Skip to content

CICDFlow

๐Ÿš€ CICD Flow for Unibeamยถ

This page provides a summary of the CI/CD process for Unibeam services, including repository structure, workflow automation, and authentication flows.
It is optimized for GitOps using ArgoCD and GitHub Actions, with Docker images stored in AWS ECR and configuration managed via environment-specific branches.

๐Ÿ“Š CICD Workflow Overviewยถ

flowchart TD
    subgraph CI_CD["CI/CD Repository"]
        GH_Action["GitHub Actions Workflow"]
    end
    subgraph ArgoCD["ArgoCD Repository"]
        Helm_Values["Helm values.yaml (per branch/env)"]
    end
    subgraph AWS_ECR["AWS ECR"]
        Docker_Image["Docker Image"]
    end
    subgraph K8s["Kubernetes Cluster"]
        App_Deploy["Application Deployment"]
    end

    GH_Action -- Builds & Pushes --> Docker_Image
    GH_Action -- Updates --> Helm_Values
    Helm_Values -- Triggers Sync --> App_Deploy
    Docker_Image -- Used by --> App_Deploy

ยถ

๐Ÿ” Authentication & Access Flow

  • GitHub Actions uses an IAM role (via AssumeRole) to authenticate to AWS and push Docker images to ECR.
  • ArgoCD uses a deployment key to access the repository and synchronize application definitions.
  • Kubernetes clusters authenticate to AWS ECR for pulling images using IRSA (IAM Roles for Service Accounts) or node roles.
sequenceDiagram
    participant Dev as Developer
    participant GH as GitHub Actions
    participant AWS as AWS ECR
    participant Argo as ArgoCD
    participant K8s as Kubernetes

    Dev->>GH: Push code / trigger workflow
    GH->>AWS: Assume IAM Role, push Docker image
    GH->>Argo: Update values.yaml in env branch
    Argo->>K8s: Sync application definition
    K8s->>AWS: Pull Docker image for deployment

Environment Separation

Each environment is managed in its own branch, ensuring isolated configuration and deployment.

GitOps Automation

All changes are tracked and automatically deployed via ArgoCD, providing a robust and auditable pipeline.

๐Ÿ“ Summaryยถ

  • ArgoCD Repository:
    Stores application definitions and Helm chart values for each environment.
    Each environment (e.g., dev-us, demo, prod) is managed in its own branch, ensuring isolated configuration and deployment.

  • CI/CD Repository:
    Contains GitHub Actions workflows for building and deploying services.
    Workflows build Docker images, push them to AWS ECR, and update the corresponding values.yaml in the ArgoCD repository for the target environment.

  • Automation:
    Changes to application configuration or Docker images are automatically propagated to the Kubernetes cluster via ArgoCD, providing a robust and auditable deployment pipeline.

๐Ÿ“š Referencesยถ

CI/CD Workflow Documentation ArgoCD Documentation Maven Flow for Unibeam