I don't write a lot of time. So I'm deep learning development on .Net and have not had time.
I decided to tell you about my experience in our company.
We know, that team foundation server has "Release management tools". Actually from the name of this tool we understand that with this tools we can deploy to production your code.
But what should you do, if build engineers doesn't have permissions to production by politicians rules of company, and should take OPS team some tools, which allow them deploy without TFS?
We investigated a lot of time this question. Have had a huge number of meetings.
As result we decided create some framework based on powershell script.
We have been started using "JUMP" servers, where build engineers haven't access.
So our decision can allow execute script on remote servers with security credential.
Owners of this production or responsibility person should write account from production to tfs release management tools when he want trigger release definition.
And this decision doesn't allow build engineers look for credential, which had imputed owner before.
Even If build engineers have very high privilege.
But be careful.If responsibility person want save time and write this credential to variable, you will have to chance "cheeting " and get credential.You just need switch from your jump server to your server, where had installed sniffer like "Fiddler".
That's all for today! Be careful with your deployment!
No comments:
Post a Comment