How would one control access to the master branch in google cloud source repository so that developers don't have access to commit to master branch ?
We don't yet have per-branch permissions, but it's definitely something we're considering for the future.
Chris Sells
PM, Google Cloud Source Repositories
Related
I use Github for version control and Google Cloud Platform to orchestrate my resources and store data. I use Kubernetes (google cloud platform) and Jenkins to execute my scripts. BigQuery, Google Cloud Storage (buckets), Cloud MySQL to store my data.
I have a master branch which has production codes and development branch which has development codes. Is there a way how I can restrict only master branch codes to have write access to Production resources on Google Cloud Platform.
Recently I ran into the issue with not being able to publish in azure data factory integrated with azure devops/git. This happened because we tried using powershell to automatically create pipelines based on a json template. When this is done in the data factory using Set-AzDataFactoryV2Pipeline, you by-pass the azure devops integration and the pipeline gets published right away without any commits or pull requests. Below is the error message
Publishing Error
The publish branch is out of sync with the collaboration branch. This is likely due to publishing outside of Git mode. To recover from this state, please refer to our Git troubleshooting guide
The MS GIT troubleshooting guide suggests some hardcore measures to resolve this out-of-sync issues (by deleting and re-creating the repo I believe). In this case, there's an easier and less hardcore way of solving this.
You simply need to:
Create a new branch from your master branch in data factory
Create the same pipeline you created via Set-AzDataFactoryV2Pipeline
Create a pull request and merge it into master
Voila, you'll hopefully be able to publish again as it now will consider the branches to be in sync again
Micosoft now provides guidance on resolving this issue:
From: https://learn.microsoft.com/en-us/azure/data-factory/source-control#stale-publish-branch
Stale publish branch
If the publish branch is out of sync with the
master branch and contains out-of-date resources despite a recent
publish, try following these steps:
Remove your current Git repository
Reconfigure Git with the same
settings, but make sure Import existing Data Factory resources to
repository is selected and choose New branch
Create a pull request to
merge the changes to the collaboration branch
remove your git repo from data factory and create a new with exact same setting.
Go to azure devops and create a new pull request to merge new branch into master.
Link: https://www.datastackpros.com/2020/05/how-to-fix-data-factory-adfpublish.html
under manage -> git configuration -> over write live mode. Use this option this will reset the data factory with the live code.
I have many projects which uses Google Cloud Build + Github build pipeline setup. However, there is this one project, which I cannot create a webhook in Github for.
It used to work - but commits to the repository doesn't trigger the build process any more. I deleted the trigger and added it again - but the webhook in Github is not created automatically for this project.
When I run the trigger manually, it picks the wrong, but fixed commit which I did before an year.
Any clue?
Could you try delete a repository on Cloud Source Repositories and setup Google Cloud Build again ?
See:
https://cloud.google.com/cloud-build/docs/running-builds/automate-builds
Note: For external repositories, such as GitHub and Bitbucket, you must have owner-level permissions for the Cloud Platform project with which you're working. When you set up a build trigger with an external repository for the first time, you'll need to set up authorization with that repository.
After you've set up your external repository, Cloud Source Repository creates a mirror of your repository.
https://source.cloud.google.com
https://cloud.google.com/source-repositories/docs/deleting-a-repository
https://cloud.google.com/source-repositories/docs/mirroring-a-github-repository
I am experiencing the same issue. I can create a trigger for a repo, but I cannot connect the repo automatically to cloud build. We also have many projects, and this manual labor is sort of annoying.
Is there any (under the hood) github/gcloud api available in which I can connect a github repo to cloud build? I am aware that this can only be done by someone with admin privileges on a repo or organization in github.
After this, I will be able to run the command gcloud build triggers create github [NAME]
IBM Bluemix DevOps ToolChain allows source code repositories to be only github and IBM version gitlab. My repo is in the public gitlab cloud and i do not intend to move it to IBM's gitlab cloud. How do I set up my Toolchain?
Update: It is now possible to add gitlab.com repositories (or repositories from any other GitLab server on the public internet) to Bluemix DevOps Toolchains. More details are available in the Bluemix Documentation.
Original (outdated) answer:
It is not currently possible to add repositories on gitlab.com or other public GitLab servers to an IBM Bluemix DevOps toolchain. However, that capability is actively under development.
Until that feature is available, you could proceed by duplicating your repository to one of the supported Git providers. There are instructions for duplicating a repository at https://help.github.com/articles/duplicating-a-repository/. In short:
git clone --bare https://github.com/exampleuser/old-repository.git
cd old-repository.git
git push --mirror https://github.com/exampleuser/new-repository.git
The example uses github.com, but this approach would work for any git repository.
I think this has been added recently, you can just pick it when you add a tool to your toolchain. There's also a blog post about it https://serifandsemaphore.io/build-a-serverless-api-in-seconds-with-go-c504398d86f6
Question:
Does Google automatically update storage buckets with changes pushed to a project's Cloud Source Repository?
Example:
I create a Google Cloud Platform project called Cooking and store the file recipe.txt in a bucket.
I modify recipe.txt and push the changes from my local master branch to the Cloud Source Repository for Cooking.
When I look at the Source Code panel for my project, I see recipe.txt is up-to-date with my latest changes.
When I look at the storage bucket for my project, I see recipe.txt is not up-to-date (i.e. not in sync with the project's Cloud Source Repository).
No. Google Cloud Source Repositories can be configured to stay in sync with other git repository services, such as GitHub or Bitbucket, but there is no relationship between Google Cloud Source Repository repositories and GCS buckets.