Tuesday, January 7, 2025

Greatest practices for CI/CD migration: The GitHub Enterprise instance

Steady Integration/Steady Supply (CI/CD) software program – that means options that groups use to construct, check and deploy functions – has come a great distance over the previous decade. Whereas organizations as soon as cobbled collectively CI/CD pipelines utilizing disparate open supply instruments, they now have a plethora of end-to-end, vendor-supported enterprise CI/CD platforms that they’ll use as an alternative. As a result of these options supply all the pieces groups have to ship software program, they’re less complicated to deploy and handle.

But, whereas there are clear advantages to adopting an enterprise CI/CD platform, migrating to at least one might be tough. It poses quite a few challenges, similar to the chance of CI/CD pipeline downtime and safety and compliance challenges.

That’s why companies migrating to newer CI/CD options ought to strategy the method with an in depth, step-by-step plan. Right here’s a have a look at the challenges to navigate, together with tips about the way to make CI/CD migration as clean as doable.

To floor the dialogue, I’ll give attention to migrating to GitHub Enterprise, a CI/CD platform from GitHub, the software program growth platform now owned by Microsoft. GitHub Enterprise is the choice that I’m seeing an increasing number of companies select in my work serving to firms to modernize their IT and software program supply practices.

Challenges to GitHub Enterprise migration

As a complete CI/CD platform that’s out there as a completely hosted resolution, GitHub Enterprise is comparatively simple to make use of when you’ve migrated to it. The problem, although, is getting your code into the platform, together with making the method modifications vital to start utilizing the answer instead of a legacy CI/CD suite.

Specifically, count on to face challenges that embody:

  • Software supply delays: A drawn-out, time-consuming migration course of interprets to downtime for CI/CD operations – which signifies that your builders gained’t be capable to push out software updates. This will in the end hurt the enterprise as a result of customers aren’t receiving characteristic enhancements whereas your CI/CD pipelines are in transition.
  • Efficiency dangers: Failure to decide on the suitable GitHub Enterprise deployment technique, and to configure the answer in an optimum approach, may decelerate CI/CD efficiency and scale back developer productiveness as a result of points like inadequate infrastructure assets for constructing and testing functions.
  • Coaching necessities: Expert software program builders can usually study to make use of a brand new CI/CD platform simply sufficient, however there may be nonetheless an upskilling requirement. It’s essential to not overlook the necessity to present builders with time to study GitHub Enterprise (or whichever resolution you might be migrating to).
  • Safety and compliance: To mitigate dangers just like the injection of malicious code into your functions, it’s important to implement entry controls throughout the migration course of that stop unauthorized customers from accessing the brand new CI/CD platform.
Greatest practices for a clean GitHub Enterprise migration

The excellent news is that with the suitable strategy, migrating to GitHub Enterprise or an identical CI/CD platform doesn’t must be risk-prone. The next greatest practices may also help to streamline the method.

1. Select the suitable internet hosting choice

Like many CI/CD platforms, GitHub Enterprise is on the market in two fundamental kinds: A completely managed, cloud-based choice and a model that customers can set up and handle utilizing their very own infrastructure.

Typically, the absolutely managed resolution tends to be the higher selection as a result of it considerably reduces setup and upkeep effort on the a part of customers. Nonetheless, the self-hosted choice could also be higher for organizations that want better management over their CI/CD setting. This tends to be very true for companies in verticals like finance and insurance coverage, the place safety and compliance mandates could also be simpler to satisfy when the group runs CI/CD software program by itself infrastructure (and due to this fact has better management over how delicate information is managed and secured).

2. Configured granular entry insurance policies

Like most trendy CI/CD suites, GitHub Enterprise supplies entry management options that companies can use to find out who can do what inside CI/CD instruments. For instance, you may give some builders read-only entry to supply code, whereas permitting others to switch it. GitHub Enterprise additionally helps environment-based entry settings, that means you may configure completely different ranges of entry for a similar customers throughout dev/check and manufacturing environments.

As a greatest follow, make the most of these granular entry management choices by assigning completely different entry rights to every staff that makes use of your CI/CD platform. For instance, you might need an admin staff whose privileges lengthen to altering the configuration of GitHub Enterprise, whereas one other staff that merely makes use of the platform has a lesser degree of entry.

3. Use OpenID Hook up with combine with cloud environments

GitHub Enterprise presents an identification administration choice that leverages OpenID Join (OIDC) to combine with third-party cloud environments.

Whenever you make the most of this characteristic, you may robotically run workflows (like software builds) on public cloud infrastructure with out having to retailer cloud entry credentials as long-lived GitHub secrets and techniques, which presents a considerable safety danger. As well as, this strategy robotically creates a log of GitHub workflows and motion executions, which you should utilize for audit and monitoring functions. 

4. Leverage single sign-on

One other strategy to streamline the migration into GitHub Enterprise is to combine the platform with whichever single sign-on (SSO) supplier (like Microsoft Entra or Lively Listing) your small business already makes use of. Ideally, you’ll additionally allow multi-factor authentication (MFA) by way of your SSO resolution so as to add one other layer of safety.

This strategy eliminates the necessity to handle GitHub Enterprise entry credentials individually out of your present accounts. It additionally reduces the burden positioned in your IT staff throughout the migration as a result of as an alternative of getting to “reinvent the wheel,” they’ll merely use a sign-on resolution that already exists.

5. Doc frequent duties

To ease the training curve for builders as they migrate to GitHub Enterprise, doc frequent duties – similar to the way to migrate code from native repositories or one other CI/CD platform into GitHub Enterprise.

That is one other tactic that eliminates the necessity in your staff to reinvent the wheel repeatedly; as an alternative of forcing every engineer to determine the way to migrate on their very own, everybody can comply with a prescribed plan.

6. Publish workflow patterns

Going a step additional, think about as effectively publishing detailed steps on the way to use key options in GitHub Enterprise which can be more likely to be essential for your whole groups. For instance, you may element the way to create pull requests or construct Docker photos within the platform, or the way to execute Infrastructure-as-Code (IaC) deployments.

Right here once more, this technique reduces the training curve and helps get your staff up and working on the brand new platform as shortly as doable.

7. Automate frequent workflows utilizing GitHub Actions

Going even additional, you may create absolutely automated workflows for frequent duties utilizing GitHub Actions, a characteristic that allows you to set off automated operations throughout varied components of your CI/CD pipeline. For example, you may robotically set off an software construct after code has been checked in, or robotically start testing after the construct is full.

Extremely advanced workflows which will range between initiatives or groups are usually not nice candidates for one of these automation, however core routines might be absolutely automated, making it even simpler in your staff to start utilizing the brand new platform.

Related Articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest Articles