devops with deployment manager or using prpcserviceutils
1) What options do we have to implement devops with deployment manager if the dev and qa systems are located in one zone and production is in a separate zone so that dev/qa servers are not reachable to the Production server. Only possibility is to publish the package into production repository from the qa system through the dev pipeline. The dev pipeline wilI be triggered by branch merge in dev system and I understand this feature is well supported in deployment manager. I want to understand if the production pipeline can be triggered automatically as soon as the package is published in production repository by the dev pipeline ? As the dev pipeline and production pipeline will be hosted in two different servers in separate zones, it won't be possible to use "trigger deployment" task in the dev pipeline.
As far as I have checked, pipelines in deployment manager starts with "generate artifact" step. However, our requirement is to start with "deploy" in the production pipeline which will be hosted within production zone. Can a production pipeline start with "deploy" step ?
2) If the above requirement is not supported by deployment manager, then the other option would be to use a third party orchestration service like jenkins or bamboo which will be triggered from the production repository as and when a package is added. The pipeline in jenkins/bamboo will perform the package import to the production pega server. I understand the only option to import/export packages(without using deployment manager) is to use prpcserviceutil.
Do we know if the operator credentials to connect to dev/prod servers in jenkins/bamboo be encrypted ? I could find in community that there should exist an improvement item(FDBK-24070 ) but not sure if this is already available -
Deployment Manager requires every environment in pipeline to be able to connect to Orchestrator and vice versa. It does not require connectivity in-between Dev, QA, Staging and/or Prod environments. And all the environments in the pipeline should have access to Dev and Prod repositories configured in the pipeline.
If I understood correctly, considering above points if you have Dev pipeline you can configure trigger deployment task at the end of pipeline to start Prod pipeline by checking deploy current artifact if you want Prod pipeline to use the artifact from the Dev pipeline and if you uncheck new artifact will be generated in Prod pipeline.
Production and non-prod servers would be located in two different zones with no accessibility to each other and hence we would have to create two different pipelines for dev and production as a single pipeline won't be able to connect to all candidate systems.
It won't be possible to trigger the prod pipeline from the dev pipeline as the dev and prod pipelines will be hosted in two different servers(with separate DB) e.g. dev pipeline would be in dev orchestration server and prod pipeline in prod orchestration server in separate zones.
Only common access point for both the systems would be the access to prod repository. We would like to propagate the packages from dev pipeline to prod pipeline seamlessly without any manual steps in between.
You can use Jenkins server to orchestrate between Development and Production pipelines.
Deployment manager supports Jenkins job configuration in the pipeline. For your scenario, you need the pipeline name and archive path to trigger the production pipeline from Jenkins job. In latest version of deployment manager, archive name is by default passed to Jenkins job.as input parameter.
Below link gives you details on adding Jenkins task and configuring it:
1) the production orchestration server(jenkins/bamboo) may not be reachable from the dev orchestration server. Hence, calling the jenkins job on the prod jenkins server may not be feasible from the dev pipeline. Can the production pega pipeline(in production pega deployment manager) have only one stage(production) and deploy the archive in production, if we are able to start the production pipeline using the API from a separate production orchestration server(jenkins/bamboo) upon an automatic trigger based on polling the production archive ?
2) In case the above settings are not possible, is it possible to use Bamboo as the DevOps orchestration server to import/export. I understand it would be possible to configure Bamboo with PRPCServiceUtils. However, I could not find any example in the community. Could you please let us know if there is any shareable document/manual available on Bamboo-Pega config with PRPCServiceUtils.
Pipeline will have "Development" and "Production" stages, but you are deploying an existing artifact, so it indirectly means only one stage. But, there would be a manual step in Development stage which can be cleared off using an API.
For reference i am attaching the pipeline model which i explained above. And you can find the API docs as mentioned in below link
I am assuming the attached model refers to the production pipeline model as it would require two different pipelines for dev and prod environments as per my earlier comments in this post. I am also assuming that the following API would be used to trigger the production pipeline -
The understanding is that the params SourcePipelineName and SourceDeploymentName will contain the dev pipeline model details so that the existing artifacts from the dev pipeline will be deployed and the "Development" stage of the production pipeline will be skipped. (Please correct me if I am wrong)
But, the dev pipeline(specified in the above mentioned params) won't be actually reachable to the production pipeline as the production pipeline will be in separate zone from the dev pipeline. Neither the dev candidate system would be reachable to the production pipeline model. Would these points cause any issue in execution of the production pipeline model from the API ?
As specified in my first post, you first need to identify a way to orchestrate between your development and production environment pipelines. I gave an example of Jenkins or Bamboo to use if it is possible for you, if you use any of these kind, i proposed to use API's to trigger the build.