Steady Integration/Steady Supply (CI/CD) software program – that means options that groups use to construct, take a look at and deploy functions – has come a great distance over the previous decade. Whereas organizations as soon as cobbled collectively CI/CD pipelines utilizing disparate open supply instruments, they now have a plethora of end-to-end, vendor-supported enterprise CI/CD platforms that they’ll use as a substitute. As a result of these options provide every thing groups must ship software program, they’re easier to deploy and handle.
But, whereas there are clear advantages to adopting an enterprise CI/CD platform, migrating to at least one may be troublesome. It poses plenty of challenges, corresponding to the danger of CI/CD pipeline downtime and safety and compliance challenges.
That’s why companies migrating to newer CI/CD options ought to strategy the method with an in depth, step-by-step plan. Right here’s a take a look at the challenges to navigate, together with recommendations on the right way to make CI/CD migration as easy as potential.
To floor the dialogue, I’ll concentrate on migrating to GitHub Enterprise, a CI/CD platform from GitHub, the software program improvement platform now owned by Microsoft. GitHub Enterprise is the choice that I’m seeing increasingly companies select in my work serving to firms to modernize their IT and software program supply practices.
Challenges to GitHub Enterprise migration
As a complete CI/CD platform that’s out there as a completely hosted answer, GitHub Enterprise is comparatively straightforward to make use of when you’ve migrated to it. The problem, although, is getting your code into the platform, together with making the method adjustments needed to start utilizing the answer rather than a legacy CI/CD suite.
Particularly, anticipate to face challenges that embrace:
- Software supply delays: A drawn-out, time-consuming migration course of interprets to downtime for CI/CD operations – which implies that your builders received’t have the ability to push out utility updates. This may in the end hurt the enterprise as a result of customers aren’t receiving function enhancements whereas your CI/CD pipelines are in transition.
- Efficiency dangers: Failure to decide on the best GitHub Enterprise deployment technique, and to configure the answer in an optimum method, may decelerate CI/CD efficiency and scale back developer productiveness resulting from points like inadequate infrastructure assets for constructing and testing functions.
- Coaching necessities: Expert software program builders can sometimes be taught to make use of a brand new CI/CD platform simply sufficient, however there may be nonetheless an upskilling requirement. It’s necessary to not overlook the necessity to present builders with time to be taught GitHub Enterprise (or whichever answer you’re migrating to).
- Safety and compliance: To mitigate dangers just like the injection of malicious code into your functions, it’s essential to implement entry controls through the migration course of that forestall unauthorized customers from accessing the brand new CI/CD platform.
Greatest practices for a easy GitHub Enterprise migration
The excellent news is that with the best strategy, migrating to GitHub Enterprise or the same CI/CD platform doesn’t must be risk-prone. The next greatest practices may help to streamline the method.
1. Select the best internet hosting choice
Like many CI/CD platforms, GitHub Enterprise is obtainable in two primary varieties: A totally managed, cloud-based choice and a model that customers can set up and handle utilizing their very own infrastructure.
On the whole, the absolutely managed answer tends to be the higher selection as a result of it considerably reduces setup and upkeep effort on the a part of customers. Nonetheless, the self-hosted choice could also be higher for organizations that want larger management over their CI/CD setting. This tends to be very true for companies in verticals like finance and insurance coverage, the place safety and compliance mandates could also be simpler to fulfill when the group runs CI/CD software program by itself infrastructure (and due to this fact has larger management over how delicate knowledge is managed and secured).
2. Configured granular entry insurance policies
Like most fashionable CI/CD suites, GitHub Enterprise gives entry management options that companies can use to find out who can do what inside CI/CD instruments. For instance, you can provide some builders read-only entry to supply code, whereas permitting others to change it. GitHub Enterprise additionally helps environment-based entry settings, that means you’ll be able to configure completely different ranges of entry for a similar customers throughout dev/take a look at and manufacturing environments.
As a greatest apply, benefit from these granular entry management choices by assigning completely different entry rights to every workforce that makes use of your CI/CD platform. For instance, you might need an admin workforce whose privileges lengthen to altering the configuration of GitHub Enterprise, whereas one other workforce that merely makes use of the platform has a lesser degree of entry.
3. Use OpenID Hook up with combine with cloud environments
GitHub Enterprise presents an id administration choice that leverages OpenID Join (OIDC) to combine with third-party cloud environments.
Whenever you benefit from this function, you’ll be able to robotically run workflows (like utility builds) on public cloud infrastructure with out having to retailer cloud entry credentials as long-lived GitHub secrets and techniques, which presents a considerable safety threat. As well as, this strategy robotically creates a log of GitHub workflows and motion executions, which you should utilize for audit and monitoring functions.
4. Leverage single sign-on
One other method to streamline the migration into GitHub Enterprise is to combine the platform with whichever single sign-on (SSO) supplier (like Microsoft Entra or Energetic Listing) your corporation already makes use of. Ideally, you’ll additionally allow multi-factor authentication (MFA) by way of your SSO answer so as to add one other layer of safety.
This strategy eliminates the necessity to handle GitHub Enterprise entry credentials individually out of your present accounts. It additionally reduces the burden positioned in your IT workforce through the migration as a result of as a substitute of getting to “reinvent the wheel,” they’ll merely use a sign-on answer that already exists.
5. Doc frequent duties
To ease the educational curve for builders as they migrate to GitHub Enterprise, doc frequent duties – corresponding to the right way to migrate code from native repositories or one other CI/CD platform into GitHub Enterprise.
That is one other tactic that eliminates the necessity in your workforce to reinvent the wheel repeatedly; as a substitute of forcing every engineer to determine the right way to migrate on their very own, everybody can comply with a prescribed plan.
6. Publish workflow patterns
Going a step additional, take into account as effectively publishing detailed steps on the right way to use key options in GitHub Enterprise which are prone to be necessary for your whole groups. For instance, you’ll be able to element the right way to create pull requests or construct Docker photos within the platform, or the right way to execute Infrastructure-as-Code (IaC) deployments.
Right here once more, this technique reduces the educational curve and helps get your workforce up and working on the brand new platform as rapidly as potential.
7. Automate frequent workflows utilizing GitHub Actions
Going even additional, you’ll be able to create absolutely automated workflows for frequent duties utilizing GitHub Actions, a function that allows you to set off automated operations throughout varied elements of your CI/CD pipeline. As an example, you’ll be able to robotically set off an utility construct after code has been checked in, or robotically start testing after the construct is full.
Extremely complicated workflows which will differ between initiatives or groups should not nice candidates for this kind of automation, however core routines may be absolutely automated, making it even simpler in your workforce to start utilizing the brand new platform.
