You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I'd say it's feature request.
It would be useful to configure release policies inside estafette-ci for specific projects/pipelines.
We have few projects with specific release restrictions.
For example in the gcp-infra-* projects we trying to follow gitflow and have following release policies:
Per project/pipeline limit release branch name to allow release only from specific branch ( gcp-infra-* release only from ‘master’ )
Prevent release(rollback) of old build, allow only releases(deployment) of currently released build version or newer ( for example initiating rollback by releasing of old/historical builds in gcp-infra-* may apply outdated terraform manifests and delete GCP resources, we want to force people to move forward and even in case if rollback make merge changes to the master and only then releasing new build)
While these policies can be implemented in individual extensions it feels role of enforcing such policies belongs to CI/CD system.
By having release logic in extension we mixing core functionality of extension with release logic (checking branch names, providing mechanism of semversioning to track deployed builds). Also all configuration provided through pipeline/project .estafette file and can be altered in a branch by user so branch with removed restrictions can be pushed and released ignoring master branch configuration.
Also with policy logic implemented in extension there's no clear way to prevent release from running in estafette - now when estafette release initiated we apply logic inside extension and then fail release with log message describing policy violation - ideally I'd like to prevent release running at all.
I think having such functionality might help other projects trying to implement gitflow and enforce conventions in uniform way.
Possible implementation might be additional section in estafette-ci config 'release_policies'. So we configure it outside of pipeline projects and have validation and enforcement done by estafette-ci.
I'd say it's feature request.
It would be useful to configure release policies inside estafette-ci for specific projects/pipelines.
We have few projects with specific release restrictions.
For example in the gcp-infra-* projects we trying to follow gitflow and have following release policies:
While these policies can be implemented in individual extensions it feels role of enforcing such policies belongs to CI/CD system.
By having release logic in extension we mixing core functionality of extension with release logic (checking branch names, providing mechanism of semversioning to track deployed builds). Also all configuration provided through pipeline/project .estafette file and can be altered in a branch by user so branch with removed restrictions can be pushed and released ignoring master branch configuration.
Also with policy logic implemented in extension there's no clear way to prevent release from running in estafette - now when estafette release initiated we apply logic inside extension and then fail release with log message describing policy violation - ideally I'd like to prevent release running at all.
I think having such functionality might help other projects trying to implement gitflow and enforce conventions in uniform way.
Possible implementation might be additional section in estafette-ci config 'release_policies'. So we configure it outside of pipeline projects and have validation and enforcement done by estafette-ci.
The text was updated successfully, but these errors were encountered: