Continuous Integration and Deployment pipeline
In this article we will look at a Continuous Integration and Deployment pipeline using Jenkins and Argo CD respectively.
The Continuous Integration pipeline would generally consist of the Build and Test steps along with code/artefact scanning for quality or finding security vulnerabilities.
The following steps with corresponding tools are incorporated in the above pipeline:
- A build tool, Maven
- Static code analysis tool, SonarQube
- Integration test tool, Cucumber
- Performance test tool, JMeter
- Code scanning tool for security vulnerabilities, VeraCode or Fortify
After the build and test steps, a docker image is built and the image is scanned for vulnerabilities using tenable.io. The docker image and helm chart(which is used for deployment on Kubernetes) are stored in Nexus repository and a helm chat repository respectively.
In the continuous deployment step, Argo CD will trigger the deployment by pulling the docker image and the helm chart from the repositories and will deploy to the Kubernetes based target platform.
