Products Services EU Projects Stories Careers About us Contact us
Products Services EU Projects Stories Careers About us Contact us
Blog

Automated Software Delivery with Gitlab CI

09/01/2023

Branimir Valentić

At Base58, we devised an automated process for software delivery, and in this blog post, I will guide you through its integration into a mono repo project. Like always the idea was to minimize the interaction needed after the software was marked as ready for production. The job code is available here.

The delivery process in our case starts by merging the latest verified code into the main branch and from there on we do several things:

  • Increment the release version
  • Build the software
  • Publish the software to a package repository 
  • Package repository artifact integrity check
  • Construct the download and deployment instructions
  • Encrypt the download and deployment instructions
  • Deliver the encrypted download and deployment instructions via e-mail 
  • Notify people

Our main branch pipeline looks like this

But let us concentrate on the delivery job that has the following steps:

  • Package repository artifact integrity check
  • Construct the download and deployment instructions
  • Encrypt the download and deployment instructions
  • Deliver the encrypted download and deployment instructions via e-mail 

You can find out more about our git flow practices in the previous post about automated versioning: https://base58.hr/en/stories/automated-software-release-versioning

With the “Package repository artifact integrity check” step, we make sure that the packages that we have built are the same as the ones in the package repository. We download the artifacts from the package repository and we compare the sha256 sums of the files with the ones from the build artifacts. The same sha256 sums prove data integrity and validate that the file was:

1. Uploaded correctly
2. Not modified after upload. What we have built is what is in the repository.

In the “Construct the download and deployment instructions” step we append several things to a file:

  • Project name and release version
  • Additional delivery notes
  • Download instructions 
  • File checksums 

The deployment instructions look something like this

Download instructions

In the “Encrypt the download and deployment instructions” step we import the recipient's PGP public keys and encrypt the delivery notes and sign the message with the CI private PGP key.

That gives us a message that looks like this:


pgp message

And in the “Deliver the encrypted download and deployment instructions via e-mail” step we send the encrypted message to all intended recipients.

Done!

Share the story on

Related Blog

09/22/2022 Blog

A day in life of... Automation, Deployment, and Process Quality Lead

Branimir Valentić, Automation, Deployment, and Process Quality Lead
07/13/2023 Blog

Meet the Team: Ivan Turk

Ivan Turk, Senior SysOps Engineer

Base58 d.o.o.

Kapucinska 31
31000
Osijek
Croatia
contact@base58.hr

Quick links

© 2024 Base58 Ltd All rights reserved.
Privacy policy Cookie policy