Warning | ||
---|---|---|
| ||
This page is now hosted on https://odp.finos.org/docs/development-infrastructure/continuous-delivery/ |
Continuous Delivery (CD) allows project leads and committers to configure automated processes to build and deploy their software. FINOS provides a dedicated OpenShift instance that can be used for this purpose.
...
In order to configure Continuous Delivery, the project must meet few requirements and some configuration must be defined.
- Get familiar with OpenShift concepts; keep in mind that most of them are inherited by Kubernetes, which is the orchestration engine used by OpenShift.
- Memory (size) and CPU (number) requirements must be known upfront
- The deployment strategy must be known upfront; default is RollingDeployment, which spins up a new container in parallel to the existing one, switches traffic when the new one is ready and finally kills the existing one.
- Collect all passwords and secrets that are needed by the applications to run; the Foundation Staff will register these entries as secrets in OpenShift and deliver secret key references
- The build process MUST generate a folder that:
- MUST contain all the artifacts to run the application; for Maven builds, the assembly plugin can be used
- MUST contain a (Unix) run script; for Maven builds, the appassember plugin can generate it
- MUST NOT contain any password, secret or sensitive data (like emails, names, addresses, etc) in clear text; OpenShift secrets provide a safe way to manage them
- Follow the instructions below to define an OpenShift template called
.openshift-template.yaml
, in the root folder of the GitHub repository
...
- The deployment strategy, defaults to
Rolling
- The container configuration
- The
image
to use to create the container; this must match with the ImageStreamoutput
defined above - TCP/UDP
ports
to expose; in this case port8080
is open at container level - The
readinessProbe
detects if the container is unhealthy - Container environment variables can be defined in clear text (ie
LOG4J_FILE
) or loaded from a secret key reference; secrects are managed by the Foundation Staff and are normally used to manage credentials used to access the Open APIs provided by ODP.
- The
- The deployment configuration
trigger
, pointing to thelatest
tag of animage
called${BOT_NAME}
...