Define stage gate rules

7 minute readDeveloper productivity

Exit and entry gate rules enforce specific requirements. One or more rules can be configured within a single gate. The execution order for multiple rules can be modified within a gate. By default, gate rules run sequentially. To run in parallel, combine them into a group.

About gate rule functions

Gates in CloudBees CloudBees CD/RO encompass rules that must be satisfied before a pipeline can progress.

  • Entry gate rules control whether a stage may begin and its tasks may be executed.

  • Exit gate rules control whether the stage may be completed and the pipeline may progress.

Access gates in CloudBees CloudBees CD/RO from the Pipeline editor window using one of the following methods:

  • Navigate to Release Orchestration > Pipeline. Then, select the pipeline name link.

  • Navigate to Release Orchestration > Pipeline Runs. Then, select the pipeline run instance name link. The pipeline editor window opens.

The following image of a three-stage pipeline shows entry and exit gates and their rules. The gates for the QA stage are shown collapsed.

Gate rule functions
Figure 1. Stages with gate rule functions
  1. Access gate rule functions.

    • Select Plus Button on the desired gate to define a new rule.

    • Use Add rule to create a new rule.

    • Copy rule makes a duplicate rule and adds it to the gate.

    • Access gate rule properties, conditions, access control and change history by selecting Rule editor three-dots.

    • Select the rule and Delete to delete a rule.

    • Create a rule grouping by selecting one or more rules and Group.

    • Collapse the gate rule window by selecting Exit.

  2. Manage rule configuration.

    • Use Open gate to open an existing gate indicated by dark gray shading on either side of the stage.

    • Modify gate group settings by selecting Group Group settings three-dots.

      View gate group settings.
      • Details: Configure attributes on the Details, Definition, and Conditions tabs within the Edit group panel.

      • Run from group: Start the pipeline from the group location on the stage.

      • Make Serial or Make Parallel: Set grouped rule(s) to run all at once or sequentially.

      • Conditions: Use to configure group Run if, Wait until and Wait dependency, and New dependency settings.

      • Remove from group: Remove selected rule(s) from group.

      • Delete: Remove the rules and the group.

    • Edit rule details, definition, or conditions using the rule name link.

    • The rule Rule settings three-dots opens the rule settings context menu.

      View rule settings.
      • Details: Configure attributes on the Details, Definition, and Conditions tabs within the Edit Rule panel.

      • Properties: Use to modify rule Properties.

      • Conditions: Use to configure rule Run if, Wait until and Wait Dependency, and New dependency settings.

      • Access Control: Configure access privileges for the rule.

      • Change History: View when changes were made to the rule, by whom, and the type of change performed.

      • Delete: Remove the rule.

    • The Rule type displays with an associated icon indicating the type of rule defined. Selecting the Rule type link opens the appropriate editor based on the type of rule.

    • Enable Expand by hovering over the Rule type title. Select it to disable/enable the rule, view the project title, and error handling.

Create a gate rule

Navigate to the Pipeline Editor window:

  1. Release Orchestreation > Pipelines. The pipelines window opens.

  2. Select a pipeline name. The pipeline editor window opens, displaying the pipeline.

  3. Select the Gate Plus button on either side of the stage.

  4. Select Add rule.

  5. Type in a name for the rule, such as “PreStageConfig” or “PostStageCleanup.”

  6. Continue configuring using one of the following methods:

    • Apply details, definitions, and conditions in the Edit rule panel by selecting Define.

    • Add the rule to the stage, but configure it later select Add.

The Edit rule panel opens on the Definition tab.

  1. Select a Rule type:

    • Approval: Use when an approver must physically select the approval to move to the next rule or stage.

      View Approval rule type options.
      • The Assignee field holds the name of the users or groups authorized to approve this rule. It can hold assignees and one or more users or one or more groups.

      • Use the $[ ] parameter notation to parameterize this field, for example, $[myGroup/userName]. Use the $[ ] parameter notation for the approver’s definition, so that only users and groups can be resolved from the property as rule approvers.

      • Emails are sent to email addresses in the property field, any user receiving the email can approve a rule If there are email addresses and user/group name(s) in the property, emails are sent to those addresses to resolve users/groups, but only users/groups are able to approve a rule.

      • (Optional) settings:

        • Minimum users to approve: Enter a positive integer.

        • Use approver’s permissions for the further Pipeline execution: Override access control already defined for the rule.

        • Allow to skip this rule: If selected, rule approval options include Skipped and Completed (or custom labels, if so configured) instead of Rejected and Completed. Use when rejecting a rule is not necessary or appropriate; a skipped rule does not record an error.

        • Use Custom Labels: If selected, define custom labels for Completed, Failed, and Skipped approval choices that match the rule.

        • Notification: If this is on, select a Default Manual rule notification template from the pulldown. Edit and create notification templates from here. Delete notification templates directly from the property page, /server/ec_deploy/ec_pipelineNotifierTemplates, available from User Menu > Server > Custom Server Properties.

        • Advanced Email Configuration: Select the email configuration corresponding to the context of the notifier you wish the notification to have. This feature requires one or more email configurations defined for your CloudBees CD/RO site. Refer to Email Configuration—create new or edit existing email configuration for further information.

    • Procedure: Use to run a set of best practices, subroutines, modules, or functions that you can create and reuse at the platform level. Examples are scripts, command sets, or other automation logic objects.

      View Procedure rule type options.
      • Search: Locate an existing procedure.

      • Project: This field may auto-populate when selecting a procedure. Do one of the following to populate or modify:

        • Select the field to view and locate a project for the rule.

        • Type the name of a new object in the field. The Create: "name" link appears.

        • Select the Create: "name" link. The New Object is enabled.

        • Select New Object to access the object-specific editor to define the new project.

      • Procedure: This field may be auto-populated when selecting a procedure. Do one of the following to populate or modify:

        • Select the field to view and locate a procedure for the rule.

        • Type the name of a new object in the field. The Create: "name" link appears.

          • Select the Create: "name" link. The New Object is enabled.

          • Select New Object to access the object-specific editor to define the new project.

    • Custom: Use to define custom gate conditions. Refer to the section "Condition-Based Criteria" within Entry and exit gates for more information.

    • Plugin: Run third-party procedures that interface with external systems.

      View plugin settings.
      • Search: Locate a plugin by the procedure name.

      • Search field: (Optional) Selecting a procedure name will auto-populate the Plugin name field and the procedure field.

      • Plugin: Select an available plugin.

      • Procedure: Select an available procedure.

      • Configurations: Select a configuration if available.

      • Input Parameters: Add required input and optional parameters.

      • Output Parameters: Add output parameters if available.

      • Assign Resources or Resource Pool: Select the resource where this stage executes.

    • Compliance check:

      CloudBees CD/RO integrates with CloudBees Compliance. See the Create a Compliance check rule section below and follow the steps to create a Compliancee check rule.

  1. Continue to the Details or Conditions tab to further customize the rule.

  2. Apply all modifications and select Save changes.

Create a Compliance check rule

This configuration requires an established connection to CloudBees Compliance. If not already configured, refer to Configuring release orchestration gates for setup details.

The CloudBees CD/RO integration with CloudBees Compliance provides compliance checks for the pipeline, ensuring adherence to internal policies. The result of these checks determines whether the pipeline can proceed with execution based on the policies defined in Compliance configuration.

  1. Select the Gate Gate on either side of the stage within the pipeline.

    Compliance check cannot be used as a first stage entry gate or as the last stage exit gate rule.
  2. Select Add rule.

  3. Enter a name for the Compliance check rule.

  4. Select Define. The Edit rule panel opens on the Definition tab.

  5. Select Compliance check for the rule type.

  6. In the External application ID field, enter the name of the application being deployed by the pipeline.

  7. Complete the Application manifest by filling in the list of components (artifacts, container images, etc.) that are deployed to the application. The required format is JSON string.

    View the fields to include.
    • name: Required. The name of the component that uniquely identifies the artifact in Compliance.

    • version: Required. The component version that is being deployed.

    • type: Optional. Identifies where the artifact is being stored, e.g., maven. If specified, it is used by CloudBees Compliance to limit the search scope when looking for the artifact asset. If "type" is not specified, the artifact is searched for across all artifact asset types.

    Any property references will be resolved before passing the JSON to the Compliance gating API.

    See the example below that defines the components being deployed to an application in Compliance, in a pipeline, or release payload.

    View Application manifest example.
    The code includes a list of components (artifacts, container images, etc.) being deployed for the application identified by the given external application id in the release payload).
    [ { "name": "com.acme:shoppingCart", "version": "1.3.0", "type": "maven" }, { "name": "busybox:glibc", "version": "2.0" } ]
  8. Continue to the Details or Conditions tabs to further customize the Compliance gate rule.

  9. Save Compliance rule settings by selecting Save changes.

Configure a rule group

Group rules together within a gate to organize, control and optimize the execution of rules within a pipeline. Rules that are grouped will run in parallel by default.

To group rules:

  1. Within a gate, select one or more rules and Group Rule group. The selected rules now appear within a Group window in the gate.

  2. Manage configurations by selecting Group Three-dots. The Group context menu opens.

  3. Configure group rules as needed. Refer to Pipeline UI for more details.

    By default grouped rules are set to run in parallel. To run sequentially, select Group Three dots three-dots and Make Serial.

Move rules or rule groups

Rules can be moved to change rule order within a gate or group or move a rule to a different group or a different gate.

To move a rule:

  1. Select the rule to be moved.

  2. Drag the rule to a new location within any gate, or rule group in the pipeline.

To move a rule group:

  1. Select the group to be moved.

  2. Drag the rule group to any exit or entry gate within the pipeline.