Hi Mirko, Looks like the topic getting very interesting here, but I would like to refocus on the skillset
How did you form up your team?, did you all pickup Java before joining this devops team? Thanks for all the sharing -Dan PS. Would love to hear other experiences from community rather me sucking out Mirko's :-) On Sun, May 31, 2015 at 1:03 AM, Mirko Friedenhagen <[email protected] > wrote: > Hello Dan, > > we treat tooling like software as well. Ticket creation is an automated 2 > click process and the package qa will not take more than 5 minutes for > small changes. > > External libraries from central may be used at free will, but we recommend > stuff in a so called toolbox, these dependencies are managed in the > department pom. > > The (programming) architects and we help discovering alternatives in our > toolbox, stuff from repositories outside central is mostly put in a > third-party repo in Artifactory. > > Regards > Mirko > -- > Sent from my mobile > Am 31.05.2015 00:06 schrieb "Dan Tran" <[email protected]>: > > > Hi Mirko > > > > Looks like you have Artifactory to store all of release artifacts and > > another 'release' repo to store the final approved release > > > > Is internal tooling, thirdparty upload going thru the same release > > process? > > > > Thanks > > > > -Dan > > > > On Sat, May 30, 2015 at 2:41 PM, Mirko Friedenhagen < > > [email protected] > > > wrote: > > > > > Hello Dan, > > > > > > - Every developer may deploy SNAPSHOTs, however this is normally done > > > by Jenkins. > > > - We do not enforce staging from Jenkins, however almost all projects > > > do this. We do not enforce this, so Jenkins outages do not inhibit > > > releasing hot fixes. > > > - Releases are deployed to a staging repository in Artifactory and we > > > have a process called package-qa where for every staged release a > > > corresponding JIRA ticket has to be created with information (changes, > > > Wiki page, diff link since last release, ticket queue). This is a > > > central place where you may see all releases in one place. > > > - This ticket is parsed by a script from Jenkins which procures > > > artifacts from staging to a releases repository and adds general > > > quality information from SonarQube and Jenkins as well as the SHA1 > > > sums to the ticket so we have a second record which may be used to > > > detect forgery. Additionally the script checks for the existence of > > > the SCM tag and retrieves the number of changed lines between > > > releases. > > > - No blocker or critical and no new major issues are allowed in > > > SonarQube, otherwise procurement will fail. > > > - The reporter and the "mover" have to be different persons to enforce > > > a "four eyes" principle. > > > - The "mover" (sometimes someone from development QA, most of the > > > times nowadays another developer) has to check some things and must > > > inspect the diff to detect whether all changes are explained. > > > - Our operations teams will only pick production releases from the > > > final releases repository, other stages may pick up artifacts from the > > > staging repository. > > > - We do not sign artifacts. > > > > > > Regards > > > Mirko > > > Regards Mirko > > > -- > > > http://illegalstateexception.blogspot.com/ > > > https://github.com/mfriedenhagen/ (http://osrc.dfm.io/mfriedenhagen) > > > https://bitbucket.org/mfriedenhagen/ > > > > > > > > > On Sat, May 30, 2015 at 7:31 PM, Dan Tran <[email protected]> wrote: > > > > Thanks Mirko > > > > > > > > * What about snapshot and release policy, do developers/qa have > > access > > > to > > > > deploy snapshot and release artifacts? > > > > * do you use artifact signing similar to Maven Central? > > > > > > > > > > > > Thanks again > > > > > > > > -Dan > > > > > > > > On Sat, May 30, 2015 at 9:21 AM, Mirko Friedenhagen < > > > [email protected] > > > >> wrote: > > > > > > > >> What I forgot: > > > >> > > > >> patience, social skills and remembering that not every application > > > >> developer needs to be a build specialist are important as well :-) > > > >> > > > >> Regards > > > >> Mirko > > > >> -- > > > >> Sent from my mobile > > > >> Am 30.05.2015 07:29 schrieb "Dan Tran" <[email protected]>: > > > >> > > > >> > Hi > > > >> > > > > >> > > > > >> > I would like to ask if the community can share with me what it > > takes > > > to > > > >> > maintain an enterprise build system with continuous integration of > > > 100+ > > > >> > developer + QA and growing using Maven. The build system contains > > > many > > > >> > components with their own release cycle and they do integrate > > > together. > > > >> > > > > >> > > > > >> > - is java skill set to develop plugin a must? > > > >> > - do you have a team or just a few of deep understanding of > Maven > > > >> > developers? > > > >> > - will a none java RelEng able to perform Maven release? > > > >> > - does your RelEng maintains the pom or developers? > > > >> > - what are your challenges? > > > >> > > > > >> > Thanks > > > >> > > > > >> > -Dan > > > >> > > > > >> > > > > > > --------------------------------------------------------------------- > > > To unsubscribe, e-mail: [email protected] > > > For additional commands, e-mail: [email protected] > > > > > > > > >
