author | paging |
---|---|
github.com/breuerfelix |
Slide %d / %d |
- 2020 TH Köln Bachelor Technische Informatik
- Cloud Systems Engineer @ inovex GmbH
- Kubernetes as a Service @ STACKIT
- Kubernetes Platform Engineering @ German Streaming Platform
- handle many Services in large Teams => Automation & Rules
- everything on public Services / for free
- stuff to check out @ home
Our Company:
- 10 Teams
- 6 Engineers per Team
- 1 Product Owner per Team
Our Service:
- simple Go Web Server
- greets people on request
Problem:
=> works on my machine
nix-shell -p nodejs
- impure shell => not like a container
- real version pinning is hard
- is done with flakes
{ pkgs ? import <nixpkgs> {} }:
pkgs.mkShell {
buildInputs = with pkgs; [
go_1_19
# go
];
shellHook = ''
export FOO="some important build arg"
'';
}
Alternatives:
- Dev Containers
- supported by GitHub
- needs Docker
- asdf-vm
- runtime version manager
- only installs tools
Problem:
=> everyone can push code on main
main
Branch protection- Repo -> Settings -> Branches
- Require a pull request before merging
- Require approval
- keep hotfix case in mind
- Require status checks to pass before merging
- Require conversation resolution before merging
Problem:
=> have you already run your tests?
- use Pipelines
build | lint | test
- deploy to
dev
stage - run
e2e
tests
=> service-automation.yml
No need to check out the PR locally!
Problem:
=> major, minor or patch?
MAJOR.MINOR.PATCH
5.1.20
MAJOR
: incompatible API changes
MINOR
: add functionality in a backward compatible manner
PATCH
: backward compatible bug fixes
=> semver.org
<type>[optional scope]: <description>
type: fix | feat | feat! | ...
chore(router): adds hello world route
feat: changes hello world path
BREAKING CHANGE: refactor old route
BREAKING CHANGE
in footer -> MAJORfeat
-> MINORfix
-> PATCH
=> conventionalcommits.org
commitizen
to assist locallycommitlint
on PRsemantic-release
to create a Tag
Problem:
=> is this already live?
=> you forgot to update the docs...
- containerize app
- runs in different environments
- multiple stages
dev | preprod | prod
- deploy:
- via pipelines
- PR manually to
dev
main
topreprod
x.x.x
manually toprod
- build a container image
- build on every PR to rollout on
dev
- build on every PR to rollout on
- push to a container registry
- roll out to a stage
- only allow rebase merging
- only tagging the image on
main
is needed
- only tagging the image on
- auto tag based on commit messages
Problem:
=> outdated libraries
- scans your Repositories daily
- opens a PR if a version updates
- is configureable to lock packages
- auto-approve
- renovate at midnight
- e2e tests
- release in the morning
Problem:
=> is your feature tested?
- runs on PR
- calculates code coverage
- lets you define quality gates
- Automation & Rules
- Rules & Automation
- don't rely on People
- rely on Pipelines
- BUT think about hotfixes
- Linkedin: Felix Breuer
- breuer.dev
- github.com/breuerfelix
- github.com/breuerfelix/service-automation
- github.com/breuerfelix/service-automation/slides.md
- inovex.de