We’ve developed a few small “pre-flight checks” for our Harness pipelines which help in production environments that I’d like to share. They can:
- Enforce a daily deployment window (9am to 4pm in our case)
- Only allow builds from the master branch to be deployed
- For automated deployments from a trigger, only allow deployments to roll forward
- For manual deployments via the UI, allow forward deploys and rollbacks up to three versions
Find them in:
The code’s under an Apache 2.0 open source licence, so feel free to use them (internally or otherwise), modify and share them. They might be a little hardcoded in places, so you may need to modify them - PRs are most welcome if you want to make it more configurable.
Some example scripts to add straight into Harness are given so you can see how we use them - the idea was to mirror checks we had in our internal deployment tools before we started migrating to Harness.
This morning they caught a potential problem when an engineer accidentally tried to deploy an old commit to production:
(For emergency cases when we want to deliberately deploy something else to production, we have a separate pipeline with an approval step at the start and without the pre-flight checks stage.)
Hope somebody finds them useful, and do share if you’re doing something similar, I’d be interested to know how!