眉毛粗的红茶 · 风云会神舟鸿雁问北斗——中国航天那串“浪漫” ...· 1 月前 · |
纯真的芒果 · 快递理赔诈骗:文山已有人被骗上万元_《防范电 ...· 4 月前 · |
冲动的消炎药 · 腾讯文档下拉选项怎么删除-腾讯文档使用问题- ...· 1 年前 · |
活泼的冲锋衣 · 《孫悟空三打白骨精》 | art-mate.net· 1 年前 · |
on_stop
action
Environments describe where code is deployed.
Each time GitLab CI/CD deploys a version of code to an environment, a deployment is created.
GitLab:
If you have a deployment service like Kubernetes associated with your project, you can use it to assist with your deployments.
There are a few ways to view a list of environments for a given project:
On the project’s overview page, if at least one environment is available (that is, not stopped).
On the left sidebar, select Operate > Environments . The environments are displayed.
To view a list of deployments for an environment, select the environment name,
for example,
staging
.
Deployments show up in this list only after a deployment job has created them.
enable_environments_search_within_folder
. Enabled by default.
To search environments by name:
devel
matches the environment name
development
, but
elop
does not.
review/test-app
, search term
test
matches
review/test-app
.
review/test
matches
review/test-app
.
To customize your environments and deployments, you can use any of the predefined CI/CD variables , and define custom CI/CD variables.
An environment is either static or dynamic:
You can create a static environment in the UI or in your
.gitlab-ci.yml
file.
To create a static environment in the UI:
.gitlab-ci.yml
file
To create a static environment, in your
.gitlab-ci.yml
file:
For example, to create an environment named
staging
, with URL
https://staging.example.com
:
deploy_staging:
stage: deploy
script:
- echo "Deploy to staging server"
environment:
name: staging
url: https://staging.example.com
To create a dynamic environment, you use CI/CD variables that are unique to each pipeline.
Prerequisites:
To create a dynamic environment, in your
.gitlab-ci.yml
file:
deploy
stage.
name
: Use a related CI/CD variable like
$CI_COMMIT_REF_SLUG
. Optionally, add a static
prefix to the environment’s name, which
groups in the UI
all
environments with the same prefix.
url
: Optional. Prefix the hostname with a related CI/CD variable like
$CI_ENVIRONMENT_SLUG
.
environment
keywords, see the
.gitlab-ci.yml
keyword reference
.
In the following example, every time the
deploy_review_app
job runs the environment’s name and
URL are defined using unique values.
deploy_review_app:
stage: deploy
script: make deploy
environment:
name: review/$CI_COMMIT_REF_SLUG
url: https://$CI_ENVIRONMENT_SLUG.example.com
rules:
- if: $CI_COMMIT_BRANCH == "main"
when: never
- if: $CI_COMMIT_BRANCH
To address this problem, you can configure a deployment job to report back a set of
variables. These variables include the URL that was dynamically generated by the external service.
GitLab supports the
dotenv (
.env
)
file format,
and expands the
environment:url
value with variables defined in the
.env
file.
To use this feature, specify the
artifacts:reports:dotenv
keyword in
.gitlab-ci.yml
.
You can also specify a static part of the URL at
environment:url
, such as
https://$DYNAMIC_ENVIRONMENT_URL
. If the value of
DYNAMIC_ENVIRONMENT_URL
is
example.com
, the
final result is
https://example.com
.
The assigned URL for the
review/your-branch-name
environment is visible in the UI.
For an overview, see Set dynamic URLs after a job finished .
In the following example a review app creates a new environment for each merge request:
review
job is triggered by every push, and creates or updates an environment named
review/your-branch-name
. The environment URL is set to
$DYNAMIC_ENVIRONMENT_URL
.
review
job finishes, GitLab updates the
review/your-branch-name
environment’s URL.
It parses the
deploy.env
report artifact, registers a list of variables as runtime-created,
expands the
environment:url: $DYNAMIC_ENVIRONMENT_URL
and sets it to the environment
URL.
review:
script:
- DYNAMIC_ENVIRONMENT_URL=$(deploy-script) # In script, get the environment URL.
- echo "DYNAMIC_ENVIRONMENT_URL=$DYNAMIC_ENVIRONMENT_URL" >> deploy.env # Add the value to a dotenv file.
artifacts:
reports:
dotenv: deploy.env # Report back dotenv file to rails.
environment:
name: review/$CI_COMMIT_REF_SLUG
url: $DYNAMIC_ENVIRONMENT_URL # and set the variable produced in script to `environment:url`
on_stop: stop_review
stop_review:
script:
- ./teardown-environment
when: manual
environment:
name: review/$CI_COMMIT_REF_SLUG
action: stop
Note the following:
stop_review
doesn’t generate a dotenv report artifact, so it doesn’t recognize the
DYNAMIC_ENVIRONMENT_URL
environment variable. Therefore you shouldn’t set
environment:url
in the
stop_review
job.
stop_review
exists only in your repository and therefore can’t use
GIT_STRATEGY: none
, configure
merge request pipelines
for these jobs. This ensures that runners can fetch the repository even after a feature branch is
deleted. For more information, see
Ref Specs for Runners
.
Add-Content
command to write to
.env
files.
Add-Content -Path deploy.env -Value "DYNAMIC_ENVIRONMENT_URL=$DYNAMIC_ENVIRONMENT_URL"
You cannot rename an environment.
To achieve the same result as renaming an environment:
Introduced in GitLab 13.10.
Sometimes, instead of using an
industry standard
environment name, like
production
, you might want to use a code name, like
customer-portal
.
While there is no technical reason not to use a name like
customer-portal
, the name
no longer indicates that the environment is used for production.
To indicate that a specific environment is for a specific use, you can use tiers:
Environment tier | Environment name examples |
---|---|
production
|
Production, Live |
staging
|
Staging, Model, Demo |
testing
|
Test, QC |
development
|
Dev, Review apps , Trunk |
other
|
By default, GitLab assumes a tier based on
the environment name
.
Instead, you can use the
deployment_tier
keyword
to specify a tier.
You can create a job that requires someone to manually start the deployment. For example:
You can find the play button in the pipelines, environments, deployments, and jobs views.
GitLab can track newly included merge requests per deployment. When a deployment succeeded, the system calculates commit-diffs between the latest deployment and the previous deployment. This tracking information can be fetched via the Deployment API and displayed at a post-merge pipeline in merge request pages .
To activate this tracking, your environment must be configured in the following:
/
(that is, top-level/long-lived environments),
OR
Environment tier
is either
production
or
staging
.
Here are the example setups of
environment
keyword
in
.gitlab-ci.yml
:
# Trackable
environment: production
environment: production/aws
environment: development
# Non Trackable
environment: review/$CI_COMMIT_REF_SLUG
environment: testing/aws
For the rollback to succeed, the deployment process must be defined in
the job’s
script
.
Only the
deployment jobs
are run.
In cases where a previous job generates artifacts that must be regenerated
on deploy, you must manually run the necessary jobs from the pipelines page.
For example, if you use Terraform and your
plan
and
apply
commands are separated
into multiple jobs, you must manually run the jobs to deploy or roll back.
If there is a problem with a deployment, you can retry it or roll it back.
To retry or roll back a deployment:
soft_validation_on_external_url
. Disabled by default.
soft_validation_on_external_url
removed.
The environment URL is displayed in a few places in GitLab:
You can see this information in a merge request if:
main
).
staging
or
production
).
For example:
With GitLab Route Maps , you can go directly from source files to public pages in the environment set for Review Apps.
If the environment has an
on_stop
action
defined, it’s
executed to stop the environment.
You can configure environments to stop when a branch is deleted.
rules
or
only/except
configuration. Otherwise,
the
stop_review
job might not be included in all pipelines that include the
deploy_review
job, and you cannot trigger
action: stop
to stop the environment automatically.
action: stop
might not run
if it’s in a later stage than the job that started the environment.
GIT_STRATEGY
to
none
in the
stop_review
job. Then the
runner
doesn’t
try to check out the code after the branch is deleted.
deploy_review:
stage: deploy
script:
- echo "Deploy a review app"
environment:
name: review/$CI_COMMIT_REF_SLUG
url: https://$CI_ENVIRONMENT_SLUG.example.com
on_stop: stop_review
stop_review:
stage: deploy
script:
- echo "Remove review app"
environment:
name: review/$CI_COMMIT_REF_SLUG
action: stop
when: manual
When you use the
merge request pipelines
configuration,
the
stop
trigger is automatically enabled.
In the following example, the
deploy_review
job calls a
stop_review
job to clean up and stop
the environment.
deploy_review:
stage: deploy
script:
- echo "Deploy a review app"
environment:
name: review/$CI_COMMIT_REF_SLUG
on_stop: stop_review
rules:
- if: $CI_MERGE_REQUEST_ID
stop_review:
stage: deploy
script:
- echo "Remove review app"
environment:
name: review/$CI_COMMIT_REF_SLUG
action: stop
rules:
- if: $CI_MERGE_REQUEST_ID
when: manual
You can specify a job to run when an environment is stopped.
stop_review_app
job
must
have the following keywords defined:
when
, defined at either:
The job level
.
rules
and
when: manual
, you should
also set
allow_failure: true
so the pipeline can complete
even if the job doesn’t run.
environment:name
environment:action
In your
.gitlab-ci.yml
file, specify in the
on_stop
keyword the name of the job that stops the environment.
In the following example:
review_app
job calls a
stop_review_app
job after the first job is finished.
stop_review_app
is triggered based on what is defined under
when
. In this
case, it is set to
manual
, so it needs a
manual action
from the GitLab UI to run.
GIT_STRATEGY
is set to
none
. If the
stop_review_app
job is
automatically triggered
,
the runner doesn’t try to check out the code after the branch is deleted.
review_app:
stage: deploy
script: make deploy-app
environment:
name: review/$CI_COMMIT_REF_SLUG
url: https://$CI_ENVIRONMENT_SLUG.example.com
on_stop: stop_review_app
stop_review_app:
stage: deploy
variables:
GIT_STRATEGY: none
script: make delete-app
when: manual
environment:
name: review/$CI_COMMIT_REF_SLUG
action: stop
You can set an environment to stop automatically after a certain time period.
In your
.gitlab-ci.yml
file, specify the
environment:auto_stop_in
keyword. Specify the time period in natural language, such as
1 hour and 30 minutes
or
1 day
.
After the time period passes, GitLab automatically triggers a job to stop the environment.
In the following example:
review_app
job that deploys the latest change to the
environment and resets its expiry period.
stop_review_app
job to stop the environment.
review_app:
script: deploy-review-app
environment:
name: review/$CI_COMMIT_REF_SLUG
on_stop: stop_review_app
auto_stop_in: 1 week
rules:
- if: $CI_MERGE_REQUEST_ID
stop_review_app:
script: stop-review-app
environment:
name: review/$CI_COMMIT_REF_SLUG
action: stop
rules:
- if: $CI_MERGE_REQUEST_ID
when: manual
When a environment has been scheduled to stop after a specified time period , you can view its expiration date and time.
To view an environment’s expiration date and time:
The expiration date and time is displayed in the upper-left corner, next to the environment’s name.
When a environment has been scheduled to stop after a specified time period , you can override its expiration.
To override an environment’s expiration:
The
auto_stop_in
setting is overridden and the environment remains active until it’s stopped
manually.
on_stop
action
There may be times when you want to stop an environment without running the defined
on_stop
action. For example, you want to delete many
environments without using
compute quota
.
To stop an environment without running the defined
on_stop
action, execute the
Stop an environment API
with the parameter
force=true
.
To stop an environment in the GitLab UI:
environment_multiple_stop_actions
. Disabled by default.
environment_multiple_stop_actions
removed.
To configure multiple
parallel
stop actions on an environment, specify the
on_stop
keyword across multiple
deployment jobs
for the same
environment
, as defined in the
.gitlab-ci.yml
file.
When an environment is stopped, the matching
on_stop
actions from only successful deployment jobs are run in parallel, in no particular order.
In the following example, for the
test
environment there are two deployment jobs:
deploy-to-cloud-a
deploy-to-cloud-b
When the environment is stopped, the system runs
on_stop
actions
teardown-cloud-a
and
teardown-cloud-b
in parallel.
deploy-to-cloud-a:
script: echo "Deploy to cloud a"
environment:
name: test
on_stop: teardown-cloud-a
deploy-to-cloud-b:
script: echo "Deploy to cloud b"
environment:
name: test
on_stop: teardown-cloud-b
teardown-cloud-a:
script: echo "Delete the resources in cloud a"
environment:
name: test
action: stop
when: manual
teardown-cloud-b:
script: echo "Delete the resources in cloud b"
environment:
name: test
action: stop
when: manual
Delete an environment when you want to remove it and all its deployments.
To delete an environment:
Introduced in GitLab 13.2.
You can define a job that accesses an environment for various purposes, such as verification or preparation. This effectively bypasses deployment creation, so that you can adjust your CD workflow more accurately.
To do so, add either
action: prepare
,
action: verify
, or
action: access
to the
environment
section of your job:
build:
stage: build
script:
- echo "Building the app"
environment:
name: staging
action: prepare
url: https://staging.example.com
This gives you access to environment-scoped variables, and can be used to protect builds from unauthorized access. Also, it’s effective to avoid the prevent outdated deployment jobs feature.
You can group environments into collapsible sections in the UI.
The following example shows how to start your environment names with
review
.
The
$CI_COMMIT_REF_SLUG
variable is populated with the branch name at runtime:
deploy_review:
stage: deploy
script:
- echo "Deploy a review app"
environment:
name: review/$CI_COMMIT_REF_SLUG
You can use incident management to get alerts when there are critical issues that need immediate attention.
Introduced in GitLab 13.4.
If you set up alerts for Prometheus metrics , alerts for environments are shown on the environments page. The alert with the highest severity is shown, so you can identify which environments need immediate attention.
When the issue that triggered the alert is resolved, it is removed and is no longer visible on the environments page.
If the alert requires a rollback , you can select the deployment tab from the environment page and select which deployment to roll back to.
Introduced in GitLab 13.7.
In a typical Continuous Deployment workflow, the CI pipeline tests every commit before deploying to production. However, problematic code can still make it to production. For example, inefficient code that is logically correct can pass tests even though it causes severe performance degradation. Operators and SREs monitor the system to catch these problems as soon as possible. If they find a problematic deployment, they can roll back to a previous stable version.
GitLab Auto Rollback eases this workflow by automatically triggering a rollback when a critical alert is detected. GitLab selects and redeploys the most recent successful deployment.
Limitations of GitLab Auto Rollback:
GitLab Auto Rollback is turned off by default. To turn it on:
This feature was deprecated in GitLab 14.7 and removed in 16.0.
Deprecated in GitLab 14.5.
If you deploy to your environments with the help of a deployment service (for example, the Kubernetes integration ), GitLab can open a terminal session to your environment. You can then debug issues without leaving your web browser.
The Web terminal is a container-based deployment, which often lack basic tools (like an editor), and can be stopped or restarted at any time. If this happens, you lose all your changes. Treat the Web terminal as a debugging tool, not a comprehensive online IDE.
Web terminals:
In the UI, you can view the Web terminal by selecting Terminal from the actions menu:
You can also access the terminal button from the page for a specific environment:
Select the button to establish the terminal session:
This works like any other terminal. You’re in the container created by your deployment so you can:
You can open multiple terminals to the same environment. They each get their own shell
session and even a multiplexer like
screen
or
tmux
.
In your Git configuration, append the
[remote "<your-remote>"]
block with an extra
fetch line:
deployments_archive
removed.
When a new deployment happens in your project,
GitLab creates
a special Git-ref to the deployment
.
Since these Git-refs are populated from the remote GitLab repository,
you could find that some Git operations, such as
git-fetch
and
git-pull
,
become slower as the number of deployments in your project increases.
To maintain the efficiency of your Git operations, GitLab keeps
only recent deployment refs (up to 50,000) and deletes the rest of the old deployment refs.
Archived deployments are still available, in the UI or by using the API, for auditing purposes.
Also, you can still fetch the deployed commit from the repository
with specifying the commit SHA (for example,
git checkout <deployment-sha>
), even after archive.
keep-around
refs
so that deployed commits are not garbage collected, even if it’s not referenced by the deployment refs.
By default, all CI/CD variables are available to any job in a pipeline. Therefore, if a project uses a compromised tool in a test job, it could expose all CI/CD variables that a deployment job used. This is a common scenario in supply chain attacks. GitLab helps mitigate supply chain attacks by limiting the environment scope of a variable.
You can limit the environment scope of a CI/CD variable by
defining which environments it can be available for.
For example, if the environment scope is
production
, then only the jobs
with the environment
production
defined would have this specific variable.
The default environment scope is a wildcard (
*
), which means that
any job can have this variable, regardless of whether an environment is defined.
If the environment scope is
review/*
, then jobs with environment names starting
with
review/
would have that variable available.
In most cases, these features use the environment specs mechanism, which offers an efficient way to implement scoping in each environment group.
For example, if there are four environments:
production
staging
review/feature-1
review/feature-2
Each environment can be matched with the following environment spec:
Environment Spec |
production
|
staging
|
review/feature-1
|
review/feature-2
|
---|---|---|---|---|
* | Matched | Matched | Matched | Matched |
production | Matched | |||
staging | Matched | |||
review/* | Matched | Matched | ||
review/feature-1 | Matched |
You can use specific matching to select a particular environment.
You can also use wildcard matching (
*
) to select a particular environment group,
like
Review Apps
(
review/*
).
The most specific spec takes precedence over the other wildcard matching. In this case,
the
review/feature-1
spec takes precedence over
review/*
and
*
specs.
action: stop
doesn’t run
In some cases, environments do not stop when a branch is deleted .
For example, the environment might start in a stage that also has a job that failed.
Then the jobs in later stages job don’t start. If the job with the
action: stop
for the environment is also in a later stage, it can’t start and the environment isn’t deleted.
To ensure the
action: stop
can always run when needed, you can:
Put both jobs in the same stage:
stages:
- build
- test
- deploy
deploy_review:
stage: deploy
environment:
name: review/$CI_COMMIT_REF_SLUG
url: https://$CI_ENVIRONMENT_SLUG.example.com
on_stop: stop_review
stop_review:
stage: deploy
environment:
name: review/$CI_COMMIT_REF_SLUG
action: stop
when: manual
Add a needs
entry to the action: stop
job so the
job can start out of stage order:
stages:
- build
- test
- deploy
- cleanup
deploy_review:
stage: deploy
environment:
name: review/$CI_COMMIT_REF_SLUG
url: https://$CI_ENVIRONMENT_SLUG.example.com
on_stop: stop_review
stop_review:
stage: cleanup
needs:
- deploy_review
environment:
name: review/$CI_COMMIT_REF_SLUG
action: stop
when: manual
A deployment job failed with “This job could not be executed because it would create an environment with an invalid parameter” error
Introduced
in GitLab 14.4.
If your project is configured to
create a dynamic environment
,
you might encounter this error because the dynamically generated parameter can’t be used for creating an environment.
For example, your project has the following
.gitlab-ci.yml
:
deploy:
script: echo
environment: production/$ENVIRONMENT
Since
$ENVIRONMENT
variable does not exist in the pipeline, GitLab tries to
create an environment with a name
production/
, which is invalid in
the environment name constraint
.
To fix this, use one of the following solutions:
-
Remove
environment
keyword from the deployment job. GitLab has already been
ignoring the invalid keyword, therefore your deployment pipelines stay intact
even after the keyword removal.
-
Ensure the variable exists in the pipeline. Review the
limitation on supported variables
.
If you get this error on Review Apps
For example, if you have the following in your
.gitlab-ci.yml
:
To fix this, use one of the following solutions:
-
Re-create your feature branch without the invalid characters,
such as
bug-fix
.
-
Replace the
CI_COMMIT_REF_NAME
predefined variable
with
CI_COMMIT_REF_SLUG
which strips any invalid characters:
review:
script: deploy review app
environment: review/$CI_COMMIT_REF_SLUG
Deployment refs are not found
Starting from GitLab 14.5, GitLab
deletes old deployment refs
to keep your Git repository performant.
If you have to restore archived Git-refs, ask an administrator of your self-managed GitLab instance
to execute the following command on Rails console:
Project.find_by_full_path(<your-project-full-path>).deployments.where(archived: true).each(&:create_ref)
GitLab might drop this support in the future for the performance concern.
You can open an issue in
GitLab Issue Tracker
to discuss the behavior of this feature.
Help & feedback
Docs
Edit this page
to fix an error or add an improvement in a merge request.
Create an issue
to suggest an improvement to this page.
Product
Create an issue
if there's something you don't like about this feature.
Propose functionality
by submitting a feature request.
Join First Look
to help shape new features.
Feature availability and product trials
View pricing
to see all GitLab tiers and features, or to upgrade.
Try GitLab for free
with access to all features for 30 days.
Get Help
If you didn't find what you were looking for,
search the docs
.
If you want help with something specific and could use community support,
post on the GitLab forum
.
For problems setting up or using this feature (depending on your GitLab
subscription).
Request support
活泼的冲锋衣 · 《孫悟空三打白骨精》 | art-mate.net 1 年前 |