Generating app.json for Heroku pipeline without committing it to master - heroku

I am investigating adding an app.json file to my heroku pipeline to enable review apps.
Heroku offers the ability to generate one from your existing app setup, but I do not see any way to prevent it from automatically committing it to our repository's master branch.
I need to be able to see it before it gets committed to the master branch because we require at least two staff members to review all changes to the master branch (which triggers an automatic staging build) for SOC-2 security compliance.
Is there a way that I can see what it would generate without committing it to the repository?
I tried forking the repo and connecting the fork to it's own pipeline, but because it did not have any of our heroku add-ons or environment, it would not work for our production pipeline.
I am hesitant to just build the app.json file manually - it seems more prone to error. I would much prefer to get the automatically generated file and selectively remove items.

As a punchline to this story, I ended up investing enough time into the forked repository on it's own pipeline to demonstrate a POC

When you generate your app.json file, it should take you to a secondary screen that has the full app.json in plaintext at the bottom.
Why not open a PR with its contents in your project root. Once it's detected on the repository Heroku shouldn't ask you to regenerate it again.

Related

Marking a commit/build for deploy

So we are currently just deploying master but are running into issues where we want to deploy the commit/build in which all our testing was ran on. This is normally a snapshop of master at 4:30pm. We run our build configuation for all tests automatically at 4:30pm (lets call this build config ALLTESTS), so we can control how this commit/build is marked in the ALLTESTS config.
We separate testing and deploy, so when a deploy is executed (either manually or automatically) it should only pick a branch/tag/commit/build that has been marked. Adding the tests to our deploy build config is not a viable solution.
Originally I had planned on using Git tags. A tag called deploy would be deleted and added to certain commits and then when the deployment is triggered that commit would be deployed.
The issue I ran into here is that there isnt an easy way to manually add git tags in a build step. Should I just write command-line build step that uses git commands remove the tag deploy from whatever commit has it and to add it to commit that is running?
Is there a better teamcity way to do this? I have successfully got teamcity tags to work via REST API but I am not sure if those fit the need either.
I suppose I could write powershell to parse the rest API to get the build id that was last successful in ALLTESTS and then feed that into the deploy somehow. How would I go about getting a build number and using that as the basis of deploy?
Should I just write command-line build step that uses git commands remove the tag deploy from whatever commit has it and to add it to commit that is running?
Quick answer is no. You can actually use something like this:
git tag -f deploy <commit-sha>
And have your tag updated to the given commit.
Cheers.

How to prevent git push heroku master?

My workflow encompasses the following steps:
Git push (to BitBucket or GitHub depending on the project).
BitBucket/GitHub is integrated with CodeShip, tests are run.
If tests are ok, CodeShip automatically deploys to Heroku.
Everything works fine when, by pushing to the remote repo, the deployment tasks are triggered which ends up with the new version going live when everything is ok.
My question is:
Sometimes, I simply do a git push heroku master which defeats the whole purpose of this workflow.
How can I prevent it from happening? Is there a way to make Heroku only accept the deploy when the source is CodeShip?
After looking around for quite some time, I noticed that there are a some ways to accomplish this, all of them related to simply not giving access to the Heroku Account for the developer:
If you're a single developer ("one-man / one-woman show"):
Do not add the Heroku Remote to your Git Repository. If it is already added, remove it. That way you're not going to push to it by mistake.
If you're managing a team:
Do not give the team a user/pass to access Heroku Toolbelt. That way, the only remote repo they will have access to should be GitHub/BitBucket/Whatever.
You could just create another branch called dev and push to that branch your changes and when you are ready to deploy to heroku merge changes into master branch.
I just came accross your issue and this is what i did as quickest resolution

Heroku-Github Auto Deploy from non-master (only see master branch)

[FYI - I am not looking to upgrade our Heroku account to Enterprise to take advantage of app grouping. We are a small team]
I am a collaborator on a heroku app. I was tasked with setting up dev-staging-production environments for the app and I am getting confused on how to setup Auto Deploy correctly with the GitHub-Heroku integration guide. I have been already given admin access to the original git repo.
From the 'owner' account on the production app I created two separate apps (dev and staging).
Now, I have 3 apps that I am a collaborator of:
(1) app.domain.com
(2) app-dev.domain.com
(3) app-staging.domain.com
I have created 3 remotes pointing to the 3 generated heroku-git repos:
live
dev
staging
I can push to the 3 Heroku apps easily by:
git push live master
git push dev master
git push staging master
BUT I want to setup auto-deploy for dev-staging apps.
I have pushed an "auto" branch onto dev and staging remote. My intention is for Heroku to detect pushes to that branch and "auto" deploy the code. But, heroku only detects pushes to "master" branch afaik.
git push dev release auto
git push staging release auto
But when I go to administer the Heroku dev-staging apps I only see the "master" branch in the Auto-deploy section. Shouldn't I also see the "auto" branch? Is the reason I am not seeing it because I didn't push auto as a remote branch on the ORIGINAL git repo? In which case, how do I structure this stuff as code lives in 2 separate environments (Heroku repo and GitHub repo)?
Ultimately, the plan is to setup some form of Continuous Integration and get tests run before releases happen across the dev-staging-production zones.
Am I overthinking this or is there a better way to get this stuff working? Appreciate it!
Heroku only tracks changes on the remote master Branch.
https://devcenter.heroku.com/articles/git#deploying-from-a-branch-besides-master
To push your dev branch to the Heroku master remote branch:
git push dev release:master
You may need to use the -f flag to force push (be careful!)
I think auto deploy on Heroku works only on default branch (usually named master), and you probably want to look into Heroku feature called pipelines. I've not used it myself yet and it's in beta stage, but it sounds like exactly what you're looking for. Not sure if I read it right, but it sounds like you created 3 individual projects, instead of branches in 1 project? How do you manage moving changes from one stage to another?
As for the CI setup I guess it depends on the kind of testing you're doing and the workflow. I'm in the middle of creating such process in my workplace, and what I will be proposing is as follows:
Devs develop and test on their local machines on feature branches before commiting and merging onto DEV branch
Commiting or merging onto the DEV branch triggers CI server, runs the build and perform PHPUnit and Behat tests
Successful build is being deployed to a server (possibly Heroku or any hosting provider that will support automated deployments) for QA.
Once tested and approved we can move the code onto STAGING branch repeat CI proccess and on success move to MASTER and go live.
We're using gilab.com to host our project and perform tests (CI server is included as standard even with free account), deploy dev and staging state for QA to Heroku, and finally host live version with a dedicated enterprise level provider.

Deploying a Github App on Heroku

I have been trying to deploy from a GitHub repository to Heroku. For pushing my changes to GitHub I am using Mac UI Client for GitHub.
Now in the heroku app setup, I changed at https://dashboard.heroku.com/apps/myapp/settings . Here I made changes in option GitHub Rep (Link your app to a GitHub repository to see commit diffs in the activity log.). I added as my github-user/repository-name
Now when i use myappname.heroky.com I am redirected to a default page which says :
Heroku | Welcome to your new app! Refer to the documentation if you
need help deploying.
In the documentation it is all commands which is going over me since i use Github UI tool.
Any idea if this can be deployed w/o using the commands?
I am asking this particular thing, since last time I used AppHarbor and it simply pulled my github rep w/o any hiccups.
Adding your GitHub repo to the Heroku app settings will not set up automatic deployments. It just allows Heroku to provide commit information in the app logs.
To achieve what you are looking for, you need to set up continuous deployment (or "CD"). The easiest way to do this is with a continuous integration (or "CI") solution.
One common CI server is Jenkins, though that will require you to set it up manually. Nowadays, there are several automated CI/CD services you can take advantage of, including Travis, CircleCI, Codeship, Snap. All of them have options to automatically deploy to Heroku after building your app (which can be trigger by a push to GitHub).

Pushing .gitignore files to specific remote

I made a Sinatra app, that will be hosted on Heroku, and the source will be up on GitHub. The problem is that i have a file with API keys, that is currently in .gitignore. Is there a way, that I can push my repo to heroku with the key file and exclude the file when pushing to GitHub?
Thanks in advance!
It is possible to maintain a separate branch just for deployment, but it takes much discipline to maintain it properly:
Add a commit to a production branch that adds the config file (git add -f to bybass your excludes).
To update your production branch, merge other branches (e.g. master) into it.
However, you must then never merge your production branch into anything else, or start branches based on any “production commit” (one whose ancestry includes your “add the keys” commit).
An easier path is to adopt Heroku’s custom of using environment variables to communicate your secret values to your instances. See the docs on Configuration and Config Vars:
heroku config:add KEY1=foobar KEY2=frobozz
Then access the values via ENV['KEY1'] and ENV['KEY2'] in your initialization code or wherever you need them. To support your non-Heroku deployments, you could either define the same environment variables or fall back to reading your existing config files if the environment variables do not exist.
The Figaro gem provides a good way to manage this issue. It basically simulates Heroku's environment variable approach locally, and makes it easy to keep your keys in sync between your development environment and Heroku.

Resources