adam's notes

Continuous Integration–Continuous Delivery (CI-CD)

Continuous Integration–Continuous Delivery (CI-CD) pipeline is an automated DevOps workflow that streamlines the software delivery process.

  • key aspect is automation to ensure code quality
  • automation performs quality control
    • assesses performance, APIs, and security

CI/CD Pipeline vs CI/CD

  • CI/CD pipeline is the agile DevOps workflow
  • CI/CD is the combined practice of continuous integration and continuous delivery
  • CI/CD streamlines:
    • application code
    • testing
    • development processes

Benefits of CI/CD Pipeline

  • allows DevOps teams to write code, integrate it, run tests, deliver releases, and deploy changes to software collaboratively and in real-time
  • Automation of software releases
  • Reduced deployment time
    • automated testing
    • continuous deployment and automated provisioning allow changes to go live in minutes
  • Decreased cost
    • faster development means less time spent
    • results in reduced cost
  • Continuous feedback loop
    • continuous cycle
      • build, test, deploy
    • enable devs to act quickly
  • Early error detection
    • in continuous integration, testing is automated to look for issues in integration
  • Reduced downtime and enhanced reliability
    • automated rollbacks for deployment failures, bugs, performance issues
  • Improved team collaboration and system integration
    • all team members can change code, respond to feedback and issues
    • single repo

How it Works

  • CI/CD pipeline consists of 3 connected methodologies:
    • Continuous integration
    • Continuous delivery
    • Continuous deployment

Continuous Integration

Continuous integration (CI) is a software development practice in which developers regularly integrate new code and code changes into a central code repository throughout the development cycle.

  • central code repo is managed by a version control system (VCS)
  • allows devs to work independently
    • create own branch to implement changes
  • individual work is then pushed to an automated system
    • uses scripts to build and test the code changes
  • CI server then compiles source code changes into the main branch
  • enables frequent submission of code changes

Continuous Delivery

Continuous delivery (CD) automates the progress of software code changes through testing and eventual release into production.

  • puts validated code changes into select environments or code repositories
  • code moves through multiple production-like environments (QA, staging, etc.) for testing
  • software and APIs are tested and errors resolved through an automated process
  • goal is to deploy new code with minimal effort, but allow for human oversight

Continuous Deployment

Continuous deployment (CD) is a strategy in software development where code changes to an application are released automatically into the production environment.

  • once code changes are approved from delivery, it is deployed to production via automation
    • no human intervention

Machine Learning Pipeline

A machine learning pipeline is a series of interconnected data processing and modeling steps designed to automate, standardize and streamline the process of building, training, evaluating and deploying machine learning models.

  • integrate with DevOps practices to enable CI/CD of machine learning models
    • called machine learning operations (MLOps)

Stages of CI/CD

  • Build
    • involves creating and compiling code
    • teams build off source code collaboratively and integrate new code quickly to resolve conflicts
  • Test
    • automated tests occur
      • integration test, unit test, regression tests
  • Deliver
    • approved codebase is sent to a production environment
      • only automated after dev approval
    • code is sent to repositories then moved into production or deployment by human
  • Deploy
    • changes are deployed to production
    • unlike continuous delivery, this is fully automated

CI/CD Security

CI/CD security focuses on practices, processes, and technologies that implement and manage security and compliance measures across the CI/CD pipeline.

  • DevSecOps automates integrating security practices into the pipeline
    • shift-left testing
      • involves integrating security testing earlier in the SDLC
    • shift-right testing
      • involves testing later in development, usually in prod
    • spreads testing across SDLC

Tools

  • Jenkins
    • automated CI server written in Java
  • Travis CI
  • CircleCI
  • All major cloud providers offer cloud-based CI/CD toolchains
  • In cloud environments, applications are packaged and shipped in containers
    • Docker for containers
    • Kubernetes for container orchestration

Graph View

Backlinks