HackMD - Collaborative Markdown Knowledge Base

Prep new deploy and release for upper envs * note: dependant on jdk11 being passed and the default java version (see jdk 11 D03 works) * stage gates (must exist prior to any prod rollout) *** ** *it may be an option to deploy a new aks* ** <- max_pods - post jdk11 scaling note: align with next DR failover??? [wider discussion] ** **assume deploying to existing aks** ** *** governance:*** * must be an enabler for common logic amongst all environments * modular where possible * x-project shareable *naming conventions for components in shared model* - need some thought/agreement 1) - pre-requirements checklist (addng non shared-envs to shared logic) - - common components: cert manager, nginx (int/ext) * decide on new namespace or aks or other - how we deal with existing certmanager - - parameters in app profiles (cleanup) [conditionals?] <- kafka topics as input - - helm values (cleanup) - - data later (AP/MJ) <- need input (we will definee these inputs required) - - cronjobs (remove all manual to codified) - - parameters [keyvault - higher requires seperate kv's to be created] - - aks node profiles (default 30) / namespace <- see above DR note - - releases for apps (docker) [dockerfile updates - repo] - - approval gates (environments) * see [Link to Header](#approvals-gates) [APPROVALS] - - supporting resources (acr, {env}keyvault, spn's) - - assumption - all shared logic to be made available to all envs (e.g. hostAliases, cronjobs etc) - - note: sourceclear/sonaqube/[veracaode] -> not in multistage - speak to kenedy (make sure its in multistage) - - check all naming remains intact (e.g service names for apps, for things like ingress pointers [apim routes]) - - any endpoints (int/ext) - confirm naming conventions are correct (kafka, databricks etc) - - update README.md (cronjobs etc) 2) add stages to helmsman *** Java 11 upgrade [D03] https://hub.docker.com/layers/openjdk/library/openjdk/11-jdk-slim/images/sha256-ee1e2dac3e3892eb73a0f2afb7a3c2e4221c1973a20a2a11f89372e1a9737f78 1) create new branch with jdk 11 (dockerfile) 2) update dockerfile with [FROM openjdk:11-jdk-slim] 3) add branch to trigger: child of f/devops/* (no action req'd) 4) add build version and deploy **STATUS**: * all tyl apps 1/1 with (jdk11) - apart from: * omass (likely code/dep issue needing dev input) * admin-portal-api/ui (not bothering at this point, failing prior anyhow) * onboarding-api - not updated due to sourceclear/enabled in common package **AC**: - [x] PORTAL - [x] ONBOARDING - [x] ACCOUNTING **BO**: - [x] INTEGRATION - [x] LOYALTY - [x] ADMIN (?) - branch to use -> ***f/devops/jdk11*** *** ## APPROVALS GATES mutlistage pipelines - environment (gates) 1) test the environments function in pipelines, to add env gates SHARED COMPONENTS (all envs) what can we securely share amongst all environments: * container registry * code repos (logic) * azure devops * + more to be listed