日本語
Separation of coding environment / test environment / production environment
Separate development environment and production environment
The separation between development and production is ridiculous if neglected. Moreover, it is important that the exact same source code works in the development environment and the production environment. In my previous project, I had to rewrite the parameters in order to compile it for production, but it was troublesome and caused mistakes, and there was nothing good about it.
For on-premise development, if you develop by physically separating the server and LAN, you can completely separate it, and you can test using the same module in production and development.
This time we will achieve this in a GCP + Firebase environment.
- Separate database Since the database is identified by APIKEY, I prepared and used Firebase projects for testing and production respectively.
- Servers - cloud instances - are not separated between production and development In the case of WEB application development, there is no point in separating the servers because the person in charge of the application does not need to log in to the server at the OS level.
- Separated WEB server Set up multiple WEB servers on the server and separate production and development
- Control source code under development We use Github and the management is left to the app team. I don't know how to manage branches, pull requests, etc. Transfer of application from app team to infrastructure team is done by "source code committed to Master of Github"
we carry out the process from coding to UT on the PC of the person in charge of the application.
Since the development language is JavaScript / Python, we decided to use VIsual Studio Code as the development environment.
There are many tools for UT in VSCode, so you can check HTML, Python, and JavaScript on your PC. You can run nodeserver, or you can step through JavaScript with Debugger for Chrome.
The only thing is that CGI cannot be called on the local WEB server, so the integration between JavaScript and Python will be carried out on the test server.
Test environment:
When source code is pushed to Github, the contents of Master are automatically deployed to the test WEB server using the Github web hook.
In addition, the CGI (Python) log generated on the server is published by WEB page on the development server in order to provide information to app team.
So I can prohibit application personnel from logging in to the server.
I strongly recommend that you prohibit app team logging in. In order to protect the system, it is essential not to let the developers do what they want - It's just a personal impression -.
Production environment:
Deployment to the production environment is done manually. Even if the program is perfectly completed, the timing of the release will changed by human circumstances such as depending on the announcement to users, promotion preparation.
The production CGI (Python) log is also open to the person in charge of the application as well as the development server.
How to set production and development:
In this project, access to DB from JavaScript (browser) is prohibited (access is denied all - allow read, write: if false;). The DB is accessed from the back end (CGI, that is, Python) with administrator privileges using the key file of the service account.
Therefore, you need to change the key files used when running on the development server and when running on the production server. Also, Firebase projects are isolated across multiple projects, so we need to use the correct key file for each project.
This is controlled by a matrix that pre-includes the Firebase project name and production / development and pre-stored it on the server.
For more information Use multiple Firebase projects properly in WEB application development