Pipelines

Kind

API triggered pipelines

Artefact automation pipelines

Deployment pipelines

Capability

Notify slack channel of failed deployments

Prevent direct deployment to production

Promote between environments after approval

Run automated tests after deployment

Run tests before cloning to production

Wait for workloads readiness or fail

Promote Between Environments After Approval

While automated Continuous Delivery of deployments to a production Environment may be a goal, you may come across scenarios in which a manual approval must be given by a user or external system before promoting a sensitive component or change into an Environment.

In the following example, Humanitec Pipelines will be used to request a manual approval before cloning a deployment to a production Environment.

The Pipeline consists of three jobs, deploy-to-dev, wait-for-approval, and deploy-to-production. The dependencies between the jobs are indicated by the needs property. deploy-to-dev and deploy-to-production have the same logic, but target different Environments, while the wait-for-approval job will block the Pipeline until a user with the deployer role on the production Environment approves or denies the approval request which can be retrieved through the user interface or API .

Note that this Pipeline uses a Deployment trigger .

The Pipeline also makes use of a concurrency group ensuring that subsequent runs are queued and deployment sequences from development to production do not overlap.

pipeline.yaml (view on GitHub ) :

name: Approval before Promotion

on:
  deployment_request: {}

concurrency:
  group: myGroup-${{ inputs.env_id }}

permissions:
  application: developer
  env-types:
    development: deployer
    production: deployer

jobs:
  deploy-to-dev:
    steps:
    - if: ${{ ! inputs.set_id }}
      name: Create Deployment Set
      id: create-deployment-set
      uses: actions/humanitec/apply@v1
      with:
        delta_id: ${{ inputs.delta_id }}
        env_id: ${{ inputs.env_id }}
    - name: Deploy Set To Environment
      uses: actions/humanitec/deploy@v1
      id: deploy-deployment-set
      with:
        set_id: ${{ inputs.set_id || steps.create-deployment-set.outputs.set_id }}
        value_set_version_id: ${{ inputs.value_set_version_id }}
        env_id: ${{ inputs.env_id }}
        message: ${{ inputs.comment }}
    outputs:
      # Provide the deployment ID as an output to use for the production deployment
      deployment_id: ${{ steps.deploy-deployment-set.outputs.deployment_id }}

  wait-for-approval:
    # increase the timeout to 24 hours for this Job
    timeout-minutes: 1440
    needs:
    - deploy-to-dev
    steps:
    - uses: actions/humanitec/approve@v1
      with:
        env_id: production
        message: Promotion of ${{ inputs.env_id }} to production

  deploy-to-production:
    # This job needs to name the "deploy-to-dev" Job as a dependency so it can use its outputs
    # It also names the "wait-for-approval" Job as a dependency so it does not start before approval is given
    needs:
    - deploy-to-dev
    - wait-for-approval
    steps:
    - name: Clone Set from Environment
      uses: actions/humanitec/clone@v1
      id: clone-deployment-set
      with:
        from_env_id: ${{ inputs.env_id }}
        to_env_id: production
        # Use the "deployment_id" output from the "deploy-to-dev" Job to ensure the proper Deployment is cloned
        from_deployment_id: ${{ needs.deploy-to-dev.outputs.deployment_id }}
        
    - name: Deploy Set To Environment
      uses: actions/humanitec/deploy@v1
      id: deploy-deployment-set
      with:
        set_id: ${{ steps.clone-deployment-set.outputs.set_id }}
        env_id: production
        message: ${{ inputs.comment }}