SlideShare a Scribd company logo

Anatomy of a Build Pipeline

Download as PPTX, PDF
Samuel Brown
Samuel Brown

The document discusses best practices for building automated pipelines in software development, emphasizing continuous integration and deployment. It outlines various purposes of build pipelines, including code testing, packaging, and deployment, while also addressing challenges and best practices for each stage. The author advocates for simplicity, rapid feedback, and strong quality assurance throughout the development process.

Technology
1 of 34
Downloaded 138 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
Sam Brown samuel.brown@excella.com November 7, 2012
Thanks to Mike McGarr and Excella Consulting for hosting!!
Sam Brown  11+ Years as a Java developer with commercial and federal clients  Practicing continuous integration/continuous delivery for ~6 years  DevOps Evangelist at Excella (www.excella.com)  Certified Scrum Master  Puppet Certified Professional
Basic components of an automated enterprise  Continuous integration  Dependency management  Automated build tools to build...  Shared API libraries  Custom web applications  Products
“The purpose of a pipeline is to transport some resource from point A to point B quickly and effectively with minimal upkeep or attention required once built” – me So how did „pipelines‟ get applied to software? Let‟s try a few changes to this statement... “The purpose of a pipeline is to transport from to quickly and effectively with minimal upkeep or attention required once built” – me
Build pipelines require measurements and verification of the code to ensure:  Adherence to standards  Quality proven through testing  A product that meets user‟s needs The purpose is not just transport, but to ensure that our product is high-quality, prepared for the environment it will reach, and satisfies the end-user.
“An automated manifestation of the process required to get your team’s application code to the end-user, typically implemented via continuous integration server, with emphasis on eliminating defects” – me (again)
 …in fact, NONE ARE!  Build pipelines will vary as much as applications  Different teams have different needs  Simplicity is key One Size Fits All!
Anatomy of a Build Pipeline
Repeatable, automated, process to ensure that application code is tested, analyzed, and packaged for deployment.
 System of record  Just do it!  Take advantage of commit hooks  Build from trunk and reduce server-side branches  Tag often  Don‟t check in broken code!
Purpose: Integrate, build and unit test code for quick feedback  Best Practices  Runs in under 10 minutes (rapid feedback)  Unit tests do not require external resources  Run on EVERY developer check-in  Fixing broken builds is the top priority!  Gamification to drive adoption  80% test coverage or BETTER  Challenges  LOTS of builds  False sense of security  Writing tests is hard
Purpose: Test component and/or external resource integration  Best Practices  Test connectivity with external resources  Test frameworks load correctly  Test application components work together  Test configuration  Fewer integration tests than unit tests  Challenges  External resources may not be available in all environments ○ Mock locally  Can be time consuming ○ Use local resources ○ Separate short/long running tests
Purpose: Use automated tools to inspect code  Best Practices  Check syntax  Find security vulnerabilities  Record test coverage  Discover complexity  Optional: Fail based on a metric  Optional: View technical debt  Challenges  Not all code analysis tools are free  Learning/installing new tools
Purpose: Label code and package as deployable Best Practices  Labeling allows you to go back in time  Packaging code for deployment  Reduce complexity by combining steps  NO configuration in package -> Package once, deploy multiple  Challenges  Labeling can be resource intensive  Many packaging options
Purpose: Make artifacts available for deployment or available to other teams  Best Practices  Publish a versioned artifact  Make repository available  Reduce complexity by combining steps  Challenges  Requires initial complex setup  Security requirements around exposing artifacts ○ Use a tool with security built-in like Nexus
Anatomy of a Build Pipeline
Repeatable, automated, process to ensure that our target environment is properly constructed for our application(s).
Purpose: Check syntax and compile prior to application  Puppet Lint – Static format checker for Puppet manifests  No-op Test Run – Ensure that manifest compiles  Challenges  Puppet-lint requires a ruby-based environment  No-op test needs production-like VM  Long feedback loop
Purpose: Test infrastructure in a prod-like environment  Puppet Apply –Puppet application against VM that mimics DEV/TEST/PROD  Infrastructure Tests – Test your environment!  Example tests:  Users and groups created  Packages installed  Services running  Firewall configured  Challenges  Long feedback loop  Yet another language (cucumber/rspec/other)  VM must be up to date with DEV/TEST/PROD
cucumber-puppet rspec-puppet Feature: Services require 'spec_helper' Scenario Outline: Service should be running and bind to describe 'logrotate::rule' do port let(:title) { 'nginx' } When I run `lsof -i :<port>` Then the output should match /<service>.*<user>/ it { should include_class('logrotate::rule') } Examples: it do | service | user | port | should contain_file('/etc/logrotate.d/nginx').with({ | master | root | 25 | 'ensure' => 'present', | apache2 | www-data | 80 | 'owner' => 'root', | dovecot | root | 110 | 'group' => 'root', | mysqld | mysql | 3306 | 'mode' => '0444', }) end http://projects.puppetlabs.com/projects/cucu end mber-puppet/wiki http://rspec-puppet.com/
Anatomy of a Build Pipeline
Repeatable, automated, process to ensure that our application is properly installed in the target environment and that the application meets acceptance criteria.
Purpose: Test acceptance criteria in a prod-like environment  Puppet Apply – Apply Puppet manifests including deploying application  Run Acceptance Tests – “End-to-end” testing  End-user perspective  Meets user-defined acceptance criteria  Possible tools: Cucumber, Selenium, Geb, Sikuli  Challenges  Maintain a production-like VM  Acceptance tests brittle ○ Test at the right level  Acceptance tests long running ○ Run nightly
Purpose: Label application and infrastructure code, deploy to DEV environment  Label Release Candidate – Known “accepted” versions will be deployed together  Deploy to DEV – Automated deployment  Infrastructure AND application  Challenges  DEV updating, not deployed from scratch ○ Create tests for ALL possible scenarios  Security ○ Work with security early and often!
Anatomy of a Build Pipeline
Simplified process to support streamlined deployments to TEST and PRODUCTION
Purpose: Enable the test team to pull the latest code  Pull-based deployment  Manual Testing/Approval  Challenges  Enabling test team is a paradigm shift  Producing changes too fast ○ Create good release notes ○ Not every build needs manual testing
Purpose: Enable operations team to pull the latest code into production  “Push-button” deployment to production  Requires testing approval  Challenges  Audit/security check before deployment ○ Discuss with operations ○ Automate as much as possible and prudent  Paradigm shift for operations, TOO EASY! ○ Engage the operations team as early and often  Rollback/Roll forward strategy ○ Easier with RPM‟s, I prefer roll forward
 Remove human error  Repeatability tests and improves the process  Visibility from code to deployment  Baked-in quality  Metrics, metrics, metrics  Rapid and constant feedback  Releases are non-events
Why do we store old/obsolete versions?  Rollback  Auditing  History?  Any other reason? My view: Store only the latest build and current production release  Bugs fixed in latest version  (Almost) impossible to reproduce environments  Version control has history Exception: Other teams dependent on a previous version  Store major/minor revisions Reasoning: In a continuous delivery environment, delivering frequently allows you to keep moving forward with new features AND bug fixes!
 Put EVERYTHING in version control  Start simple, up your unit test coverage.  Analyze your code in order to focus  Install CI and start with two build steps  Start and maintain a wiki  And lastly…
Anatomy of a Build Pipeline
 samuel.brown@excella.com  @SamuelBrownIV  http://github.com/samueltbrown  http://www.linkedin.com/pub/samuel-brown/3/715/352

More Related Content

What's hot (20)

PDF
Anatomy of a Continuous Integration and Delivery (CICD) Pipeline
Robert McDermott
 
PDF
DevOps@Morpho for ParisDevOps - 2nd of December 2014
Jean-Charles JOREL
 
PPTX
Jenkins - From Continuous Integration to Continuous Delivery
Virendra Bhalothia
 
PDF
PuppetConf 2016: Continuous Delivery and DevOps with Jenkins and Puppet Enter...
Puppet
 
PDF
From Continuous Integration to Continuous Delivery with Jenkins - javaland.de...
CloudBees
 
PDF
Introduction to CICD
Knoldus Inc.
 
PDF
Docker Enables DevOps
Boyd Hemphill
 
PDF
CI CD Pipeline Using Jenkins | Continuous Integration and Deployment | DevOps...
Edureka!
 
PPTX
SkyBase - a Devops Platform for Hybrid Cloud
Vlad Kuusk
 
PDF
Scaling Jenkins
Udaypal Aarkoti
 
PDF
Enterprise CI as-a-Service using Jenkins
CollabNet
 
PDF
Introduction to DevOps Tools | DevOps Training | DevOps Tutorial for Beginner...
Edureka!
 
PPTX
CI/CD
AmitDhodi
 
PPTX
Continuous integration using jenkins
Vinay H G
 
PDF
Continuous Testing
Crevise Technologies
 
PPTX
Transforming Organizations with CI/CD
Cprime
 
PPTX
SanDiego_DevOps_Meetup_9212016-v8
Rajwinder Singh
 
PDF
Analyze This! CloudBees Jenkins Cluster Operations and Analytics
CloudBees
 
PDF
What is Jenkins | Jenkins Tutorial for Beginners | Edureka
Edureka!
 
PDF
Seminar continuous delivery 19092013
Joris De Winne
 
Anatomy of a Continuous Integration and Delivery (CICD) Pipeline
Robert McDermott
 
DevOps@Morpho for ParisDevOps - 2nd of December 2014
Jean-Charles JOREL
 
Jenkins - From Continuous Integration to Continuous Delivery
Virendra Bhalothia
 
PuppetConf 2016: Continuous Delivery and DevOps with Jenkins and Puppet Enter...
Puppet
 
From Continuous Integration to Continuous Delivery with Jenkins - javaland.de...
CloudBees
 
Introduction to CICD
Knoldus Inc.
 
Docker Enables DevOps
Boyd Hemphill
 
CI CD Pipeline Using Jenkins | Continuous Integration and Deployment | DevOps...
Edureka!
 
SkyBase - a Devops Platform for Hybrid Cloud
Vlad Kuusk
 
Scaling Jenkins
Udaypal Aarkoti
 
Enterprise CI as-a-Service using Jenkins
CollabNet
 
Introduction to DevOps Tools | DevOps Training | DevOps Tutorial for Beginner...
Edureka!
 
CI/CD
AmitDhodi
 
Continuous integration using jenkins
Vinay H G
 
Continuous Testing
Crevise Technologies
 
Transforming Organizations with CI/CD
Cprime
 
SanDiego_DevOps_Meetup_9212016-v8
Rajwinder Singh
 
Analyze This! CloudBees Jenkins Cluster Operations and Analytics
CloudBees
 
What is Jenkins | Jenkins Tutorial for Beginners | Edureka
Edureka!
 
Seminar continuous delivery 19092013
Joris De Winne
 

Similar to Anatomy of a Build Pipeline (20)

PDF
Tips to achieve continuous integration/delivery using HP ALM, Jenkins, and S...
Skytap Cloud
 
PPTX
Cerberus_Presentation1
CIVEL Benoit
 
PPTX
Cerberus : Framework for Manual and Automated Testing (Web Application)
CIVEL Benoit
 
PDF
Bay Area Chef Meetup February
Jessica DeVita
 
PDF
Getting to Walk with DevOps
Eklove Mohan
 
PPTX
Achieving DevOps Success with Chef Automate
Chef
 
PDF
Containerization Strategy
Balaji Mariyappan
 
PPTX
A Bit of Everything Chef
Mandi Walls
 
PDF
Práticas, Técnicas e Ferramentas para Continuous Delivery com ALM
Marcelo Sousa Ancelmo
 
PPTX
Wellington MuleSoft Meetup 2021-02-18
Mary Joy Sabal
 
PPTX
Continuous Delivery with a PaaS Application
Mark Rendell
 
PDF
DevSec Delight with Compliance as Code - Matt Ray - AgileNZ 2017
AgileNZ Conference
 
PDF
DevOpsDays Singapore - Continuous Auditing with Compliance as Code
Matt Ray
 
PDF
Modernizing Testing as Apps Re-Architect
DevOps.com
 
PPT
How to Build and Maintain Quality Drupal Sites with Automated Testing
Acquia
 
PDF
Strengthen and Scale Security for a dollar or less
Mohammed A. Imran
 
PDF
Strengthen and Scale Security Using DevSecOps - OWASP Indonesia
Mohammed A. Imran
 
PDF
Simplified DevOps Bliss -with OpenAI API
VictorSzoltysek
 
PPTX
DevOps, A brief introduction to Vagrant & Ansible
Arnaud LEMAIRE
 
DOCX
Amardeep qa test_automation_cv
FNU Amardeep
 
Tips to achieve continuous integration/delivery using HP ALM, Jenkins, and S...
Skytap Cloud
 
Cerberus_Presentation1
CIVEL Benoit
 
Cerberus : Framework for Manual and Automated Testing (Web Application)
CIVEL Benoit
 
Bay Area Chef Meetup February
Jessica DeVita
 
Getting to Walk with DevOps
Eklove Mohan
 
Achieving DevOps Success with Chef Automate
Chef
 
Containerization Strategy
Balaji Mariyappan
 
A Bit of Everything Chef
Mandi Walls
 
Práticas, Técnicas e Ferramentas para Continuous Delivery com ALM
Marcelo Sousa Ancelmo
 
Wellington MuleSoft Meetup 2021-02-18
Mary Joy Sabal
 
Continuous Delivery with a PaaS Application
Mark Rendell
 
DevSec Delight with Compliance as Code - Matt Ray - AgileNZ 2017
AgileNZ Conference
 
DevOpsDays Singapore - Continuous Auditing with Compliance as Code
Matt Ray
 
Modernizing Testing as Apps Re-Architect
DevOps.com
 
How to Build and Maintain Quality Drupal Sites with Automated Testing
Acquia
 
Strengthen and Scale Security for a dollar or less
Mohammed A. Imran
 
Strengthen and Scale Security Using DevSecOps - OWASP Indonesia
Mohammed A. Imran
 
Simplified DevOps Bliss -with OpenAI API
VictorSzoltysek
 
DevOps, A brief introduction to Vagrant & Ansible
Arnaud LEMAIRE
 
Amardeep qa test_automation_cv
FNU Amardeep
 
Ad

Recently uploaded (20)

PPTX
AI Penetration Testing Essentials: A Cybersecurity Guide for 2025
defencerabbit Team
 
PDF
July Patch Tuesday
Ivanti
 
PDF
LLMs.txt: Easily Control How AI Crawls Your Site
Keploy
 
PPTX
Q2 FY26 Tableau User Group Leader Quarterly Call
lward7
 
PDF
Complete JavaScript Notes: From Basics to Advanced Concepts.pdf
haydendavispro
 
PDF
The Builder’s Playbook - 2025 State of AI Report.pdf
jeroen339954
 
PDF
DevBcn - Building 10x Organizations Using Modern Productivity Metrics
Justin Reock
 
PDF
Jak MŚP w Europie Środkowo-Wschodniej odnajdują się w świecie AI
dominikamizerska1
 
PDF
Agentic AI lifecycle for Enterprise Hyper-Automation
Debmalya Biswas
 
PDF
Presentation - Vibe Coding The Future of Tech
yanuarsinggih1
 
PDF
Blockchain Transactions Explained For Everyone
CIFDAQ
 
PDF
Bitcoin for Millennials podcast with Bram, Power Laws of Bitcoin
Stephen Perrenod
 
PDF
Exolore The Essential AI Tools in 2025.pdf
Srinivasan M
 
PDF
Timothy Rottach - Ramp up on AI Use Cases, from Vector Search to AI Agents wi...
AWS Chicago
 
PDF
CIFDAQ Token Spotlight for 9th July 2025
CIFDAQ
 
PDF
NewMind AI - Journal 100 Insights After The 100th Issue
NewMind AI
 
PDF
Python basic programing language for automation
DanialHabibi2
 
PDF
Transcript: New from BookNet Canada for 2025: BNC BiblioShare - Tech Forum 2025
BookNet Canada
 
PDF
[Newgen] NewgenONE Marvin Brochure 1.pdf
darshakparmar
 
PDF
Fl Studio 24.2.2 Build 4597 Crack for Windows Free Download 2025
faizk77g
 
AI Penetration Testing Essentials: A Cybersecurity Guide for 2025
defencerabbit Team
 
July Patch Tuesday
Ivanti
 
LLMs.txt: Easily Control How AI Crawls Your Site
Keploy
 
Q2 FY26 Tableau User Group Leader Quarterly Call
lward7
 
Complete JavaScript Notes: From Basics to Advanced Concepts.pdf
haydendavispro
 
The Builder’s Playbook - 2025 State of AI Report.pdf
jeroen339954
 
DevBcn - Building 10x Organizations Using Modern Productivity Metrics
Justin Reock
 
Jak MŚP w Europie Środkowo-Wschodniej odnajdują się w świecie AI
dominikamizerska1
 
Agentic AI lifecycle for Enterprise Hyper-Automation
Debmalya Biswas
 
Presentation - Vibe Coding The Future of Tech
yanuarsinggih1
 
Blockchain Transactions Explained For Everyone
CIFDAQ
 
Bitcoin for Millennials podcast with Bram, Power Laws of Bitcoin
Stephen Perrenod
 
Exolore The Essential AI Tools in 2025.pdf
Srinivasan M
 
Timothy Rottach - Ramp up on AI Use Cases, from Vector Search to AI Agents wi...
AWS Chicago
 
CIFDAQ Token Spotlight for 9th July 2025
CIFDAQ
 
NewMind AI - Journal 100 Insights After The 100th Issue
NewMind AI
 
Python basic programing language for automation
DanialHabibi2
 
Transcript: New from BookNet Canada for 2025: BNC BiblioShare - Tech Forum 2025
BookNet Canada
 
[Newgen] NewgenONE Marvin Brochure 1.pdf
darshakparmar
 
Fl Studio 24.2.2 Build 4597 Crack for Windows Free Download 2025
faizk77g
 
Ad

Anatomy of a Build Pipeline

  • 1. Sam Brown [email protected] November 7, 2012
  • 2. Thanks to Mike McGarr and Excella Consulting for hosting!!
  • 3. Sam Brown  11+ Years as a Java developer with commercial and federal clients  Practicing continuous integration/continuous delivery for ~6 years  DevOps Evangelist at Excella (www.excella.com)  Certified Scrum Master  Puppet Certified Professional
  • 4. Basic components of an automated enterprise  Continuous integration  Dependency management  Automated build tools to build...  Shared API libraries  Custom web applications  Products
  • 5. “The purpose of a pipeline is to transport some resource from point A to point B quickly and effectively with minimal upkeep or attention required once built” – me So how did „pipelines‟ get applied to software? Let‟s try a few changes to this statement... “The purpose of a pipeline is to transport from to quickly and effectively with minimal upkeep or attention required once built” – me
  • 6. Build pipelines require measurements and verification of the code to ensure:  Adherence to standards  Quality proven through testing  A product that meets user‟s needs The purpose is not just transport, but to ensure that our product is high-quality, prepared for the environment it will reach, and satisfies the end-user.
  • 7. “An automated manifestation of the process required to get your team’s application code to the end-user, typically implemented via continuous integration server, with emphasis on eliminating defects” – me (again)
  • 8.  …in fact, NONE ARE!  Build pipelines will vary as much as applications  Different teams have different needs  Simplicity is key One Size Fits All!
  • 10. Repeatable, automated, process to ensure that application code is tested, analyzed, and packaged for deployment.
  • 11.  System of record  Just do it!  Take advantage of commit hooks  Build from trunk and reduce server-side branches  Tag often  Don‟t check in broken code!
  • 12. Purpose: Integrate, build and unit test code for quick feedback  Best Practices  Runs in under 10 minutes (rapid feedback)  Unit tests do not require external resources  Run on EVERY developer check-in  Fixing broken builds is the top priority!  Gamification to drive adoption  80% test coverage or BETTER  Challenges  LOTS of builds  False sense of security  Writing tests is hard
  • 13. Purpose: Test component and/or external resource integration  Best Practices  Test connectivity with external resources  Test frameworks load correctly  Test application components work together  Test configuration  Fewer integration tests than unit tests  Challenges  External resources may not be available in all environments ○ Mock locally  Can be time consuming ○ Use local resources ○ Separate short/long running tests
  • 14. Purpose: Use automated tools to inspect code  Best Practices  Check syntax  Find security vulnerabilities  Record test coverage  Discover complexity  Optional: Fail based on a metric  Optional: View technical debt  Challenges  Not all code analysis tools are free  Learning/installing new tools
  • 15. Purpose: Label code and package as deployable Best Practices  Labeling allows you to go back in time  Packaging code for deployment  Reduce complexity by combining steps  NO configuration in package -> Package once, deploy multiple  Challenges  Labeling can be resource intensive  Many packaging options
  • 16. Purpose: Make artifacts available for deployment or available to other teams  Best Practices  Publish a versioned artifact  Make repository available  Reduce complexity by combining steps  Challenges  Requires initial complex setup  Security requirements around exposing artifacts ○ Use a tool with security built-in like Nexus
  • 18. Repeatable, automated, process to ensure that our target environment is properly constructed for our application(s).
  • 19. Purpose: Check syntax and compile prior to application  Puppet Lint – Static format checker for Puppet manifests  No-op Test Run – Ensure that manifest compiles  Challenges  Puppet-lint requires a ruby-based environment  No-op test needs production-like VM  Long feedback loop
  • 20. Purpose: Test infrastructure in a prod-like environment  Puppet Apply –Puppet application against VM that mimics DEV/TEST/PROD  Infrastructure Tests – Test your environment!  Example tests:  Users and groups created  Packages installed  Services running  Firewall configured  Challenges  Long feedback loop  Yet another language (cucumber/rspec/other)  VM must be up to date with DEV/TEST/PROD
  • 21. cucumber-puppet rspec-puppet Feature: Services require 'spec_helper' Scenario Outline: Service should be running and bind to describe 'logrotate::rule' do port let(:title) { 'nginx' } When I run `lsof -i :<port>` Then the output should match /<service>.*<user>/ it { should include_class('logrotate::rule') } Examples: it do | service | user | port | should contain_file('/etc/logrotate.d/nginx').with({ | master | root | 25 | 'ensure' => 'present', | apache2 | www-data | 80 | 'owner' => 'root', | dovecot | root | 110 | 'group' => 'root', | mysqld | mysql | 3306 | 'mode' => '0444', }) end http://projects.puppetlabs.com/projects/cucu end mber-puppet/wiki http://rspec-puppet.com/
  • 23. Repeatable, automated, process to ensure that our application is properly installed in the target environment and that the application meets acceptance criteria.
  • 24. Purpose: Test acceptance criteria in a prod-like environment  Puppet Apply – Apply Puppet manifests including deploying application  Run Acceptance Tests – “End-to-end” testing  End-user perspective  Meets user-defined acceptance criteria  Possible tools: Cucumber, Selenium, Geb, Sikuli  Challenges  Maintain a production-like VM  Acceptance tests brittle ○ Test at the right level  Acceptance tests long running ○ Run nightly
  • 25. Purpose: Label application and infrastructure code, deploy to DEV environment  Label Release Candidate – Known “accepted” versions will be deployed together  Deploy to DEV – Automated deployment  Infrastructure AND application  Challenges  DEV updating, not deployed from scratch ○ Create tests for ALL possible scenarios  Security ○ Work with security early and often!
  • 27. Simplified process to support streamlined deployments to TEST and PRODUCTION
  • 28. Purpose: Enable the test team to pull the latest code  Pull-based deployment  Manual Testing/Approval  Challenges  Enabling test team is a paradigm shift  Producing changes too fast ○ Create good release notes ○ Not every build needs manual testing
  • 29. Purpose: Enable operations team to pull the latest code into production  “Push-button” deployment to production  Requires testing approval  Challenges  Audit/security check before deployment ○ Discuss with operations ○ Automate as much as possible and prudent  Paradigm shift for operations, TOO EASY! ○ Engage the operations team as early and often  Rollback/Roll forward strategy ○ Easier with RPM‟s, I prefer roll forward
  • 30.  Remove human error  Repeatability tests and improves the process  Visibility from code to deployment  Baked-in quality  Metrics, metrics, metrics  Rapid and constant feedback  Releases are non-events
  • 31. Why do we store old/obsolete versions?  Rollback  Auditing  History?  Any other reason? My view: Store only the latest build and current production release  Bugs fixed in latest version  (Almost) impossible to reproduce environments  Version control has history Exception: Other teams dependent on a previous version  Store major/minor revisions Reasoning: In a continuous delivery environment, delivering frequently allows you to keep moving forward with new features AND bug fixes!
  • 32.  Put EVERYTHING in version control  Start simple, up your unit test coverage.  Analyze your code in order to focus  Install CI and start with two build steps  Start and maintain a wiki  And lastly…
  • 34. [email protected]  @SamuelBrownIV  http://github.com/samueltbrown  http://www.linkedin.com/pub/samuel-brown/3/715/352

Editor's Notes

  • #4: 11+ Years as a Java developer6 years Practicing continuous integration/continuous deliveryDevOps Evangelist CSMPuppet Certified
  • #5: Some assumptions about enterprises tackling automationThey possess some standard components to automate building shared API’s, products and/or custom web applicationsBuilding software is mostly at a very micro level when viewed through the enterpriseIgnoring business logic, there are still a LOT of places software could fail in this view
  • #8: Eliminate defects in:The processThe product
  • #9: …in fact, NONE ARE!Build pipelines varyDifferent teams, different needsStart simply
  • #10: Our use-case Pipeline- Building a web-services based web application- Has an environment build- Fork/Join- Does NOT flow all of the way to Production
  • #12: System of RecordJust use it!Commit HooksBuild trunkTag often (cheap)No broken code
  • #13: Under 10 minNo external resourcesEvery checkinFix broken builds80% coverageChallenges:Logs of buildsFalse securityWriting tests is hard
  • #14: Test connectivityTest frameworksTest componentsTest configFewer tests than unitChallenges:External resourcesTime consumingLocal resourcesSplit tests
  • #15: Check syntaxFind security issuesRecord test coverageDiscover complexity and areas of focusFail based on some metric not metCheck out technical debtChallengesFinding a free toolLearning/integrating these tools
  • #16: Labeling snapshots your codePackage for easier deploymentSteps can be combinedNo config in package!ChallengesLabeling may create copies of code baseMany packaging options (RPM)
  • #17: Make artifacts availableAlways versionMake repo available to allCombine stepsChallenges:Complex setupSecurity challenges exposing artifacts
  • #18: Our use-case Pipeline- Building a web-services based web application- Has an environment build- Fork/Join- Does NOT flow all of the way to Production
  • #19: Infastructure as code!- Puppet, Chef, cfengine, batch scripts should all be in version control just like application code
  • #20: Check infrastructure language syntaxNo-op checks compile and a test runChallengesRequires rubyNeeds a prod-like VMLong feedback loop
  • #21: Applying changes to prod-like VMRun tests to ensure infrastructure is readyChallengesLong feedback loopAnother language to learnUp to date VM needed
  • #23: Our use-case Pipeline- Building a web-services based web application- Has an environment build- Fork/Join- Does NOT flow all of the way to Production
  • #25: Bringing sub-lines together for full runTest that application runsEnd to EndEnd user perspectiveMeets criteriaChallengesUp to date VMBrittle acceptance testsLong running tests
  • #26: Label/Tag infrastructure and code, they go together!Deploy to DEV for additional developer testingTest things that can’t be automated?ChallengesDEV is updating here, should it start from scratch?Security!Is a DEV deployment necessary? Where else could this apply?
  • #27: Our use-case Pipeline- Building a web-services based web application- Has an environment build- Fork/Join- Does NOT flow all of the way to Production
  • #28: Flipped which side seems simple and which side seems hard!
  • #29: Pull-based deploymentManual testing and approvalChallenges:Change in process/paradigmNot every build needs manual testing! Mind shift!
  • #30: Push button to production – SCARY!Requires test aprovalChallengesAuditing/Security – where does this happen? (Automate, collaborate)Change for operations (this is too easy)Rollback/Roll-forward strategy (RPM’s make this easier, my preference)
  • #31: Remove manual processes and human errorRepeatability to test and improve the build processVisibility for the entire teamQuality is “baked in”Metrics on anything you want to measure to gain insightRapid and constant feedback at all stagesReleases become non –events (hopefully)
  • #32: Why do we keep reems of versions? Are we going back? Auditing?My view Store the latest build and current production release ONLYBugs fixed in next deployment Environments are difficult to reproduceVersion control has your historyException might be creating API’sFrequent delivery allows you to continue pushing forward instead of looking backwards
  • #33: Version controlStart simple with unit test coverageAnalyze your code -&gt; Shows you where to focus effortInstall CI and start with 2 build stepsSTART A WIKI!!