{"id":848,"date":"2026-04-16T09:43:50","date_gmt":"2026-04-16T09:43:50","guid":{"rendered":"https:\/\/www.devopsschool.com\/tutorials\/oracle-cloud-devops-tutorial-architecture-pricing-use-cases-and-hands-on-guide-for-application-development\/"},"modified":"2026-04-16T09:43:50","modified_gmt":"2026-04-16T09:43:50","slug":"oracle-cloud-devops-tutorial-architecture-pricing-use-cases-and-hands-on-guide-for-application-development","status":"publish","type":"post","link":"https:\/\/www.devopsschool.com\/tutorials\/oracle-cloud-devops-tutorial-architecture-pricing-use-cases-and-hands-on-guide-for-application-development\/","title":{"rendered":"Oracle Cloud DevOps Tutorial: Architecture, Pricing, Use Cases, and Hands-On Guide for Application Development"},"content":{"rendered":"\n<h2 class=\"wp-block-heading\">Category<\/h2>\n\n\n\n<p>Application Development<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">1. Introduction<\/h2>\n\n\n\n<p>Oracle Cloud <strong>DevOps<\/strong> is Oracle Cloud Infrastructure\u2019s managed continuous integration and continuous delivery (CI\/CD) service for building, testing, and deploying applications. In Oracle\u2019s documentation, the service is commonly referred to as <strong>OCI DevOps<\/strong>. In this tutorial, the primary service name remains <strong>DevOps<\/strong> (Oracle Cloud).<\/p>\n\n\n\n<p><strong>Simple explanation:<\/strong> DevOps in Oracle Cloud helps teams store code, run automated builds\/tests, and deploy changes to Oracle Cloud targets (such as Kubernetes, compute instances, and serverless) using repeatable pipelines\u2014without having to run and maintain your own CI\/CD servers.<\/p>\n\n\n\n<p><strong>Technical explanation:<\/strong> DevOps provides projects that group together <strong>code repositories (Git)<\/strong>, <strong>build pipelines<\/strong> (managed build runners executing build steps defined in a build specification), and <strong>deployment pipelines<\/strong> (multi-stage releases to supported environments such as Oracle Kubernetes Engine). It integrates with Oracle Cloud IAM, Logging, Notifications, and artifact stores (for example, container registries or object storage) to deliver secure, auditable, automated software delivery.<\/p>\n\n\n\n<p><strong>What problem it solves:<\/strong> DevOps addresses the operational burden and risk of manual releases by enabling consistent, policy-controlled automation from commit \u2192 build \u2192 test \u2192 deploy, while improving traceability (who changed what, what ran, what was deployed, and where) and reducing deployment lead time.<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">2. What is DevOps?<\/h2>\n\n\n\n<p><strong>Official purpose (service intent):<\/strong> Oracle Cloud DevOps is designed to help teams implement CI\/CD practices on Oracle Cloud by providing managed capabilities for source control, builds, deployments, and pipeline automation\u2014integrated with Oracle Cloud governance and security.<\/p>\n\n\n\n<p><strong>Core capabilities (high level):<\/strong>\n&#8211; <strong>Code repositories<\/strong>: Host Git repositories for application code and infrastructure-as-code.\n&#8211; <strong>Build automation<\/strong>: Define and run build pipelines using managed build runners; compile, test, and package applications.\n&#8211; <strong>Deploy automation<\/strong>: Promote releases through deployment pipelines to supported Oracle Cloud targets (for example, Oracle Kubernetes Engine).\n&#8211; <strong>Artifacts and releases<\/strong>: Track build outputs and deployable units, and orchestrate releases across environments.\n&#8211; <strong>Triggers and integrations<\/strong>: Automatically start builds\/deployments based on code changes or events.\n&#8211; <strong>Observability integration<\/strong>: Use Oracle Cloud Logging and related services for auditing and operational visibility.<\/p>\n\n\n\n<p><strong>Major components (typical DevOps project building blocks):<\/strong>\n&#8211; <strong>DevOps Project<\/strong>: The top-level container for DevOps resources.\n&#8211; <strong>Code Repository<\/strong>: Managed Git repository inside a project.\n&#8211; <strong>Build Pipeline<\/strong>: A sequence of build stages that run on build runners.\n&#8211; <strong>Deployment Pipeline<\/strong>: A sequence of deployment stages to deliver a release to environments (for example, OKE).\n&#8211; <strong>Environments<\/strong>: Targets where deployments run (for example, an OKE cluster environment).\n&#8211; <strong>Artifacts<\/strong>: References to deployable items (for example, container images or Kubernetes manifests), depending on the deployment type.\n&#8211; <strong>Triggers<\/strong>: Rules to start pipelines automatically (for example, on Git push).\n&#8211; <strong>Logs\/Notifications<\/strong>: Operational telemetry and alerting integrations.<\/p>\n\n\n\n<p><strong>Service type:<\/strong> Managed CI\/CD and source control service (Application Development category) integrated with OCI IAM and observability.<\/p>\n\n\n\n<p><strong>Scope and locality (how it\u2019s typically scoped):<\/strong>\n&#8211; DevOps resources are created within an <strong>OCI region<\/strong> and <strong>compartment<\/strong>.\n&#8211; Projects and pipelines are <strong>compartment-scoped<\/strong> resources (governed by OCI IAM policies).\n&#8211; Code repositories are typically <strong>project-scoped<\/strong> and access-controlled via IAM.\n&#8211; Build and deployment executions are regional and depend on access to target resources in the same or peered network context (depending on the target type).<br\/>\n  If you need cross-region patterns, <strong>verify in official docs<\/strong> for supported architectures and recommended approaches.<\/p>\n\n\n\n<p><strong>How it fits into the Oracle Cloud ecosystem:<\/strong>\n&#8211; <strong>IAM<\/strong> controls who can create\/operate DevOps resources and what pipelines can access.\n&#8211; <strong>Oracle Kubernetes Engine (OKE)<\/strong> is a common target for deployments.\n&#8211; <strong>Container\/Artifact registry<\/strong> stores images and artifacts used by deployments (Oracle offers container registry capabilities; product naming and availability can vary\u2014<strong>verify in official docs for your region<\/strong>).\n&#8211; <strong>Logging \/ Audit \/ Notifications<\/strong> provide traceability and operational signals.\n&#8211; <strong>Vault<\/strong> (often used) stores sensitive tokens\/credentials used by build steps.\n&#8211; <strong>Networking (VCN)<\/strong> and private endpoints matter when pipelines deploy to private clusters or private compute.<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">3. Why use DevOps?<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Business reasons<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Faster delivery with fewer errors:<\/strong> Automated pipelines reduce manual deployment steps and variability.<\/li>\n<li><strong>Auditability and compliance:<\/strong> Centralized pipeline history (who\/what\/when) helps with governance.<\/li>\n<li><strong>Standardization:<\/strong> Platform teams can publish a \u201cgolden path\u201d pipeline for multiple teams.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Technical reasons<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Integrated CI\/CD:<\/strong> Use managed build and deploy capabilities aligned with Oracle Cloud services.<\/li>\n<li><strong>Repeatable builds:<\/strong> Build definitions are stored as code (build specification), enabling reproducible packaging.<\/li>\n<li><strong>Promotion across environments:<\/strong> Structured releases and deployment stages support dev \u2192 test \u2192 prod promotion models.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Operational reasons<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Reduced tooling maintenance:<\/strong> No need to operate your own CI server fleet if managed runners meet your needs.<\/li>\n<li><strong>Visibility:<\/strong> Pipeline logs and status integrate with OCI observability, enabling troubleshooting and alerting.<\/li>\n<li><strong>Separation of duties:<\/strong> IAM can separate developer access from production deployment permissions.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Security\/compliance reasons<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Central IAM and compartment controls:<\/strong> Policy-driven access instead of ad-hoc credentials.<\/li>\n<li><strong>Secret handling options:<\/strong> Tokens can be stored in Vault and injected at runtime (implementation varies\u2014<strong>verify in official docs<\/strong> for the recommended pattern).<\/li>\n<li><strong>Audit trails:<\/strong> OCI Audit can help track changes to pipelines and permissions.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Scalability\/performance reasons<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Parallel pipelines:<\/strong> Build pipelines can be structured for parallelism and staged execution.<\/li>\n<li><strong>Elastic build execution:<\/strong> Managed runners can reduce the need to size long-lived build servers.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">When teams should choose DevOps<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>You want an OCI-native CI\/CD that integrates with OCI IAM, compartments, and governance.<\/li>\n<li>You deploy to OCI services such as OKE, compute instance groups, or other OCI-based targets supported by DevOps deployments.<\/li>\n<li>You want a managed alternative to running Jenkins\/GitLab runners yourself.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">When teams should not choose DevOps<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>You require deep ecosystem integrations that are only available in a different CI\/CD platform your organization has standardized on (for example, a heavily customized GitHub Actions or GitLab setup).<\/li>\n<li>You need features not currently supported by DevOps (for example, certain advanced pipeline-as-code constructs, specialized runners, or niche deployment targets).<br\/>\n  Validate requirements against the latest DevOps documentation before committing.<\/li>\n<li>Your code hosting must remain on a non-OCI Git provider and you do not want to mirror repositories (DevOps can still integrate via external connections in some cases\u2014<strong>verify in official docs<\/strong> for current capabilities).<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">4. Where is DevOps used?<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Industries<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>SaaS and technology<\/strong>: Rapid release cycles, microservices on Kubernetes.<\/li>\n<li><strong>Finance<\/strong>: Controlled releases, auditability, and segregation of duties.<\/li>\n<li><strong>Healthcare<\/strong>: Compliance-focused delivery with traceable changes.<\/li>\n<li><strong>Retail\/e-commerce<\/strong>: Frequent deployments with rollback strategies.<\/li>\n<li><strong>Telecom and media<\/strong>: Scalable deployment automation to multi-service platforms.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Team types<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Application development teams adopting CI\/CD.<\/li>\n<li>Platform engineering teams building paved roads.<\/li>\n<li>DevOps\/SRE teams automating releases and hardening pipelines.<\/li>\n<li>Security and compliance teams enforcing delivery controls via IAM and approvals.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Workloads<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Containerized microservices deployed to <strong>Oracle Kubernetes Engine (OKE)<\/strong>.<\/li>\n<li>Web apps packaged and deployed to compute instances.<\/li>\n<li>Serverless functions (where supported by DevOps deployments\u2014<strong>verify in official docs<\/strong>).<\/li>\n<li>Infrastructure-as-code workflows (for example, Terraform via OCI Resource Manager\u2014if integrated for your scenario, <strong>verify in official docs<\/strong>).<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Architectures<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Single service apps with a straightforward CI pipeline.<\/li>\n<li>Multi-repo microservice architectures with standardized build\/deploy templates.<\/li>\n<li>Multi-environment promotion (dev\/test\/prod) with approvals and policy gating.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Real-world deployment contexts<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Central DevOps project per application.<\/li>\n<li>Shared \u201cplatform\u201d DevOps project hosting reusable pipeline templates and reference repos.<\/li>\n<li>Regulated environments requiring approvals between stages.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Production vs dev\/test usage<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Dev\/test<\/strong>: Fast feedback builds, ephemeral deployments, integration testing.<\/li>\n<li><strong>Production<\/strong>: Controlled releases, canary\/blue-green patterns (where implemented by your deployment strategy and supported stage types), approvals, and strong IAM boundaries.<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">5. Top Use Cases and Scenarios<\/h2>\n\n\n\n<p>Below are realistic scenarios where Oracle Cloud DevOps is commonly applied.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">1) CI for a containerized microservice<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem:<\/strong> Developers need automated builds and tests on each commit.<\/li>\n<li><strong>Why DevOps fits:<\/strong> Managed build pipelines run repeatable build steps and publish images.<\/li>\n<li><strong>Example:<\/strong> On every push to <code>main<\/code>, build a Docker image, run unit tests, and push to the registry.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">2) CD to Oracle Kubernetes Engine (OKE)<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem:<\/strong> Kubernetes deployments are inconsistent and error-prone when done manually.<\/li>\n<li><strong>Why DevOps fits:<\/strong> Deployment pipelines can apply Kubernetes manifests to OKE in controlled stages.<\/li>\n<li><strong>Example:<\/strong> Promote a \u201crelease\u201d from dev namespace to prod namespace with approval gates.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">3) Multi-environment promotion with approvals<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem:<\/strong> Production releases require formal sign-off and traceability.<\/li>\n<li><strong>Why DevOps fits:<\/strong> Pipelines can be structured with manual approval stages (if available for your pipeline type\u2014<strong>verify in official docs<\/strong>).<\/li>\n<li><strong>Example:<\/strong> Deploy to staging automatically, then require approval before production.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">4) Standardized pipelines for multiple teams (\u201cgolden path\u201d)<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem:<\/strong> Different teams build\/deploy differently, increasing risk.<\/li>\n<li><strong>Why DevOps fits:<\/strong> A platform team can define standard pipeline patterns and reuse them across projects.<\/li>\n<li><strong>Example:<\/strong> Shared build spec templates and consistent artifact naming and tagging conventions.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">5) Infrastructure delivery alongside application delivery<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem:<\/strong> App changes require coordinated infrastructure updates.<\/li>\n<li><strong>Why DevOps fits:<\/strong> Teams can align build\/deploy flows with IaC processes (often using Terraform and OCI services\u2014<strong>verify current recommended integration<\/strong>).<\/li>\n<li><strong>Example:<\/strong> Update network policy and deploy a service in a single orchestrated release.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">6) Secure pipeline execution with least-privilege IAM<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem:<\/strong> Build servers often have overly broad permissions.<\/li>\n<li><strong>Why DevOps fits:<\/strong> OCI IAM policies and compartments enforce boundaries; pipeline identities can be scoped.<\/li>\n<li><strong>Example:<\/strong> Build pipeline can push images, but cannot modify networking or IAM.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">7) Automated integration testing environment<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem:<\/strong> Integration tests require a deployed environment.<\/li>\n<li><strong>Why DevOps fits:<\/strong> Deploy to a test namespace\/cluster, run tests, then teardown (teardown depends on your tooling).<\/li>\n<li><strong>Example:<\/strong> Deploy a PR build to a test namespace and run API tests.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">8) Monorepo CI with selective builds<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem:<\/strong> Large monorepos cause slow builds.<\/li>\n<li><strong>Why DevOps fits:<\/strong> Build steps can include path-based logic to build only what changed.<\/li>\n<li><strong>Example:<\/strong> Only rebuild the service whose directory changed and skip others.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">9) Release traceability for audits<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem:<\/strong> Auditors need evidence of change control.<\/li>\n<li><strong>Why DevOps fits:<\/strong> Pipeline run history + OCI Audit logs help reconstruct deployment events.<\/li>\n<li><strong>Example:<\/strong> Export pipeline metadata and logs for quarterly compliance review.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">10) Canary-style progressive rollout (implementation-driven)<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem:<\/strong> Big-bang deployments increase risk.<\/li>\n<li><strong>Why DevOps fits:<\/strong> You can implement progressive delivery using Kubernetes deployment strategies and pipeline stages.<\/li>\n<li><strong>Example:<\/strong> Deploy to 10% traffic, monitor, then expand to 100% (depends on service mesh\/ingress design).<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">11) Artifact promotion and immutability<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem:<\/strong> Rebuilding for each environment breaks provenance.<\/li>\n<li><strong>Why DevOps fits:<\/strong> Build once, deploy the same artifact through environments.<\/li>\n<li><strong>Example:<\/strong> Build <code>image@sha256:...<\/code> and deploy the exact digest to staging and production.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">12) Controlled access for third-party contractors<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem:<\/strong> Contractors need to contribute without production access.<\/li>\n<li><strong>Why DevOps fits:<\/strong> Fine-grained IAM and compartment scoping.<\/li>\n<li><strong>Example:<\/strong> Contractors can create PRs and run non-prod pipelines only.<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">6. Core Features<\/h2>\n\n\n\n<blockquote>\n<p>Feature availability can evolve. Validate the latest capabilities in the official DevOps documentation for your region and tenancy.<\/p>\n<\/blockquote>\n\n\n\n<h3 class=\"wp-block-heading\">DevOps Projects<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>What it does:<\/strong> Organizes code repositories, build pipelines, deployment pipelines, artifacts, and environments.<\/li>\n<li><strong>Why it matters:<\/strong> Establishes a governed boundary aligned to compartments and IAM.<\/li>\n<li><strong>Practical benefit:<\/strong> Clear ownership and standardized resource grouping for an app or platform.<\/li>\n<li><strong>Caveats:<\/strong> Projects inherit compartment constraints; cross-compartment access requires explicit IAM.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Code Repositories (Git)<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>What it does:<\/strong> Hosts Git repositories inside Oracle Cloud DevOps.<\/li>\n<li><strong>Why it matters:<\/strong> Keeps source close to build\/deploy pipelines and OCI controls.<\/li>\n<li><strong>Practical benefit:<\/strong> Centralized access control, auditability, and integration with triggers.<\/li>\n<li><strong>Caveats:<\/strong> If your organization standardizes on GitHub\/GitLab, you may prefer to integrate externally; validate current integration options.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Build Pipelines<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>What it does:<\/strong> Runs build stages (compile\/test\/package) on managed runners based on a build specification file.<\/li>\n<li><strong>Why it matters:<\/strong> CI automation is foundational to reliable delivery.<\/li>\n<li><strong>Practical benefit:<\/strong> Repeatable builds, test automation, and artifact production.<\/li>\n<li><strong>Caveats:<\/strong> Builds consume compute resources (cost). Network access from runners may need configuration for private dependencies.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Build Runners (Managed Build Execution)<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>What it does:<\/strong> Provides managed execution for your build steps.<\/li>\n<li><strong>Why it matters:<\/strong> Removes the burden of operating build servers.<\/li>\n<li><strong>Practical benefit:<\/strong> Elasticity and standardized build execution.<\/li>\n<li><strong>Caveats:<\/strong> Runner capabilities, supported images, and network behavior can differ from self-hosted runners\u2014validate before migrating.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Deployment Pipelines<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>What it does:<\/strong> Orchestrates deployments through multiple stages to supported environments.<\/li>\n<li><strong>Why it matters:<\/strong> Brings consistency and control to delivery.<\/li>\n<li><strong>Practical benefit:<\/strong> Safer, repeatable releases with audit trails.<\/li>\n<li><strong>Caveats:<\/strong> Supported deployment targets and stage types are specific; ensure your target architecture is supported.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Environments (Deployment Targets)<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>What it does:<\/strong> Represents where deployments occur (for example, OKE environments).<\/li>\n<li><strong>Why it matters:<\/strong> Separates pipeline logic from environment configuration.<\/li>\n<li><strong>Practical benefit:<\/strong> Reusable deployment definitions across stages (dev\/staging\/prod).<\/li>\n<li><strong>Caveats:<\/strong> Environment connectivity and permissions must be correct, especially for private clusters.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Artifacts (Deployables)<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>What it does:<\/strong> Defines references to deployable components such as container images or Kubernetes manifests.<\/li>\n<li><strong>Why it matters:<\/strong> Ensures deployments are based on known inputs.<\/li>\n<li><strong>Practical benefit:<\/strong> Promotes the same artifact across environments.<\/li>\n<li><strong>Caveats:<\/strong> Artifact types and sources vary. Confirm how DevOps expects artifacts for your deployment type.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Triggers (Automation)<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>What it does:<\/strong> Starts build\/deploy pipelines based on events (for example, code commits).<\/li>\n<li><strong>Why it matters:<\/strong> Enables continuous delivery workflows.<\/li>\n<li><strong>Practical benefit:<\/strong> Reduced manual coordination; faster feedback.<\/li>\n<li><strong>Caveats:<\/strong> Trigger behaviors (branch filters, file path filters, etc.) should be tested to avoid accidental releases.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Logging and Audit Integration<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>What it does:<\/strong> Sends pipeline logs to OCI Logging; configuration and actions can appear in OCI Audit.<\/li>\n<li><strong>Why it matters:<\/strong> Observability and compliance.<\/li>\n<li><strong>Practical benefit:<\/strong> Faster troubleshooting and evidence for change management.<\/li>\n<li><strong>Caveats:<\/strong> Logs can drive storage cost; retention policies matter.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Notifications \/ Events Integration<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>What it does:<\/strong> Integrates pipeline events with OCI Notifications or Events for alerting and automation.<\/li>\n<li><strong>Why it matters:<\/strong> Operations teams need awareness of failures and deployments.<\/li>\n<li><strong>Practical benefit:<\/strong> Slack\/email\/pager workflows via notification endpoints (depending on your integration).<\/li>\n<li><strong>Caveats:<\/strong> Ensure alert fatigue is managed with sensible thresholds and routing.<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">7. Architecture and How It Works<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">High-level service architecture<\/h3>\n\n\n\n<p>At a high level, Oracle Cloud DevOps provides:\n&#8211; A <strong>control plane<\/strong> (projects, pipelines, artifacts, environments, triggers, IAM integration).\n&#8211; A <strong>data plane<\/strong> for build execution (build runners) and deployment execution (deployment workers interacting with targets like OKE).<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Typical flow (commit \u2192 build \u2192 deploy)<\/h3>\n\n\n\n<ol class=\"wp-block-list\">\n<li>Developer pushes code to a <strong>DevOps code repository<\/strong>.<\/li>\n<li>A <strong>trigger<\/strong> starts a <strong>build pipeline<\/strong>.<\/li>\n<li>The build pipeline runs on a managed runner:\n   &#8211; Fetch dependencies\n   &#8211; Run tests\n   &#8211; Build and package\n   &#8211; Publish artifacts (for example, a container image)<\/li>\n<li>A deployment pipeline is started (automatically or manually):\n   &#8211; Select release artifacts\n   &#8211; Deploy to a target environment (for example, apply Kubernetes manifests to OKE)<\/li>\n<li>Logs and events are emitted to OCI Logging\/Events\/Notifications.<\/li>\n<\/ol>\n\n\n\n<h3 class=\"wp-block-heading\">Integrations with related services (common)<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Oracle Kubernetes Engine (OKE)<\/strong>: deployment target for containerized apps.<\/li>\n<li><strong>Container registry \/ artifact storage<\/strong>: store container images and Helm charts.<\/li>\n<li><strong>OCI Vault<\/strong>: store sensitive tokens (for example, registry auth tokens).<\/li>\n<li><strong>OCI Logging<\/strong>: pipeline logs and diagnostics.<\/li>\n<li><strong>OCI Notifications<\/strong>: alerting on pipeline results.<\/li>\n<li><strong>OCI IAM<\/strong>: policies, groups, compartments, dynamic groups (depending on the pipeline identity model).<\/li>\n<li><strong>VCN \/ private endpoints<\/strong>: access to private clusters, private artifact registries, or private dependencies.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Dependency services<\/h3>\n\n\n\n<p>You can run DevOps with minimal dependencies (code + build), but end-to-end CI\/CD typically depends on:\n&#8211; A deployment target (OKE, compute instances, etc.)\n&#8211; An artifact store (container registry\/object storage)\n&#8211; Networking (VCN\/subnets\/security rules for private access)\n&#8211; IAM policies for users and pipeline identities<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Security\/authentication model (conceptual)<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Human users<\/strong> authenticate via OCI IAM and are authorized by policies.<\/li>\n<li><strong>Pipelines<\/strong> run under service-managed identities\/resource principals or configured credentials depending on the integration.<br\/>\n  The exact recommended policy model can vary by feature; <strong>verify the required policies in official docs<\/strong> for:<\/li>\n<li>pulling from\/pushing to a registry<\/li>\n<li>reading from code repositories<\/li>\n<li>deploying to OKE<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Networking model<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Build runners need outbound access to fetch dependencies (public internet or via private network routes\/NAT).<\/li>\n<li>Deployments to private OKE clusters require appropriate network reachability (private endpoints, VCN configuration, and security rules).<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Monitoring\/logging\/governance considerations<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Centralize logs in OCI Logging; define retention.<\/li>\n<li>Use OCI Events\/Notifications for pipeline failure alerts.<\/li>\n<li>Enforce tagging and naming conventions for pipeline resources.<\/li>\n<li>Use compartments to separate environments (dev\/test\/prod).<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Simple architecture diagram (Mermaid)<\/h3>\n\n\n\n<pre><code class=\"language-mermaid\">flowchart LR\n  Dev[Developer] --&gt;|git push| Repo[DevOps Code Repository]\n  Repo --&gt; Trigger[DevOps Trigger]\n  Trigger --&gt; Build[DevOps Build Pipeline]\n  Build --&gt; Img[Container Image Registry]\n  Build --&gt; Logs[OCI Logging]\n  Img --&gt; Deploy[DevOps Deployment Pipeline]\n  Deploy --&gt; OKE[Oracle Kubernetes Engine]\n  Deploy --&gt; Logs\n<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\">Production-style architecture diagram (Mermaid)<\/h3>\n\n\n\n<pre><code class=\"language-mermaid\">flowchart TB\n  subgraph Tenancy[OCI Tenancy]\n    subgraph CompDev[Compartment: dev]\n      RepoDev[DevOps Repo]\n      BuildDev[Build Pipeline]\n      DeployDev[Deploy Pipeline]\n      OKEDev[OKE Cluster (dev)]\n    end\n\n    subgraph CompProd[Compartment: prod]\n      DeployProd[Deploy Pipeline (prod)]\n      OKEProd[OKE Cluster (prod)]\n      Vault[OCI Vault]\n      Log[OCI Logging]\n      Audit[OCI Audit]\n      Notif[OCI Notifications]\n      Registry[Container Registry\/Artifact Repo]\n    end\n\n    RepoDev --&gt; BuildDev\n    BuildDev --&gt; Registry\n    BuildDev --&gt; Log\n    DeployDev --&gt; OKEDev\n    DeployDev --&gt; Log\n\n    Registry --&gt; DeployProd\n    Vault --&gt; BuildDev\n    Vault --&gt; DeployProd\n    DeployProd --&gt; OKEProd\n    DeployProd --&gt; Log\n\n    Log --&gt; Notif\n    Audit --&gt; Notif\n  end\n<\/code><\/pre>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">8. Prerequisites<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Tenancy and compartment requirements<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>An active <strong>Oracle Cloud<\/strong> tenancy.<\/li>\n<li>A <strong>compartment<\/strong> where you can create DevOps resources.<\/li>\n<li>If deploying to OKE: permissions to create\/manage OKE clusters (or access to an existing cluster).<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Permissions \/ IAM roles<\/h3>\n\n\n\n<p>You typically need:\n&#8211; Permission to manage DevOps resources in your compartment (often via policies granting <code>manage devops-family<\/code>).\n&#8211; Permission to use supporting services:\n  &#8211; Logging\/Notifications (for operational integrations)\n  &#8211; Vault (if using secrets)\n  &#8211; Container registry\/artifact repository (for publishing images)\n  &#8211; OKE (for deployments)<\/p>\n\n\n\n<p><strong>Important:<\/strong> OCI IAM policy syntax and required statements can be nuanced. Use the official DevOps policy documentation and copy the current statements for your scenario:<br\/>\nhttps:\/\/docs.oracle.com\/en-us\/iaas\/Content\/devops\/using\/home.htm (navigate to IAM\/policies section)<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Billing requirements<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>DevOps usage may be billed indirectly through:<\/li>\n<li>build runner compute consumption<\/li>\n<li>artifact storage<\/li>\n<li>container registry storage<\/li>\n<li>OKE worker nodes<\/li>\n<li>load balancers<\/li>\n<li>logging retention<br\/>\n  You need a billing-enabled tenancy for most production-like labs (even if you stay within Always Free).<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Tools needed<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>OCI Console access (browser).<\/li>\n<li><strong>Git<\/strong> installed locally.<\/li>\n<li>Optional but recommended:<\/li>\n<li><strong>OCI CLI<\/strong>: https:\/\/docs.oracle.com\/en-us\/iaas\/Content\/API\/Concepts\/cliconcepts.htm<\/li>\n<li><strong>kubectl<\/strong> (if deploying to OKE): https:\/\/kubernetes.io\/docs\/tasks\/tools\/<\/li>\n<li><strong>Docker<\/strong> (for local testing)<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Region availability<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>DevOps availability can vary by region. Confirm in the Console service list for your region and in official docs.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Quotas\/limits<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Service limits apply to DevOps, OKE, compute, load balancers, and logging.<\/li>\n<li>Before starting, check OCI Service Limits in the Console and request increases if needed.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Prerequisite services (for the hands-on lab below)<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Oracle Cloud DevOps enabled in your region<\/li>\n<li>A container image registry capability (Oracle\u2019s container registry\/artifact registry)<\/li>\n<li>Oracle Kubernetes Engine (OKE) cluster (quick create is fine for lab)<\/li>\n<li>OCI Logging enabled (default)<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">9. Pricing \/ Cost<\/h2>\n\n\n\n<p>Oracle Cloud DevOps cost is best understood as <strong>(a) DevOps service charges, if any, plus (b) the cost of the resources your pipelines consume and deploy<\/strong>.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Pricing dimensions (typical)<\/h3>\n\n\n\n<p>Depending on your exact setup and current Oracle pricing, cost may include:\n&#8211; <strong>Build execution<\/strong>: build runner compute time\/shape (common primary cost driver for CI).\n&#8211; <strong>Artifact storage<\/strong>:\n  &#8211; container registry storage (images, layers)\n  &#8211; object storage (generic artifacts, logs exported, build outputs)\n&#8211; <strong>Deployment target runtime<\/strong>:\n  &#8211; OKE worker nodes (compute)\n  &#8211; load balancers created by Kubernetes Services\n  &#8211; block volumes, file storage (if used)\n&#8211; <strong>Logging<\/strong>: ingestion and retention (depending on OCI Logging configuration and pricing model in your region)\n&#8211; <strong>Network egress<\/strong>: pulling dependencies from the internet, pushing\/pulling images cross-region, and outbound traffic from your app.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Free Tier considerations<\/h3>\n\n\n\n<p>Oracle Cloud has an Always Free tier for some services and shapes, varying by region and tenancy. DevOps-related costs often come from:\n&#8211; worker nodes for OKE\n&#8211; load balancers\n&#8211; build runner minutes\/hours\n&#8211; registry and logging storage<\/p>\n\n\n\n<p><strong>Verify Always Free eligibility and current inclusions<\/strong> in Oracle\u2019s Free Tier pages and your tenancy\u2019s limits.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Hidden or indirect costs to watch<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Kubernetes LoadBalancer Services<\/strong> often create cloud load balancers (potentially significant recurring cost).<\/li>\n<li><strong>Image churn<\/strong>: frequent builds create many image layers \u2192 storage growth.<\/li>\n<li><strong>Logging retention<\/strong>: verbose build logs retained for long periods.<\/li>\n<li><strong>Network egress<\/strong>: builds downloading large dependencies repeatedly.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">How to optimize cost<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Use small build runner shapes appropriate for your builds.<\/li>\n<li>Enable dependency caching where supported (or structure builds to minimize downloads).<\/li>\n<li>Use image retention policies and clean up old tags\/digests.<\/li>\n<li>Prefer internal artifact sources to reduce egress.<\/li>\n<li>For Kubernetes, consider:<\/li>\n<li>using fewer worker nodes in dev\/test<\/li>\n<li>avoiding LoadBalancers for internal services (use ClusterIP + ingress where appropriate)<\/li>\n<li>Set logging retention to match compliance needs.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Example low-cost starter estimate (no fabricated numbers)<\/h3>\n\n\n\n<p>A low-cost lab typically includes:\n&#8211; 1 small OKE node pool (Always Free eligible if available) <strong>or<\/strong> a minimal compute target\n&#8211; 1 container registry repository with a few small images\n&#8211; a few build runs per day (short builds)\n&#8211; default logging retention<\/p>\n\n\n\n<p>Because OCI pricing varies by region and Always Free eligibility, <strong>use the official cost tools<\/strong>:\n&#8211; Oracle Cloud Pricing: https:\/\/www.oracle.com\/cloud\/pricing\/\n&#8211; Oracle Cloud Price List: https:\/\/www.oracle.com\/cloud\/price-list\/\n&#8211; Oracle Cloud Cost Estimator: https:\/\/www.oracle.com\/cloud\/costestimator.html<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Example production cost considerations<\/h3>\n\n\n\n<p>For production, plan for:\n&#8211; larger OKE clusters (multiple nodes across fault domains)\n&#8211; high availability load balancers and ingress controllers\n&#8211; higher build frequency + parallel builds\n&#8211; long log retention for compliance\n&#8211; artifact retention and backup strategies\n&#8211; private connectivity (FastConnect\/VPN) if required<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">10. Step-by-Step Hands-On Tutorial<\/h2>\n\n\n\n<p>This lab builds and deploys a small containerized web app using <strong>Oracle Cloud DevOps<\/strong>:\n&#8211; Store code in a <strong>DevOps code repository<\/strong>\n&#8211; Build a Docker image in a <strong>DevOps build pipeline<\/strong>\n&#8211; Push the image to Oracle\u2019s container registry capability\n&#8211; Deploy to <strong>Oracle Kubernetes Engine (OKE)<\/strong> using a <strong>DevOps deployment pipeline<\/strong><\/p>\n\n\n\n<p>If your organization uses a different registry approach (for example, Artifact Registry vs Container Registry branding, or different endpoints), follow the same flow and <strong>verify the exact registry steps in official docs for your region<\/strong>.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Objective<\/h3>\n\n\n\n<p>Implement an end-to-end CI\/CD pipeline in Oracle Cloud DevOps that deploys a simple \u201cHello DevOps\u201d web app to an OKE cluster.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Lab Overview<\/h3>\n\n\n\n<p>You will:\n1. Create\/confirm prerequisites (compartment, policies, registry, OKE).\n2. Create a DevOps project and code repository.\n3. Commit a simple container app + Kubernetes manifests.\n4. Create a build pipeline to build and push a container image.\n5. Create a deploy pipeline to apply Kubernetes manifests to OKE.\n6. Trigger the pipeline, verify the running app, then clean up.<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h3 class=\"wp-block-heading\">Step 1: Prepare your compartment, user group, and policies<\/h3>\n\n\n\n<ol class=\"wp-block-list\">\n<li>In the OCI Console, choose (or create) a <strong>compartment<\/strong> for the lab (example: <code>devops-lab<\/code>).<\/li>\n<li>Ensure your user is in a group that can manage required resources.<\/li>\n<\/ol>\n\n\n\n<p><strong>Policies you will likely need<\/strong>\n&#8211; Manage DevOps resources in the compartment\n&#8211; Allow the DevOps pipeline identity to:\n  &#8211; push images to your container registry repository\n  &#8211; deploy to OKE (cluster access)\n  &#8211; write logs (if required by your org\u2019s configuration)\n  &#8211; read secrets from Vault (if you store credentials there)<\/p>\n\n\n\n<p>Because OCI policy statements can change and depend on your exact configuration (resource principals, dynamic groups, and service identities), do this:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Open the DevOps documentation home:\n  https:\/\/docs.oracle.com\/en-us\/iaas\/Content\/devops\/using\/home.htm<\/li>\n<li>Navigate to the IAM\/policies section and copy the <strong>current<\/strong> recommended policies for:<\/li>\n<li>DevOps projects\/pipelines<\/li>\n<li>OKE deployments<\/li>\n<li>Container registry access<\/li>\n<\/ul>\n\n\n\n<p><strong>Expected outcome:<\/strong> You have a compartment ready and the correct IAM policies in place for both human administration and pipeline execution.<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h3 class=\"wp-block-heading\">Step 2: Create (or choose) an Oracle Kubernetes Engine (OKE) cluster<\/h3>\n\n\n\n<ol class=\"wp-block-list\">\n<li>In the OCI Console, go to <strong>Developer Services \u2192 Kubernetes Clusters (OKE)<\/strong>.<\/li>\n<li>Choose <strong>Create cluster<\/strong> and use <strong>Quick Create<\/strong> for a lab-friendly setup.<\/li>\n<li>Use a small node pool. If your tenancy\/region supports Always Free eligible shapes for worker nodes, select them to minimize cost (<strong>verify eligibility in your region<\/strong>).<\/li>\n<li>Wait for the cluster and node pool to become <strong>Active<\/strong>.<\/li>\n<\/ol>\n\n\n\n<p><strong>Verification<\/strong>\n&#8211; From the cluster details page, confirm:\n  &#8211; Cluster lifecycle state is <strong>Active<\/strong>\n  &#8211; Node pool is <strong>Active<\/strong>\n  &#8211; Nodes show <strong>Ready<\/strong> (may take time)<\/p>\n\n\n\n<p><strong>Expected outcome:<\/strong> A working OKE cluster ready to receive deployments.<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h3 class=\"wp-block-heading\">Step 3: Prepare local tools (Git, kubectl, and cluster access)<\/h3>\n\n\n\n<ol class=\"wp-block-list\">\n<li>Install:\n   &#8211; Git\n   &#8211; kubectl: https:\/\/kubernetes.io\/docs\/tasks\/tools\/<\/li>\n<li>Get cluster access (kubeconfig) using the OCI Console instructions for your cluster.<\/li>\n<\/ol>\n\n\n\n<p><strong>Verification<\/strong>\nRun:<\/p>\n\n\n\n<pre><code class=\"language-bash\">kubectl get nodes\n<\/code><\/pre>\n\n\n\n<p>You should see your node(s) in <code>Ready<\/code> status.<\/p>\n\n\n\n<p><strong>Expected outcome:<\/strong> Your workstation can talk to the OKE cluster.<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h3 class=\"wp-block-heading\">Step 4: Create a container repository (registry)<\/h3>\n\n\n\n<p>Oracle Cloud provides container image registry capabilities. The exact product name, endpoint, and workflow can differ by tenancy settings and region. Use your Console to:\n1. Create a container image repository for this lab (example name: <code>hello-devops<\/code>).\n2. Note:\n   &#8211; repository path\n   &#8211; region registry endpoint\n   &#8211; your tenancy namespace (often needed for login flows)<\/p>\n\n\n\n<p><strong>Expected outcome:<\/strong> You have a registry location where the build pipeline can push images.<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h3 class=\"wp-block-heading\">Step 5: Create a DevOps Project and a Code Repository<\/h3>\n\n\n\n<ol class=\"wp-block-list\">\n<li>In OCI Console, go to <strong>Developer Services \u2192 DevOps<\/strong>.<\/li>\n<li>Create a <strong>Project<\/strong> (example: <code>hello-devops-project<\/code>) in your lab compartment.<\/li>\n<li>Inside the project, create a <strong>Code Repository<\/strong> (example: <code>hello-devops-repo<\/code>).<\/li>\n<\/ol>\n\n\n\n<p>Clone the repository locally (Console provides the exact URL). Example:<\/p>\n\n\n\n<pre><code class=\"language-bash\">git clone &lt;YOUR_DEVOPS_REPO_CLONE_URL&gt;\ncd hello-devops-repo\n<\/code><\/pre>\n\n\n\n<p><strong>Expected outcome:<\/strong> You have an empty local Git repo connected to Oracle Cloud DevOps.<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h3 class=\"wp-block-heading\">Step 6: Add a simple web app + Dockerfile + Kubernetes manifests<\/h3>\n\n\n\n<p>Create these files in your repo.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">6.1 App content<\/h4>\n\n\n\n<p>Create <code>app\/index.html<\/code>:<\/p>\n\n\n\n<pre><code class=\"language-html\">&lt;!doctype html&gt;\n&lt;html&gt;\n  &lt;head&gt;\n    &lt;meta charset=\"utf-8\" \/&gt;\n    &lt;title&gt;Hello from Oracle Cloud DevOps&lt;\/title&gt;\n  &lt;\/head&gt;\n  &lt;body&gt;\n    &lt;h1&gt;Hello from Oracle Cloud DevOps&lt;\/h1&gt;\n    &lt;p&gt;If you see this, your CI\/CD pipeline deployed successfully.&lt;\/p&gt;\n  &lt;\/body&gt;\n&lt;\/html&gt;\n<\/code><\/pre>\n\n\n\n<h4 class=\"wp-block-heading\">6.2 Dockerfile<\/h4>\n\n\n\n<p>Create <code>Dockerfile<\/code>:<\/p>\n\n\n\n<pre><code class=\"language-dockerfile\">FROM nginx:1.27-alpine\nCOPY app\/index.html \/usr\/share\/nginx\/html\/index.html\n<\/code><\/pre>\n\n\n\n<h4 class=\"wp-block-heading\">6.3 Kubernetes manifests<\/h4>\n\n\n\n<p>Create <code>k8s\/deployment.yaml<\/code>:<\/p>\n\n\n\n<pre><code class=\"language-yaml\">apiVersion: apps\/v1\nkind: Deployment\nmetadata:\n  name: hello-devops\n  labels:\n    app: hello-devops\nspec:\n  replicas: 2\n  selector:\n    matchLabels:\n      app: hello-devops\n  template:\n    metadata:\n      labels:\n        app: hello-devops\n    spec:\n      containers:\n        - name: hello-devops\n          image: REPLACE_WITH_IMAGE_URI\n          ports:\n            - containerPort: 80\n<\/code><\/pre>\n\n\n\n<p>Create <code>k8s\/service.yaml<\/code>:<\/p>\n\n\n\n<pre><code class=\"language-yaml\">apiVersion: v1\nkind: Service\nmetadata:\n  name: hello-devops-svc\nspec:\n  type: LoadBalancer\n  selector:\n    app: hello-devops\n  ports:\n    - port: 80\n      targetPort: 80\n<\/code><\/pre>\n\n\n\n<blockquote>\n<p>Cost warning: <code>type: LoadBalancer<\/code> may provision a cloud load balancer and incur cost. For a cheaper lab, you can use <code>ClusterIP<\/code> and access via port-forwarding, but then you\u2019ll need a different validation method.<\/p>\n<\/blockquote>\n\n\n\n<p><strong>Expected outcome:<\/strong> The repo contains an app, a Dockerfile, and Kubernetes manifests.<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h3 class=\"wp-block-heading\">Step 7: Create the DevOps Build Pipeline<\/h3>\n\n\n\n<ol class=\"wp-block-list\">\n<li>In your DevOps Project, create a <strong>Build Pipeline<\/strong> (example: <code>hello-build<\/code>).<\/li>\n<li>Add a build stage that:\n   &#8211; checks out your code repo\n   &#8211; builds a Docker image\n   &#8211; pushes the image to your registry<\/li>\n<\/ol>\n\n\n\n<p>DevOps build pipelines use a build specification file. Create <code>build_spec.yaml<\/code> at repo root:<\/p>\n\n\n\n<pre><code class=\"language-yaml\">version: 0.1\ncomponent: build\ntimeoutInSeconds: 1800\nshell: bash\n\nsteps:\n  - type: Command\n    name: \"Show build environment\"\n    command: |\n      uname -a\n      docker version || true\n\n  - type: Command\n    name: \"Build image\"\n    command: |\n      IMAGE_URI=\"${IMAGE_URI}\"\n      if [ -z \"$IMAGE_URI\" ]; then\n        echo \"IMAGE_URI is not set. Configure it as a build pipeline parameter.\"\n        exit 1\n      fi\n      docker build -t \"${IMAGE_URI}\" .\n\n  - type: Command\n    name: \"Login to registry\"\n    command: |\n      # The exact login flow depends on your registry type and tenancy configuration.\n      # Prefer using OCI Vault for secrets and the official docs for the correct endpoint\/username format.\n      if [ -z \"$REGISTRY_ENDPOINT\" ] || [ -z \"$REGISTRY_USERNAME\" ] || [ -z \"$REGISTRY_PASSWORD\" ]; then\n        echo \"Registry credentials are not set. Configure build parameters or Vault secrets.\"\n        exit 1\n      fi\n      echo \"$REGISTRY_PASSWORD\" | docker login \"$REGISTRY_ENDPOINT\" -u \"$REGISTRY_USERNAME\" --password-stdin\n\n  - type: Command\n    name: \"Push image\"\n    command: |\n      IMAGE_URI=\"${IMAGE_URI}\"\n      docker push \"${IMAGE_URI}\"\n<\/code><\/pre>\n\n\n\n<ol class=\"wp-block-list\" start=\"3\">\n<li>Commit and push these files:<\/li>\n<\/ol>\n\n\n\n<pre><code class=\"language-bash\">git add .\ngit commit -m \"Add app, Dockerfile, k8s manifests, and build spec\"\ngit push origin main\n<\/code><\/pre>\n\n\n\n<ol class=\"wp-block-list\" start=\"4\">\n<li>In the Build Pipeline configuration:\n   &#8211; Configure the pipeline to use <code>build_spec.yaml<\/code>.\n   &#8211; Define build parameters:<ul>\n<li><code>IMAGE_URI<\/code> (example: <code>&lt;registry-endpoint&gt;\/&lt;namespace&gt;\/&lt;repo&gt;:latest<\/code>)<\/li>\n<li><code>REGISTRY_ENDPOINT<\/code><\/li>\n<li><code>REGISTRY_USERNAME<\/code><\/li>\n<li><code>REGISTRY_PASSWORD<\/code> (prefer Vault-backed secret if supported in your configuration)<\/li>\n<\/ul>\n<\/li>\n<\/ol>\n\n\n\n<p><strong>Verification<\/strong>\n&#8211; Run the build pipeline manually once.\n&#8211; Confirm:\n  &#8211; Build run status = <strong>Succeeded<\/strong>\n  &#8211; Image exists in your registry repository<\/p>\n\n\n\n<p><strong>Expected outcome:<\/strong> A successful build run produces and pushes a container image.<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h3 class=\"wp-block-heading\">Step 8: Create an OKE Environment in DevOps<\/h3>\n\n\n\n<ol class=\"wp-block-list\">\n<li>In the DevOps Project, create an <strong>Environment<\/strong> for Kubernetes\/OKE.<\/li>\n<li>Select your OKE cluster and configure the environment details as required by the Console wizard.<\/li>\n<\/ol>\n\n\n\n<p><strong>Verification<\/strong>\n&#8211; Environment should be created successfully and show a healthy\/ready status (wording varies).<\/p>\n\n\n\n<p><strong>Expected outcome:<\/strong> DevOps has a defined target environment pointing to OKE.<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h3 class=\"wp-block-heading\">Step 9: Create DevOps Artifacts for the deployment<\/h3>\n\n\n\n<p>You typically need at least:\n&#8211; A <strong>container image artifact<\/strong> referencing the image in your registry\n&#8211; A <strong>Kubernetes manifest artifact<\/strong> referencing your <code>k8s\/<\/code> YAML content<\/p>\n\n\n\n<p>The exact artifact types and how they link to repos\/images depend on current DevOps capabilities. Follow the DevOps Console flow to create:\n1. An artifact for the container image you pushed in Step 7.\n2. An artifact for Kubernetes manifests (from your repo path <code>k8s\/<\/code> or specific files).<\/p>\n\n\n\n<p><strong>Expected outcome:<\/strong> Artifacts exist and can be referenced by deployment stages.<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h3 class=\"wp-block-heading\">Step 10: Create the DevOps Deployment Pipeline (Deploy to OKE)<\/h3>\n\n\n\n<ol class=\"wp-block-list\">\n<li>Create a <strong>Deployment Pipeline<\/strong> (example: <code>hello-deploy<\/code>).<\/li>\n<li>Add a deployment stage for Kubernetes (OKE) that:\n   &#8211; targets the OKE Environment created in Step 8\n   &#8211; applies the Kubernetes manifest artifact created in Step 9\n   &#8211; substitutes the image reference in <code>k8s\/deployment.yaml<\/code><\/li>\n<\/ol>\n\n\n\n<p><strong>Important:<\/strong> Image substitution mechanisms vary (some pipelines support variable substitution or artifact mapping). Use the Console\u2019s supported method. If you can\u2019t substitute automatically in your current setup, set <code>REPLACE_WITH_IMAGE_URI<\/code> in <code>k8s\/deployment.yaml<\/code> to your actual image URI and commit it for this lab. For production, prefer immutable tags\/digests and automated substitution.<\/p>\n\n\n\n<p><strong>Verification<\/strong>\n&#8211; Run the deployment pipeline manually.\n&#8211; Confirm it reaches <strong>Succeeded<\/strong>.<\/p>\n\n\n\n<p><strong>Expected outcome:<\/strong> Kubernetes resources are applied to the cluster.<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h3 class=\"wp-block-heading\">Step 11: Validate the deployment in Kubernetes<\/h3>\n\n\n\n<ol class=\"wp-block-list\">\n<li>Check workload status:<\/li>\n<\/ol>\n\n\n\n<pre><code class=\"language-bash\">kubectl get deploy,svc,pods\n<\/code><\/pre>\n\n\n\n<ol class=\"wp-block-list\" start=\"2\">\n<li>Wait until pods are running and the service has an external IP:<\/li>\n<\/ol>\n\n\n\n<pre><code class=\"language-bash\">kubectl get svc hello-devops-svc -w\n<\/code><\/pre>\n\n\n\n<ol class=\"wp-block-list\" start=\"3\">\n<li>Once you have an external IP, test:<\/li>\n<\/ol>\n\n\n\n<pre><code class=\"language-bash\">curl -i http:\/\/&lt;EXTERNAL-IP&gt;\/\n<\/code><\/pre>\n\n\n\n<p>You should see the HTML page content.<\/p>\n\n\n\n<p><strong>Expected outcome:<\/strong> The \u201cHello from Oracle Cloud DevOps\u201d page loads from the Kubernetes service endpoint.<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h3 class=\"wp-block-heading\">Step 12: Add an automated trigger (optional but recommended)<\/h3>\n\n\n\n<p>To make it continuous:\n1. Create a DevOps <strong>Trigger<\/strong> on the code repository:\n   &#8211; On push to <code>main<\/code>, start the build pipeline.\n2. Optionally chain:\n   &#8211; Build success \u2192 start deploy pipeline (or require manual approval for prod-like safety).<\/p>\n\n\n\n<p><strong>Expected outcome:<\/strong> A commit to <code>main<\/code> automatically runs CI (and optionally CD).<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h3 class=\"wp-block-heading\">Validation<\/h3>\n\n\n\n<p>Use this checklist:\n&#8211; Build pipeline run succeeded and logs show image build + push.\n&#8211; Registry repository contains the expected image tag.\n&#8211; Deploy pipeline succeeded.\n&#8211; <code>kubectl get pods<\/code> shows 2 running pods.\n&#8211; You can <code>curl<\/code> the service external IP and see the expected HTML.<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h3 class=\"wp-block-heading\">Troubleshooting<\/h3>\n\n\n\n<p><strong>1) Build fails: <code>docker: command not found<\/code><\/strong>\n&#8211; The selected build runner image\/shape may not include Docker tooling.\n&#8211; Fix: Use a build runner configuration that supports Docker builds per Oracle\u2019s DevOps build documentation.<br\/>\n  Verify build runner prerequisites in official docs: https:\/\/docs.oracle.com\/en-us\/iaas\/Content\/devops\/using\/home.htm<\/p>\n\n\n\n<p><strong>2) Build fails to push image (auth errors)<\/strong>\n&#8211; Common causes:\n  &#8211; wrong registry endpoint\n  &#8211; wrong username format\n  &#8211; auth token\/credential invalid\n&#8211; Fix:\n  &#8211; Re-check the registry login instructions in the Oracle container registry documentation for your region.\n  &#8211; Store credentials in OCI Vault and reference them correctly.<\/p>\n\n\n\n<p><strong>3) Deploy fails: permissions to access OKE<\/strong>\n&#8211; Cause: missing IAM policies allowing the DevOps deployment identity to interact with the cluster.\n&#8211; Fix: Apply the official OKE deployment policies for DevOps from Oracle docs and retry.<\/p>\n\n\n\n<p><strong>4) Kubernetes service has no external IP<\/strong>\n&#8211; Causes:\n  &#8211; no available load balancer quota\n  &#8211; networking restrictions\n  &#8211; pending cloud controller actions\n&#8211; Fix:\n  &#8211; Check service events: <code>kubectl describe svc hello-devops-svc<\/code>\n  &#8211; Check OCI service limits for load balancers\n  &#8211; For a low-cost alternative, change service type to <code>ClusterIP<\/code> and use:\n    <code>kubectl port-forward svc\/hello-devops-svc 8080:80<\/code><\/p>\n\n\n\n<p><strong>5) Pods crash loop<\/strong>\n&#8211; Check logs: <code>kubectl logs deploy\/hello-devops<\/code>\n&#8211; Verify the image URI is correct and accessible by the cluster nodes.<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h3 class=\"wp-block-heading\">Cleanup<\/h3>\n\n\n\n<p>To avoid ongoing charges:<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li>Delete Kubernetes resources:<\/li>\n<\/ol>\n\n\n\n<pre><code class=\"language-bash\">kubectl delete -f k8s\/service.yaml\nkubectl delete -f k8s\/deployment.yaml\n<\/code><\/pre>\n\n\n\n<ol class=\"wp-block-list\" start=\"2\">\n<li>In OCI Console:\n&#8211; Delete DevOps deployment pipeline, build pipeline, and trigger (or delete the whole DevOps project if it\u2019s only for the lab).\n&#8211; Delete the container image repository (or at least delete images).\n&#8211; Delete the OKE cluster and node pool (this is often the biggest cost driver).\n&#8211; Review and delete any load balancers created by the Service (if they persist).<\/li>\n<\/ol>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">11. Best Practices<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Architecture best practices<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Build once, deploy many:<\/strong> Promote the same artifact through environments.<\/li>\n<li><strong>Immutable artifacts:<\/strong> Use image digests or unique tags instead of <code>latest<\/code>.<\/li>\n<li><strong>Separate environments:<\/strong> Use compartments and\/or separate clusters for dev\/test\/prod.<\/li>\n<li><strong>Pipeline templates:<\/strong> Standardize build specs and deployment patterns across teams.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">IAM\/security best practices<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Least privilege policies:<\/strong> Pipelines should only access required registries\/clusters.<\/li>\n<li><strong>Separate duties:<\/strong> Developers can run builds; production deploy permissions are tighter.<\/li>\n<li><strong>Use compartments and tagging:<\/strong> Enforce ownership and cost allocation.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Cost best practices<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Keep dev clusters small; scale only when needed.<\/li>\n<li>Avoid unnecessary <code>LoadBalancer<\/code> services in dev\/test.<\/li>\n<li>Set image retention and clean up old artifacts.<\/li>\n<li>Set log retention to the minimum required.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Performance best practices<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Cache dependencies (where supported) and minimize repeated downloads.<\/li>\n<li>Use multi-stage Docker builds to keep images small.<\/li>\n<li>Parallelize tests where appropriate.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Reliability best practices<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Add health checks in Kubernetes (readiness\/liveness probes).<\/li>\n<li>Use rolling updates and define rollback procedures.<\/li>\n<li>Gate production deployments with approvals and automated checks.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Operations best practices<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Send pipeline failures to Notifications and route them to on-call.<\/li>\n<li>Centralize logs and correlate:<\/li>\n<li>commit SHA<\/li>\n<li>build run ID<\/li>\n<li>deployment run ID<\/li>\n<li>Maintain runbooks for common failure modes.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Governance\/tagging\/naming best practices<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Naming:<\/li>\n<li><code>proj-&lt;app&gt;-&lt;env&gt;<\/code><\/li>\n<li><code>build-&lt;app&gt;<\/code><\/li>\n<li><code>deploy-&lt;app&gt;-&lt;env&gt;<\/code><\/li>\n<li>Tag resources with:<\/li>\n<li><code>CostCenter<\/code><\/li>\n<li><code>Owner<\/code><\/li>\n<li><code>Environment<\/code><\/li>\n<li><code>Application<\/code><\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">12. Security Considerations<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Identity and access model<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Use OCI IAM groups and policies to control:<\/li>\n<li>who can modify pipelines<\/li>\n<li>who can run deployments<\/li>\n<li>who can view logs\/artifacts<\/li>\n<li>Ensure pipeline identities (resource principals\/service identities) have constrained permissions.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Encryption<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>OCI services typically encrypt data at rest by default, but encryption configuration and keys may differ by service.<\/li>\n<li>For higher assurance, use <strong>customer-managed keys<\/strong> (Vault) where supported for registries, buckets, and other stores (<strong>verify per service<\/strong>).<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Network exposure<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Avoid exposing build systems or private dependencies to the public internet where possible.<\/li>\n<li>For Kubernetes:<\/li>\n<li>use private cluster patterns if required<\/li>\n<li>restrict security lists\/NSGs<\/li>\n<li>limit public LoadBalancers<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Secrets handling<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Do not store passwords\/tokens in Git.<\/li>\n<li>Prefer OCI Vault secrets and inject at build\/deploy runtime.<\/li>\n<li>Rotate registry auth tokens regularly.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Audit\/logging<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Enable and retain:<\/li>\n<li>OCI Audit logs (tenancy-level)<\/li>\n<li>DevOps pipeline logs (OCI Logging)<\/li>\n<li>Ensure logs do not contain secrets (scrub outputs; avoid <code>set -x<\/code> with secrets).<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Compliance considerations<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Map CI\/CD controls to frameworks (SOC 2, ISO 27001, PCI DSS) as needed:<\/li>\n<li>change control evidence<\/li>\n<li>separation of duties<\/li>\n<li>access reviews<\/li>\n<li>artifact integrity<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Common security mistakes<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Over-permissive IAM policies (for example, tenancy-wide <code>manage all-resources<\/code>).<\/li>\n<li>Using <code>latest<\/code> tags in production (supply chain risk and rollback uncertainty).<\/li>\n<li>Long-lived credentials embedded in build scripts.<\/li>\n<li>Public Kubernetes endpoints without IP restrictions.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Secure deployment recommendations<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Require approvals for production stages.<\/li>\n<li>Enforce signed commits or protected branches (if supported by your governance model).<\/li>\n<li>Use vulnerability scanning for images (Oracle Cloud offers security services; evaluate what fits your needs and <strong>verify current product integration<\/strong>).<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">13. Limitations and Gotchas<\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Policy complexity:<\/strong> Getting the right IAM policies for pipeline identities can be the hardest part. Always use the latest official policy examples.<\/li>\n<li><strong>Runner environment differences:<\/strong> Build runners may not match your local environment; pin tool versions and validate Docker support.<\/li>\n<li><strong>Kubernetes load balancer cost:<\/strong> A simple Service can create a paid load balancer.<\/li>\n<li><strong>Artifact sprawl:<\/strong> Frequent builds create many images; enforce retention.<\/li>\n<li><strong>Cross-region considerations:<\/strong> CI and CD across regions can add latency and egress costs; validate supported patterns.<\/li>\n<li><strong>Private cluster deployments:<\/strong> Require network planning (private endpoints, routing, and security).<\/li>\n<li><strong>Variable substitution:<\/strong> Artifact\/image substitution in manifests varies; test carefully and avoid fragile text replacement.<\/li>\n<li><strong>\u201cWorks in dev\u201d trap:<\/strong> Ensure production uses immutable artifacts and controlled promotion.<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">14. Comparison with Alternatives<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Nearest services in Oracle Cloud<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>DevOps<\/strong>: managed CI\/CD + code repos integrated with OCI.<\/li>\n<li><strong>OKE + GitHub\/GitLab\/Jenkins<\/strong>: alternative approach where OCI hosts runtime but CI\/CD is external\/self-managed.<\/li>\n<li><strong>OCI Resource Manager (Terraform)<\/strong>: infrastructure deployment; complements DevOps rather than replacing it.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Comparable services in other clouds<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>AWS CodePipeline\/CodeBuild\/CodeCommit<\/strong><\/li>\n<li><strong>Azure DevOps Services<\/strong><\/li>\n<li><strong>Google Cloud Build + Cloud Deploy<\/strong><\/li>\n<li><strong>GitHub Actions \/ GitLab CI<\/strong> (cross-cloud)<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Open-source\/self-managed alternatives<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Jenkins, Argo CD, Tekton, Drone, Concourse, GitLab CE<\/li>\n<\/ul>\n\n\n\n<figure class=\"wp-block-table\"><table>\n<thead>\n<tr>\n<th>Option<\/th>\n<th>Best For<\/th>\n<th>Strengths<\/th>\n<th>Weaknesses<\/th>\n<th>When to Choose<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td>Oracle Cloud DevOps<\/td>\n<td>OCI-native CI\/CD and governance<\/td>\n<td>Tight OCI integration (IAM\/compartments\/logging), managed service<\/td>\n<td>Feature set and integrations may differ from your existing tools; IAM setup can be non-trivial<\/td>\n<td>You want managed CI\/CD in Oracle Cloud with OCI-aligned governance<\/td>\n<\/tr>\n<tr>\n<td>Jenkins (self-managed)<\/td>\n<td>Highly customized CI<\/td>\n<td>Maximum flexibility, huge plugin ecosystem<\/td>\n<td>You operate\/patch\/secure it; scaling runners is your job<\/td>\n<td>You need custom integrations and accept ops overhead<\/td>\n<\/tr>\n<tr>\n<td>GitHub Actions<\/td>\n<td>GitHub-centric teams<\/td>\n<td>Excellent GitHub integration, marketplace actions<\/td>\n<td>Enterprise controls vary; runners and networking need planning<\/td>\n<td>Your repos are in GitHub and you want CI\/CD close to code<\/td>\n<\/tr>\n<tr>\n<td>GitLab CI<\/td>\n<td>GitLab-centric, single platform<\/td>\n<td>CI\/CD + SCM + registry options<\/td>\n<td>Can be complex to operate at scale if self-hosted<\/td>\n<td>You already standardize on GitLab and want unified workflows<\/td>\n<\/tr>\n<tr>\n<td>AWS Code* suite<\/td>\n<td>AWS-first organizations<\/td>\n<td>Native AWS integrations<\/td>\n<td>Not OCI-native; cross-cloud adds complexity<\/td>\n<td>Workloads primarily on AWS<\/td>\n<\/tr>\n<tr>\n<td>Azure DevOps<\/td>\n<td>Microsoft-centric enterprises<\/td>\n<td>Boards + repos + pipelines + artifacts<\/td>\n<td>Not OCI-native; cross-cloud integrations vary<\/td>\n<td>You already use Azure DevOps enterprise-wide<\/td>\n<\/tr>\n<\/tbody>\n<\/table><\/figure>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">15. Real-World Example<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Enterprise example (regulated industry)<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem:<\/strong> A financial services company must prove change control and ensure production deployments are gated and auditable.<\/li>\n<li><strong>Proposed architecture:<\/strong><\/li>\n<li>Separate compartments for dev\/test\/prod<\/li>\n<li>DevOps build pipeline builds immutable container images<\/li>\n<li>Images stored in registry with retention and access controls<\/li>\n<li>Deployment pipeline deploys to OKE staging automatically, then requires approval for production<\/li>\n<li>OCI Logging + Audit retained for compliance<\/li>\n<li>Secrets stored in OCI Vault<\/li>\n<li><strong>Why DevOps was chosen:<\/strong> OCI-native IAM and compartment model fits enterprise governance; managed CI\/CD reduces operational burden.<\/li>\n<li><strong>Expected outcomes:<\/strong> Faster releases with stronger evidence trails, reduced manual steps, and clearer separation of duties.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Startup\/small-team example<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem:<\/strong> A startup wants a simple CI\/CD pipeline without maintaining Jenkins, and they deploy a small set of microservices to OKE.<\/li>\n<li><strong>Proposed architecture:<\/strong><\/li>\n<li>Single DevOps project<\/li>\n<li>One build pipeline per service (or monorepo pipeline with conditional builds)<\/li>\n<li>One dev OKE cluster, later split to prod<\/li>\n<li>Simple triggers on <code>main<\/code><\/li>\n<li><strong>Why DevOps was chosen:<\/strong> Minimizes tool sprawl and ops overhead while staying within Oracle Cloud.<\/li>\n<li><strong>Expected outcomes:<\/strong> Consistent builds, easy deployments, and a path to add approvals and multi-environment promotion later.<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">16. FAQ<\/h2>\n\n\n\n<p>1) <strong>Is Oracle Cloud DevOps the same as \u201cDevOps practices\u201d?<\/strong><br\/>\nNo. DevOps practices are cultural and engineering methods. Oracle Cloud <strong>DevOps<\/strong> is a managed service that helps implement CI\/CD workflows.<\/p>\n\n\n\n<p>2) <strong>Is the service officially called OCI DevOps?<\/strong><br\/>\nOracle commonly refers to it as <strong>OCI DevOps<\/strong> in documentation. In this article, we use the exact service name <strong>DevOps<\/strong> (Oracle Cloud).<\/p>\n\n\n\n<p>3) <strong>Do I need to use DevOps code repositories?<\/strong><br\/>\nNot always. Some teams keep code in GitHub\/GitLab and integrate CI\/CD accordingly. Check current DevOps integration options in official docs.<\/p>\n\n\n\n<p>4) <strong>Can DevOps deploy to Oracle Kubernetes Engine (OKE)?<\/strong><br\/>\nYes, OKE is a common deployment target. Confirm supported deployment stages and environment configuration in the latest docs.<\/p>\n\n\n\n<p>5) <strong>Do build pipelines support Docker builds?<\/strong><br\/>\nOften yes, but it depends on runner capabilities and configuration. If Docker isn\u2019t available in your runner environment, adjust runner\/tooling per official guidance.<\/p>\n\n\n\n<p>6) <strong>How do I store secrets for builds?<\/strong><br\/>\nPrefer OCI Vault. Exact injection methods depend on current DevOps features\u2014verify the recommended approach in official docs.<\/p>\n\n\n\n<p>7) <strong>Can I do approvals between stages?<\/strong><br\/>\nMany CI\/CD systems support approvals; DevOps capabilities may include approval-like gating depending on stage types. Verify current support in the deployment pipeline documentation.<\/p>\n\n\n\n<p>8) <strong>What\u2019s the biggest unexpected cost in a DevOps lab?<\/strong><br\/>\nOften Kubernetes LoadBalancers and OKE worker nodes, not the DevOps control plane itself.<\/p>\n\n\n\n<p>9) <strong>Can I deploy across regions?<\/strong><br\/>\nCross-region architectures are possible but can introduce egress cost and complexity. Verify supported patterns and recommended approaches.<\/p>\n\n\n\n<p>10) <strong>How do I troubleshoot a failed deployment to OKE?<\/strong><br\/>\nCheck DevOps deployment logs first, then Kubernetes events (<code>kubectl describe<\/code>) and pod logs (<code>kubectl logs<\/code>). IAM permissions are a frequent root cause.<\/p>\n\n\n\n<p>11) <strong>Can DevOps be used for infrastructure-as-code?<\/strong><br\/>\nYes, you can run Terraform in build steps or integrate with OCI Resource Manager patterns. Validate the most secure approach for your organization.<\/p>\n\n\n\n<p>12) <strong>How do I implement \u201cbuild once, deploy many\u201d?<\/strong><br\/>\nCreate a single build artifact (image digest\/tag) and promote it through environments without rebuilding. Use releases and artifact references consistently.<\/p>\n\n\n\n<p>13) <strong>Can I restrict who can deploy to production?<\/strong><br\/>\nYes, using OCI IAM policies and compartment separation. Keep production pipelines and environments tightly controlled.<\/p>\n\n\n\n<p>14) <strong>How do I reduce build times?<\/strong><br\/>\nCache dependencies (when possible), reduce image size, parallelize tests, and avoid downloading large dependencies repeatedly.<\/p>\n\n\n\n<p>15) <strong>What\u2019s the recommended logging strategy?<\/strong><br\/>\nCentralize pipeline logs in OCI Logging, set retention, and integrate alerts via OCI Notifications or Events. Ensure secrets never appear in logs.<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">17. Top Online Resources to Learn DevOps<\/h2>\n\n\n\n<figure class=\"wp-block-table\"><table>\n<thead>\n<tr>\n<th>Resource Type<\/th>\n<th>Name<\/th>\n<th>Why It Is Useful<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td>Official documentation<\/td>\n<td>OCI DevOps documentation<\/td>\n<td>Canonical reference for projects, repos, build\/deploy pipelines, IAM policies: https:\/\/docs.oracle.com\/en-us\/iaas\/Content\/devops\/using\/home.htm<\/td>\n<\/tr>\n<tr>\n<td>Official pricing<\/td>\n<td>Oracle Cloud Pricing<\/td>\n<td>High-level pricing entry point: https:\/\/www.oracle.com\/cloud\/pricing\/<\/td>\n<\/tr>\n<tr>\n<td>Official price list<\/td>\n<td>Oracle Cloud Price List<\/td>\n<td>Detailed SKUs and dimensions (region-dependent): https:\/\/www.oracle.com\/cloud\/price-list\/<\/td>\n<\/tr>\n<tr>\n<td>Official cost tool<\/td>\n<td>Oracle Cloud Cost Estimator<\/td>\n<td>Model expected spend: https:\/\/www.oracle.com\/cloud\/costestimator.html<\/td>\n<\/tr>\n<tr>\n<td>OKE documentation<\/td>\n<td>Oracle Kubernetes Engine docs<\/td>\n<td>Required for Kubernetes deployment targets: https:\/\/docs.oracle.com\/en-us\/iaas\/Content\/ContEng\/home.htm<\/td>\n<\/tr>\n<tr>\n<td>OCI CLI documentation<\/td>\n<td>OCI CLI concepts<\/td>\n<td>Useful for automation and validation: https:\/\/docs.oracle.com\/en-us\/iaas\/Content\/API\/Concepts\/cliconcepts.htm<\/td>\n<\/tr>\n<tr>\n<td>OCI IAM documentation<\/td>\n<td>IAM overview<\/td>\n<td>Understand compartments, policies, and least privilege: https:\/\/docs.oracle.com\/en-us\/iaas\/Content\/Identity\/home.htm<\/td>\n<\/tr>\n<tr>\n<td>OCI Logging documentation<\/td>\n<td>Logging overview<\/td>\n<td>Centralize pipeline logs and retention: https:\/\/docs.oracle.com\/en-us\/iaas\/Content\/Logging\/home.htm<\/td>\n<\/tr>\n<tr>\n<td>OCI Vault documentation<\/td>\n<td>Vault overview<\/td>\n<td>Store secrets\/keys securely: https:\/\/docs.oracle.com\/en-us\/iaas\/Content\/KeyManagement\/home.htm<\/td>\n<\/tr>\n<tr>\n<td>Official tutorials (where available)<\/td>\n<td>Oracle Cloud Tutorials<\/td>\n<td>Step-by-step labs and reference patterns (navigate to DevOps content): https:\/\/docs.oracle.com\/en\/learn\/<\/td>\n<\/tr>\n<\/tbody>\n<\/table><\/figure>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">18. Training and Certification Providers<\/h2>\n\n\n\n<figure class=\"wp-block-table\"><table>\n<thead>\n<tr>\n<th>Institute<\/th>\n<th>Suitable Audience<\/th>\n<th>Likely Learning Focus<\/th>\n<th>Mode<\/th>\n<th>Website URL<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td>DevOpsSchool.com<\/td>\n<td>Beginners to enterprise teams<\/td>\n<td>DevOps practices, CI\/CD, cloud DevOps<\/td>\n<td>Check website<\/td>\n<td>https:\/\/www.devopsschool.com\/<\/td>\n<\/tr>\n<tr>\n<td>ScmGalaxy.com<\/td>\n<td>Dev\/QA\/Release engineers<\/td>\n<td>SCM, CI\/CD pipelines, DevOps tooling<\/td>\n<td>Check website<\/td>\n<td>https:\/\/www.scmgalaxy.com\/<\/td>\n<\/tr>\n<tr>\n<td>CLoudOpsNow.in<\/td>\n<td>Cloud engineers, operators<\/td>\n<td>Cloud operations + DevOps foundations<\/td>\n<td>Check website<\/td>\n<td>https:\/\/www.cloudopsnow.in\/<\/td>\n<\/tr>\n<tr>\n<td>SreSchool.com<\/td>\n<td>SREs, platform teams<\/td>\n<td>Reliability engineering, operations, observability<\/td>\n<td>Check website<\/td>\n<td>https:\/\/www.sreschool.com\/<\/td>\n<\/tr>\n<tr>\n<td>AiOpsSchool.com<\/td>\n<td>Ops\/SRE\/ITSM teams<\/td>\n<td>AIOps concepts, automation, operations analytics<\/td>\n<td>Check website<\/td>\n<td>https:\/\/www.aiopsschool.com\/<\/td>\n<\/tr>\n<\/tbody>\n<\/table><\/figure>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">19. Top Trainers<\/h2>\n\n\n\n<figure class=\"wp-block-table\"><table>\n<thead>\n<tr>\n<th>Platform\/Site<\/th>\n<th>Likely Specialization<\/th>\n<th>Suitable Audience<\/th>\n<th>Website URL<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td>RajeshKumar.xyz<\/td>\n<td>DevOps coaching\/training (verify offerings)<\/td>\n<td>Individuals and teams seeking guided learning<\/td>\n<td>https:\/\/rajeshkumar.xyz\/<\/td>\n<\/tr>\n<tr>\n<td>devopstrainer.in<\/td>\n<td>DevOps training (verify curriculum)<\/td>\n<td>Beginners to intermediate practitioners<\/td>\n<td>https:\/\/www.devopstrainer.in\/<\/td>\n<\/tr>\n<tr>\n<td>devopsfreelancer.com<\/td>\n<td>DevOps freelancing\/training platform (verify services)<\/td>\n<td>Teams needing short-term help or mentoring<\/td>\n<td>https:\/\/www.devopsfreelancer.com\/<\/td>\n<\/tr>\n<tr>\n<td>devopssupport.in<\/td>\n<td>DevOps support\/training (verify offerings)<\/td>\n<td>Teams needing implementation support<\/td>\n<td>https:\/\/www.devopssupport.in\/<\/td>\n<\/tr>\n<\/tbody>\n<\/table><\/figure>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">20. Top Consulting Companies<\/h2>\n\n\n\n<figure class=\"wp-block-table\"><table>\n<thead>\n<tr>\n<th>Company<\/th>\n<th>Likely Service Area<\/th>\n<th>Where They May Help<\/th>\n<th>Consulting Use Case Examples<\/th>\n<th>Website URL<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td>cotocus.com<\/td>\n<td>DevOps\/Cloud consulting (verify service catalog)<\/td>\n<td>CI\/CD setup, cloud architecture, automation<\/td>\n<td>Pipeline standardization, Kubernetes delivery workflows, governance setup<\/td>\n<td>https:\/\/cotocus.com\/<\/td>\n<\/tr>\n<tr>\n<td>DevOpsSchool.com<\/td>\n<td>DevOps consulting and enablement (verify offerings)<\/td>\n<td>Training + implementation support<\/td>\n<td>CI\/CD rollout, DevOps maturity roadmap, toolchain integration<\/td>\n<td>https:\/\/www.devopsschool.com\/<\/td>\n<\/tr>\n<tr>\n<td>DEVOPSCONSULTING.IN<\/td>\n<td>DevOps consulting (verify service catalog)<\/td>\n<td>DevOps implementation, migration support<\/td>\n<td>Jenkins-to-managed CI migration planning, container delivery to Kubernetes<\/td>\n<td>https:\/\/www.devopsconsulting.in\/<\/td>\n<\/tr>\n<\/tbody>\n<\/table><\/figure>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">21. Career and Learning Roadmap<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">What to learn before DevOps (Oracle Cloud)<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Git fundamentals (branching, PRs, tags)<\/li>\n<li>CI\/CD concepts (pipelines, artifacts, promotion)<\/li>\n<li>Containers (Docker basics, image tagging, registries)<\/li>\n<li>Kubernetes basics (deployments, services, namespaces)<\/li>\n<li>Oracle Cloud fundamentals:<\/li>\n<li>compartments<\/li>\n<li>IAM policies<\/li>\n<li>VCN networking basics<\/li>\n<li>logging and audit basics<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">What to learn after<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Advanced delivery patterns:<\/li>\n<li>blue\/green and canary strategies (often implemented at Kubernetes\/ingress\/service mesh layers)<\/li>\n<li>Supply chain security:<\/li>\n<li>artifact signing, SBOMs, vulnerability scanning (tooling-dependent)<\/li>\n<li>Observability:<\/li>\n<li>SLOs\/SLIs, alerting, distributed tracing<\/li>\n<li>Platform engineering:<\/li>\n<li>reusable pipeline templates, internal developer portals, golden paths<\/li>\n<li>Infrastructure as Code:<\/li>\n<li>Terraform and OCI Resource Manager patterns<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Job roles that use it<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>DevOps Engineer<\/li>\n<li>Platform Engineer<\/li>\n<li>SRE<\/li>\n<li>Cloud Engineer<\/li>\n<li>Release Engineer<\/li>\n<li>Solutions Architect (delivery-focused)<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Certification path (Oracle Cloud)<\/h3>\n\n\n\n<p>Oracle certification offerings change over time. Check Oracle University for current OCI DevOps\/OCI developer-aligned certifications and learning paths:\nhttps:\/\/education.oracle.com\/<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Project ideas for practice<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Build a multi-service app with one pipeline per service.<\/li>\n<li>Implement artifact promotion: dev \u2192 staging \u2192 prod with approvals.<\/li>\n<li>Add automated tests and quality gates (linting, security scanning).<\/li>\n<li>Create a standardized pipeline template repo for your team.<\/li>\n<li>Implement least-privilege IAM for pipelines and document a policy set.<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">22. Glossary<\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Artifact:<\/strong> A deployable output produced by a build (container image, manifest, package).<\/li>\n<li><strong>Build pipeline:<\/strong> CI workflow that compiles\/tests\/packages code.<\/li>\n<li><strong>Compartment:<\/strong> OCI governance boundary for organizing resources and IAM policies.<\/li>\n<li><strong>Deployment pipeline:<\/strong> CD workflow that delivers artifacts to environments.<\/li>\n<li><strong>Environment:<\/strong> A target where deployments run (for example, an OKE cluster).<\/li>\n<li><strong>IAM policy:<\/strong> Rules defining who can do what in OCI.<\/li>\n<li><strong>Immutable tag\/digest:<\/strong> A unique identifier for an image version that should not change.<\/li>\n<li><strong>OKE:<\/strong> Oracle Kubernetes Engine, managed Kubernetes service on Oracle Cloud.<\/li>\n<li><strong>Registry:<\/strong> Repository service where container images are stored.<\/li>\n<li><strong>Runner:<\/strong> Execution environment used by build pipelines to run commands.<\/li>\n<li><strong>Trigger:<\/strong> Automation rule that starts pipelines based on events (like a Git push).<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">23. Summary<\/h2>\n\n\n\n<p>Oracle Cloud <strong>DevOps<\/strong> (often called <strong>OCI DevOps<\/strong>) is a managed <strong>Application Development<\/strong> service for implementing CI\/CD on <strong>Oracle Cloud<\/strong>. It brings together code repositories, build pipelines, deployment pipelines, and integrations with IAM, logging, and deployment targets such as <strong>Oracle Kubernetes Engine<\/strong>.<\/p>\n\n\n\n<p>It matters because it helps teams automate releases with consistent, auditable workflows\u2014reducing manual risk and improving delivery speed. Cost is usually driven less by the DevOps control plane and more by <strong>build execution<\/strong>, <strong>artifact storage<\/strong>, and the <strong>runtime targets<\/strong> you deploy to (like OKE nodes and load balancers). Security success depends on <strong>least-privilege IAM<\/strong>, proper <strong>secret handling (Vault)<\/strong>, and careful <strong>network exposure<\/strong> decisions for clusters and registries.<\/p>\n\n\n\n<p>Use DevOps when you want OCI-native CI\/CD with strong governance alignment; consider alternatives when you need specialized integrations or already have a standardized enterprise CI\/CD platform. Next step: repeat the lab with (1) immutable image tags, (2) staging-to-prod promotion, and (3) approval gates and alerting wired to your on-call process.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Application Development<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[54,62],"tags":[],"class_list":["post-848","post","type-post","status-publish","format-standard","hentry","category-application-development","category-oracle-cloud"],"_links":{"self":[{"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/posts\/848","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/comments?post=848"}],"version-history":[{"count":0,"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/posts\/848\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/media?parent=848"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/categories?post=848"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/tags?post=848"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}