0

2 Azure functions are being created for non-prod and prod environments.

We have CI and CD pipeline in azure Devops which we use for build and deploy. Ideally for each code change, only CI pipeline should run and wait for Devops team to manually trigger CD pipeline to deploy to function since our code is not matured enough to allow auto deploy for every change.

Issue we are facing is: If both the functions are in connected state and some code change happens in GitHub, deployment auto triggers on both prod and non prod functions through CI pipeline.

So CI pipeline once run the build state post it, the deployment happens in functions directly without going to CD release pipeline.

Workaround followed:

  • Disconnect all available functions

  • Commit code changes which will trigger CI

  • manually trigger release CD pipeline

This will then establish connection to correct function and deploy

Can someone please suggest me the fix for this issue on how I can disable this auto deploy to functions caused due to code changes

Daniel Mann
  • 57,011
  • 13
  • 100
  • 120
aanya sharma
  • 1
  • Check your release ci and cd pipeline if both the pipeline are yaml single pipeline and once the ci succeed it deploy the new release? The deployment pipeline can be created as manually trigger so it wont be issue.. – user1006544 Feb 27 '23 at 09:36

1 Answers1

0

A trick you could employ here is to set an approval on the Prod environment, that way deployments to production must be approved.

You can also add a script to cancel all previous pipelines whenever a new one triggers, that would mean you're not left with 18 pipelines all requesting permission to deploy.

Another approach would be to put your CI build in one pipeline and your CD build in another. You can set the trigger and the sources for a pipeline to be another pipeline. That way when you trigger the CD pipeline you can choose the CI results to deploy. I suspect this is the closest to what you need at the moment, you can always combine the 2 pipelines later.

# app-ci YAML pipeline
# We are setting up a pipeline resource that references the security-lib-ci
# pipeline and setting up a pipeline completion trigger so that our app-ci
# pipeline runs when a run of the security-lib-ci pipeline completes
resources:
  pipelines:
  - pipeline: securitylib # Name of the pipeline resource.
    source: security-lib-ci # The name of the pipeline referenced by this pipeline resource.
    project: FabrikamProject # Required only if the source pipeline is in another project
    trigger: true # Run app-ci pipeline when any run of security-lib-ci completes

steps:
- bash: echo "app-ci runs after security-lib-ci completes"
jessehouwing
  • 106,458
  • 22
  • 256
  • 341
  • Is there any other way possible ? For approval , this actually sounds good but let’s say if tomorrow I have 4 environments 3 non prod and 1 prod , again same issue will occur and not be considered as perm fix. The Idea of keeping CI CD separate , it’s already separated but before even we trigger CD release pipeline , CI itself deploys to function bypassing CD pipeline entirely – aanya sharma Feb 26 '23 at 13:21
  • Best option is to make sure the quality is good enough or that the pipeline detect whether deployment is an option then set a condition on the deploy stage to skip it automatically. You can do the reverse too, only when tagged with a certain tag, enable the deployment steps. – jessehouwing Feb 26 '23 at 15:37