-
Notifications
You must be signed in to change notification settings - Fork 4
DevOps Pipeline
DevOps.com describes the Continuous Delivery Pipeline with these three characteristics: [1]
- enables organizations to deliver new features to users as fast and efficiently as possible
- to create a repeatable, reliable and incrementally improving process for taking software from concept to customer
- to enable a constant flow of changes into production via an automated software production line
Unit Test is the first stage in the pipeline. It includes the isolated tests for backend code and runs in a pod managed by Kubernetes. When runs the unit tests, a code coverage report is created as well. The report shows how many percentages of the code are covered by the unit test cases.
Sonarqube is used by Quality Check stage to give ability to run continuous inspection of code quality. It performs automatic reviews with static code analysis to detect bugs, code smells, security vulnerabilities and etc.
The OWASP Zed Attack Proxy (ZAP) automatically finds security vulnerabilities in web applications and a Zap report is created in Jenkins after the scan completes.
At this stage, the build process is triggered to checkout the application source code from GitHub to the base Openshift Python and starts to build the application image. The image is then put to image stream to be used by dev, test and prod environment.
The Dev deployment process is triggered at this stage. The application is deployed on Dev environment according to the deployment config.
This is an integration test stage, a set of predefined functional test cases are run to validation the application deployed on Dev environment. All the functions such as Authentication, Authorization, user/role management and all business functions are validated during this test. A report is generated and put in Jenkins to show the results of the testing. All functional tests have to pass in order to proceed to next stage.
Once all above stages pass, the application is deployed on Test environment.
The last stage deploys the application on Prod environment.
- Jenkins upgrade to allow multiple pipelines creation
- Pipeline triggering every night during quiet time
- Extract Unit Test from build stage to independent stage
- Run functional test in bddstack container
- verified deployment to make sure test running against correct release
- advanced image tagging to simplify tagging process and save image storage
- Integrate unit test and code coverage report to Jenkins for each build
- additional Functional Testing
- checking compliance with Privacy Impact
- verifying completion of Data Classification
- verifying generation of schema documentation
- Dev DMOD application URL http://dmod.pathfinder.gov.bc.ca
- Dev DMOD Backend Api Specification URL eg. http://api-bypass-mem-tfrs-dev.pathfinder.gov.bc.ca/api/doc
- Dev SchemaSpy URL eg. <http://schema-spy-mem-tfrs-dev.pathfinder.gov.bc.ca >
- Sonarqube URL http://sonarqube-csnr-dmod-tools.pathfinder.gov.bc.ca/projects
- Jenkins URL https://jenkins-csnr-dmod-tools.pathfinder.gov.bc.ca
- ZAP Security scan URL eg. https://jenkins-csnr-dmod-tools.pathfinder.gov.bc.ca/job/csnr-dmod-tools-zap-pipeline/
1 https://devops.com/ The Continuous Delivery Pipeline — What it is and Why it’s so Important in Developing Software, Andrew Phillips, JULY 29, 2014