bases where missing dependencies take time to discover and resolve.
• Differentiate between the build environment and the deployment environment. There can be a tendency to install build environment tools, including version control software (i.e. git) into the deployment environment. Doing this undermines the role and the purpose of the build environment.
• Parameterise secrets so that they are never committed to the repository and always stored securely in a vault. Correct management of secrets improves deployment reliability and the project security. When secrets are correctly managed, incorrect use of secrets stands out and can be quickly identified and corrected.
• Take the time to properly understand the required artifacts for the deployment environment. Don't bundle and deploy code, config or binaries that are not actually required in the deployment environment.

Working with Adhoc DevOps

We have experience setting up CI/CD pipelines using well known tools such TravisCI, Bitbucket and Azure DevOps. Each CI/CD tool has its own set of functionality and methodology although the core principles applicable to all CI/CD pipelines. We start with a clean virtual machine build and map that to components available in the build environment. Optimisations, such as parallel builds are utilised where possible. Advanced functionality, not available to the CI/CD pipeline can often be introduced through either scripting or the addition of orchestration software such as Ansible.