├── README.md
└── images
    ├── all_pipelines.png
    ├── cookbook_pipeline.png
    ├── image_pipeline.png
    ├── inspec_pipeline.png
    ├── pipeline.png
    ├── policyfile_pipeline.png
    └── readme.md


/README.md:
--------------------------------------------------------------------------------
  1 | # Chef Pipelines
  2 | 
  3 | ### Description
  4 | Chef manages changes to both infrastructure and application code, giving your operations and development teams a common platform for developing, testing, and deploying cookbooks, applications, and more.
  5 | 
  6 | Chef accelerates the adoption of continuous delivery and encourages DevOps collaboration. It provides a proven, reproducible workflow for managing changes as they flow through the pipeline from a local workstation, through automated tests, and out into production.
  7 | 
  8 | ### About
  9 | For illustration purposes, all pipelines are written in `groovy` and stored in a `Jenkinsfile` which can be displayed in Jenkins with the Blue Ocean plugin.  As Chef is an open API, you can choose to use your favorite CI/CD pipeline like Azure DevOps, VSTS, Bamboo or Jenkins.
 10 | 
 11 | ### Pipelines
 12 | A pipeline is series of automated and manual quality gates that take software changes from development to delivery. The goal of a pipeline is to move changes from your workstation into production quickly and safely.
 13 | 
 14 | Pipelines in Chef have six stages: Verify, Build, Acceptance, Union, Rehearsal, and Delivered. Changes progress from one stage to another by passing a suite of automated tests. For the Verify and Acceptance stages, explicit approval by a designated person is required (in addition to the tests).
 15 | 
 16 | The following illustration is an example of the phases of each pipeline stage.
 17 | 
 18 | ![Pipeline](/images/pipeline.png)
 19 | 
 20 | ### How the pipelines interact
 21 | The pipelines have dependencies on each other, creating reusable artifacts that feed the next.  As a whole, the pipelines interact as follows and can take ```use cases``` as an input.  Some examples of these use cases are: 
 22 |  - Patching
 23 |  - Image Building
 24 |  - Database as a Service
 25 |  - OS Hardening
 26 | 
 27 | ![All Pipelines](/images/all_pipelines.png)
 28 | ---
 29 | ## InSpec Pipeline
 30 | InSpec is a framework for testing and auditing your applications and infrastructure. InSpec works by comparing the actual state of your system with the desired state that you express in easy-to-read and easy-to-write InSpec code. InSpec detects violations and displays findings in the form of a report, but puts you in control of remediation.
 31 | 
 32 | ### Description
 33 | This pipeline takes an InSpec profile and performs syntax and lint checking to produce an archive that can be used by an Audit Cookbook to validate images, OS's and Middleware.  It produces a signed artifact that is consumed by the Policyfile pipeline.
 34 | 
 35 | ### Depends On (Up stream)
 36 | - Other InSpec Pipelines (Optional)
 37 | 
 38 | ### Depends On It (Down stream)
 39 | - Policyfile Pipeline (Mandatory)
 40 | 
 41 | ![InSpec Pipeline](/images/inspec_pipeline.png)
 42 | 
 43 | ### Code
 44 | https://github.com/anthonygrees/inspec_pipeline
 45 | 
 46 | ---
 47 | ## Cookbook Pipeline
 48 | A cookbook is the fundamental unit of configuration and policy distribution. A cookbook defines a scenario and contains everything that is required to support that scenario:
 49 | - Recipes that specify the resources to use and the order in which they are to be applied
 50 | - Attribute values
 51 | - File distributions
 52 | - Templates
 53 | - Extensions to Chef, such as custom resources and libraries
 54 | 
 55 | ### Description
 56 | The cookbook pipeline takes the cookbook and it's recipies, tests them using kitchen, performs lint and syntax checks and then publishes it for the policyfile pipeline to consume.
 57 | 
 58 | ### Depends On (Up stream)
 59 | - Other Cookbook Pipelines (Optional)
 60 | 
 61 | ### Depends On It (Down stream)
 62 | - Policyfile Pipeline (Mandatory)
 63 | 
 64 | ![Cookbook Pipeline](/images/cookbook_pipeline.png)
 65 | 
 66 | ### Code
 67 | https://github.com/anthonygrees/cookbook_pipeline
 68 | 
 69 | ---
 70 | ## Policyfile Pipeline
 71 | A Policyfile is an optional way to manage role, environment, and community cookbook data with a single document that is uploaded to the Chef server. The file is associated with a group of nodes, cookbooks, and settings. When these nodes perform a Chef client run, they utilize recipes specified in the Policyfile run-list.
 72 | 
 73 | ### Description
 74 | The policyfile pipeline takes input from both `cookbooks` and `inspec` and then resolves dependencies.  The versions, attributes and runlist are all handeled by the policyfile.
 75 | 
 76 | ### Depends On (Up stream)
 77 | - InSpec Pipeline (Mandatory)
 78 | - Cookbook Pipeline (Mandatory)
 79 | 
 80 | ### Depends On It (Down stream)
 81 | - Image Pipeline (Mandatory)
 82 | - Existing Brownfields Recovery Pipeline (Mandatory)
 83 | 
 84 | ![Cookbook Pipeline](/images/policyfile_pipeline.png)
 85 | 
 86 | ### Code
 87 | https://github.com/anthonygrees/policyfile_pipeline
 88 | 
 89 | ---
 90 | ## Image Pipeline
 91 | 
 92 | ### Description
 93 | 
 94 | ### Depends On (Up stream)
 95 | - Policyfile Pipeline (Mandatory)
 96 | 
 97 | ### Depends On It (Down stream)
 98 | - All Provisioning Pipelines (Mandatory)
 99 | 
100 | ![Cookbook Pipeline](/images/image_pipeline.png)
101 | 
102 | ### Code
103 | https://github.com/anthonygrees/image_pipeline
104 | 
105 | ---
106 | ## Existing Brownfields Recovery Pipeline
107 | 
108 | ### Description
109 | 
110 | ### Depends On (Up stream)
111 | - Policyfile Pipeline (Mandatory)
112 | 
113 | ### Depends On It (Down stream)
114 | - All Pipelines for Existing OS's and Middleware (Mandatory)
115 | 
116 | ![Brownfields Pipeline](/images/brownfields_pipeline.png)
117 | 
118 | ### Code
119 | https://github.com/anthonygrees/existing_brownfields_pipeline
120 | 
121 | ---
122 | ## License and Author
123 | 
124 | * Author:: Matt Ray <matt@chef.io>
125 | * Author:: Anthony Rees <anthony@chef.io>
126 | 
127 | Licensed under the Apache License, Version 2.0 (the "License");
128 | you may not use this file except in compliance with the License.
129 | You may obtain a copy of the License at
130 | 
131 |     http://www.apache.org/licenses/LICENSE-2.0
132 | 
133 | Unless required by applicable law or agreed to in writing, software
134 | distributed under the License is distributed on an "AS IS" BASIS,
135 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
136 | See the License for the specific language governing permissions and
137 | limitations under the License.
138 | 


--------------------------------------------------------------------------------
/images/all_pipelines.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/anthonygrees/chef_pipelines/263e00dd78a15a13e46f863244157f9b16fcf43a/images/all_pipelines.png


--------------------------------------------------------------------------------
/images/cookbook_pipeline.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/anthonygrees/chef_pipelines/263e00dd78a15a13e46f863244157f9b16fcf43a/images/cookbook_pipeline.png


--------------------------------------------------------------------------------
/images/image_pipeline.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/anthonygrees/chef_pipelines/263e00dd78a15a13e46f863244157f9b16fcf43a/images/image_pipeline.png


--------------------------------------------------------------------------------
/images/inspec_pipeline.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/anthonygrees/chef_pipelines/263e00dd78a15a13e46f863244157f9b16fcf43a/images/inspec_pipeline.png


--------------------------------------------------------------------------------
/images/pipeline.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/anthonygrees/chef_pipelines/263e00dd78a15a13e46f863244157f9b16fcf43a/images/pipeline.png


--------------------------------------------------------------------------------
/images/policyfile_pipeline.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/anthonygrees/chef_pipelines/263e00dd78a15a13e46f863244157f9b16fcf43a/images/policyfile_pipeline.png


--------------------------------------------------------------------------------
/images/readme.md:
--------------------------------------------------------------------------------
1 | images folder
2 | 


--------------------------------------------------------------------------------