Deployment Pipeline

The deployment pipelines will be run in GitHub Actions, that will build the code and deploy it to the cluster.

Dependencies

To handle dependencies we will use poetry. That way the dependencies will have a lock file to have consistency and can handle multiple dependency groups to handle dev dependencies.

Docker

We will use docker to package our code, and optionally, docker-compose to set up the dev environment.

In case of needing to deploy a server plus a worker, the best practice is to have one image and setup the command in the k8s deployment manifest.

CI/CD

To deploy to the cluster, we will use Github Actions Larger Runners. Larger Runners are needed to configure a static IP to allowlist in the GitHub org account.

The GitHub action will configure GCP credentials and kubectl/kustomize installs. Then the action will build and push the docker image to a GCP container registry with a proper tag.

After that, we apply the kustomize manifests and wait for the deployments to roll out.

Configmaps

All configuration parameters are going to be in the GitHub repo to be source-controlled. Then these parameters will be deployed to k8s ConfigMaps, for the pods to use.

Secrets

Secrets will be hosted in GCP Secrets Manager to improve security and to load them directly at runtime. Pods will have access to read secrets.

Notifications

The CI/CD pipeline should notify a slack channel about the success/failure of the deployment.