How to configure a CI/CD Deployment service¶
Continuous Integration/Continuous Delivery is a powerful addition to your development workflow. CI/CD automates deployment of commits that have passed tests and been merged into the deployment branch.
The basic principles¶
When a build completes successfully on the CI service, it needs to send a signal to the Control Panel to start the deployment. Typically this would be with the command:
divio project deploy --remote-id <website id>
<website id> is as shown in its Divio Control Panel dashboard URL.
The Divio CLI will need to be installed in the environment that executes this command, and to be authenticated with the Control Panel.
An example using Travis CI¶
In this example we will use Travis CI as an example, though Circle CI, Jenkins and other services will work just as well, and the principles are the same.
Connect your project to the CI service¶
For Travis, this means activating the project in your Travis account settings (https://travis-ci.org/account/repositories).
Your project needs a
.travis.yml file, which depending on the project might look something like:
language: python python: - 3.5 sudo: false install: - pip install isort flake8 script: - flake8 --max-line-length=200
Triggering the deployment on success¶
When a build is successful, we need Travis to log in as a Divio Cloud user and execute some steps in the
after_success section of the file:
- install the Divio CLI
- log in
- run a
divio project deploycommand, using your project’s website id
To log in, Travis needs to provide your Divio Cloud authentication token.
Never include security keys in plain text
The token must never be included in plain text in the repository. Instead, you need to use an encrypted version. We recommend creating a Divio Cloud account specifically for using with Travis, so that you can more easily manage and revoke access.
You can encrypt your token using Travis’s encrypt tool. Once you
have obtained the encrypted token, you can add the following to the
after_success: - pip install divio-cli - divio login <encrypted token> - divio project deploy --remote-id <website id>
You could also run:
travis encrypt TOKEN="secretvalue" --add
which will add something like:
env: global: secure: EsKcqn4H0EBqZhEts [...] X6klJCNI=
to the file, and make
$TOKEN available as an environment variable. So you would then use:
- divio login $TOKEN
in the file.
Using the deployment API directly¶
The Divio CLI is the most elegant way of interacting with the Control Panel for deployment, but if desired, you can also use the API directly:
curl -X POST --data 'stage=<env-slug>' --header "Authorization: Basic <encrypted token>" https://control.divio.com/api/v1/website/<website id>/deploy/
- Multiple successive pull requests could lead to a race condition, depending on the order in which they arrive, in which a successful CI build triggers a deployment that then prevents the next build from deploying.
- If the CI job finishes very fast, it could trigger a deployment on the server before the Control Panel has had time to pull the changes to be deployed.