Skip to main content

DevOps Guidelines

This document is a guideline on the DevOps approach to be followed for software delivery and deployment. It is a living document that will be updated regularly to consider new technologies and best practices.

Introduction

DevOps is a set of practices and tools that integrate and automate the work of software developme...

Scope and objectives

This document covers the DevOps approach to be followed by Government institutions in Rwanda. The...

Version Control

Version control is the practice of tracking and managing changes to software code. Version contro...

Branching[Mandatory]

Each application hosted on VCS must have at minimum three protected branches: development, test a...

Source Code Versioning [Mandatory]

Software development teams must use Git for code versioning and tracking of changes made on files.

Tagging[Mandatory]

Test branch must always contain tagged version from development branch and production branch must...

Version control[Mandatory]

A Version Control System (VCS) must be used within the organization to host git repositories. At ...

Automation

The following guidance should be applied in automating DevOps processes:

Infrastructure as Code [Mandatory]

Infrastructure as code is the process of managing and provisioning computer data centers through ...

Containerization and service orchestration [Mandatory]

Containers provide an isolated environment for running software. Docker or Kubernetes is the reco...

Continuous integration & Continuous Delivery (CI/CD) [Recommended]

The technical goal of CI/CD is to establish a consistent and automated way to build, package, tes...

Infrastructure

The following guidance applies to managing infrastructure and supporting technologies:

Operating System (OS)[Recommended]

Linux-based Operating systems are recommended and the same version of the OS must be installed in...

Access Control[Mandatory]

SSH login for root user must be disabled and a dedicated user with sudo access for CI/CD pipeline...

Backup[Mandatory]

Regular backup of data and of the whole OS must be taken and this task must be automated.

Different environments[Mandatory]

Different environments must be available for deployment of applications in development, testing a...

Monitoring [Mandatory]

Monitoring tools for infrastructure must be available and configured with alerts for when servers...

Auditing [Mandatory]

Each server must be configured to track and log each access to the server. These access logs must...

Entry into force

This guideline shall come into force on the date of its signature by the Chief Executive Officer ...
Back to top