In 2019, one part of a successful development team is having a solid CI/CD pipeline. Now, every pipeline will have a unique set of outcomes and needs—which means that you’ll need a strong set of tools to help you accomplish your goals. This blog post will help identify some of the tools out there that can help you make your pipeline great. These tools range from the familiar Jenkins and its newer predecessor Jenkins X to security tools like Twistlock.
First, we’ll cover what it means to have a CI/CD pipeline. Then we’ll explore tools that can help you create and run a pipeline, add better security, and even help you deploy.
What does CI/CD mean?
Let’s quickly go over what continuous integration (CI) and continuous deployment (CD) are. Both of these are frameworks that help you get your code from your machine to a production environment in a reliable way. A big goal with that is to make things as automated as possible. This should help you be able to deliver on a predictable cadence.
Continuous integration is the process of taking your code and putting it together (integrating) with all of the other code. Take a project that’s controlled by the Git source-control system. This would mean getting your code into the master branch as often as possible. You want to do this because the longer the code is outside of the main branch, the harder it will be to fix all of the pieces together. So continuously integrating your code together with your team is a means to avoid those costly merge operations.
Continuous delivery is taking the code from the main repository and getting whatever kind of artifact that’s produced by the code into a production environment. Preferably this is through an automated process where no manual intervention or steps are required to deliver that artifact. This means that the steps required to get the artifact into production are codified in some way that an automated process can follow. Each step should boost your confidence that your system is indeed going to run in a production setting and things are going to work as expected. Usually this means running sets of tests and processes to verify that the code can work.
Raygun Crash Reporting
Raygun Crash Reporting helps support frequent shipping as part of a CI/CD monitoring strategy. by alerting teams to errors before they have a chance to affect end users, monitoring strengthens the CI/CD process while providing your team with visibility into software errors anywhere in the SDLC, including production.
Feedback helps to close the loop on your CI/CD pipeline, and although you might not be involved with the customer feedback side, your product team will be listening and informing the product direction. While collecting feedback using tools like Intercom and AskNicely for NPS—we also use our knowledge that only 1% of customers will report issues, which is why we monitor everything for problems using crash reporting.
Tool 2: Jenkins X
You may have already heard of Jenkins or even have used it extensively. If you haven’t, this was one of the earlier big players in the continuous delivery space. It helped push the whole concept forward by giving you a powerful build and delivery pipeline. Along with its large plugin ecosystem, you could spin up nearly any workflow in a snap. Jenkins X is the new version of this platform that targets Kubernetes and Docker. It understands how these two systems work and helps push you toward putting the best practices to work for you.
The industry at large is now moving toward having Docker as the base component in systems. With Kubernetes now the leader in running those Docker containers, there’s a need to take advantage of these systems and make it easier to deploy. Jenkins X took the lessons learned from Jenkins, then applied them to a Docker and Kubernetes ecosystem. This way you know you’re getting a first-class build system that can deliver the feature you need.
Tool 3: CircleCI
Let’s say you don’t want to have to manage your build infrastructure; you’d rather focus on getting your build and delivery pipeline doing what they need to do. CircleCI is becoming one of the best build platforms hosted in the cloud. With their broad range of features and Docker being a first-class citizen, it’s proving to be a powerful build platform that can get the job done.
The newest feature of the platform is CircleCI Orbs. These shareable packages of code allow you to set up a build pipeline quickly. Even better, the community and CircleCI can create these Orbs. This way you can start off your build pipeline using known working steps. Then you can focus on anything unique about your build system.
Tool 4: Helm
With all the different systems that can now run on Kubernetes, it’s becoming harder to bring more complicated systems together. Thankfully, Helm has been making huge strides in solving that. Touted as the “Kubernetes package manager,” Helm provides a format for you to bring different packages together and deploy them as a unit. As well, their repository of charts (what Helm calls a distributable set of Kubernetes resources) has been growing and now has enough that you can most likely find a solution to get you started. With Helm 3.0 on the horizon to make it even easier for you to deploy charts, now is a great time to investigate Helm.
Tool 5: Kustomize
If you need something to manage your Kubernetes resources but don’t need a whole ecosystem (e.g., Helm) yet, Kustomize is a great tool to look at. Kustomize allows you to define your resources, then patch those resources for different environments. For example, let’s say you have a set of production resources, but your staging environment needs a few tweaks to the configuration to run correctly. You define a base production environment, then patch the configuration with the different configs, leaving everything else. Even better, recently Kustomize was integrated into the Kubectl tool. So, if you’re already using this tool, you can take advantage of Kustomize.
Tool 6: Twistlock
It seems like nearly every day there’s some security breach or alert we need to be aware of. Especially with all these system layers, it’s becoming harder to determine which signals to listen to, and which you don’t have to worry about. Twistlock can help you with that. Twistlock can scan your Docker images at build time and alert you if there are any known vulnerabilities already in your Docker image that you need to be aware of. But what about the active running Docker containers? Well, Twistlock can also be installed as an agent in your system and it can actively monitor and alert you to security bulletins as they become available.
Tool 7: Spinnaker
If you’re at a point where your deploy pipelines are a bit more complicated or maybe you’re exploring how to do more complex deploys, Spinnaker may be a tool worth investigating. Spinnaker knows how to do more complex deploys that may need to do blue/green or even canary deployments. Created by Netflix to facilitate their deployment pipeline, Spinnaker has all of the previously learned lessons built into the system; this helps you deploy your system in a safe, reliable way. One of Spinnaker’s neater features is the ability to do automatic rollbacks if problems are detected. For example, you can take a tool like Raygun, and if production has an error spike, you can roll back to the last known good deploy.
Tool 8: Jib
If you happen to be using a Java stack with Docker, Jib should be part of your build system. Jib takes away the complexity of trying to figure out what base Docker image you should use. It also helps you build your Docker container in a way that keeps things isolated. It will pass all of the right arguments, then build your image in a way to help speed up builds. On top of all of this, Jib uses the distroless base image that provides even better security for your containers by having as few tools installed on the container as possible.
With this set of tools, your CI/CD pipeline should be ready for anything. The ecosystem for CI/CD pipelines is rich and plentiful and growing; these tools help you build a reliable pipeline that lets you deliver the best features.
Whether you need extra security or help managing a complicated deploy, these tools should make your pipeline successful and productive. With that kind of pipeline, you should be able to deliver quicker and more reliably, which helps you provide the best value to your customers.
You can read about Raygun’s CI/CD deployment pipeline in this article.