Skip to main content
In this article, we delve into our deployment approach, detailing how our pipeline manages the entire flow—from continuous integration to final production deployments. This guide provides an in-depth look into each stage, helping you understand the intricacies of our CI/CD process.

Overview of the CI/CD Pipeline

Our workflow begins with several continuous integration stages. The diagram below visually represents the entire deployment approach, highlighting key steps such as dependency checks, testing, AWS deployment, and notifications:
The image is a flowchart illustrating a deployment approach, including stages of continuous integration, deployment, and delivery, along with post-build processes. It outlines steps like dependency checks, testing, deployment to AWS, and notifications.
This diagram emphasizes each stage of our pipeline, ensuring all necessary checks and tests are in place before any changes progress further in the deployment process.

Detailed Stages of the Deployment Process

Once the continuous integration stages are successful, the deployment phase kicks in. This phase is methodically divided into several stages:
  1. AWS EC2 Deployment and Integration Testing
    • Connecting to an EC2 Instance:
      The process begins by establishing a connection to an Amazon Elastic Compute Cloud (EC2) instance.
    • Deployment of Docker Image:
      On the EC2 instance, the Docker image is deployed and integration testing is performed.
    • Branch Triggering:
      These steps occur only when changes are pushed to the feature branch. Each push initiates the continuous integration stages, followed immediately by deployment to AWS EC2 and integration testing.
  2. Pull Request Stage: Kubernetes Deployment and Security Testing
    Once the initial steps are complete, a pull request is raised. During this phase:
    • Kubernetes Deployment using GitOps with ArgoCD:
      The application is deployed to Kubernetes by leveraging GitOps with ArgoCD.
    • Dynamic Application Security Testing:
      Post-deployment, dynamic security testing is performed using OWASP ZAP.
Both the Kubernetes deployment and security testing are executed exclusively within the context of a pull request to ensure pre-production quality.
  1. Production Deployment via Main Branch Merge
    After the pull request is merged into the main branch, additional steps are triggered for production deployment:
    • AWS Lambda Deployment:
      The application is deployed to AWS Lambda.
    • Updating Lambda Configurations:
      Necessary Lambda configurations are updated to align with the production environment.
    • Function Invocation and Final Testing:
      The Lambda function is then invoked, followed by a comprehensive testing round to verify proper functionality.

Summary of the Deployment Flow

The table below summarizes the different stages of our deployment process:
StageTriggerKey Actions
Feature BranchCode push to feature branch- Deployment to AWS EC2
- Docker image deployment and integration testing
Pull RequestCreation of pull request- Deployment to Kubernetes via GitOps with ArgoCD
- Dynamic application security testing using OWASP ZAP
Main Branch MergeMerging pull request to the main branch- Deployment to AWS Lambda
- Lambda configuration updates
- Function invocation and testing

Final Thoughts

This structured approach ensures that:
  • Updates pushed to the feature branch trigger an initial deployment to an AWS EC2 instance.
  • A pull request initiates a Kubernetes deployment along with essential security checks.
  • Merging into the main branch results in a comprehensive production deployment on AWS Lambda.
For more details on these technologies, refer to their respective documentation: Thank you for exploring our deployment methodology!

Watch Video