Wednesday, February 18, 2026

Complete CI/CD Pipeline Setup on Oracle Cloud Infrastructure (OCI) with Oracle Kubernetes Engine (OKE) – Blue/Green Deployment Strategy

 Building a modern CI/CD pipeline is essential for delivering applications faster, safer, and with minimal downtime. In this blog, I’ll walk you through a complete end-to-end implementation of a CI/CD pipeline in OCI DevOps, integrating GitHub, Container Registry, OKE, and implementing a Blue/Green Deployment strategy.

This setup ensures:

  • Automated build and deployment

  • Zero-downtime releases

  • Easy rollback mechanism

  • Secure secret management

Let’s dive in.

Architecture Overview

We will configure:

  • GitHub repository (source code)

  • OCI Vault & Secrets

  • OCI Container Registry

  • OCI DevOps Project

  • Build Pipeline

  • Deployment Pipeline

  • OKE Cluster

  • NGINX Ingress Controller

  • Blue/Green namespaces (ns-blue & ns-green)


Step 1: Secure GitHub Token in OCI Vault

Instead of hardcoding secrets:

  1. Create a Vault

  2. Create a Master Encryption Key

  3. Store the GitHub PAT token as a Secret

  4. Reference the secret in DevOps pipeline

This ensures enterprise-grade security for repository mirroring.

After  a vault is created, create the encryption key inside the vault


Now refer the key to the secrets






Secret contents is the PAT(Personal Access token) for the github. 

Step 2: Create an OKE Cluster

Create an OKE cluster from OCI Console.

After creation, access it from Cloud Shell:

kubectl get nodes

Your Kubernetes cluster is now ready for deployments.


3 worker nodes are up and running


Step 3: Create Container & Artifact Registry

  • Create Container Registry → Stores Docker images

  • Create Artifact Registry → Stores Kubernetes manifest files (YAML)

These artifacts will be referenced inside the pipeline.


Container registry:-



Artifact Registry





Step 4: Mirror GitHub Repository in OCI DevOps

Inside DevOps Project:

  1. Click Mirror Repository

  2. Provide GitHub credentials (via Vault secret which stores the GitHub PAT)

  3. Wait for sync

After a few minutes, your source code will reflect in OCI.








Once it is created, we will be able to see the repositories present inside my github

 






After few minutes, the files will be displayed



Create the artifcats inside the devops which will store the container images and OKE manifest files

 

 




 Click on add

 

 Create the OKE manifest artifacts (choose the artifact registry created earlier)

 

 

 




Step 5: Create Build Pipeline

Important: Ensure build_spec.yaml is present in the root of the repository.

Build Pipeline Flow:

  • Fetch Source Code

  • Build Docker Image

  • Push Image to Container Registry

  • Export Image Artifact

  • Trigger Deployment Pipeline




Add the next stage to deliver the artifacts for next stage

 

Click on +







Step 6: Create OKE Deployment Environment

Create an environment pointing to:

  • Your OKE Cluster

  • Target Namespace

  • Kubernetes Manifest (oci-oke-deployment.yaml)




Step 7: Create Deployment Pipeline










Click on next



Select the environment created earlier
















Add the trigger deployment under the build pipeline








Conclusion (End of Part 1)

By completing the steps above, we have successfully:

  • Secured GitHub credentials using OCI Vault

  • Created an OKE cluster

  • Configured OCI Container & Artifact Registry

  • Set up OCI DevOps Project

  • Created a Build Pipeline

  • Configured a Deployment Environment

  • Implemented Blue/Green namespaces (ns-blue & ns-green)

At this stage, the CI/CD foundation is fully ready.


However, traffic is not yet exposed externally. The application is deployed inside the cluster, but we still need:

  • An Ingress Controller

  • Load Balancer configuration

  • Traffic routing between Blue and Green

  • Manual approval-based traffic shift

  • Rollback mechanism

These critical production-grade components will be covered in the next blog.


What’s Coming in next post

In the next post, we will cover:

  • Setting up NGINX Ingress Controller on OKE

  • Configuring LoadBalancer service

  • Executing build pipeline runs

  • Deploying to Green namespace

  • Traffic shifting to Blue namespace

  • Rollback strategy in OCI DevOps

This is where the real power of OCI DevOps Blue/Green deployment becomes visible.


Thanks for reading.



No comments:

Post a Comment