Summary
In this chapter, we created a CI/CD pipeline for a microservice-based application. We did the planning and defined a strategy before we went ahead and created a pipeline for all three branches. We learned a few loopholes and workarounds in CodeBuild and CodePipeline projects. We saw how to take advantage of CodeGuru Reviewer to scan the source code and place it in CodeBuild steps. We also saw how to scan an image via ECR on demand and fail the build based on the count of vulnerability. We also saw how to automate chaos experiments and get a report of the experiment to improve the performance of the application as well infrastructure. We also deployed the service with a canary deployment strategy via Flagger and did its analysis using Grafana. In the next chapter, we will create a standard development-security-operations (DevSecOps) pipeline, which will include some of the industry-wide popular security tools.
