👍🏿 🔚 🐆 Pipa sempurna dalam ruang hampa 🖼️ 🛅 🤹🏼

Jangan hubungi saya jika saluran pipa Anda tidak terlihat seperti ini.

Dalam wawancara untuk posisi yang melibatkan pemahaman DevOps, saya suka mengajukan pertanyaan ini kepada kandidat (dan terkadang mereka juga bertanya kepada saya):

Menurut Anda seperti apa pipeline ideal dari commit ke produksi? / Jelaskan CI / CD / dll yang ideal

. , CI/CD .

, .
, .
, "", . , ( ) , . , , " — " DevOps.
. , . : Jira production. gitflow, gitlabFlow, githubFlow.

, - CI, , ?

CI?

;
;
;
;
;
Merge;
MR code review.

Code scanning

— .

— Senior/Lead Backend Developer. , // . , .

;
;
.

Saya membutuhkan kerentanan Anda, sepatu bot, dan sepeda motor — ,

, git push

.

gitlab-ci

stages:
  - code-scanning

.code-scanning:
 only: [pushes]
 stage: code-scanning

Linters

– ! . " ".

— .

. - . , , CI. soft skills, .


eslint	JavaScript
pylint	Python
golint	Golang
hadolint	Dockerfile
kubeval	Kubernetes manifest
shellcheck	Bash
gixy	nginx config
etc

Code Quality

code quality

— , ML- : , , ., code security

.

		Price
SonarQube		€120
CodeQL	Github native, CVE	OpenSource – free
etc

Code Security

, code security

. :

, , . "" production , git

. , , vault

, git

		Price
gitleaks	Gitlab Security, "" "".	Free
shhgit	Enterpise Edition.	$336
etc

, .

Code Coverage

, , code coverage

.

, .

		Price
go cover	Golang. Golang.	Free
cobertura	jcoverage. Java	Free
codecov		Free 5
etc

Unit test

code quality

, .


phpunit	PHP (My mom says I am special)
junit	Java ( junit)
etc

Build

artifacts/packages/images .. , .

semVer ( gitflow);
romVer;
c;
datetime, timestamp;
etc

, .


docker build	.
buildx / buildkit	Moby . , `DOCKER_BUILDKIT=1` .
kaniko	Google, , -.
werf	'. stapel. All-in-one: , .
buildah	Open Container Initiative, Podman.
etc

, – .

Scan package

/ . . registry .


harbor	Docker Registry, ChartMuseum, Robot-users.	Free
nexus	Docker.	Free pro
artifactory	, .	Free pro
etc

Deploy

Kami akan menyebarkan kontainer secepat kami bisa. — , .

rolling – ;
recreate – , production;
blue/green – 90% production ;
canary – 99% production .

Stateful

, stage production, production - , stateful . , , / . stage/pre-production .

/ .


helmwave	Docker-compose helm. .
helm	.
argoCD	" GitOps".
werf.io	.
kubectl / kustomize	, .
etc

helmwav' GitHub. helmwave.

Integration testing

. - . . , . .


Selenium	.
Selenoid	. Docker-in-Docker.
etc

Performance testing (load/stress testing)

stage/pre-production . , , production.


wrk	. .
k6.io	C--JavaScript! AutoDevOps.
Artillery.io	JS. k6
jmeter	OldSchool.
yandex-tank	.
etc


sitespeed.io	: coach, browserTime, compare, PageXray.
Lighthouse	Google. , . . , .
etc

Code Review / Approved

Merge Request. pipeline , , c.

QA;
Security;
Tech leads;
Release managers;
Maintainers;
DevOps;
etc.

, MR , MR:

production;
QA release ;
DevOps' , : helm-charts / pipeline / / etc.

Developing flow

, , -. -, gitflow, gitlabFlow, githubFlow .

, – . , gitflow . GithubFlow . gitlabFlow , , - , feature-.

, :

Gitflow: feature -> develop -> release-vX.X.X -> master (aka main) -> tag

;
GitHubFlow: branch -> master (aka main);
GitLabFlow: environmental branches.

TL;DR

Feature-

Pre-Production -> Production

P.S.

- , , , , – update.

. ?

Pipa sempurna dalam ruang hampa

CI?