Building a modern CI/CD
pipeline is essential for delivering applications faster, safer, and
with minimal downtime. In this blog, I’ll walk you through a complete
end-to-end implementation of a CI/CD pipeline in OCI
DevOps, integrating GitHub, Container
Registry, OKE,
and implementing a Blue/Green
Deployment strategy.
This setup ensures:
- Automated
build and deployment
- Zero-downtime
releases
- Easy
rollback mechanism
- Secure
secret management
Let’s dive in.
Architecture Overview
We will configure:
- GitHub
repository (source code)
- OCI Vault &
Secrets
- OCI
Container Registry
- OCI
DevOps Project
- Build
Pipeline
- Deployment
Pipeline
- OKE
Cluster
- NGINX
Ingress Controller
- Blue/Green
namespaces (ns-blue & ns-green)
Step 1: Secure GitHub Token in OCI Vault
Instead of hardcoding secrets:
- Create
a Vault
- Create
a Master Encryption Key
- Store
the GitHub
PAT token as a Secret
- Reference
the secret in DevOps pipeline
This ensures enterprise-grade security for repository
mirroring.
After a vault is created, create the encryption key
inside the vault
Now refer the key to the secrets
Secret contents is the PAT(Personal Access token) for the github.
Step 2: Create an OKE Cluster
Create an OKE cluster from OCI Console.
After creation, access it from Cloud Shell:
kubectl get nodes
Your Kubernetes cluster is now ready for deployments.
3 worker nodes are up and running
Step 3: Create Container & Artifact Registry
- Create Container
Registry → Stores Docker images
- Create Artifact
Registry → Stores Kubernetes manifest files (YAML)
These artifacts will be referenced inside the pipeline.
Container registry:-
Artifact Registry
Step 4: Mirror GitHub Repository in OCI DevOps
Inside DevOps Project:
- Click Mirror
Repository
- Provide
GitHub credentials (via Vault secret which stores the GitHub PAT)
- Wait
for sync
After a few minutes, your source code will reflect in OCI.
Once it is created, we will be able to see the repositories
present inside my github
After few minutes, the files will be displayed
Create the artifcats inside the devops which will store the
container images and OKE manifest files
Click on add
Create the OKE manifest artifacts (choose the artifact
registry created earlier)
Step 5: Create Build Pipeline
Important: Ensure build_spec.yaml is present in
the root of the repository.
Build Pipeline Flow:
- Fetch
Source Code
- Build
Docker Image
- Push
Image to Container Registry
- Export
Image Artifact
- Trigger
Deployment Pipeline
Add the next stage to deliver the artifacts for next stage
Click on +
Step 6: Create OKE Deployment Environment
Create an environment pointing to:
- Your
OKE Cluster
- Target
Namespace
- Kubernetes
Manifest (oci-oke-deployment.yaml)
Step 7: Create Deployment Pipeline
Click on next
Select the environment created earlier
Add the trigger deployment under the build pipeline
Conclusion (End of Part 1)
By completing the steps above, we have successfully:
- Secured
GitHub credentials using OCI Vault
- Created
an OKE cluster
- Configured
OCI Container & Artifact Registry
- Set up
OCI DevOps Project
- Created
a Build Pipeline
- Configured
a Deployment Environment
- Implemented
Blue/Green namespaces (ns-blue & ns-green)
At this stage, the CI/CD foundation is fully ready.
However, traffic is not yet exposed externally. The
application is deployed inside the cluster, but we still need:
- An
Ingress Controller
- Load
Balancer configuration
- Traffic
routing between Blue and Green
- Manual
approval-based traffic shift
- Rollback
mechanism
These critical production-grade components will be covered
in the next blog.
What’s Coming in next post
In the next post-https://samappsdba.blogspot.com/2026/02/oci-devops-cicd-oke-blue-green-ingress-traffic-shift-part-2.html, we will cover:
- Setting
up NGINX Ingress Controller on OKE
- Configuring
LoadBalancer service
- Executing
build pipeline runs
- Deploying
to Green namespace
- Traffic
shifting to Blue namespace
- Rollback
strategy in OCI DevOps
This is where the real power of OCI
DevOps Blue/Green deployment becomes visible.
Thanks for reading.
No comments:
Post a Comment