We are currently setting up CI/CD pipeline in an air-gapped environment. The DEV and PROD network are segregated on different VLAN network and sitting in between is an app-aware firewall which only allows authorized traffic to pass through to the PROD network. The CI sits in the DEV env while the CD tool sits in the PROD env.
What we have in DEV Network?
Code Commit -> CI Pipeline (Build) -> Artifact Uploaded to DEV Repo -> Approval Stage (if need to deploy to PROD) -> Push Artifact to PROD Repo -> Edit a random file on PROD code repo to trigger CD pipeline
What we have in PROD Network?
CD Pipeline -> Approval Stage to Deploy -> Deploy to Kubernetes/VMs
Questions
What is the best practice to trigger a CD flow to run after the artifact is pushed to the PROD artifact repo?
We currently perform a random code commit on a code repo on the PROD side just to trigger a CD pipeline to run and pull the PROD artifact for deployment. Is this considered a workaround or are there other recommended ways about this?
Related
I want to build and deploy my projects with GitLab's pipeline hosted locally and solely for build/deploy (sources hosted elsewhere). Everything GitLab related nicely stored within my_gitlab folder with:
my_gitlab
├── config
├── data
├── docker-compose.yaml
└── logs
in it and runs with single docker-compose up -d command. Runners, users, keys, etc. is all setup and persist between reboots. my_gitlab occupies 764 Kb disk space and can be pushed to git repo to share local build/deploy functionality.
The only problem is that you cannot initiate pipeline by pointing to sources directory - you need to push sources to thus locally hosted GitLab with .gitlab-ci.yml in it. Each such push causes my_gitlab dir to grow up to 200 Mb+ in size.
Is there a way to strip repositories data from GitLab or initiate pipeline without pushing code? Is it even somewhat OK usage of GitLab?
You can use GitLabs Interface to start a new Pipeline without pushing any code.
On the left side in your project go to CI/CD -> Pipelines -> Run Pipeline and select your branch.
good day. i try to ask same question on teamcity support forum but with no luck, so i try to find solution here
i have 4 (actual more, but other configuration not important for the situation):
'verify' - configuration that run test, check that all migration can be applied to database (run in docker) etc. this configuration triggered by gitlab (integration with teamcity feature)
'build' - configuration that build all application components and push docker images to hub
'deploy to test' - use corresponded artifacts from 'build' configuration and perform deploy images to test server
'deploy to staging' - same as 'deploy to test' but use staging server
'deploy to production' - same as 'deploy to production' but use production server
we have several stream in out repository with corresponded rules:
develop
feature/* - feature task that should be build then corresponded merge request to develop was initiated. merged to develop
release/* - release that should be deployed to staging server at each commit. merged to develop and master
hotfix/* - hotfix that should be deployed to staging server at each commit. merged into develop and master
master - stable branch, should be deployed to production on commit.
so, i create following VCS root:
default branch: refs/heads/develop
branch specification:
+:refs/heads/(*)
+:refs/heads/master
+:refs/heads/release/*
+:refs/heads/feature/*
+:refs/heads/hotfix/*
+:refs/(merge-requests/*)
after that i setup branch filters (for VCS Trigger) for each branch configuration:
verify - none
build:
+:refs/heads/release/*
+:refs/heads/hotfix/*
+:refs/heads/develop
+:refs/heads/master
deploy to staging:
+:refs/heads/master
+:refs/heads/release/*
+:refs/heads/hotfix/*
deploy to test:
+:refs/heads/develop
deploy to production:
+:refs/heads/master
so this is my setup, now my problems:
then gitlab trigger teamcity (on merge request) the verify configuration started. but i see following message (for example):
The build was triggered in the branch feature/VTS-610 which does not correspond to any branch monitored by the build VCS roots (the branch is either closed or excluded / not matched by any branch specification). Because of that default branch revisions were set to this build.
same message i can see if merge request initiated for hotfix branch (of course with another branch name, ie hotfix/VTS-654).
after hotfix branch merged (we create two merge-request: one to master and one to develop), i can see that deploy to staging was triggered, but deploy to test does not.
I had the same problem, the root cause in my case was the predefined build parameter teamcity.build.branch (see Build Branch Parameters)
The parameter was set in the build configuration of the failing build under "Parameters / Configuration Parameters". As I had no use for this parameter anymore, it was safe to just delete it. I was then able to run the build configuration with any branch that is accepted in the Branch Filter under Version Control Settings.
We have AutoDevops feature implemented with help of gitlab runner and managing the CD stage with ArgoCD. So the CI pipeline builds a docker image , pushes it to gitlab registry and CD stages use the pushed image to deploy the application with help of ArgoCD. On every commit, gitlab runner will trigger the pipeline. Is there are way in which we can use ArgoCD alone to handle this scenario so that the pipeline gets triggered automatically without having to configure runners?
To avoid having both gitlab runner and argocd running in your cluster, you would configure a gitlab webhook pointing to an ArgoCD Git Webhook Configuration.
Your ArgoCD application would then handle all the rest.
currently I have the code in my dev env. And after compiling and testing I want to move it to staging env from jenkins. I am not sure how to accomplish this goal using maven commands. Any idea on it?
Thanks
Once you are sure that you have tested your code on Dev Environment, than why do you want to transfer the source code into any other area.
1. Source code repo keeps track using branches/tags
2. To transfer the artefacts using Jenkins you can simply use execute shell.
A) Download the artefact from dev environment using wget into jenkins workspace
B) upload the same into staging repository
I am using standard GitLab runner.
I need to determinate updates of master branch and updates of development branch. Beacause I want to copy master branch to production server and dev branch to test-server.
But I have only one .gitlab-ci.yml file which starting after 'git push'.
If I am register second runner. it is also controller by .gitlab-ci.yml
What to do?
In gitlab ci config file, we have the only option allowing to trigger a job only from a specified branch.
Doc at docs.gitlab.com/ce/ci/yaml/README.html#only-and-except