Deploy to live with security restrictions

Bernard O'Flynn August 14, 2011

We have a build that deploys to dev, runs some tests. QA then does more tests and there is a manual build stage to deploy to UAT. Once we get sign off, we have another manual build stage to deploy to live.

However we want to restrict who can kick off this last stage,i.e a developer isn't allowed (SOX and Solvency II requirements) to push things straight into production.

So we need someone from the IT Support team to kick off just this stage. We have to enter a password in order to deploy to production (command line parameter in the deploy step) and I've set that up as a build parameter.

However we want to prompt the user to enter that password and only IT Support would know this password.

How do we do that?

Or can we make just that build stage allowed to be run by just the IT Support group?

2 answers

1 vote
Przemek Bruski
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
August 14, 2011

However we want to prompt the user to enter that password and only IT Support would know this password.

You can do it via a parametrised build (you need to define a plan variable for password and use it in your build tasks), but the problem is that the entered password will be visible on the plan page. To avoid it, you can modify the ftl snippet responsible for showing Overriden Variables section.

Or can we make just that build stage allowed to be run by just the IT Support group?

You can set it up only per plan, not per stage.

0 votes
rmahnovetsky June 18, 2013

I'm using a plan variable to pass in a password.. But if I pass in the wrong password then I can't re-enter the password. I need to re-run the plan from the start again... Any way around this?

Suggest an answer

Log in or Sign up to answer
TAGS
AUG Leaders

Atlassian Community Events