diff options
Diffstat (limited to 'doc/ci/environments/deployment_safety.md')
-rw-r--r-- | doc/ci/environments/deployment_safety.md | 19 |
1 files changed, 5 insertions, 14 deletions
diff --git a/doc/ci/environments/deployment_safety.md b/doc/ci/environments/deployment_safety.md index ece7b784270..1e4eb54c559 100644 --- a/doc/ci/environments/deployment_safety.md +++ b/doc/ci/environments/deployment_safety.md @@ -13,9 +13,10 @@ that help maintain deployment security and stability. You can: +- Set appropriate roles to your project. See [Project members permissions](../../user/permissions.md#project-members-permissions) + for the different user roles GitLab supports and the permissions of each. - [Restrict write-access to a critical environment](#restrict-write-access-to-a-critical-environment) - [Prevent deployments during deploy freeze windows](#prevent-deployments-during-deploy-freeze-windows) -- [Set appropriate roles to your project](#setting-appropriate-roles-to-your-project) - [Protect production secrets](#protect-production-secrets) - [Separate project for deployments](#separate-project-for-deployments) @@ -24,6 +25,9 @@ If you are using a continuous deployment workflow and want to ensure that concur - [Ensure only one deployment job runs at a time](#ensure-only-one-deployment-job-runs-at-a-time) - [Prevent outdated deployment jobs](#prevent-outdated-deployment-jobs) +<i class="fa fa-youtube-play youtube" aria-hidden="true"></i> +For an overview, see [How to secure your CD pipelines/workflow](https://www.youtube.com/watch?v=Mq3C1KveDc0). + ## Restrict write access to a critical environment By default, environments can be modified by any team member that has at least the @@ -122,19 +126,6 @@ vacation period when most employees are out, you can set up a [Deploy Freeze](.. During a deploy freeze period, no deployment can be executed. This is helpful to ensure that deployments do not happen unexpectedly. -## Setting appropriate roles to your project - -GitLab supports several different roles that can be assigned to your project members. See -[Project members permissions](../../user/permissions.md#project-members-permissions) -for an explanation of these roles and the permissions of each. - -<div class="video-fallback"> - See the video: <a href="https://www.youtube.com/watch?v=Mq3C1KveDc0">How to secure your CD pipelines</a>. -</div> -<figure class="video-container"> - <iframe src="https://www.youtube.com/embed/Mq3C1KveDc0" frameborder="0" allowfullscreen="true"> </iframe> -</figure> - ## Protect production secrets Production secrets are needed to deploy successfully. For example, when deploying to the cloud, |