CI/CD integration has become the new standard in deploying applications to the cloud. In CI/CD, application code is continually integrated and deployed into production.
CI/CD typically applies to applications but developers need to be mindful of deploying infrastructure as well. The CI/CD pipeline should use infrastructure-as-code to run the application code that will then be deployed. Best practices recommend that this infrastructure comply with policy so it doesn’t introduce any security or compliance risk into the environment, such as an open network port or encryption not being enabled.
Fugue Platform enables you to guarantee that infrastructure is compliant with policies; any infrastructure that violates policy will not be deployed. The pipeline looks like this:
Infrastructure-as-code files, known in Fugue as “compositions”, are checked into a version control system such as GitHub. A build server such as Jenkins or CircleCI compiles the compositions from version control and checks them against policy libraries for compliance. If a composition violates policy, Jenkins generates a build error and the developer must correct the violation. Successfully compiled compositions are deployed by the Fugue Conductor (the orchestration engine) into the cloud.