By Josué Armando Vázquez, Infrastructure DevOps at Financial Solutions
When we make productive passes, we have certain limitations regarding specific policies for access to the repository and production branch, using the Gitflow best practices, we can release or review code at the moment of performing a pull_request , merge or push.
How could we rectify that these actions are correct and that no more uses will be made than they should be?
At Financial Solutions, we have an additional lock when is time to deploy, this is called manual approvers; the moment some pipeline productive detects that there is a new build version, it launches a notification to our QA and Infrastructure teams, who must approve or reject the pass depending on the case.
First, we should create our distribution groups, for notification