Reputation: 61
Secure Deployment pattern using Octopus deploy
How would one go about creating a secure means of deploying a package by way of Octopus Deploy?
Implementing a duplicate team, former for developers to deploy to development environment, the latter, to deploy to staging/production environment, with identical roles and specific users that would be team leads that can only deploy to staging/production.
The idea is to prevent developers from having to deploy or promote to staging/production as means of security.
It seems rather clunky in having a duplicate team, and would cause confusion especially when new octopus projects are created in the regards of syncing up between the duplicate teams.
What would you advise/recommend in this approach?
Ninja Edit I have included the tags 
teamcity and powershell as that is the idea - teamcity, when a build process is kicked off, that will deploy a build eventually leading to octopus deploy which will carry out the deployment process to that environment.
Upvotes: 1
Views: 176
Answers (1)
Reputation: 6239
We're in a similar situation where developers are responsible for the DEVELOPMENT environment, testers for TEST and the operations team for PREPROD and PROD.
This is enforced by providing all users with access to Octopus Deploy, creating environment specific teams with roles scoped to particular environments; and assigning users to teams.
http://docs.octopusdeploy.com/display/OD/Managing+users+and+teams
Upvotes: 1
Related Questions
- TeamCity Octopus Deploy Create Release cannot read API key
- Push Team City Release to Octopus Deploy
- Continuous build and deployment of Angular-cli using TeamCity and Octopus
- Octopus Post Deploy Encrypt Application Settings
- Builtin Octopus deploy repository
- Octopus deployment to same environment and different servers
- Team City or Octopus build agents behind firewalls
- Deploying builds from TeamCity
- Octopus Deploy On Same Machine
- How to secure TeamCity deployment via Web Deploy service?