Optimizing development and deployment processes with GitHub

Our client, a leading company in business management software, faced challenges in its development and implementation processes. Their current system relied on two separate platforms, Harness and Azure DevOps, creating inefficiencies and security risks.

‍

When a developer needs to implement a new microservice I had to navigate between two independent platforms (Harness and Azure DevOps) depending on the type of service. This created confusion and wasted valuable time.

Teams used different workflows for similar tasks, causing inconsistencies and potential security breaches. For example, some teams may not have implemented code security analysis.

Identifying vulnerabilities was a slow and reactive process. It required manually reviewing reports from several tools scattered across both platforms, without a central control panel. This approach could lead to errors in vulnerability analysis, potentially leaving applications exposed.

Creating new pipelines involved manual configuration., slowing down development cycles and hampering agility.

‍

The GitHub implementation allowed for greater scalability and security. We can scale up or down to meet our customer's needs, thanks to the scalability of Azure. This means that we can offer a cost-effective solution.

‍

Azure technologies also provided greater security, thanks to Azure's strong security features. GitHub allowed us to:

• Have a positive impact on branch strategy proposals to increase the security and functionality of workflows.
• Establish guidelines that allow for a reusable and scalable base for the future.
• Integrate DevSecOps tools into the CI/CD flow: SAST, DAST and security analysis for source code and containers.
• Implement CODEOWERS to improve repository management.
• Establish a pipeline automation system: users can select which repository they want to inject into which workflow files depending on their type (micro front-end, micro or IAC).

‍

After the evaluation and implementation process, the customer team can now quickly and easily configure a new repository that is ready with its integration of analysis tools and the implementation process, all using the “One-Branch” branch strategy.

‍

The use of GitHub Actions made it easier to implement code and applications with the help of the implemented DAST and SAST processes, generating a reusable and scalable base for the future.

All pipelines are on a single platform (GitHub), which in addition to simplifying governance, are found in a baseline of templates, maintained by the customer's DevOps area and that can be easily used by different teams.

Most pipelines integrate scanning tools to detect code flaws early, reducing the percentage of vulnerabilities that appear in production applications.

The solution also helps to apply quality doors to ensure that the implemented code has a minimum consistency to be considered correct.

‍

Some of the key results of this solution were:

• All pipelines are standardized and centralized in a single tool. This makes it easier to manage and monitor pipelines.
• All teams were trained in the new branch strategy. This ensures that everyone is aligned and knows how to use the new strategy.
• GitHub Packages is being used to store internal libraries. This makes it easier to manage and share libraries.
• GitHub connects to other platforms like Jira in a simple and orderly way using smart commits. This helps developers keep track of their tasks without having to switch between different platforms.
• Implementing new repositories is easy, since it only requires using the repository/pipeline generation tool. This makes it easier to start new projects.

‍