Deploying with pipelines

This document describes how to set up a CI/CD environment using Devops Stack and GitLab/GitHub pipelines.


  • Access to API keys allowing to create required resources cloud environment,

  • Access to GitLab or GitHub (only supported CI/CD for now),

  • Knowledge of Terraform basics

Standard Workflow

When deploying with pipelines, the DevOps Stack runs a dry-run on Merge Request and applies the modification on Commit on a Protected Branch. Depending on the nature of the pipeline trigger we will find the following behaviors:

  • If pipeline is being triggered by a Merge Request then it will run a terraform plan, this will provide user with the output of the planned changes in the infrastructure. This will not touch your infra-structure.

  • If pipeline is being triggered by a Commit on a Protected Branch (e.g. by an approved merge request into your main branch) then it will run a self-approved terraform apply. This will update your infrastructure according to the the terraform plan.

It is highly recommended to prohibit (at an admin level) committing changes directly to your protected branch, hence forcing developers to review the terraform plan in the MR before applying any changes to the infrastructure.