How to configure a CI/CD Deployment service

Continuous Integration/Continuous Delivery is a powerful addition to your development workflow. CI/CD automates deployment of commits that have passed tests and been merged into the deployment branch.

The basic principles

When a build completes successfully on the CI service, it needs to send a signal to the Control Panel to start the deployment. Typically this would be with the command:

divio app deploy --remote-id <website id>

where the <website id> is as shown in its Divio Control Panel dashboard URL.

The Divio CLI will need to be installed in the environment that executes this command, and to be authenticated with the Control Panel.

An example using Travis CI

In this example we will use Travis CI as an example, though Circle CI, Jenkins and other services will work just as well, and the principles are the same.

Connect your application to the CI service

For Travis, this means activating the application in your Travis account settings (https://travis-ci.org/account/repositories).

Your application needs a .travis.yml file, which depending on the application might look something like:

language: python

python:
  - 3.5

sudo: false

install:
  - pip install isort flake8

script:
  - flake8 --max-line-length=200

Triggering the deployment on success

When a build is successful, we need Travis to log in as a Divio user and execute some steps in the after_success section of the file:

install the Divio CLI
log in
run a divio app deploy command, using your application's website id

Authentication

To log in, Travis needs to provide your Divio authentication token.

Never include security keys in plain text

The token must never be included in plain text in the repository. Instead, you need to use an encrypted version. We recommend creating a Divio account specifically for using with Travis, so that you can more easily manage and revoke access.

You can encrypt your token using Travis's encrypt tool. Once you have obtained the encrypted token, you can add the following to the travis.yml file:

after_success:
  - pip install divio-cli
  - divio login <encrypted token>
  - divio app deploy --remote-id <website id>

You could also run:

travis encrypt TOKEN="secretvalue" --add

which will add something like:

env:
  global:
    secure: SECRET_KEY

to the file, and make $TOKEN available as an environment variable. So you would then use:

- divio login $TOKEN

in the file.

Using the deployment API directly

The Divio CLI is the most elegant way of interacting with the Control Panel for deployment, but if desired, you can also use the API directly:

curl -X POST --data 'stage=<env-slug>' --header "Authorization: Basic <encrypted token>" https://control.divio.com/api/v1/website/<website id>/deploy/

Caveats

Multiple successive pull requests could lead to a race condition, depending on the order in which they arrive, in which a successful CI build triggers a deployment that then prevents the next build from deploying.
If the CI job finishes very fast, it could trigger a deployment on the server before the Control Panel has had time to pull the changes to be deployed.

Was this helpful?

Share Your Thoughts

The basic principles​

An example using Travis CI​

Connect your application to the CI service​

Triggering the deployment on success​

Authentication​

Using the deployment API directly​

Caveats​