Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Define CI/CD strategy from GitHub #4

Open
3 tasks
Tracked by #3
andreasisnes opened this issue Sep 20, 2024 · 0 comments
Open
3 tasks
Tracked by #3

Define CI/CD strategy from GitHub #4

andreasisnes opened this issue Sep 20, 2024 · 0 comments
Assignees
@andreasisnes @howieandersen

Comments

@andreasisnes
Copy link
Collaborator

andreasisnes commented Sep 20, 2024
edited
Loading

The following components should be built, tested and potentially deployed:

  • Terraform
    • infrastructure/projects/init
    • infrastructure/projects/shared

Pipeline structure:

Pipelines (Workflows) should be modular, and should include the following pipeline components (Actions):

  • Infrastructure as Code workflow (Terraform deploy)
  • Deploy workflow (Dev)
  • Deploy workflow (Release)

The Dev deployment pipeline should be able to do a single deployment to Dev and Test environments, while the Release deployment pipeline should be able to run a Release deployment where a single build it created and deployed first to Stagng environments, and upon approval into Prod environment.

The Build + Test workflow should be a pre-requisite to any deployment workflow of any build, but we should also be able to run a Build + Test worklow by itself, either with a PR trigger or with a manual trigger at any point in time from any branch.

Clarifications:

  • Are we sticking with a Trunk-based development workflow, or are we going to switch over to a development workflow resembling Git Flow? for now, we will probably keep it as is, Trunk-based. The way we structure our deployment pipelines will depend on our choice of development workflow, and what types of Git branches we have to work with (dev/main/release/etc).
  • Are we sticking to a scheduled deployment pattern to Test environment and Prod environment, or are we going to switch over to continuous deployment where we can trigger a deployment into Test or approve a deployment into Prod at any time?
  • Are we introducing additional security testing to our CI/CD strategy at this point in time, e.g. DAST testing or other OWASP security testing tools?
    • We do not really need to decide anything on this point right now, as additional actions can easily be added to our workflows when the initial workflows are up and running.
  • Are we introducing CodeRabbit as part of our PR code reviews?
    • Not super relevant to initial CI/CD strategy, but listing it to keep the thought alive. Other teams (Dialogporten) has already started exploring and using it, and if it proves worthwhile the RabbitCode testing tool will be introduced across the Altinn organization soon.
@andreasisnes andreasisnes mentioned this issue Sep 20, 2024
Open
@howieandersen howieandersen changed the title Define Deployment strategy from GitHub Define CI/CD pipeline strategy from GitHub Sep 23, 2024
@howieandersen howieandersen changed the title Define CI/CD pipeline strategy from GitHub Define CI/CD strategy from GitHub Sep 23, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@andreasisnes andreasisnes

@howieandersen howieandersen

Labels
None yet
Projects
Team Tilgangsstyring & Kontroll
Status: New
Milestone
No milestone
Development

No branches or pull requests
2 participants
@andreasisnes @howieandersen