• pHr34kY@lemmy.world
    link
    fedilink
    English
    arrow-up
    46
    ·
    5 months ago

    My company has build scripts that practically pull half an OS from an update mirror every time someone commits a code change.

    It’s maddening how inefficient CI/CD setups are.

    • Stupidmanager@lemmy.world
      link
      fedilink
      English
      arrow-up
      5
      arrow-down
      1
      ·
      5 months ago

      It’s maddening how inefficient CI/CD setups are.

      It’s maddening how inefficient CI/CD setups inexperienced DevOps engineers are. - Fixed that for you.

      Proper pipelines are modular and should run longer validation or updates externally, with only necessary stages executing.

      • code validate - will this code compile
      • code secure - are there any known security flaws introduced
      • code plan/compile - if it’s iac, plan, if it’s application code, compile
      • if it’s prod or like, approve required (human delay). Dev, test, uat - proceed with deploy
      • code deploy - push code live

      Things like: patching, config management, vulnerability scanning, compliance checks, etc… are done outside the pipeline.

      There’s a reason people like me charge a lot! Lazy and/or inexperienced staff will get you in trouble one day.