#release-engineering (2019-12)

jenkins_ci All things CI/CD. Specific emphasis on Codefresh and CodeBuild with CodePipeline.

CI/CD Discussions

Archive: https://archive.sweetops.com/release-engineering/

2019-12-19

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)
GitHub Actions: The Runner is now open sourced - The GitHub Blog attachment image

The GitHub Actions Runner is now open sourced. File issues and contribute to one of the most important components of GitHub Actions directly at: https://github.com/actions/runner The Runner is the application that runs a job from

2019-12-17

Pierre Humberdroz avatar
Pierre Humberdroz

Hey,

anyone know a good alternative to CircleCi? I know that @roth.andy is currently checking different options maybe you can share what you have found so far? I currently have to build a pipeline that has like 6 approval steps in sequence which results in super bad UX/DX on circleci’s UI.

roth.andy avatar
roth.andy

I haven’t been using it for very long yet, but I’m incredibly happy so far with codefresh

Pierre Humberdroz avatar
Pierre Humberdroz

codefresh is hosted on AWS right ?

roth.andy avatar
roth.andy

I think so. They also offer an on-prem option though

Pierre Humberdroz avatar
Pierre Humberdroz

it is just pain to get anything allowed for me that is hosted on AWS. But well might be worth the pain I will need to check it out.

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

(double check though, they could be on GKE too)

Pierre Humberdroz avatar
Pierre Humberdroz

Or am I doing something horribly wrong here?

Pierre Humberdroz avatar
Pierre Humberdroz

I have a provider that relies on resource provisioned by another resource so I split it up in two “layers” 01 and 02

Pierre Humberdroz avatar
Pierre Humberdroz

and each terraform plan should be reviewed by an engineer

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)
Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

Codefresh looks like this.. you can have as many groups as you want

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

you can then stick the approval steps anywhere in the pipeline and have as many of them as you need

Pierre Humberdroz avatar
Pierre Humberdroz

that looks MUCH nicer

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

also, we have a #codefresh channel, if you decide to kick the tires

:--1:1
roth.andy avatar
roth.andy
03:16:38 PM

@roth.andy has joined the channel

Pierre Humberdroz avatar
Pierre Humberdroz

2019-12-16

Taras avatar
Taras

Hey guys, Faced the issue with CircleCI where it doesn’t have some static IPs to be whitelisted. Any suggestions on how to reach private AWS EKS endpoint out of CircleCI in order to do some k8s stuff?

Darren Cunningham avatar
Darren Cunningham

https://support.circleci.com/hc/en-us/articles/115014372807-IP-Address-ranges-for-whitelisting-Do-you-have-static-IP-addresses-available-

we went with the bastion host option (our use case wasn’t EKS but rather RDS…but still applies)

IP Address ranges for whitelisting/Do you have static IP addresses available? attachment image

CircleCI builds are currently run mainly from AWS East and West as well as Google Cloud Platform East. For this reason, we can not give a definitive list of IP addresses that our cloud system will …

Taras avatar
Taras

Thank you @Darren Cunningham.

Darren Cunningham avatar
Darren Cunningham

we combined that with the dynamic whitelisting…whitelist the executor IP, SSH to bastion, run commands and then remove the whitelisted IP

Taras avatar
Taras

got it.

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

Ideally the CD platform you use supports the concept of “runners” where you can deploy it in the cluster and it tunnels out out. It doesn’t appear that CircleCI supports this.

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

Examples: Codefresh Venona https://github.com/codefresh-io/venona

codefresh-io/venona

Codefresh runtime-environment agent. Contribute to codefresh-io/venona development by creating an account on GitHub.

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)
About self-hosted runners - GitHub Help

You can host your own runners and customize the environment used to run jobs in your GitHub Actions workflows.

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)
GitLab Runner Docs | GitLab

Documentation for GitLab Community Edition, GitLab Enterprise Edition, Omnibus GitLab, and GitLab Runner.

Taras avatar
Taras

Cool. Thanks @Erik Osterman (Cloud Posse), Didn’t use this runners concept before. Will go through the link you’ve provided and make myself familiar with it.

2019-12-08

curious deviant avatar
curious deviant

Hello..I would soon be starting the same.. Have been running TF scripts via Jenkins so far. In CircleCi, I usually use requires: in the workflows: to have one build step wait on the other. Does that not work in your case ?

Pierre Humberdroz avatar
Pierre Humberdroz

Are you using the TF remote executor ?

Bruce avatar
Bruce

We use CircleCI for our deployments of EC2 infrastructure. Each stage is broken into its own step and run in its own docker container. So for example we run the plan step and pass the output tfplan to the next step which runs the apply step based off the plan output. We set this up by using the machine execution and call docker via a bash script to pass in TF_VAR variables.

There are CircleCI orbs out there that can do this for you and can help like this one > https://circleci.com/orbs/registry/orb/ngs/terraform

2019-12-07

cabrinha avatar
cabrinha

Does anyone here use CircleCI to trigger terraform runs?

cabrinha avatar
cabrinha

Also, is anyone here using TF Cloud / TF Enterprise?

cabrinha avatar
cabrinha

I’m wondering how to have my circle jobs “wait” for terraform to complete, or check their status

cabrinha avatar
cabrinha

Also trying to figure out how to detect which terraform files changed, if any, and perform a run in each …

2019-12-03

Laurynas avatar
Laurynas

HI, what’s the tool you use for ECS deployment? with monitoring and rolebacks

    keyboard_arrow_up