The company I work for in the past has used RedGate for it’s deployments. We are in process of migrating to Octopus as per RedGate reccomendations.
One issue we had in RedGate was to give access to see variables by defintion meant we had to give access to modify those variables also. This doesn’t work well when the users who are developing have the ability to see/modify production level variables. With the move to octopus, I was overjoyed to say the least to read how scoping was different in Octopus. Here is what I have made so far to give some backgound.
My co-worker created a role that allows all users to see all variables regardless of the environment they are scoped for. I created an additional group that gave the users access to see and modify variables that only they were scoped for. This allows us to insert say BAs wtih one set of permissions and developers with the second group.
The end result has been developers can see all variables both scoped and unscoped; however, they only have the ability to modify either unscoped variables or those assigned to their particular environment. This is absolutely perfect except for one small issue. When a developer logs in, the environments that are not scoped for them doesn’t show what environment they are scoped for. There is no indiciation that those environments are scoped at all minus their inability to modify them. Is this expected behavior an if no why?
I’m attaching an images to this so you can see what I mean.
