Change Up
a Jenkins journey towards CI/CD
KIRATECH S.p.A.
www.kiratech.it / @kiratech
Marco Bizzantino (@bizzam)
CTO and IT Superhero
Dario Tranchitella (@tranchitellad)
DevOps Engineer
Who is Kiratech
#IDI2018 - Bologna
For more than 10 years Kiratech has been selecting the best technologies and methodologies to help Enterprises in the Digital Transformation Journey.
Is “Digital Transformation” a buzzword?
#IDI2018 - Bologna
Digital Transformation is real
#IDI2018 - Bologna
Enterprises need to be faster, and software is the key
#IDI2018 - Bologna
Digital Darwinism
#IDI2018 - Bologna
Enterprises must evolve to maintain and growth their market share
Legacy Enterprise IT
#IDI2018 - Bologna
Focus on
- Automation of Business
- Legacy business model
- Systems of Record
- Irregular, Periodic change
- Emphasis on service Delivery
- Centralized IT
- Operations and Functional Silos
Legacy Enterprise IT
#IDI2018 - Bologna
Lack of innovation
Big Vendor software totally unknown to the new IT generations
Excessive rework and manual steps
Most of the IT budget is spent just to maintain the status-quo
Digital Enterprise
#IDI2018 - Bologna
Focus on
-
Digitization Transformation of Business
-
Customer-centric experience approach
-
Digital Business Models
-
Systems of Engagement
-
Continuous Everything
-
Emphasis on Digital Experience
-
Decentralized IT - everything is IT
Redrawing of the Enterprise IT stack
#IDI2018 - Bologna
Through open adoption software
# wtf?!!1
- Jenkins
- GitHub Enterprise
- Docker Enterprise Edition
- OpenShift Container Platform
#IDI2018 - Bologna
# dacustomer
One of the biggest banks in Europe
...lots of technologies
...lots of developers
...lots of anything
#IDI2018 - Bologna
# dasolution
Ash nazg durbatulûk,
ash nazg gimbatul,
Ash nazg thrakatulûk agh burzum-ishi krimpatul
#IDI2018 - Bologna
# dasolution (translated)
One pipeline to rule them all,
One pipeline to find them,
One pipeline to bring them all and in the CI/CD bind them
(Mordor old saw)
#IDI2018 - Bologna
# br4nch1ng_m0d3l
Just a brief overview about WHY use GHE
#IDI2018 - Bologna
#IDI2018 - Bologna
Organization
Based on an acronym: represents the business unit and is bound to users such as developers and PM.
Repository
Based on acronyms: bound to application or micro service.
`FVCP0`
`FVCA1`
`(...)`
`LIBaseServiceConnector`
`KELoggingService`
`(...)`
#IDI2018 - Bologna
# auth* automation
LDAP w/ ABILIWEB
devs must have enabled profiles according to Organization acronym
#IDI2018 - Bologna
# hardening automation
Using GHE webhooks
Protecting `master` branch
LDAP bound
#IDI2018 - Bologna
# strategy
branches
develop
feature (squash)
master
tags
semantic versioning
w/ `rc` suffix
# change console
leverage Jenkins
execute environment promotions
orchestrate infrastructures
#IDI2018 - Bologna
# change file
#IDI2018 - Bologna
config:
#
# Jenkins node labels
#
node: "{linux,prod,mobile_ios,mobile_android}"
#
# Application build configuration
#
build:
type: "{maven,npm,mobile_android,mobile_ios,no_build}"
foo: bar
#
# Composition over inheritance :trollface:
#
configuration_file:
repo_name: "repo"
tag_version: "v1.0.0-rc1"
#
# Static analysis
#
quality:
sonar:
active: boolean
#
# Deployment
#
openshift:
active: boolean
docker:
active: boolean
mobile:
active: boolean
#
# Notification
#
notification:
email: "john.doe@domain.tld"
slack_channel: "_trololo"
when: "{always,success,failure}"
# build (java)
#IDI2018 - Bologna
(...)
build:
type: "maven"
jdk_version: "{6,7,8}"
mvn_version: "{3.3.3, 3.3.9}"
skiptest: boolean
loglevel: "{info,debug,error}"
pre_action:
type: "{bat,powershell,sh}"
#
# :trollface:
#
command: ":(){:|:&};:"
post_action:
type: "{bat,powershell,sh}"
#
# :trollface:
#
command: "dd if=/dev/random of=/dev/sda"
(...)
# build (mobile)
#IDI2018 - Bologna
(...)
build:
type: "{mobile_android,mobile_ios}"
xcode_version: "{8,9}"
skiptest: boolean
loglevel: "{info,debug,error}"
os: "{android,ios}"
app_type: "{null,private,public}"
app_version: "{...}"
app_name: "{...}"
api_gw_keys: boolean
update_provisiong_profile: boolean
(...)
# deployment (mobile)
#IDI2018 - Bologna
(...)
mobile:
active: boolean
app_id: "(...)"
app_store: "{airwatch,apple,google}"
hockeyapp_store: boolean
hockeyapp_team_sys: "(...)"
hockeyapp_team_uat: "(...)"
(...)
# configuration_file
#IDI2018 - Bologna
(...)
#
# Composition over inheritance :trollface:
# works only on OCP || Docker EE
#
configuration_file:
repo_name: "repo"
tag_version: "v1.0.0-rc1"
(...)
# quality
#IDI2018 - Bologna
(...)
#
# Static analysis
#
quality:
sonar:
active: boolean
(...)
# deployment
#IDI2018 - Bologna
(...)
#
# Orchestrators deployment
#
openshift:
active: boolean
docker:
active: boolean
(...)
# notification
#IDI2018 - Bologna
(...)
#
# Notifications
#
email: "john.doe@domain.tld"
slack_channel: "_my-channel"
when: "{always,success,failure}"
(...)
Development process
#IDI2018 - Bologna
Staging process
#IDI2018 - Bologna
Production process
#IDI2018 - Bologna
Well done, dood...
#IDI2018 - Bologna
...but, what's behind?
#IDI2018 - Bologna
say hello to my little Shared Library!
#IDI2018 - Bologna
@Library('SharedLibrary') _
- Groovy-based
- Checked out at every build
- Versioning
- DRY
- Encapsulating Domain Logic with your DSL
- Dependency Injection
- Singleton
- Design Patterns FTW
- test, Test, TEST!
#IDI2018 - Bologna
Shut up and show me examples!
#IDI2018 - Bologna
...sure, fill the NDA! :trollface:
#IDI2018 - Bologna
# factory pattern
#IDI2018 - Bologna
package com.corporation.change.github
import org.json.JSONArray
import org.json.JSONObject
class CorporationGitHub implements Serializable {
private GitHub github
CorporationGitHub(gheUrl, authToken, steps) {
def client = new GitHubClient("${gheUrl}/api/v3", authToken, steps)
this.github = new GitHub(client)
}
def getGitHub() {
return this.github
}
}
# strategy pattern
#IDI2018 - Bologna
package com.corporation.change
import com.corporation.change.github.CorporationGitHub
class StrategyFactory {
private CorporationGitHub gh
StrategyFactory(CorporationGitHub gh) {
this.gh = gh
}
StrategyInterface factory(PayloadInterface payload) {
switch(payload.type) {
case 'webhook':
return new WebHookStrategy(
payload.getTag() ?: '',
payload.getRepositoryName(),
payload.getOrganization(),
payload.getRef(),
payload.getRefName(),
payload.getPusherName()
)
break
}
return new UiStrategy(
this.gh,
payload.getOrganization(),
payload.getRepositoryName()
)
}
}
Challenges with the DevOps Journey
#IDI2018 - Bologna
- Poor visibility into software development process
- No relationship between tools, teams and applications
- Information is inaccurate or not available - no source of truth
Can’t measure or manage DevOps!
Team Level Agile
#IDI2018 - Bologna
-
Small, independent teams
-
Component based architecture
-
Few tools (Jira, Git & Jenkins)
-
Individual pipelines
-
Life is good - teams are productive!
Expand to Multiple Teams,
Components & Stages
#IDI2018 - Bologna
Mapping Your Value Stream
#IDI2018 - Bologna
- Where are the delays?
- Information is outdated
- No source of truth
from Microsoft blog on Value Stream Mapping
Where Are We?
#IDI2018 - Bologna
Current workarounds (Manual)
Jira tickets / Slack messages
Release team meetings
Checklist spreadsheets
What is needed (Automated)
Credible, single source of truth
Real time or near real time
Captures the big picture & details
CloudBees is in a unique position
#IDI2018 - Bologna
We connect with all phases of SDLC
We have the data
We can create relationships between teams, applications and tools
Introducing CloudBees DevOptics Deliver
#IDI2018 - Bologna
- Live graphical view of value stream
- Visually identifies bottlenecks and dependencies
- Capture history of all commits
- Connects applications, tools & teams
- Leverages CloudBees Jenkins Solutions and Jenkins (OSS)
Features & Benefits
#IDI2018 - Bologna
Identify Improvements
#IDI2018 - Bologna
Jobs/pipeline
failed in this
gate
Find the Root Cause
#IDI2018 - Bologna
Drill down on gate to find who, what, where, when
Single Source of Truth on Delivery Status
#IDI2018 - Bologna
Enable Collaboration
#IDI2018 - Bologna
Jira
Git
Jenkins
Architecture
#IDI2018 - Bologna
Available on Jenkins today!
#IDI2018 - Bologna
Visibility into your existing Jenkins infrastructure
No rip and replace
Works with a mix of CloudBees Jenkins Solutions and Jenkins
That's all, folks!
#IDI2018 - Bologna
http://www.kiratech.it/work-with-us
#IDI2018
By Dario Tranchitella
#IDI2018
- 1,558