You've misunderstood me. I don't think you should push straight to production, and nowhere in this article did I say that anyone should. What I said is that a sufficiently robust CI/CD system automates work that used to be manual, which can easily include promotion of a build from a dev or testing environment to the production environment. I just don’t believe that it’s always necessary to have a human pushing the Deploy button for prod. That’s a security blanket, not a real quality gate. Investing heavily in those automated quality gates builds trust that allows you to eventually remove human intervention without sacrificing confidence in quality.
Anyway, this is a beginner-friendly explanation of what CI/CD is, not a best practices article for DevOps at enterprise scale. :)
Hi there, nice to e-meet. My passion is to teach others what I learn and to help them become better in the tech Journey in any way I can. Reach out if I may be of help.
Cheers!
#StayAwesome
Location
Texas, USA
Education
University of Yaounde I
Work
NGO - Apoti Dev Association | Founder - Jack Kalo Inc, Reskylled Inc | DevOps Consultant - IBM
Yes, and thanks so much for such a great piece. We use Trivy for security tool but having read this your 3 articles on Jfrog tools, we will be switching to Jfrog Xray. It is really a great tool.
Thanks so much for these great pieces.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
You've misunderstood me. I don't think you should push straight to production, and nowhere in this article did I say that anyone should. What I said is that a sufficiently robust CI/CD system automates work that used to be manual, which can easily include promotion of a build from a dev or testing environment to the production environment. I just don’t believe that it’s always necessary to have a human pushing the Deploy button for prod. That’s a security blanket, not a real quality gate. Investing heavily in those automated quality gates builds trust that allows you to eventually remove human intervention without sacrificing confidence in quality.
Anyway, this is a beginner-friendly explanation of what CI/CD is, not a best practices article for DevOps at enterprise scale. :)
Yes, and thanks so much for such a great piece. We use Trivy for security tool but having read this your 3 articles on Jfrog tools, we will be switching to Jfrog Xray. It is really a great tool.
Thanks so much for these great pieces.