How we supposed to deploy on private premises with Pipelines?

Hi,

 

in various manuals you take Python product as example and you use PyPi to publish artifact. However that is not the only case that can occur. We have PHP application and we want to deploy directly to our private cloud, like we used to do with Bamboo. Exposing FTP is not an option since it's a nice security breach. What can you advise?

 

Regards,

Alexander

5 answers

Hi,

 

thanx for your reply. All suggested approaches assume some service (SSH, SCP, FTP, etc.) should be exposed to outside. That is a security breach. For publicly available webserver using POST is relatively fine, however some servers are not supposed to be available from outside at all.

Let me explain what we expected. For example in Bamboo Cloud build agents were inside the same private network with target servers and so they could access them directly. I tried to build my own container with OpenVPN client built in and connected to our premise on container startup. That however didn't work since running OpenVPN in a container needs escalated privileges and you obviously do not provide those.

So is there any way to use Pipelines safely?

 

Regards,

Alexander

0 votes

We don't recommend any particular approach, but a typical way of pushing something into your own (Internet exposed) server would be to have a webserver with some form of authentication that you can POST to from within the Pipelines container. You can make the credentials available to the container through the use of Pipelines variables.

If you want something SSH based, you could SCP the files directly.

Hi,

so no suggestions or recommendations?

Regards,

Alxander

I'm looking for this as well.

0 votes

Is there any form of an agent to be ran on the private network  (like Azure DevOps) so that i don't need to expose any kind of port to the internet from my infrastructure ?

Suggest an answer

Log in or Sign up to answer
Community showcase
Published Nov 06, 2018 in Bitbucket

Upgrade Best Practices

Hello! My name is Mark Askew and I am a Premier Support Engineer for products Bitbucket Server/Data Center, Fisheye & Crucible. Today, I want to bring the discussion that Jennifer, Matt, and ...

659 views 5 9
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you