Sandbox environment
The sandbox environment is where developers write code, make mistakes, and perform proof of concept work. You can deploy to a sandbox environment from a local workstation or through a script on a local workstation.
Access
Developers should have full access to the sandbox environment.
Build steps
Developers manually run the build on their local workstations when they are ready to deploy changes to the sandbox environment.
-
Use git-secrets
(GitHub) to scan for sensitive information -
Lint the source code
-
Build and compile the source code, if applicable
-
Perform unit testing
-
Perform code coverage analysis
-
Perform static code analysis
-
Build infrastructure as code (IaC)
-
Perform IaC security analysis
-
Extract open source licenses
-
Publish build artifacts
Deployment steps
If you're using the Gitflow or Trunk models, the deployment steps automatically
initiate when a feature branch is successfully built in the sandbox
environment. If you're using the GitHub Flow model, then you manually perform the
following deployment steps. The following are the deployment steps in the sandbox
environment:
-
Download published artifacts
-
Perform database versioning
-
Perform IaC deployment
-
Perform integration testing
Expectations before moving to the development environment
-
Successful build of the
featurebranch in the sandbox environment -
A developer has manually deployed and tested the feature in the sandbox environment
