#gitops (2019-05)

@Erik Osterman (Cloud Posse) do you have a trigger based off of a release or just a tag in codefresh?

release only

thats nice

i cant seem to find that in circle

i guess tag will work well enough

like the webhook will fire off from github, but circle doesnt listen for that

yeah im using tag, which circle does listen to

but obviously would have liked it to be release instead

(codefresh even listens for github comments)

“ok to deploy”

im going to work with the free version of codefresh on my own time so i can make a pitch to move

do you find your team going through alot of builds though?

codefresh is moving to a new model based on concurrent steps

that’ll make it a lot easier

unlimited builds

pricing will not be per build?

ooh

that’d be nice not to have to worry about optimizing the types of builds youre making

yea, the realized the pricing model before was prohibitive/restrictive

when in fact, you want people to use it as much as possible

yeah

do you know what their new pricing model will look like?

jump into #codefresh and inquire about it

someone will reach out to you

thanks

@Erik Osterman (Cloud Posse) are you doing release/tag permission restrictions in github? those dont seem available

based off this issue https://github.com/isaacs/github/issues/1091

unfortunately, github doesn’t support that. there are a few workarounds.

Option 1. Codefresh will soon be adding permissions around “approval” steps; (right now anyone can approve). You can wait for this. Option 2. Embed the deployment permissions into the deploy pipeline by looking at the code committer. This can run as just a separate step in the pipeline.

Option 2 is my pref

we don’t have an example of this right now

yeah

thats what im going to do in circle

unfortunately its hardcoded into the code

i recommend just checking github team membership

thats not provided out of the box by circle, are you hitting the gh api to grab that?

i only get the username of whoever triggered the build

yeah i will just hit the GH api

yea, you’ll need to hit the github API

We have an example here: https://github.com/cloudposse/github-authorized-keys/blob/master/api/github.go

but I would create a new cli tool that simple does this one thing

yeah that’s what I am planning on doing

python + argparse