|
|
The following shows the flow from development into production. Our process strives for continuous compliance around quality, legal and security allowing automation between the flow between development, testing and staging areas (policies are automatically check at stage gates). The push from staging to production is manual and done in cooperation with Operations so:
|
|
|
- We can observe for unexpected behavior resulting from the push
|
|
|
- React quickly by rolling back in case negative effects are observed
|
|
|
- Ensure situational awareness by our Operations/SRE teams
|
|
|
|
|
|
![CICD Process.png](uploads/0Process-7271965e-b08b-4784-8044-fdbda770e739.png)
|
|
|
|
|
|
## Stage gate activities
|
|
|
|
|
|
### Code Scanning
|
|
|
Code scanning for license compliance and CVE
|
|
|
|
|
|
### Security Scanning
|
|
|
Static and dynamic security scans
|
|
|
|
|
|
### Testing |
|
|
\ No newline at end of file |