Accelerating Your SailPoint IdentityIQ Development with Docker

SailPoint + Docker = Speed + Consistency

Over the last few years, our team has been using DevOps processes to accelerate our own development and the development of SailPoint solutions for our customers. Our processes have matured to a point that we’re able to deploy enhancements to our customer’s SailPoint implementations multiple times per day. A major contributor to being able to do that is a heavy investment into continuous integration and continuous deployment (CI/CD) principles.

CI/CD isn’t a new concept, many traditional development teams have been using it for decades, but with the growth of cloud service providers and ubiquitous container technology there a renewed focus on these concepts. Our team has built a pretty amazing pipeline allowing us to continuously patch, upgrade and deploy changes multiple times per day.

Each of our team members starts with the same docker baseline and checks out the latest version of the customer’s code from Git multiple times per day. As new features are developed they send a pull request to one of their team members to validate before it’s approved and moved into a test environment. From there, integration tests are automatically run against the new baseline and if everything passes, those changes are pushed into the pipeline building new production docker containers, and the new features are rotated in. Our pipeline for this looks like this:

SailPoint DevOps Pipeline
UberEther’s SailPoint IdentityIQ Continuous Integration and Continuous Delivery Pipeline

Many of our customers are pushing new security patches within 24 hours of release by SailPoint. With the recent 8.0 SailPoint release, our team had customers integrated and tested within 72 hours, allowing them to immediately take advantage of the new capabilities. This automation has truly changed how we’re able to support our customers and deploy new capabilities and solutions quickly.

This process applies to more than just the SailPoint components. If there is a new Java JRE release, Tomcat security patch, or RedHat update we can put the new version into the pipeline and deploy it to production with that same speed and consistency. We’ve been busy applying this same pipeline to multiple Identity and Access Management (Ping, ForgeRock, Radiant Logic, etc.) products and greatly reducing risks for customers.

What’s in it for you?

Over the last few weeks, we’ve been working with some new customers to bring their existing code base onto the platform. We’re constantly surprised by how few organizations are utilizing SailPoint’s Services Standard Build to manage, maintain and deploy their configurations. Additionally, these customers have been commenting on how long it takes them to bring on new team members and make them productive on the SailPoint platform.

With all of that, we decided to fork off a piece of our automated build platform to allow developers to quickly get up to speed by removing the complexities of building their own SailPoint environment and letting them continuously build from the same code base as their peers.

Our repository can be found on GitHub at: https://github.com/UberEther/standalone-docker-sailpoint-iiq

We’d love for this to become a community project and allow it to continue to grow. Since this follows the SailPoint Services Standard Build process, you can easily lay in new patches, eFixes, and your own codebase into these containers and quickly deploy them. You can find more about SailPoint’s SSB here: https://community.sailpoint.com/t5/Services-Standard-Deployment/Services-Standard-Build-SSB-v6-1/ta-p/76056

Want to learn more?

If you’d like to be able to consistently deploy new features and capabilities to your SailPoint platform or really just want to get out of the business of managing your SailPoint and other identity products infrastructure, we’d love to talk with you and see how we can help make identity an enabler of your business rather than just a necessary piece of the compliance puzzle.

You might also enjoy