this post was submitted on 10 Jul 2025
425 points (96.3% liked)

memes

16151 readers
3455 users here now

Community rules

1. Be civilNo trolling, bigotry or other insulting / annoying behaviour

2. No politicsThis is non-politics community. For political memes please go to !politicalmemes@lemmy.world

3. No recent repostsCheck for reposts when posting a meme, you can only repost after 1 month

4. No botsNo bots without the express approval of the mods or the admins

5. No Spam/AdsNo advertisements or spam. This is an instance rule and the only way to live.

A collection of some classic Lemmy memes for your enjoyment

Sister communities

founded 2 years ago
MODERATORS
 

Rolling, rolling, rolling back nothing I love more than communicating why we had to roll back again (⁠ノ⁠ಠ⁠益⁠ಠ⁠)⁠ノ

you are viewing a single comment's thread
view the rest of the comments
[–] kkj@lemmy.dbzer0.com 2 points 22 hours ago (1 children)

Every branch you have deploys on commit? You have to fully QA all of your code before it goes into any sort of source control?

[–] neonred@lemmy.world 1 points 22 hours ago* (last edited 22 hours ago) (2 children)

Not quite.

  • Every commit is just a local commit
  • Every push runs pre-hooks which execute bunch of checks, for example linters, style checkers, etc. and prevent a push if something is not perfect
  • After every push the CI/CD pipeline runs on origin
  • Every run of the pipeline executes again checks with linters but also securoty checks for CVEs on dependencies and runtime
  • Every pipeline run also executes all tests such as unit tests, scenario tests, integration tests
  • If any of the above fails, the pipeline fails and stops
  • Only if everything is okay, one can deploy on dev, the first stage
  • Only if this is okay, the artifact gets pushed to the central artifact store
  • Only if this suceesa a prod deployment can run, which pulls the artifact from the store
  • Runners for dev and prod are distinct and don't have rights the other has, the only common contact point is the artifact store

That's an extremely very basic overview with many steps and concepts omitted but you get the idea.

[–] kkj@lemmy.dbzer0.com 2 points 21 hours ago (1 children)

That seems reasonable to perform on protected branches, but I'm not a fan of protecting all branches. That could leave valuable code with a single copy on a dev machine. I'd rather have it pushed to an unprotected branch and then be checked on merge instead of push.

[–] neonred@lemmy.world 1 points 20 hours ago

Only main is protected, you can force push on feature branches.

[–] chellomere@lemmy.world 1 points 22 hours ago (1 children)

So, what if I want to push some debug or preliminary code to a topic branch, would this system prevent this if all tests don't pass?

[–] neonred@lemmy.world 1 points 21 hours ago* (last edited 20 hours ago) (1 children)

No, it does not prevent pushing (as long as the pre-hooks work) but you cannot deploy from a failed pipeline/branch because you have defective software, as proven by failed tests.

[–] chellomere@lemmy.world 1 points 7 hours ago

That is reasonable