How to design a modern CI/CD Pipeline

Ғылым және технология

Learn how I design CI/CD pipelines. in this video I diagram out the major components and considerations taken when creating pipelines for modern software companies.
Playlist: • DevOps - Whiteboarding...
If you are wondering about the diagraming software I used to create this video it's www.eraser.io (sponsor of this video)
View my diagram: app.eraser.io/workspace/UHFVA...
☕ Buy me a coffee: www.buymeacoffee.com/bradmorg
🛍️ Amazon Store (Homelab/KZread Setup): www.amazon.com/shop/devopsjou...
☁️ $200 Digital Ocean Cloud Credits: m.do.co/c/adc24155a741

Пікірлер: 61

  • @DevOpsJourney
    @DevOpsJourney8 ай бұрын

    View the diagram here: app.eraser.io/workspace/UHFVA30wF6pdEb2sgrWa

  • @hugoalbertobedolla7129

    @hugoalbertobedolla7129

    4 сағат бұрын

    I can't understand... why you have to build the image before testing? is it not supposed to work opposite: testing your code first, building the image after testing? that's because building the image spends time which, if the code under test fails, becomes a waste, so you end with a tagged image which is unusable. Let's distinguish: testing the code isn't equals to test the image: testing the code is simply the fact of proving the code works the way we expect it works, and, for this, the unit test must be implemented in such way that has no dependencies over external resources (i.e. databases, queues, etc) but is only a logical testing which supplies mock entities for isolating the code; testing the image is testing the application within the environment it is expected to work into, so is different to unit test the code, than testing the container from an integration point of view, because, when you test the container, you have to supply environment variables which fill the required definitions for making it work into a desired environment, but it has nothing to do with the code, because, at that point in time, the code must be proven to work. That's my point of view so I would love any feedback on this subject.

  • @tasanee87
    @tasanee877 ай бұрын

    I found this very helpful, great breakdown of how it works! Awesome visual and looking forward to watching the follow up video.

  • @PrudhviParuchuri
    @PrudhviParuchuri7 ай бұрын

    well this is how you lay things down. amazing explanation there!

  • @maxp918
    @maxp9186 ай бұрын

    I'm a simple front-end dev looking to expand my understanding of the whole software process and I understood everything. Which says a lot about your ability to explain things simply and in layman terms.

  • @user-uy4qp1qx3n
    @user-uy4qp1qx3n4 ай бұрын

    Really Awesome video. Thanks for sharing.

  • @NGolda
    @NGolda7 ай бұрын

    Well done video, looking forward to the followup video.

  • @severtone263
    @severtone2637 ай бұрын

    Well laid out! It was logical and easy to understand

  • @midnaite
    @midnaite5 ай бұрын

    Great job man, thank you so much :)

  • @SORINACHIRILA
    @SORINACHIRILA7 ай бұрын

    Thank You, this is a great explanation.

  • @mymd2004
    @mymd20045 ай бұрын

    you da man buddie...hi from Argentina

  • @kalvakolusubhash4010
    @kalvakolusubhash40108 ай бұрын

    Nice explanation 😊

  • @ColdStoneBoy
    @ColdStoneBoy7 ай бұрын

    Great video!

  • @carisseandjeff
    @carisseandjeff7 ай бұрын

    nice vid. looking forward in gitops part. I'm new to Argo and hoping it will give more clarity and different approach. example using mono repo vs multi repo, git vs helm sync and etc

  • @jawadturk
    @jawadturk4 ай бұрын

    Here's where I think you can design the pipeline in a better way. I think running your tests prior to your build is better. If you build and your tests fails then you wont be able detect it prior to the build. This will increase your change lead time to get committed code to production

  • @dipk.mishra
    @dipk.mishra7 ай бұрын

    Nice video! I did not understand though that after we get container image how do we ensure unit test is running against that image? Is there sone deploy step to Dev env where those unit tests would run?

  • @Inaya334
    @Inaya334Ай бұрын

    Great video can you do another one for DevSecOps. Thank you so much

  • @simon_smale
    @simon_smale6 ай бұрын

    Isnt branch protection is usually at the SCM level rather than as part of the pipeline? At this point it is too late, the code would be in the branch

  • @MagDag_
    @MagDag_3 ай бұрын

    Great!

  • @user-dq7vo6dy7g
    @user-dq7vo6dy7g5 ай бұрын

    This feels very specific to a development tech stack, without actually specifying it. (Unittests in container, upload to aws)

  • @genshen4703
    @genshen47037 күн бұрын

    cool. simple. fast.

  • @Aleks-fp1kq
    @Aleks-fp1kq7 ай бұрын

    Nice video, I have a few questions: 1. what if there are errors in any stage/sub stage 2. isn't there a difference between deployment and release 3. is pre-commit code a bit too intrusive? I would run checks only after pull request is approved. 4. in general, what kind of dev process does CI/CD pipeline follow? Scum or?? Because making the pipeline is writing code but somehow I don't see it fitting well with Scrum. 5. do we unit test the pipeline itself?

  • @DevOpsJourney

    @DevOpsJourney

    7 ай бұрын

    1. You should set the build to fail. You should also build in some notifications to notify your developers. Slack/Email are most commonly used. 2. Release stage is making your container image/software available on a registry. Deployment stages are after the release stage, and actually get the software to run on your servers 3. Some people don't like it, but it's made to save your Devs time. It follows the "fail fast" moto of pipelines. If there are linting/formatting errors, we want that to fail as soon as possible, not during a PR check or during a pipeline run (which comes later). 4. Depends on the company, it doesn't really matter. It's usually something you build and always improve on. 5. Some do, but many don't. I usually just run the pipeline after any changes and make sure it still passes. I would probably do something more if people keep breaking the pipeline with changes they make to it.

  • @p.a8750

    @p.a8750

    6 ай бұрын

    @Aleks-fp1kq I would 100% include precommit. It is the first gate for the code to go through. It will eliminate countless PR request updates that say 'fixed linting / formatting'. Also, if you include a precommit hook that checks for secrets like gitleaks or yelp, you are preventing any sensitive information ever being committed in the first place.

  • @simon_smale

    @simon_smale

    6 ай бұрын

    Pre commit is really useful to prevent the red mark of shame. I try to put them in every project I dev on so that you fail as early as possible.

  • @ahmadkabalo7738
    @ahmadkabalo77388 ай бұрын

    There is somthing I still don't understand, why you put building the container image step before running units test ?? Shoulde we first test the code and make sure it is working and then if every thing is ok we ship the code and build the docker image ??

  • @bharathrajuk

    @bharathrajuk

    8 ай бұрын

    exactly, and container registry is where we have the container images with tags, right?

  • @Starkypooo

    @Starkypooo

    8 ай бұрын

    sometimes you must first compile the UTs (like in C++), however, I don't see why we should keep compiled UTs in the image

  • @keitaatticot612

    @keitaatticot612

    7 ай бұрын

    I have the same question UTs and coverage after the build . I don’t understand

  • @DevOpsJourney

    @DevOpsJourney

    7 ай бұрын

    It's a preference. You can UT before or after building the image. My preference is to make use of multistage dockerfiles and run my CI tests within the image. When dockerfiles are built correctly it doesn't take long to build an image, and it's something you can bring to any CI environment. Here's a good post about it www.reddit.com/r/docker/s/2o8TBzsBtK

  • @dipk.mishra

    @dipk.mishra

    7 ай бұрын

    @@DevOpsJourney, instead of multistage dockerfile can’t we just run unit test first after building the code. Copy the artifacts into Dockerfile and just build docker image?

  • @thebereanevangelist8389
    @thebereanevangelist83893 ай бұрын

    Does the compile stage include a website code. I dont understand why and how one would complie css and html and JS scripts

  • @DevOpsJourney

    @DevOpsJourney

    3 ай бұрын

    Since they do not require compiling, you would copy those files into the docker image you are building in the build stage

  • @bharathrajuk
    @bharathrajuk8 ай бұрын

    container registry is where we have the container images with tags, right?

  • @Starkypooo

    @Starkypooo

    8 ай бұрын

    yes, this is the place to which you push or from which you pull container images

  • @FRIGTARD123
    @FRIGTARD1234 күн бұрын

    Wouldn't the pre commit checks that enforce 'linting' - aka syntax errors in your context- be unnecessary if the code compiles and builds successfully on their local machine? I understand the need to lint prs after they've been pushed to make sure they compile in the pipeline environment but not the pre commit linting check

  • @avatar098

    @avatar098

    3 сағат бұрын

    Linting is more for quality of life during code reviews. Sometimes there are unnecessary formatting stuff that pollutes the PR. Sometimes (and you’d be surprised) devs will push without actually building their code locally. It’s annoying.

  • @florimmaxhuni4718
    @florimmaxhuni47188 ай бұрын

    Should Unit test be before Container image ?

  • @florimmaxhuni4718

    @florimmaxhuni4718

    8 ай бұрын

    I guess it depend how you run unit test in container or not but if we run in container that may take more time then just running unit-test directly when you build and also you dont need to download container image if unit test fails

  • @T.P.87

    @T.P.87

    8 ай бұрын

    @@florimmaxhuni4718 Depends on in which format you ship the application and how you test. The norm would currently be to ship release images which include the runtime and the compiled/transpiled binary for execution and not much else. For isolation/parallelization purposes on the build server it also makes sense to run every step of CI pipeline in predefined containers. The 'CI pipeline' image definition would be part of the project repository and could include everything you need for testing, debugging, development (can be used locally by devs). The 'release' image which you want to push into the registry and which is then used as the startable application in production could be way leaner, because no testing framework is needed.

  • @florimmaxhuni4718

    @florimmaxhuni4718

    7 ай бұрын

    We still ship release images that include compiled/transpiled binary but when build is succussed and all the test pass otherwise if test fails thats not a releasable I assume for dev or other environments thats why I think it may take a lot of time specially when creating PR-s. (I guess you have methods that help to use cache but still). By the way Im talking about some languages that I work and github actions has great support for them (one command to build or run test/integration--test)@@T.P.87

  • @vadymesch2267
    @vadymesch22674 ай бұрын

    Unit test after creating Container Image? Are you sure about it? Maybe you mean e2e tests?

  • @DevOpsJourney

    @DevOpsJourney

    4 ай бұрын

    It's a preference. You can UT before or after building the image. My preference is to make use of multistage dockerfiles and run my CI tests within the image. When dockerfiles are built correctly it doesn't take long to build an image, and it's something you can bring to any CI environment. Here's a good post about it www.reddit.com/r/docker/s/2o8TBzsBtK

  • @kalvakolusubhash4010
    @kalvakolusubhash40108 ай бұрын

    By the way tell about the app/website you are using for this video 😊

  • @DevOpsJourney

    @DevOpsJourney

    7 ай бұрын

    eraser.io. I got a link to the diagram in the description

  • @guinea_horn
    @guinea_horn5 күн бұрын

    I've never heard an accent like this which replaces I's with A's. Santax. Gathub.

  • @oLunatiko
    @oLunatiko4 күн бұрын

    There are good unit test and bad unit tests. But if you choose to not add testing to your application, you’re waiting for a disaster to happen and you will find out once everything goes haywire.

  • @DzintarsDev
    @DzintarsDev5 ай бұрын

    The title word "modern” got me there, but left me disapointed.

  • @ZTGallagher
    @ZTGallagher7 ай бұрын

    Not my circus, not my clowns, but my two cents is that unit tests need to be heavily de-prioritized. They make code more difficult to refactor, and they lead to people writing super bad tests just to get coverage. They waste a lot of time testing things that might not even really need it. Unit tests can be good but should be reserved for cases where a function/method has a very complex purpose and you want to verify it's doing as it should.

  • @Aleks-fp1kq

    @Aleks-fp1kq

    7 ай бұрын

    This is because the test you have seen\used are written badly.

  • @ZTGallagher

    @ZTGallagher

    7 ай бұрын

    ​@@Aleks-fp1kq If you don't think too many unit tests is a net negative you've either not refactored often enough, or not worked in an environment where sloc and code coverage were used as performance metrics. Prioritizing unit tests where they're unnecessary complicates development and adds pointless busy work.

  • @Aleks-fp1kq

    @Aleks-fp1kq

    7 ай бұрын

    @@ZTGallagher why would anyone write "too many unit test"? you mean multiple tests that test the same thing? How coverage be a performance metric?

  • @ZTGallagher

    @ZTGallagher

    7 ай бұрын

    @@Aleks-fp1kq 100% code coverage is not just impossible, it's a hindrance. So many functions simply do not need unit tests. They're too small, straightforward, or simple. They don't need it. You can cover more of the system with good integration tests that get you the same reliability. But people will write unit tests arbitrarily, and often bad hacky ones, because it's less important to have good code or develop efficiently, and more important to say "yeah we have high code coverage". Prioritizing code coverage means prioritizing volume, not quality. A system is better with just well-written integration tests. Unit tests aren't bad. They're simply extremely over-valued.

  • @Aleks-fp1kq

    @Aleks-fp1kq

    7 ай бұрын

    @@ZTGallagher I agree, and as I said in my first reply, you have used/encountered bad tests/practices. there is no such things as prioritizing unit tests. you need unit tests if you are doing TDD (bottom-up\top-down). you write the unit tests to test your SUT, you don't write more than that. While doing that we follow patterns such as equivalence partitions, triangulation and principles ....

  • @stxnw
    @stxnw7 ай бұрын

    Downvoted because Continuous Deployment is part of CI/CD, yet you still separated them into 2 videos for the money.

  • @DevOpsJourney

    @DevOpsJourney

    7 ай бұрын

    😂

Келесі