Before deploying to an environment with GitHub actions, you may need to implement a manual approval, especially in production environment. If it is a infrastructure deployment pipeline you may need even implement approvals for development environments to avoid unstable environments due to infrastructure failures. You may want to check what happens if you deploy Bicep or Terraform script, and then approve the execution to the target environment. Let's try to understand how to implement a manual approval step in GitHub actions
As the first step in your repository settings you have to define an environment. Click on New environment.
Provide a name for the environment, we have to use the same environment name in the pipeline later to enable approval. Click on Configure environment.
You need to add reviewers for the environment as shown below. Save the protection rules.
Once we have setup the environment we can start setting up a GitHub action pipeline. The first job is setup as pre dev environment. An example would be terraform plan step, or Bicep --what-if to check what happens.
name: Manual Approval Demo
on:
workflow_dispatch:
jobs:
Pre-Dev-Steps:
runs-on: ubuntu-latest
steps:
- name: 'Run some predev steps'
shell: pwsh
run: |
Write-Host 'Done some pre dev env deploy work'
The next job dev needs first job as a prerequisite making it wait for pre dev to finish. To enable waiting note the environment name is set as exactly we have specified in repo settings environments.
Dev-Env:
runs-on: ubuntu-latest
needs: Pre-Dev-Steps
environment:
name: DevEnv
steps:
- name: 'Run some dev env steps'
shell: pwsh
run: |
Write-Host 'Done some dev env deploy work'
Once we execute this pipeline pre dev steps will run and wait for approval for the dev env. You can click on review deployments as you can see environment is waiting for review with a clock icon.
Once you click review deployment there will be a popup allowing you to approve or reject the deployment with an optional comment.
Once approved the deployment will complete for the dev environment. You can see the approval and the comment.
The entire pipeline code is below.
name: Manual Approval Demo
on:
workflow_dispatch:
jobs:
Pre-Dev-Steps:
runs-on: ubuntu-latest
steps:
- name: 'Run some predev steps'
shell: pwsh
run: |
Write-Host 'Done some pre dev env deploy work'
Dev-Env:
runs-on: ubuntu-latest
needs: Pre-Dev-Steps
environment:
name: DevEnv
steps:
- name: 'Run some dev env steps'
shell: pwsh
run: |
Write-Host 'Done some dev env deploy work'
No comments:
Post a Comment