I am transitioning from on-premise to cloud. My build server has been moved, but my Octopus Deploy server is still on-premise, how can I continue to push packages from my cloud build server to my local Octopus Deploy?
The strategy of pushing packages from a cloud build server to an on-premise Octopus Deploy repository depends on the build agent capabilities of the build server.
Local build agents
Several of the cloud build servers offer the ability to configure local build agents.
- Azure DevOps
- Github Actions
- (There may be more, but these are the biggies)
With a local build agent, there are fewer network considerations to take into account to allow it to push to your local instance of Octopus Deploy. It also comes with the advantage of not incurring compute costs or eating up your allotment of build minutes.
Only cloud agents
Some of the cloud build technologies are pure cloud with no ability to offload build tasks to local infrastructure
- Bitbucket pipelines
- TravisCI (Technically this can be run locally, but all the resources I looked at appeared to be in beta status)
Without the ability to run local agents, the only option available to continue to allow the build server to push to a local instance of Octopus is opening the firewall. To reduce your attack surface, it is advisable to consult the documentation of the cloud provider and only add the build agent IP address range.
Site to Site VPN
For the big hosting providers like Microsoft Azure or Amazon AWS, you have the ability to bridge your on-premise network with your cloud network. This can be accomplished by using a Site to Site Virtual Private Network (VPN) connection. Using a Site to Site VPN connection, resources on your cloud network are able to speak to your local network as if they were in the same datacenter. In these cases, pushing packages from a build server hosted on your cloud network is no different than if it was on-premise.
Third-party package repositories
In cases where none of above solutions will work, employing a third-party package repository (hosted or otherwise) may be your only option. The third-party package repository would provide a centralized location for the build server and Octopus deploy to interact with