App repo setup
Reference implementation
See the pirates-app-hello-world repository for a working example built by following this guide.
Set up branch rulesets, and manual deployment approval for your application repository.
Step 1: Protect your default branch
Your repository automatically inherits a set of branch rulesets from the GitHub organization when you add a specific
custom property to it. These rulesets add a set of required guardrails to your repository.
It is required to set up these in order to protect your default branch (typically main).
- In your repository, go to Settings → Custom properties and set
gp-repository-typetoapp. - After setting the custom property, verify that Settings → Rulesets have at least 1 ruleset inherited from the organization.
Step 2: Add configuration files
Step 2.1: Add .gp.cicd.json
Download .gp.cicd.json to the repository root:
gh api repos/oslokommune/golden-path-templates/contents/templates/gh-cicd-app/.gp.cicd.dev-only.json \
--jq '.content' | base64 -d > .gp.cicd.json
Update the values referenced in the table below. You can find them in common-config.yml in your IaC repository's
dev environment directory, something like repo-iac/environments/dev/common-config.yml.
| Field | Description | Example |
|---|---|---|
<team-name> |
Your team name | pirates |
<repo-iac> |
Infrastructure-as-code repository name | pirates-iac |
<dev-aws-account-id> |
AWS account ID for dev | 123456789012 |
<dev-environment-name> |
Name of your dev environment | pirates-dev |
<aws-region> |
Your AWS region | eu-west-1 |
Step 2.2: Add CODEOWNERS
Add a CODEOWNERS file to define who owns the repository and approves PRs:
| Field | Description | Example |
|---|---|---|
<github-team-name> |
The name of your GitHub team | utviklerflyt |
Step 2.3: Add Renovate configuration
Download renovate.json5 to the repository root:
gh api repos/oslokommune/golden-path-templates/contents/templates/gh-cicd-app/renovate.json5 \
--jq '.content' | base64 -d > renovate.json5
What is Renovate?
Renovate automatically creates pull requests to keep your dependencies up to date. Think of it as a better Dependabot. You can learn more about it here.
Step 3: Add and configure workflow
Step 3.1: Download workflow
Download the reference workflow and address the few TODO comments:
gh api repos/oslokommune/pirates-apps/contents/.github/workflows/too-tikki_deployment.yml \
--jq '.content' | base64 -d > hello-world_deployment.yml
The main adaptation is in the build-and-upload-artifact job, where you customize the build and test steps to match
your application.
Step 3.2: Disable production deployment
This guide only sets up deployment to dev. Comment out everything below these lines:
################################################################################
# Job: Deploy to prod
################################################################################
Step 4: Create a pull request
Push the branch and create a pull request.
Verify that the build job succeeds and that no deployment occurs.
Step 5: Merge and deploy
Merge the pull request.
Step 6: Message Utviklerflyt
Message Utviklerflyt on Slack (#utviklerflyt-support) to add your application repository to their centralized configuration:
Hei! Kan dere gi
<hello-world>nødvendige tilganger for CI/CD?
Info
To increase the level of self-service, we're currently working on removing the need for this step.
Step 7: Verify
When merging, the CI/CD workflow should deploy your app to your dev environment.