Deployment Procedures

Owned by Siamak Haschemi (Deactivated)
Last updated: Sept 29, 2023
3 min read

 

In conclusion, deploying code to production at Ingenious is a carefully orchestrated procedure, marked by modern tools, best practices, and a commitment to excellence. Our approach ensures that users always experience a reliable, fast, and secure platform.

 

Ingenious employs a modern, streamlined, and robust procedure for deploying code to production. This article delves into the intricacies of our deployment process, offering insights into our tooling, methodologies, and best practices.

1. Source Control with GitHub

 

Our journey begins with code storage and version control, for which we rely on GitHub. This platform not only enables our developers to collaborate effectively but also ensures that code changes are meticulously tracked.

2. Build Tools

Depending on the nature of the project, we utilize different build tools:

  • For Java projects, Maven is our go-to tool.

  • JavaScript, Node, and TypeScript-based projects are

    handled using NPM.

  • For PHP projects, we leverage Composer.

3. Continuous Integration and Deployment with Jenkins

Our CI/CD pipeline is orchestrated using Jenkins, which is adeptly deployed on Kubernetes. This setup allows for scalable worker pods, ensuring that our CI/CD processes are both swift and resilient. Jenkins workflows are standardized using Groovy, ensuring consistency across projects.

4. Rigorous Testing

Before any code sees the light of production, it undergoes rigorous testing:

  • Unit tests are conducted using JUnit and Mockito.

  • For integration tests, we combine the power of JUnit and Testcontainers.

5. Deployment on Google Cloud's Kubernetes

When it comes to deployment, we trust Google Cloud's managed Kubernetes service. This cloud-native approach ensures scalability, resilience, and optimal performance.

6. Deployment Strategy - Rolling Deployments

To ensure minimal disruptions and maximum uptime, we employ rolling deployments. This strategy ensures that new versions of the application are gradually rolled out, mitigating potential risks.

7. Monitoring and Rollbacks

Post-deployment, the health of our applications is continually monitored using Prometheus metrics. Should any anomalies arise, we have the capability to swiftly rollback using Kubernetes' native deployment rollback features.

8. Environment Management

 

Our deployment pipeline is structured across several environments to ensure code quality at every step:

  • Local Development: Where initial coding and testing occur.

  • Staging Namespace: A replica of the production environment for thorough testing.

  • Pre-Production Namespace: This shares the database with production and is primarily used to test new API/UI versions before final deployment.

  • Production Environment: Where the fully vetted code serves our users.

9. Approval Process

At Ingenious, code quality is paramount. All code alterations are executed via GitHub Pull Requests (PRs). Each PR requires two approvals:

  • An automatic approval from the Jenkins pipeline, validating the code's integrity and compatibility.

  • A manual approval from a fellow developer, ensuring code quality and adherence to standards.

10. Security Measures: Security is embedded in our deployment pipeline. While we initially enabled code scanning in GitHub and container scanning on GCP, these were later deemed overly verbose. However, our commitment to security remains unwavering, and we continuously evaluate tools and practices to safeguard our code and infrastructure.