-
Type:
New Feature
-
Status: Open
-
Resolution: Unresolved
-
Affects Version/s: 7.4.1
-
Fix Version/s: None
-
Component/s: None
-
Labels:
-
Environment:
on Prem Environment.
promotion access has been limited to service accounts that have been implemented into CI/CD process.
This stop promotions outside of the CI/CD process but unfortunately does not stop someone doing something dodgy inside the CI/CD process.
Creating this feature would stop someone doing something dodgy inside the CI/CD process.
on Prem Environment. promotion access has been limited to service accounts that have been implemented into CI/CD process. This stop promotions outside of the CI/CD process but unfortunately does not stop someone doing something dodgy inside the CI/CD process. Creating this feature would stop someone doing something dodgy inside the CI/CD process.
Hi Team,
we are currently implementing artifact promotion into out development pipeline to improve reliability and security of what artifacts are going into prod.
To that end we wanted to lock down from where an artifact is promoted from, for example any artifact can be promoted from it default repo into lockdown-dev only artifact in lockdown-dev can be promoted into lockdown-test, and finally only artifacts from lockdown-test can promoted lockdown-prod.
we would request a feature be made available to achieve this for example, having a setting on the repo which you can tick to enable then add repos to a list of "acceptable promotions repo"
Having the above setup, we could then run "build-promote" with the optionally tag "--source-repo=$SOURCE_REPOSITORY"
{{}}
with "{{$SOURCE_REPOSITORY" }}Equalling one of the approve repos.
We've confirmed with ticket 141612 that there is currently no way to do this in artifactory.