...
- the tenant processes for application LCM (such as updates) are out of scope
Ref | Description | Comments/Notes |
---|---|---|
cicd.wf.00n | The CICD pipeline must support deployment on any cloud. | CICD pipelines automate CICD practices into repeatable workflows for integrating code and configurations into builds, testing builds including validation against design and operator specific criteria, and delivery of the product onto a runtime environment. Example of an open-source cloud native CICD framework is the Tekton project (https://tekton.dev/) |
The CI pipeline must ingest vendor (or developer) provided workload images and deployment manifests into the Cloud repository. | Example of an open-source cloud native Cloud Repository is the CNCF Harbor product (https://goharbor.io/). | |
The CI pipeline must support build and packaging of workload images and deployment manifests from source code and configuration files. | ||
The CI pipeline must scan images and manifests to validate for compliance with security requirements. | Examples of such security requirements include only ingesting images, source code, configuration files, etc. only form trusted sources. | |
The CI pipeline must scan images and manifests to validate for compliance with design and coding best practices. | ||
The CI pipeline must promote validated images and manifests to be deployable. | ||
The CICD pipelines must use event-driven task automation | ||
The CI/CD pipelines should avoid scheduling tasks | ||
The CD pipeline must verify and validate the tenant request | ||
The CD pipeline must request the creation of the necessary cloud infrastructure resources | ||
The CD pipeline must be able to deploy into Development, Test and Production environments | ||
The CD pipeline must be able to automatically promote workloads from Development to Test and Production environments | ||
9.5.3 Tenant creation automation
...