Uploaded image for project: 'SAFe Program'
  1. SAFe Program
  2. SP-3957

GitOps CI/CD workflow to improve the deployment of new services versions

Change Owns to Parent OfsSet start and due date...
    XporterXMLWordPrintable

Details

    • SRCnet
    • Hide

      By implementing a GitOps workflow for deploying new service versions, this feature is expected to significantly improve the agility and security of the deployment process. The adoption of GitOps principles ensures version-controlled and auditable changes, while the integration with Kubernetes deployment tools facilitates automated and consistent deployments. Vault management enhances security by safeguarding sensitive information, providing a comprehensive solution for managing the entire lifecycle of services. This feature is anticipated to reduce deployment errors, increase development velocity, and strengthen the overall reliability and security of service updates.  Most SRCs would take advantage of this feature to have highly manageable, production Kubernetes environments.

      Show
      By implementing a GitOps workflow for deploying new service versions, this feature is expected to significantly improve the agility and security of the deployment process. The adoption of GitOps principles ensures version-controlled and auditable changes, while the integration with Kubernetes deployment tools facilitates automated and consistent deployments. Vault management enhances security by safeguarding sensitive information, providing a comprehensive solution for managing the entire lifecycle of services. This feature is anticipated to reduce deployment errors, increase development velocity, and strengthen the overall reliability and security of service updates.  Most SRCs would take advantage of this feature to have highly manageable, production Kubernetes environments.
    • Hide

      AC1: One fully gitops-ified SRCNet service, together with the surrounding infrastructure dependencies, which will also be shared in a gitops-ified format:

      • Vault for secure handling of secrets. No secrets should be committed to the gitops repos.
      • Cert-manager for automatic generation and renewal of certificates.
      • External-dns for automatic domain management.

      AC2: Documentation describing best practices, as well as common procedures and operations (document at least how to perform installs, upgrades).

      AC3: A second site takes the git repos and documents and attempts to deploy the same SRCNet service + dependencies, documenting outcomes (whether the attempt is successful or not). Any encountered obstacles and limitations during the deployment are gathered in a document.

      Show
      AC1: One fully gitops-ified SRCNet service, together with the surrounding infrastructure dependencies, which will also be shared in a gitops-ified format: Vault for secure handling of secrets. No secrets should be committed to the gitops repos. Cert-manager for automatic generation and renewal of certificates. External-dns for automatic domain management. AC2 : Documentation describing best practices, as well as common procedures and operations (document at least how to perform installs, upgrades). AC3 : A second site takes the git repos and documents and attempts to deploy the same SRCNet service + dependencies, documenting outcomes (whether the attempt is successful or not). Any encountered obstacles and limitations during the deployment are gathered in a document.
    • Intra Program
    • 2
    • 2
    • 0
    • Team_CORAL
    • Sprint 5
    • Hide

       

      Internal demo: https://cloud.iaa.es/index.php/s/ngAS7d5Na3mfAgQ

       

      AC1: One fully gitops-ified SRCNet service

      https://confluence.skatelescope.org/display/SRCSC/COR-515+%5BGitOps%5D+CH-+Document++best+practices+and+procedures

       

      AC2: Documentation of best practices and procedures: https://confluence.skatelescope.org/display/SRCSC/COR-515+%5BGitOps%5D+CH-+Document++best+practices+and+procedures

      https://confluence.skatelescope.org/pages/viewpage.action?pageId=260735662

       

      AC3: A second site  

      https://confluence.skatelescope.org/pages/viewpage.action?pageId=265210453

       

      Demo in PI22:

      Demo: https://confluence.skatelescope.org/pages/viewpage.action?pageId=265846022

      Demo slides: https://docs.google.com/presentation/d/12WC5ztq9isBdoQVQDXnqHwGym7Ea-nKz5IvFOlg6D1c/edit?usp=sharing

       

      Show
        Internal demo: https://cloud.iaa.es/index.php/s/ngAS7d5Na3mfAgQ   AC1: One fully gitops-ified SRCNet service https://confluence.skatelescope.org/display/SRCSC/COR-515+%5BGitOps%5D+CH-+Document++best+practices+and+procedures   AC2: Documentation of best practices and procedures: https://confluence.skatelescope.org/display/SRCSC/COR-515+%5BGitOps%5D+CH-+Document++best+practices+and+procedures https://confluence.skatelescope.org/pages/viewpage.action?pageId=260735662   AC3 : A second site   https://confluence.skatelescope.org/pages/viewpage.action?pageId=265210453   Demo in PI22: Demo: https://confluence.skatelescope.org/pages/viewpage.action?pageId=265846022 Demo slides: https://docs.google.com/presentation/d/12WC5ztq9isBdoQVQDXnqHwGym7Ea-nKz5IvFOlg6D1c/edit?usp=sharing  
    • 23.3
    • Stories Completed, NFRS met, Demonstrated, Satisfies Acceptance Criteria, Accepted by FO

    • PI24 - UNCOVERED

    • PI21-PB

    Description

      This feature involves the implementation of a robust CI/CD pipeline for managing the deployment of new versions of services within a Kubernetes environment. This feature aims to leverage GitOps principles, integrating CI/CD workflows on Kubernetes, and incorporating Vault for secret management, reliability, and security of deploying updated service versions. The focus will be on seamless integration with Kubernetes deployment tools, ensuring a streamlined and automated process for releasing and updating services.

      Attachments

        Issue Links

          Child Of

          Epic - Created by Jira Software - do not edit or delete. Issue type for a big user story that needs to be broken down. SP-4870 Science Enabling v0.1 - Roadmap

          • Not Assigned - Priority is not assigned yet.
          • Implementing
          mentioned in

          Page Loading...

          Page Loading...

          Page Loading...

          Structure

            Activity

              People

                Jesus.Salgado Salgado, Jesus
                M.Parra Parra, Manuel
                Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Feature Progress

                  Story Point Burn-up: (100.00%)

                  Feature Estimate: 2.0

                  IssuesStory Points
                  To Do00.0
                  In Progress   00.0
                  Complete38.0
                  Total38.0

                  Dates

                    Created:
                    Updated:
                    Resolved:

                    Structure Helper Panel