# shared model to higher prep ### prep shared logic to non-shared **note**: jdk11 tested and deployed (?) 1) - pre-requirements checklist (addng non shared-envs to shared logic) - - common components: cert manager, nginx (int/ext) * decide on new namespace or aks or other - how we deal with existing certmanager - - parameters in app profiles (cleanup) [conditionals?] <- kafka topics as input - - helm values (cleanup) - - data later (AP/MJ) <- need input (we will define these inputs required) - - cronjobs (remove all manual to codified) - - parameters [keyvault - higher requires seperate kv's to be created] - - aks node profiles (default 30) / namespace <- see above DR note - - releases for apps (docker) [dockerfile updates - repo] - - approval gates (environments) * see [Link to Header](#approvals-gates) [APPROVALS] - - supporting resources (acr, {env}keyvault, spn's) - - assumption - all shared logic to be made available to all envs (e.g. hostAliases, cronjobs etc) - - note: sourceclear/sonaqube/[veracaode] -> not in multistage - speak to kenedy (make sure its in multistage) - - check all naming remains intact (e.g service names for apps, for things like ingress pointers [apim routes]) - - any endpoints (int/ext) - confirm naming conventions are correct (kafka, databricks etc) - - update README.md (cronjobs etc) 2) add stages to helmsman DR approach: notes: * 3x code3 deployment date? * fastrack dev1 to shared model, so we can run initial tests in DEV1 (code config based) <- create jira/kanban for this effort * sourceclear/sonaqube/[veracaode] -> not in multistage - Pre-req for the builds to be used in PROD * all coded/automated - <- discuss agree pipeline strategy * fully understand any dependencies *** * assumption is that the process have been verified and applied in environment before PROD (i.e. dev1, sit, uat) * uks: [1] new aks build (inc max_pods limit raised from default 30 [subject to profiling and scaling req's]) * - [2] add stage and cluster to helmsman (flow) <- inc build/release, dockerfile updates * - [3] add supporting components to helmsman (acr etc) note: re-use existing spn's * - [4] dns zone are pre-existing (cert mananager) ### research how we transition to new CM * - [3] public ip's for aks (external whitelisting [netpay - send request to them to action], imperva, apim, nsg's etc) <- detail exact list * - [4] add new aks secrets to existing PROD/DEV1 kv(s) [rather than crating a new kv] * - [4] cronjobs - conditionals for environment specific times (e.g. prod is x4 triggers) * - [5] helm values + profiles create/cleanup * - [5] approval gates (environments) * see [Link to Header](#approvals-gates) [APPROVALS] <-- [Pre-req] * - [4] Fix pipeline bug DB-104 <-- [Pre-req] - Done *** DATA LAYER: AP/MJ <- engage from 6th jan 2020 to detail co-ordinated approach