I’m one of the few customers in the PCI compliance boat and am trying to find a solution to the problem of not allowing a direct connection between test and production environments.
I’ve heard ideas about have the nuget repo shared but I was wondering if there could be a way to replicate the raven DB between two server instance. This way we would maintain one set of configuration and could have workflow to control releases. I imagine we would have some odd behaviour with one instance not able to access some boxes but the other instance able to, but we can work around that.
The other option is to have a shared Raven DB on another server between the test and prod environment. It is possible to configure the server to use a certain shared instance of Raven?
BTW, i’d be happy to contrib to Octopus to get something working like server replication between two instances.
Thanks for getting in touch! We have some documentation here that explains some different approaches you can use:
Ideally, you would have one Octopus server that can deploy to both Test and Production (perhaps it could be installed in the Production environment, and has access to Test?) The communications approach used by Octopus is very secure, at least as secure as SSH (and far more secure than FTP), so if you can convince operations to be able to do this, it’s going to be the most enjoyable way to use Octopus.
If you can’t do that, then the link above outlines some other approaches.
I think Dalmiro posted the link wrong so it’s redirecting.
Sorry about that.
Anyway, PCI compliance, I’ve been involved in this discussion with a couple of customers so here are some thoughts.
Firstly, replicating RavenDBs is not going to work and is unsupported. It also means opening up traffic between environments but in a less secure way than Octopus, so that’s off the table. If your Octopus server exists in your Test environment then the replication idea breaks not wanting to open that up.
Octopus Server to Tentacle communication is very secure. We use transport level security with two way signing. We use a single port which you can explicitly allow and lock things down.
I’ve spoken with one customer who wanted Octopus servers in both their test “admin” segment and prod “admin” segment. You could promote releases between these two by using the REST API to create a release in the upper environment, but it is extra work and unless you wanted to build your own dashboard, you lose overall visibility of releases.
As I understand it from dealing with another customer though, you can have your Octopus server in a secure environment (obviously with access for your build server), and have it able to use the tentacle port into both your test and prod environments and this is deemed compliant. We also audit everything so in the event of some kind of issue you have a record of what’s happened.
