CI/CD Integration

Der Artifact Shipper ist für den Einsatz in CI/CD-Pipelines konzipiert und kann nahtlos in verschiedene Automatisierungs-Plattformen integriert werden.

Azure DevOps

Integration in Azure DevOps Pipelines.

Zwei-Pipeline-Ansatz

Empfohlener Ansatz mit separaten Pipelines für Konfiguration und Deployment.

1. Configuration Pipeline

Erstellt ein Job-YAML basierend auf der config.json:


# azure-pipelines-config.yml
trigger:
  branches:
    include:
      - main
  paths:
    include:
      - config.json
 
pool:
  vmImage: 'ubuntu-latest'
 
steps:
  - task: Bash@3
    displayName: 'Generate Job Pipeline'
    inputs:
      targetType: 'inline'
      script: |
        cat > azure-pipelines-job.yml <<'EOF'
        trigger: none
 
        pool:
          vmImage: 'ubuntu-latest'
 
        steps:
          - task: Docker@2
            displayName: 'Run Artifact Shipper'
            inputs:
              command: 'run'
              arguments: >
                -v $(System.DefaultWorkingDirectory)/config.json:/config/config.json
                5minds/processcube_artifact_shipper:latest
        EOF
 
  - task: PublishBuildArtifacts@1
    inputs:
      PathtoPublish: 'azure-pipelines-job.yml'
      ArtifactName: 'pipeline'

2. Job Pipeline

Führt den eigentlichen Deployment-Job aus:


# azure-pipelines-job.yml
trigger: none
 
pool:
  vmImage: 'ubuntu-latest'
 
steps:
  - task: Docker@2
    displayName: 'Run Artifact Shipper'
    inputs:
      command: 'run'
      arguments: >
        -v $(System.DefaultWorkingDirectory)/config.json:/config/config.json
        5minds/processcube_artifact_shipper:latest

Einfache Pipeline

Für kleinere Projekte kann auch eine einzelne Pipeline verwendet werden:


# azure-pipelines.yml
trigger:
  branches:
    include:
      - main
  paths:
    include:
      - diagrams/**/*.bpmn
      - config.json
 
pool:
  vmImage: 'ubuntu-latest'
 
steps:
  - task: Docker@2
    displayName: 'Pull Artifact Shipper'
    inputs:
      command: 'pull'
      arguments: '5minds/processcube_artifact_shipper:latest'
 
  - task: Docker@2
    displayName: 'Deploy Artifacts'
    inputs:
      command: 'run'
      arguments: >
        -v $(System.DefaultWorkingDirectory)/config.json:/config/config.json
        -v $(System.DefaultWorkingDirectory)/diagrams:/diagrams
        5minds/processcube_artifact_shipper:latest
    env:
      PROCESSCUBE_CLIENT_SECRET: $(ProcessCubeClientSecret)

Hinweis: Sensible Daten wie PROCESSCUBE_CLIENT_SECRET sollten als Pipeline-Variablen (Secret) konfiguriert werden.

Pipeline-Variablen

Secrets in Azure DevOps konfigurieren:

Pipeline öffnen → Edit
Variables → New variable
Name: ProcessCubeClientSecret
Value: Ihr Client-Secret
☑️ Keep this value secret
Save

GitHub Actions

Integration in GitHub Actions Workflows.

Beispiel Workflow


# .github/workflows/deploy.yml
name: Deploy Artifacts
 
on:
  push:
    branches:
      - main
    paths:
      - 'diagrams/**'
      - 'config.json'
 
jobs:
  deploy:
    runs-on: ubuntu-latest
 
    steps:
      - name: Checkout
        uses: actions/checkout@v3
 
      - name: Run Artifact Shipper
        run: |
          docker run \
            -v ${{ github.workspace }}/config.json:/config/config.json \
            -v ${{ github.workspace }}/diagrams:/diagrams \
            -e PROCESSCUBE_CLIENT_SECRET=${{ secrets.PROCESSCUBE_CLIENT_SECRET }} \
            5minds/processcube_artifact_shipper:latest

Secrets konfigurieren

Repository → Settings → Secrets and variables → Actions
New repository secret
Name: PROCESSCUBE_CLIENT_SECRET
Secret: Ihr Client-Secret
Add secret

GitLab CI/CD

Integration in GitLab CI/CD Pipelines.

Beispiel Pipeline


# .gitlab-ci.yml
stages:
  - deploy
 
deploy-artifacts:
  stage: deploy
  image: docker:latest
  services:
    - docker:dind
 
  script:
    - docker pull 5minds/processcube_artifact_shipper:latest
    - |
      docker run \
        -v $CI_PROJECT_DIR/config.json:/config/config.json \
        -v $CI_PROJECT_DIR/diagrams:/diagrams \
        -e PROCESSCUBE_CLIENT_SECRET=$PROCESSCUBE_CLIENT_SECRET \
        5minds/processcube_artifact_shipper:latest
 
  only:
    refs:
      - main
    changes:
      - diagrams/**/*
      - config.json

CI/CD Variables

Settings → CI/CD → Variables → Add variable
Key: PROCESSCUBE_CLIENT_SECRET
Value: Ihr Client-Secret
☑️ Protect variable
☑️ Mask variable
Add variable

Kubernetes CronJob

Automatisches, zeitgesteuertes Deployment in Kubernetes.

CronJob Definition


# artifact-shipper-cronjob.yaml
apiVersion: batch/v1
kind: CronJob
metadata:
  name: artifact-shipper
  namespace: processcube
spec:
  # Täglich um 2 Uhr nachts
  schedule: "0 2 * * *"
 
  jobTemplate:
    spec:
      template:
        spec:
          containers:
            - name: artifact-shipper
              image: 5minds/processcube_artifact_shipper:latest
              volumeMounts:
                - name: config
                  mountPath: /config
                  readOnly: true
              env:
                - name: PROCESSCUBE_CLIENT_SECRET
                  valueFrom:
                    secretKeyRef:
                      name: processcube-secrets
                      key: client-secret
 
          volumes:
            - name: config
              configMap:
                name: artifact-shipper-config
 
          restartPolicy: OnFailure

ConfigMap erstellen


kubectl create configmap artifact-shipper-config \
  --from-file=config.json \
  -n processcube

Secret erstellen


kubectl create secret generic processcube-secrets \
  --from-literal=client-secret='your-secret' \
  -n processcube

CronJob deployen


kubectl apply -f artifact-shipper-cronjob.yaml

Kubernetes Job (manuell)

Einmaliges Deployment als Kubernetes Job.

Job Definition


# artifact-shipper-job.yaml
apiVersion: batch/v1
kind: Job
metadata:
  name: artifact-shipper
  namespace: processcube
spec:
  template:
    spec:
      containers:
        - name: artifact-shipper
          image: 5minds/processcube_artifact_shipper:latest
          volumeMounts:
            - name: config
              mountPath: /config
              readOnly: true
          env:
            - name: PROCESSCUBE_CLIENT_SECRET
              valueFrom:
                secretKeyRef:
                  name: processcube-secrets
                  key: client-secret
 
      volumes:
        - name: config
          configMap:
            name: artifact-shipper-config
 
      restartPolicy: Never
 
  backoffLimit: 3

Job starten


kubectl apply -f artifact-shipper-job.yaml

Job-Status prüfen


kubectl get jobs -n processcube
kubectl logs job/artifact-shipper -n processcube

Best Practices

Umgebungsspezifische Konfiguration

Verwenden Sie separate config.json-Dateien für verschiedene Umgebungen:


config/
├── config.dev.json
├── config.staging.json
└── config.prod.json

Pipeline-Beispiel:


steps:
  - task: Docker@2
    inputs:
      command: 'run'
      arguments: >
        -v $(System.DefaultWorkingDirectory)/config/config.$(Environment).json:/config/config.json
        5minds/processcube_artifact_shipper:latest

Versionierung

Verwenden Sie spezifische Versionen statt latest:


5minds/processcube_artifact_shipper:v1.2.3

Fehlerbehandlung

Konfigurieren Sie Retry-Mechanismen in Ihrer Pipeline:


# Azure DevOps
- task: Docker@2
  retryCountOnTaskFailure: 3


# GitLab CI
deploy-artifacts:
  retry:
    max: 3
    when: runner_system_failure

Logging

Aktivieren Sie Debug-Logging für Troubleshooting:


{
  "general": {
    "logLevel": "debug"
  }
}

Notifications

Konfigurieren Sie Benachrichtigungen bei Fehlern:

Azure DevOps: Project Settings → Notifications → New subscription

GitHub Actions: Verwenden Sie Actions wie action-slack für Slack-Benachrichtigungen

GitLab: Settings → Integrations → Slack notifications