Steady integration/steady supply (CI/CD) software program—options that groups use to construct, take a look at, and deploy functions—has come a good distance within the final decade. Whereas organizations as soon as cobbled collectively CI/CD pipelines utilizing disparate open supply instruments, they now have a wealth of vendor-backed end-to-end enterprise CI/CD platforms they’ll use as a substitute. As a result of these options supply all the things groups must ship software program, they’re simpler to deploy and handle.
Nevertheless, whereas there are clear advantages to adopting an enterprise CI/CD platform, migrating to 1 will be troublesome. It raises various challenges, equivalent to the danger of CI/CD course of downtime and safety and compliance challenges.
That is why corporations migrating to newer CI/CD options ought to strategy the method with an in depth step-by-step plan. Here is a take a look at the challenges to beat, together with recommendations on the best way to make your CI/CD migration as seamless as potential.
To tell the dialogue, I’ll give attention to the migration to GitHub Enterprise, a CI/CD platform from GitHub, the software program improvement platform now owned by Microsoft. GitHub Enterprise is the choice I see increasingly more corporations selecting in my work to assist corporations modernize their IT and software program supply practices.
GitHub Enterprise Migration Challenges
As a complete CI/CD platform that’s accessible as a completely hosted resolution, GitHub Enterprise is comparatively straightforward to make use of as soon as you have migrated to it. Nevertheless, the problem is getting your code into the platform, in addition to making the required course of modifications to start out utilizing the answer as a substitute of a legacy CI/CD stack.
Specifically, anticipate to face challenges together with:
- Delays in submitting functions: A prolonged and time-consuming migration course of ends in downtime for CI/CD operations, which means your builders will not be capable of deploy software updates. Finally, this may harm the enterprise as a result of customers do not obtain function enhancements whereas their CI/CD pipelines are in transition.
- Efficiency dangers: Failure to decide on the precise GitHub Enterprise deployment technique and configure the answer optimally may decelerate CI/CD efficiency and cut back developer productiveness as a consequence of points equivalent to inadequate infrastructure assets to construct and take a look at functions.
- Coaching necessities: Expert software program builders can often learn to use a brand new CI/CD platform fairly simply, however there may be nonetheless a requirement for upskilling. It is essential to not overlook the necessity to give builders time to be taught GitHub Enterprise (or no matter resolution you are migrating to).
- Safety and compliance: To mitigate dangers equivalent to malicious code injection into your functions, it’s important to implement entry controls in the course of the migration course of that stop unauthorized customers from accessing the brand new CI/CD platform.
Finest Practices for a Clean GitHub Enterprise Migration
The excellent news is that with the precise strategy, migrating to GitHub Enterprise or the same CI/CD platform would not should be risk-prone. The next finest practices may also help streamline the method.
1. Select the precise internet hosting choice
Like many CI/CD platforms, GitHub Enterprise is out there in two primary varieties: a completely managed, cloud-based choice and a model that customers can set up and handle utilizing their very own infrastructure.
Generally, the totally managed resolution tends to be the most suitable choice as a result of it considerably reduces configuration and upkeep effort on the a part of customers. Nevertheless, the self-hosted choice could also be higher for organizations that want extra management over their CI/CD setting. This tends to be very true for corporations in vertical sectors equivalent to finance and insurance coverage, the place safety and compliance mandates could also be simpler to satisfy when the group runs CI/CD software program by itself infrastructure (and due to this fact has larger management about how delicate information is managed and managed). insured).
2. Configured granular entry insurance policies
Like most fashionable CI/CD suites, GitHub Enterprise supplies entry management options that corporations can use to find out who can do what inside CI/CD instruments. For instance, you can provide some builders read-only entry to the supply code and permit others to switch it. GitHub Enterprise additionally helps environment-based entry configurations, which means you may configure totally different entry ranges for a similar customers in improvement/take a look at and manufacturing environments.
As a finest observe, benefit from these granular entry management choices by assigning totally different entry rights to every staff that makes use of your CI/CD platform. For instance, you might need an admin staff whose privileges prolong to altering GitHub Enterprise settings, whereas one other staff that merely makes use of the platform has a decrease stage of entry.
3. Use OpenID Hook up with combine with cloud environments
GitHub Enterprise affords an id administration choice that benefit from OpenID Join (OIDC) to combine with third-party cloud environments.
While you benefit from this function, you may mechanically run workflows (equivalent to software builds) on a public cloud infrastructure with out having to retailer cloud entry credentials as long-lived GitHub secrets and techniques, which presents a considerable safety threat. . Moreover, this strategy mechanically creates a log of GitHub workflows and motion executions, which you should use for auditing and monitoring functions.
4. Reap the benefits of single sign-on
One other approach to streamline your migration to GitHub Enterprise is to combine the platform with any single sign-on (SSO) suppliers (equivalent to Microsoft Entra or Lively Listing) your organization already makes use of. Ideally, you may additionally allow multi-factor authentication (MFA) by means of your SSO resolution so as to add one other layer of safety.
This strategy eliminates the necessity to handle GitHub Enterprise entry credentials individually out of your present accounts. It additionally reduces the burden in your IT staff in the course of the migration as a result of, as a substitute of getting to “reinvent the wheel,” they’ll merely use a login resolution that already exists.
5. Doc widespread duties
To ease the training curve for builders as they migrate to GitHub Enterprise, doc widespread duties, equivalent to the best way to migrate code from native repositories or one other CI/CD platform to GitHub Enterprise.
That is one other tactic that eliminates the necessity on your staff to reinvent the wheel repeatedly; As an alternative of forcing every engineer to determine the best way to migrate on their very own, everybody can observe a prescribed plan.
6. Publish workflow patterns
Going a step additional, take into account additionally publishing detailed steps on the best way to use key options in GitHub Enterprise which are doubtless essential to all your groups. For instance, you may element the best way to create pull requests or construct Docker photos on the platform, or the best way to run infrastructure as code (IaC) deployments.
Once more, this technique reduces the training curve and helps your staff rise up and operating on the brand new platform as rapidly as potential.
7. Automate widespread workflows utilizing GitHub Actions
Going even additional, you may create totally automated workflows for widespread duties utilizing GitHub Actions, a function that means that you can allow automated operations in varied elements of your CI/CD pipeline. For instance, you may mechanically set off the construct of an software after the code has been checked in, or mechanically begin testing after the construct is full.
Extremely complicated workflows that will range between initiatives or groups usually are not good candidates for any such automation, however core routines will be totally automated, making it even simpler on your staff to start out utilizing the brand new platform.