问题描述
限时送ChatGPT账号..我的团队在使用 CodePipeline 时遇到了一些问题,在这些问题中,由于我们的 Docker 映像修补而将不应该出现的功能推送到生产中.关于我们架构的一点背景:我们的管道有两个来源,一个用于源代码,另一个用于 Docker 镜像构建器.Docker 通过 CodeBuild 构建并部署到开发、测试和生产环境,中间有手动审批步骤.
My team has been running into issues with our CodePipeline where features were pushed out into production when they shouldn't have been due to our Docker image patching. A little background on our architecture: Our pipeline has two sources, one for the source code and one for the Docker image builder. Docker builds via CodeBuild and is deployed to dev, test, and then prod environments with manual approval steps in between.
我们的 Docker 映像每月都会收到补丁,这会触发管道执行,这也是导致功能被推出的原因.我们重新设计了 git 分支策略,这样我们的主分支将只包含稳定版本,但如果指定了特定的发布日期,我仍然可以看到这个问题可能会再次发生.有没有办法在不推送最新提交的情况下推送镜像补丁?
Our Docker image receives monthly patching which triggers the pipeline to execute and is what caused the features to be pushed out. We redesigned our git branching strategy so that our master branch will only contain stable releases, but I could still see this issue potentially occurring again if a specific release date is specified. Is there a way to push out the image patching without pushing out the latest commit?
推荐答案
CodePipeline 是否可以使用特定的提交
Can CodePipeline Use a Specific Commit
这是一个经常请求的功能,但不幸的是,CodePipeline 将始终从源操作中的所选分支中引入最新提交.
This is an often requested feature but unfortunately CodePipeline will always bring the latest commit from the selected branch in the Source action.
CodePipeline 绑定到单个 git 分支更像是 CodePipeline 的一个特性,因为设计更倾向于基于 Trunk 的开发 [0].此外,根据此服务的设计者的说法,CodePipeline 专为合并后/发布验证而设计.也就是说,一旦您的更改准备好发布到生产环境并合并到您的主/主分支中,CodePipeline 就会接管并自动测试和发布最终合并的更改集.CodePipeline 有很多功能,如阶段锁定、取代版本等.这些功能不适用于您想在合并之前单独测试更改的情况(例如功能分支测试或拉取请求测试).因此,目前有不推荐在 CodePipeline 中执行此操作.
CodePipeline tied to a single git branch is more of a feature of CodePipeline as the design is more inclined towards Trunk based development [0]. Also, as per the designers of this service, CodePipeline is designed for post-merge/release validation. That is, once your change is ready to be released to production and is merged into your master/main branch, CodePipeline takes over and automatically tests and releases the final merged set of changes. CodePipeline has a lot of features like stage locking, superseding versions, etc. which don't work well for the case where you want to test a change in isolation before it's merged (e.g. feature branch testing or pull request testing.) Therefore there currently isn't a recommended way to do this in CodePipeline.
[0] https://trunkbaseddevelopment/
话虽如此,有一种方法可以使用管道中的 S3 源操作而不是 GitHub/CodeCommit 源操作来破解此问题.本质上,您管道的 S3 源操作与 S3 存储桶/密钥相关联.然后,您可以将任何特定提交的 zip 上传到此 S3 存储桶/密钥并触发管道.
Having said that, there is a way to hack this with S3 Source action in pipeline instead of GitHub/CodeCommit source action. Essentially your pipeline's S3 source action is tied to S3 bucket/key. You can then upload a zip of any specific commit to this S3 bucket/key and trigger the pipeline.
这篇关于CodePipeline 可以使用特定的提交吗的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
更多推荐
[db:关键词]
发布评论