Tech Stacks - Build, Test, Release, Rollout
Last Updated: 2022-07-25
A.k.a. Continuous Integration / Continuous Delivery (CI / CD).
- Load code from your Source Control
- build your code
- if no build errors, run all or related tests.
- if no test errors, release the binary to the artifact registry.
- rollout the new binary / package to your machines (servers)
- cherrypicking: create a new build with a specific code change
Things to consider:
- dependency management
- source management
- Secure Software Supply Chain (s3c)
- release management
- Vulnerability management
- Artifacts Management
Facebook: Landcastle https://gregoryszorc.com/blog/2015/03/28/notes-from-facebook%27s-developer-infrastructure-at-scale-f8-talk/
Binary Release vs Data or Config Push
- binary release needs to go through compilation and tests, which may take a few hours in a CI/CD system
- data push is relatively small, mostly configurations, should be rolled out quickly (in minutes instead of hours). Data push should be a separate system that can quickly changes things in prod without changing code and binary.
Data / Config push usecases:
- who can see what feature; flipping feature flags; staged rollout; dynamic configuration; operational changes (like whitelist / blacklist)
How to use such a system:
- Key value pairs
- files from source controls (non key-val data): modify files in source control, the system detects differences and push the new file to prod
- server flags: need to reboot after flags change
- from GUI
- Imperative: give step by step instructions.
- Declarative: a service that monitors a model of what should be in production. When it detects changes in this model, it performs pushes until production looks like the model.
Contain all needed files, even down to