What is a CI/CD pipeline?
A continuous integration and continuous deployment (CI/CD) pipeline is a series of established steps that developers must follow in order to deliver a new version of software. CI/CD pipelines are a practice focused on improving software delivery throughout the software development life cycle via automation.
By automating CI/CD throughout development, testing, production, and monitoring phases of the software development lifecycle, teams are able to develop higher quality code, faster and more securely. Automated testing also allows dependencies and other issues to be identified earlier in the software development lifecycle, saving time later. Although it’s possible to manually execute each of the steps of a CI/CD pipeline, the true value of CI/CD pipelines is realized through automation.
CI/CD pipelines have advantages for software organizations that use virtual machines as well as container-based cloud-native applications. With the ability to more quickly integrate updates and changes to code, teams can respond to user feedback and business changes frequently and effectively, leading to positive outcomes for end users.
How do CI/CD pipelines relate to DevOps?
CI/CD pipelines, which streamline and accelerate software development, are a reflection of DevOps methodology, a set of ideas and practices that fosters collaboration between developers and IT operations teams.
The CI side of CI/CD refers to continuous integration, which includes building, testing, and merging code. The CD side can stand for continuous delivery, which includes automatically releasing software to a repository. CD can also stand for continuous deployment, which adds the step of automatically deploying software to production.
A CI/CD pipeline guides the process of software development through a path of building, testing, and deploying code. By automating the processes that support CI/CD, development and operations teams can minimize human error and maintain a consistent process for how software is released. Pipelines can include tools for compiling code, unit tests, code analysis, security, and binaries creation. For containerized environments, pipelines will also include tools for packaging the code into a container image to be deployed across a hybrid cloud.
Both CI/CD and DevOps focus on automating processes of code integration, thereby speeding up how an idea (like a new feature, a request for enhancement, or a bug fix) goes from development to deployment in a production environment where it can provide value to the user. Developers, usually coding in a standard development environment, work closely with IT operations to speed software builds, tests, and releases—without sacrificing reliability.
The state of application modernization
What is Tekton?
Tekton is a Knative-based framework to create cloud-native CI/CD pipelines quickly. As a Kubernetes-native framework, Tekton makes it easier to deploy across multiple cloud providers or hybrid environments.
Tekton allows components to be reused across multiple pipelines, through the use of custom resource definitions (CRDs) in Kubernetes. Tekton uses the Kubernetes control plane to run pipeline tasks. By using standard industry specifications, Tekton will work well with existing CI/CD tools such as Knative and OpenShift.
Using the Tekton project, you can build Kubernetes-style delivery pipelines that can control the complete life cycle of microservices without having to rely on central teams to maintain and manage a continuous integration server, plugins, and configuration.
How can CI/CD pipelines support security?
Without proper security, a rapid development and deployment process can expose an organization to risks. Common risks can include revealing sensitive data to outside sources, incorporating insecure code or third party components, or exposing source code repositories or build tools to unauthorized access.
Automated checks and testing within a CI/CD pipeline can safeguard code and prevent vulnerabilities in software delivery. Incorporating security into a pipeline helps to protect code from attack, prevent data leaks, comply with policies, and ensure quality assurance. Identifying and mitigating vulnerabilities throughout the development cycle assures that code changes are thoroughly tested and adhere to security standards before they are deployed to production.
What is Red Hat OpenShift Pipelines?
Red Hat® OpenShift® Pipelines is a Kubernetes-native solution which builds on Tekton and provides tight integration with OpenShift and Red Hat developer tools. Administrators and developers can create pipeline blueprints for applications that are based on their organization’s unique business and security requirements.
OpenShift Pipelines is designed to run each step of the pipeline in its own container, allowing each step to scale independently to meet the demands of the pipeline.
OpenShift Pipelines is available with an OpenShift subscription and natively integrates with the OpenShift console, allowing developers to configure and execute pipelines directly alongside their applications.
Red Hat OpenShift Pipelines features
Kubernetes-native pipelines
Use standard Tekton Custom Resource Definitions (CRDs) to define pipelines that run as containers and scale on demand.
Runs serverless
Get full control over your team’s delivery pipelines, plugins and access control with no central CI/CD server to manage.
Integrated CI/CD experience
Get a streamlined user experience through the Red Hat OpenShift console developer perspective, including the Pipeline Builder visual interface, as well as command-line interfaces and integrated development environments.
Developer productivity with Red Hat technologies
Find out how Red Hat technologies work together to support developer productivity.
