approvals | Dagger | Page 1

jade moat Sep 21, 2022, 8:38 PM

#

What do you mean by approvals?

steady grove Sep 21, 2022, 8:39 PM

#

#

Workflow approval / pause steps.

#

A little more context, I've been showing cloak around a little bit at my company. Some of the feedback was basically that this is something we wouldn't be able to live without :/

#

Not immediate need, just curious about roadmap I guess

rose veldt Sep 21, 2022, 9:33 PM

#

It's not on our roadmap at this exact moment, but it's just not something that has been requested or discussed before (to my knowledge). It seems like something we absolutely have to support one way or another. I'm not immediately sure if a feature like approvals would be baked into cloak itself or if it's more like we would enable existing tools w/ approval features to be integrated with cloak.

I'm curious what tools you currently use that integrate with it. From the screenshot seems like Terraform, but is that webui a separate tool?

steady grove Sep 21, 2022, 9:34 PM

#

oh yeah sorry that is jenkins 😅

rose veldt Sep 21, 2022, 9:35 PM

#

cc @tribal slate (who is currently working on some experiments involving cloak+jenkins)

steady grove Sep 21, 2022, 9:36 PM

#

we've got a pretty extensive jenkins setup with lots of shared libraries.

Basically the stack is 4 supported languages (Java, Python, Node, static)

Build it all w/ docker
deploy it all w/ terraform - to k8s
Use jenkins for trigger + approvals

#

I loved the idea of write once run anywhere, and getting out of the hellish jenkins dev loop. I figured eventually dagger could replace jenkins entirely - but approvals would be a key part of that

#

Though I supposed that's also just doable with some sort of custom extension that polls an external DB and a UI

rose veldt Sep 21, 2022, 9:42 PM

#

steady grove Though I supposed that's also just doable with some sort of custom extension tha...

Yeah my jenkins knowledge is extremely limited, but that generally sounds like one possible approach. Maybe another one could be to still use the same workflows you have today (and thus the same webui) but now the workflows just call out to dagger? Would that sort of "wrapping" approach mean that you can use the same approval functionality as today, but with all the nice dagger reproducibility?

tribal slate Sep 21, 2022, 9:45 PM

#

also interested in how you do approvals today 🙂

steady grove Sep 21, 2022, 9:45 PM

#

the tl;dr of jenkins is that you can write Groovy to do things, allowing for lots of flow control, parallelization, and type safety.

the build steps aren't the challenge for us, that's pretty much just a docker build.

The challenge comes in the logic along the way to the build steps, and development toil therein.

tribal slate Sep 21, 2022, 9:45 PM

#

looks like a Jenkins plugin

#

ah, in groovy

steady grove Sep 21, 2022, 9:46 PM

#

tribal slate also interested in how you do approvals today 🙂

yeah, jenkins plugin. you just write

input("prompt", group: "LDAP_GROUP")

#

totally do-able in an extension - but would rely on an external system

tribal slate Sep 21, 2022, 9:48 PM

#

could do something like this

#

https://docs.cloudbees.com/docs/cloudbees-ci-kb/latest/client-and-managed-masters/how-can-i-approve-a-deployment-and-add-an-optional-delay-for-the-deployment

How can I approve a deployment and add an optional delay for the de...

I have a Jenkins Pipeline for my application deployment, and when I approve the deployment, I would like to be able to add an optional delay for the deployment of a number of hours.

#

where you have dagger in the stages

steady grove Sep 21, 2022, 9:54 PM

#

yeah so to be clear...I don't want to add more to jenkins. I want dagger to replace jenkins 😅 , and totally think it can!

we can do everything we need to in jenkins but it's painful sometimes. (which isn't surprising, it's like 20 years old.)

Maybe that's a misalignment between the project vision and how I saw it though who knows.

#approvals