PIACERE framework
PIACERE aims to increase the productivity of DevOps teams in the development and operation of IaC through the provisioning of an integrated DevSecOps framework. DevOps teams can program IaC as if they were programming any software application.
Table of Contents
Description
PIACERE enables the automation of several deployment, configuration and management tasks that otherwise would have to be performed manually by an operator.
PIACERE solution consists of an integrated DevSecOps framework to develop, verify, release, configure, provision, and monitor infrastructure as code.
The main characteristics of this solution are:
PIACERE will support the different DevSecOps activities. Using a single integrated environment to develop (IDE) infrastructural code will unify the automation of the main DevSecOps activities and will shorten the learning curve for new DevSecOps teams.
PIACERE will allow DevSecOps teams to model different infrastructure environments, by means of abstractions, through a novel DevOps Modelling Language (DOML), thus hiding the specificities and technicalities of the current solutions and increasing the productivity of these teams. Moreover, PIACERE will also provide an extensible Infrastructural Code Generator (ICG), translating DOML into source files for different existing IaC tools, to reduce the time needed for creating infrastructural code for complex applications. The provided extensibility mechanisms (DOML-E) shall ensure the sustainability and longevity of the PIACERE approach and tool-suite (new languages and protocols that can appear in the near future). The DevOps Modelling Language (DOML) is one of the key innovations of PIACERE, because it allows modelling the automation of the whole lifecycle of DevSecOps activities, from Creation to Configuration, and from Deployment to Orchestration and producing executable infrastructural code from the DOML model through the ICG code generator.
Repository structure
The Public repository of PIACERE project is organized as follows:
- /agents: contain the monitoring agents that need to be deployed along with the IaC to monitor the infrastructure
- /demos: different demos that can serve as a basic examples of using PIACERE
- /The Platform: is divided in many repositories where the several components of the PIACERE framework can be found
The three branches Y1, Y2, Y3 gather the code developed during the three main milestones of the project (at M12, M24 and M30). The main branch stores the final version of the components, as the code development and fixes could continue until the end of the 36-months long project.
Components
Diagram of the PIACERE framework:
| Component | Repository |
|---|---|
| CSE - Canary Sandbox Environment | The Platform/cse |
| IOP - IaC Optimized Platform | The Platform/iop |
| Runtime Monitoring | The Platform/runtime-monitoring |
| Runtime security monitoring | The Platform/runtime-security-monitoring |
| DOML - DevSecOps Modelling Language | The Platform/doml |
| DOML Model Checker | The Platform/doml-model-checker |
| IaC Scan Runner | The Platform/iac-scan-runner |
| ICG - Infrastucture as Code Generator | The Platform/icg |
| IDE | The Platform/ide |
| IEM - IaC Executor Manager | The Platform/iem |
| Self-Healing | The Platform/self-healing |
| Self-Learning | The Platform/self-learning |
Contact
Juncal Alonso, PIACERE project manager, TECNALIA Juncal.Alonso@Tecnalia.com
Acknowledgement
This project has received funding from the European Union’s Horizon 2020 research and innovation programme under Grant Agreement No. 101000162. 
===== Uniform approach for component repos ===== (TO BE DELETED)
-
Include a README file with the following sections (see aprox. model in iac-scan-runner/README.md, Thx @XLAB! :-))
- Description of the component
- Installation
- Documentation (point to)
- License
- Contact
- Acknowledgement
-
Branches in each repository:
- y1, y2, y3 (M30-jun code)
-
main (default, from now on)
- Create main if not exist in your repo (Code>Branches>New branch)
- Make it the "default" branch (Settings>Repository>Branch defaults)