In aviation, pre-flight checks are a set of tasks that a pilot and aircrew perform before takeoff, ensuring the flight goes smoothly and without incident.
Semaphore has introduced a similar approach to pipeline execution. With pre-flight checks, admins can set up custom checks that the system needs to pass before any pipeline can start running.
Here’s what the feature is about and how to set it up for your organization.
Pre-flight checks: overview
Pre-flight checks are user-defined steps executed for each pipeline within the pipeline initialization job. This job is completely separated from any other job in the pipeline. If this job fails, the pipeline will stop immediately and will not be executed.
With the help of pre-flight checks, users can manually define commands that need to run before the execution of a pipeline. For instance:
- adding custom security checks
- detailed dependency management
- self-configured access control
Pre-flight checks can serve as a last-resort check before further pipeline processing, ensuring that your pipelines pass all the necessary security checks.
For the sake of security, pre-flight checks can only be configured by members of the organization who can manage organization settings (organization-level pre-flight checks) and manage project settings (project pre-flight checks).
How to set up pre-flight checks
To set up pre-flight checks on the organization level, head over to Settings > Pre-flight checks.
Type the commands that need to be executed before each pipeline.
Then choose secrets that you want to use and select a proper agent configuration, then click “Save changes”
Similarly, you can configure pre-flight checks on the project level. To do that, head over to Project Settings, then choose Pre-flight checks in the menu on the left.
Examples of using pre-flight checks
There’s an endless potential of how exactly you can use pre-flight checks to benefit your organization, restrict access to certain information, and introduce advanced security practices.
For instance, you can use pre-flight checks to limit using secrets in your organization. You can ensure that a particular pipeline can use certain secrets.
Another example would be limiting triggering promotions in your organization. Thus, you can define commands in pre-flight checks to ensure that the person who started a promotion has a sufficient permission level.
Over to you
Pre-flight checks are part of the Enterprise Security pack in Semaphore. They’re currently in beta.
Are you interested in learning more about pre-flight checks and configuring them for your organization? Feel free to reach out to us at email@example.com, and we’ll be happy to help.