How to do the Email approval workflow using rundeck?
We are calling Rundeck from Jenkins for deployment.
Do we have an option such as,
for DEV environment deployment, email will be sent to DEV lead, and after approval, deployment will be executed.
for QA environment deployment, mail will be sent to QA lead and after their approval deployment will be done
Similarly for other envs.
Thanks
You can create webhooks linked by some web app, this web app can be called by some email link to trigger any Rundeck job. You can check a good webhook tutorial here and here an example to call it.
Related
I'm trying to deploy an Azure Function from an Azure DevOps repo via an DevOps pipeline and release.
When it gets to the deploy stage I get an error message stating that the credentials can not be null, but knowhere in the canned release components is there a place for any credentials and none of my other pipelines ever have this problem.
I see some old references here but no clear answers.
Anyone have suggestions or fixes?
Credentials cannot be null
I can reproduce this issue in my pipeline.
The cause of the issue is that you are using the Publish Profile type Azure Resource Manager Service Connection. And Azure Function App deploy task will not able to read the credentials of the Publish Profile type service connection.
Here are two methods to solve the issue:
1.You can change to use the Azure Web App task to deploy the Function APP.
For example:
Note: Azure Web APP task can be used to deploy to Web APP and Function App.
2.You can change the Service Connection type to Service Principal.
For example:
I'm facing the issue that I can't get email notification from Azure DevOps.
I have read this question and learnt that there is a job monitor that can check whether Azure DevOps has sent the emails.
If I go into the job monitor I can see that the email notification job was partially successful...
I want to know how could I get the job monitor and how to use it.
By the way, I have done some checkings following this document but the issue still exists.
I want to know how could I get the job monitor and how to use it.
The job monitor is a monitoring dashboard dedicated to TFS. If you are using the azure devops service, I am afraid you cannot use the job monitor. As far as I know, it is impossible to check whether the email is sent in the azure devops service. Please refer to this blog.
You can first go to your personal subscriptions and locate the subscription, which you feel should have produced an email and ensure it's enabled.
I have a CD pipeline with Azure Deploy task and I want to trigger a email notification to developers after successful deployment but with custom message. I researched on 'Send Email' task but it requires an SMTP server (say google SMTP). is there a feature within VSTS to trigger a mail?
You could use the SendGrid Email extension. You would need a SendGrip API key (hence a SendGrid account) but you can create one for free on Azure.
It would be limited to 25000 emails per month, but it should be enough. And if it isn't, you can upgrade your plan in no time
I Hope I helped you :)
It seems you are using the Send Email task developed by DutchWorkz B.V..
You can use the Send Email task developed by Rene van Osnabrugge (Xpirit) which just need to specify the email addressed, subject and email body.
I am familiar with Jenkins Pull Request Builder and I had set up a freestyle job with it to build my project based on the comment that authorized user put. (For example test in prod) in the past.
Now I am trying to use a Jenkins 2.0 with github organization plugin for one of my project.
this is the scenario:
A User is making a PR to master(or some other sensitive branch)
A test is going to get run automatically.
After the test past, an authorized user needs to go to the PR and put a comment Deploy to test environment and then a jenkinsfile that was waiting for this input needs to get trigger.
I just dont know how to do the step 3. how do I make jenkins pipeline job listen for comments in github repo pull requests? the Jenkins documentation is not really clear about the input from user part.
I read this thread answer but the documentation about the Gates approval is really limited.
I know this is super late, but here's some info for future Googlers:
I have a Github webhook that sends the event to a Lambda function that will parse the event for a specific comment string, then create an HTTP POST request for the Jenkins job, which is configured to allow builds to be triggered remotely.
So: open PR > comment on PR 'Deploy to test environment' > webhook sends to AWS APIGateway > AWS SNS topic > AWS Lambda > parse the event for comment > If comment matches, create HTTP POST > Jenkins receives request and runs job
There's a lot of documentation on this, but none of it together, so here are the resources that I used:
Regarding allowing jobs to be triggered remotely:
https://wiki.jenkins-ci.org/display/JENKINS/Remote+access+API
Using Github to trigger Lambda function:
https://aws.amazon.com/blogs/compute/dynamic-github-actions-with-aws-lambda/
Github API. You will want to pay particular attention to the Issues API:
https://developer.github.com/webhooks/
I have some powershell scripts in my CI server to check the state of some WebJobs.
But I have few problems.
I'm using publish settings file, but it expires and my build starts to fail.
I don't want to use a Management Certificate that will expose all management features.
And I don't want to put my user credentials on the CI server that will also expose all management features.
There is any way to create a CI user or credential with restricted permissions?
Thanks!
Azure Functions provides a good solution to this problem. You can create a Service Principle account, with certificate login and then restrict that account to whatever actions you need it to allow (via RBAC)
You can then have an Azure PowerShell script running in Functions, that is called from a webhook from your CI engine. That way the only credentials that are stored on your CI are the webhook secret, and if your CI engine has a static IP you can verify that commands only come from that address, and drop anything else.