# What you'll learn

After watching this video, you'll be able to:
* Define a DevOps pipeline.
* List the main components of a CI/CD pipelines.
* Explain the utility of CI/CD pipelines.
* Explain the role of the compliance pipeline.

# What is a pipeline in DevOps?

* A DevOps pipeline is a workflow that automates software delivery.
* It is a series of interconnected steps that enable efficient and consistent execution of tasks such as building, testing, deploying and releasing software.
* It automates the software delivery lifecycle by streamlining and standardizing the process.
*  A DevOps pipeline enables continuous integration of code changes, integrates with repositories, automates testing and building, and facilitates conflict resolution and bug detection.
* Pipelines are essential for implementing continuous integration and continuous deployment or CI/CD practices in DevOps.

# Structure of a DevOps pipeline

![image.png](attachment:8b9e297b-e13e-4ad9-be50-2a8d8acbcee4.png)

Organizations utilize continuous integration and continuous delivery pipelines for a comprehensive build and delivery process.
* The **CI pipeline** validates packages and builds essential components, creating deployable artifacts like container images and helm charts.
* It ensures versioning and resource preparation.
* The **CD pipeline** is mainly responsible for deploying the prepared artifacts into specific target environments, thereby ensuring a smooth transition from development to production.

# Continuous Integration

![image.png](attachment:ef84f986-865b-47ac-bf3e-cfd7902e53f2.png)

A **CI pipeline** consists of various components that work together to streamline the development and delivery process.
* This is just one example of how a CI pipeline might look.
* You may use more or less tools than yours.

Let's look at the role of the different components.

* **Pull requests:**
    * Pull requests in the application repository trigger the PR pipeline.
    * It runs automated tests to validate code changes, ensuring the integrity of the code base.

* **Issue tracker:** The issue tracker integrates with the CI pipeline and highlights associated issues or tasks linked to the pull request and facilitates issue resolution.
* **Application Repository:** The application repository stores the source code which the CI pipeline pulls for build and testing operations.
* **Code Risk Analyzer:**
    * The Code Risk Analyzer analyzes the code for potential risks, vulnerabilities, or code quality issues.
    * It provides feedback and recommendations based on static code analysis.
* **Slack integration:** enables efficient communications by sending notifications and reports to the development team.
* **DevOps Insights:** collects data from the CI pipeline, generating reports to identify bottlenecks and areas for improvement.
* **SonarCube:** a code quality management platform, performs static code analysis, measures code coverage and assesses maintainability.
* **Secrets manager:** securely stores sensitive information and integrates with the CI pipeline to provide authorized access during build and deployment.
* **Evidence:** An evidence component stores artifacts and documentation gathered during pipeline execution for traceability and auditing.
* **Inventory:** The inventory component tracks deployed applications, dependencies and infrastructure configurations, ensuring consistency and control over software deployments.
* **Artifacts:** Artifacts generated by the CI pipeline, such as binaries and container images, play a crucial role in subsequent stages of the software delivery process.

Overall, **the CI pipeline leverages various components to automate code validation, testing, analyzing, and collaboration**. The integration of these components enables developers to continuously integrate changes into the code base while maintaining quality and security standards.

# Continuous Delivery

![image.png](attachment:397f707e-f604-4d7f-8918-1bb6701b0f40.png)

After the continuous integration pipeline, the continuous delivery pipeline is triggered to facilitate the deployment process.

* **Change request tool:**
    * A change request tool manages and tracks system changes.
    * It integrates with the pipeline to ensure documented and validated changes before deployment.
* **Key Protect:** securely stores cryptographic keys and sensitive information, providing secure access during deployment.
* **Security and Compliance Center:** enforces policies, conducts security scans, vulnerability assessments, and compliance checks.
* **DevOps Insights:** collects data, and generates reports to identify bottlenecks and areas for improvement.
* **Secrets Manager:** securely stores sensitive information, providing secure access during deployment through integration with the pipeline.
* **Target environment:** The continuous delivery pipeline deploys the application to the target environment, ensuring accurate deployment and configuration.

This workflow automates deployment, change tracking, security compliance, and documentation, enabling efficient and reliable software delivery while maintaining standards.

# Continuous Compliance

![image.png](attachment:d127bff5-06a0-4340-baab-f37708d7ce1f.png)

In addition to CI/CD pipelines, some teams might implement a `Continuous Compliance Pipeline`. **This pipeline ensures that organizations maintain security and compliance standards throughout the development lifecycle of their application and infrastructure**.

Here's a sample workflow for a continuous compliance pipeline.

**SonarCube:**
* The pipeline validates the application code against predefined security and compliance rules.
* Static code analysis tools like SonarCube scan the code base and identify any potential security, vulnerabilities and compliance issues.
* The pipeline includes compliance checks to verify that the application meets industry-specific or regulatory compliance requirements.
* Tools like IBM Cloud Continuous Compliance evaluate the application against predefined compliance policies and generate compliance reports.

**Key Protect:** is responsible for securely securing and managing cryptographic keys, certificates, and other sensitive information.

**Security and Compliance Center:** evaluates the application against predefined security policies and compliance requirements.

**DevOps Insights:** a monitoring and analytics tool collects data from various stages of the pipeline.

**Secrets Manager:**
* During the pipeline execution, Secrets Manager securely stores and manages sensitive information such as API keys, passwords, or certificates.
* It securely provides the necessary credentials to the pipeline stages, requiring access to protect resources.

**Slack notifications:** 
* It keep team members informed about pipeline status, compliance issues, and other important events throughout the pipeline.
* The team collects evidence to demonstrate compliance and track the execution of the pipeline.
* This evidence includes logs, reports, test results or other artifacts that provide evidence of compliance and successful pipeline execution.

The combination of these components in the **continuous compliance pipeline enables organizations to automate security and compliance validation, effectively manage secrets and keys, and collect evidence for compliance purposes**.

This comprehensive approach ensures that applications and infrastructure align with security and compliance standards throughout the development and deployment process.

# Summary

You learned that:
* A DevOps pipeline is a workflow that automates software delivery.
* The **CI pipeline** ensures versioning and resource preparation.
* The **CD pipeline** ensures a smooth transition from development to production.
* A **CI pipeline** consists of various components such as Issue Tracker, PR pipeline, and so on.
* A **CD pipeline** employs tools like change request tool, key protect and so on.
* **Continuous compliance pipeline** ensures that organizations maintain security and compliance standards with the help of various tools such as DevOps Insights, Secrets Manager and others.