Kubernetes Build and Deploy Pipeline

Infrastructure
7 nodes · 6 edgesinfrastructure
Visual
Open in Editor
ex-kubernetes-deploy.osop.yaml
# Kubernetes Deployment Pipeline
# Build image, push to registry, apply manifests, verify rollout
osop_version: "2.0"
id: kubernetes-deploy
name: Kubernetes Build and Deploy Pipeline

nodes:
  - id: build_image
    type: docker
    purpose: Build application Docker image with version tag
    runtime:
      action: build
      dockerfile: Dockerfile
      context: "."
      tags: ["app:{{GIT_SHA}}", "app:latest"]
      build_args:
        NODE_ENV: production
    outputs: [image_tag, image_digest]
    timeout_sec: 600

  - id: push_to_ecr
    type: docker
    purpose: Push Docker image to AWS ECR registry
    runtime:
      action: push
      registry: "123456789.dkr.ecr.us-east-1.amazonaws.com"
    inputs: [image_tag]
    outputs: [ecr_image_url]
    security:
      credentials_source: aws_iam_role
    explain: |
      Pushes to ECR using IAM role-based authentication.
      Image is scanned automatically by ECR on push.

  - id: update_manifests
    type: infra
    purpose: Update Kubernetes manifests with new image tag
    runtime:
      tool: kustomize
      action: edit set image
      image: "app={{ecr_image_url}}"
      overlay: overlays/production
    inputs: [ecr_image_url]
    outputs: [rendered_manifests]

  - id: apply_manifests
    type: infra
    purpose: Apply updated manifests to Kubernetes cluster
    runtime:
      tool: kubectl
      action: apply
      manifests: "-k overlays/production"
      namespace: production
    inputs: [rendered_manifests]
    outputs: [apply_status]
    timeout_sec: 120

  - id: rollout_status
    type: infra
    purpose: Monitor deployment rollout until complete
    runtime:
      tool: kubectl
      action: rollout status
      resource: deployment/app
      namespace: production
    inputs: [apply_status]
    outputs: [rollout_result]
    timeout_sec: 300
    retry_policy:
      max_retries: 3
      backoff_sec: 10

  - id: health_check
    type: api
    purpose: Verify application health endpoints respond correctly
    runtime:
      endpoint: app-health
      method: GET
      url: "https://app.example.com/api/health"
    inputs: [rollout_result]
    outputs: [health_status]
    retry_policy:
      max_retries: 5
      backoff_sec: 10
    timeout_sec: 60

  - id: rollback
    type: infra
    purpose: Rollback deployment if health check fails
    runtime:
      tool: kubectl
      action: rollout undo
      resource: deployment/app
      namespace: production
    explain: |
      Triggered only on health check failure. Reverts to the
      previous known-good deployment revision.

edges:
  - from: build_image
    to: push_to_ecr
    mode: sequential

  - from: push_to_ecr
    to: update_manifests
    mode: sequential

  - from: update_manifests
    to: apply_manifests
    mode: sequential

  - from: apply_manifests
    to: rollout_status
    mode: sequential

  - from: rollout_status
    to: health_check
    mode: sequential

  - from: health_check
    to: rollback
    mode: fallback
    condition: "health_status.status != 'ok'"
Previous
Docker Compose Development Environment Setup
Next
Terraform AWS Plan and Apply Workflow