Christoph Ruggenthaler

Enabling automated 1-click customer deployments with built-in quality and security

Their manual deployment process was unscalable and error-prone. See how they built a one-click CI/CD pipeline with automated quality and security gates.

Enabling automated 1-click customer deployments with built-in quality and security
#1about 5 minutes

The challenge of manual deployments at scale

The manual process of deploying updates to isolated customer security zones becomes error-prone and inefficient as the number of customers grows.

#2about 8 minutes

Structuring the development and testing workflow

The team uses Jira with the X-ray plugin to link user stories to automated Cucumber test cases for both API and UI validation.

#3about 3 minutes

Adopting a contract-first API development approach

Shifting to a contract-first workflow using OpenAPI specifications in Git allows for automated code generation and parallel development with a mock API server.

#4about 6 minutes

Building a comprehensive CI/CD pipeline with GitLab

The CI/CD pipeline automates building, quality scanning, security analysis, and nightly end-to-end testing before publishing Docker images.

#5about 4 minutes

Automating infrastructure deployment on Microsoft Azure

An Ansible playbook automates the creation and configuration of all necessary infrastructure in Microsoft Azure, including resource groups and app services.

#6about 5 minutes

Enforcing quality gates and improving developer experience

A "stop and fix" approach fails the pipeline on quality violations, while a merge request bot and shared base images streamline development and security.

#7about 3 minutes

Key lessons learned from implementing CI/CD automation

Important takeaways include starting small with soft limits, verifying tool documentation, and using an IDE-first approach to prevent standalone tools from being ignored.

#8about 7 minutes

Automating multi-customer deployments with Ansible

An idempotent Ansible playbook automates the rollout of new versions to numerous customer environments by updating configurations and restarting containers.

#9about 2 minutes

Future plans for advancing to a DevSecOps model

The roadmap includes integrating dynamic security scanning, performance testing, and adopting DevSecOps practices like signed images and secure secret management.

Related jobs
Jobs that call for the skills explored in this talk.

Designer

Andrew Comp

Andrew Comp
Berlin, Germany

Intermediate
Java
JavaScript

Matching moments

Hardening the CI/CD pipeline with automated security tools
05:06 MIN

Hardening the CI/CD pipeline with automated security tools

You can’t hack what you can’t see

Unlock full access

Log in or set up an account to access this feature and more.

Automating code repositories and deployment pipelines
03:57 MIN

Automating code repositories and deployment pipelines

Let developers develop again

Unlock full access

Log in or set up an account to access this feature and more.

Integrating security tools into the developer workflow
05:30 MIN

Integrating security tools into the developer workflow

Secure Code Superstars: Empowering Developers and Surpassing Security Challenges Together

Unlock full access

Log in or set up an account to access this feature and more.

Automating security checks in the CI/CD pipeline
02:46 MIN

Automating security checks in the CI/CD pipeline

DevSecOps: Security in DevOps

Unlock full access

Log in or set up an account to access this feature and more.

The technology pillar and automating security tests
02:12 MIN

The technology pillar and automating security tests

DevSecOps culture

Unlock full access

Log in or set up an account to access this feature and more.

A live demonstration of an internal developer platform
07:36 MIN

A live demonstration of an internal developer platform

AI-Augmented DevOps with Platform Engineering

Unlock full access

Log in or set up an account to access this feature and more.

Applying software engineering tools to CDK projects
01:11 MIN

Applying software engineering tools to CDK projects

The power of Cloud Development Kit (CDK): How to get the most out of it

Unlock full access

Log in or set up an account to access this feature and more.

Demo of building a DevSecOps pipeline with Bitrise
04:31 MIN

Demo of building a DevSecOps pipeline with Bitrise

DevSecOps: Injecting Security into Mobile CI/CD Pipelines

Unlock full access

Log in or set up an account to access this feature and more.

Featured Partners

Related Videos

See all videos
Securing Your Web Application Pipeline From Intruders44:30

Securing Your Web Application Pipeline From Intruders

Milecia McGregor

DevSecOps: Security in DevOps33:20

DevSecOps: Security in DevOps

Aarno Aukia

GitLab CI pipelines for a whole company32:29

GitLab CI pipelines for a whole company

Martin Beránek

Let developers develop again26:47

Let developers develop again

Kai Geißelhardt & Volker Zöpfel

Improving Developer Happiness with GitOps42:29

Improving Developer Happiness with GitOps

Lars Hesel Christensen & Basil Brunner

You can’t hack what you can’t see29:34

You can’t hack what you can’t see

Reto Kaeser

How Cisco embraced a DevOps culture within its network engineering team39:38

How Cisco embraced a DevOps culture within its network engineering team

Stuart Clark

Get ready for operations by pull requests50:02

Get ready for operations by pull requests

Liviu Costea

Related Articles

View all articles
CH
Chris Heilmann
WeAreDevelopers LIVE days are changing - get ready to take part
Starting with this week's Web Dev Day edition of WeAreDevelopers LIVE Days, we changed the the way we run these online conferences. The main differences are:Shorter talks (half an hour tops)More interaction in Q&AA tips and tricks "Did you know" sect...
WeAreDevelopers LIVE days are changing - get ready to take part
CH
Chris Heilmann
Dev Digest 134 - Where pixels sing?
News and ArticlesWeAreDevelopers LIVE Data and Security Day is on Wednesday, 25/09/2024. Learn about OPC UA Updates, Best Practices for Using GitHub Secrets, Passwordless Web 1.5, Emerging AI Security Risks, Data Privacy in LLMs and get a chance to t...
Dev Digest 134 - Where pixels sing?
CH
Chris Heilmann
Exploring AI: Opportunities and Risks for Developers
In today's rapidly evolving tech landscape, the integration of Artificial Intelligence (AI) in development presents both exciting opportunities and notable risks. This dynamic was the focus of a recent panel discussion featuring industry experts Kent...
Exploring AI: Opportunities and Risks for Developers

From learning to earning

Jobs that call for the skills explored in this talk.