Skip to content

Latest commit

 

History

History
24 lines (19 loc) · 2.79 KB

README.md

File metadata and controls

24 lines (19 loc) · 2.79 KB

GitHub all releases GitHub language count GitHub top language GitHub forks GitHub Repo stars

CriticalRiver DevSecOps Process

image

  • Scrum masters or Project Managers would create epics, features, user stories, and tasks.
  • Tasks would be assigned to developers to make the necessary changes, commit the changes to feature branch on which they would be working on.
  • The task will be moved to active from its new state, and a new feature branch will be created for the developers to work on their changes.
  • When the developers commit their changes, a validation build will be triggered to ensure the build is successful with the latest changes. Upon successful completion of the build, the developers will resolve their tasks and raise a pull request for their changes to be merged into the master branch.
  • Once the pull request is approved by the reviewers, the build will be run from the master branch, and SAST tools will be integrated into the build pipeline for code quality checks.
  • After the build is successful from the master branch, the artifacts generated will be stored in the preferred artifacts tool.
  • The release pipelines then pull the artifacts, and the release pre-approvers get an email requesting their approval to deploy. Upon approval, the artifacts are deployed onto development, QA, and finally production using the preferred deployment strategy.
  • The release pipeline would be integrated with DAST tools, which will scan the application for vulnerabilities.
  • When the application has been successfully deployed, a notification will be sent to the team regarding the deployment status.
  • Using the preferred monitoring tools, environments will be continuously monitored for errors. In case of any error logging, a bug will be raised and assigned back to the developers.