Environments and deployments
Introduced in GitLab 8.9.
Environments allow control of the continuous deployment of your software, all within GitLab.
There are many stages required in the software development process before the software is ready for public consumption.
- Develop your code.
- Test your code.
- Deploy your code into a testing or staging environment before you release it to the public.
This helps prevent bugs not only in your software, but in the deployment process as well.
GitLab CI/CD is capable of not only testing or building your projects, but also deploying them in your infrastructure, with the added benefit of giving you a way to track your deployments. In other words, you can always know what is currently being deployed or has been deployed on your servers.
It's important to know that:
- Environments are like tags for your CI jobs, describing where code gets deployed.
- Deployments are created when jobs deploy versions of code to environments, so every environment can have one or more deployments.
- Provides a full history of your deployments per every environment.
- Keeps track of your deployments, so you always know what is currently being deployed on your servers.
If you have a deployment service such as Kubernetes enabled for your project, you can use it to assist with your deployments, and can even access a web terminal for your environment from within GitLab!
Configuring environments involves:
The rest of this section illustrates how to configure environments and deployments using an example. It assumes you have already:
In the scenario:
- We are developing an application.
- We want to run tests and build our app on all branches.
- Our default branch is
- We deploy the app only when a pipeline on
masterbranch is run.
Let's consider the following
stages: - test - build - deploy test: stage: test script: echo "Running tests" build: stage: build script: echo "Building the app" deploy_staging: stage: deploy script: - echo "Deploy to staging server" environment: name: staging url: https://staging.example.com only: - master
We have defined 3 stages:
The jobs assigned to these stages will run in this order. If a job fails, then the jobs that are assigned to the next stage won't run, rendering the pipeline as failed.
In our case:
testjob will run first.
- Then the
- Lastly the
With this configuration, we ensure that:
- The tests pass.
- Our app is able to be built successfully.
- Lastly we deploy to the staging server.
environment keyword is just a hint for GitLab that this job actually
deploys to this environment's
name. It can also have a
url that is
exposed in various places within GitLab. Each time a job that
has an environment specified succeeds, a deployment is recorded, storing
the Git SHA and environment name.
In summary, with the above
.gitlab-ci.yml we have achieved the following:
- All branches will run the
deploy_stagingjob will run only on the
masterbranch, which means all merge requests that are created from branches don't get deployed to the staging server.
- When a merge request is merged, all jobs will run and the
deploy_stagingjob will deploy our code to a staging server while the deployment will be recorded in an environment named
Starting with GitLab 8.15, the environment name is exposed to the Runner in two forms:
$CI_ENVIRONMENT_SLUG. The first is the name given in
.gitlab-ci.yml(with any variables expanded), while the second is a "cleaned-up" version of the name, suitable for use in URLs, DNS, etc.
Starting with GitLab 9.3, the environment URL is exposed to the Runner via
$CI_ENVIRONMENT_URL. The URL would be expanded from
.gitlab-ci.yml, or if the URL was not defined there, the external URL from the environment would be used.
Configuring manual deployments
Converting automatically executed job into jobs requiring to a manual action involves
when: manual to the job's configuration.
To expand on the previous example, the following includes
another job that deploys our app to a production server and is
tracked by a
.gitlab-ci.yml file for this is as follows:
stages: - test - build - deploy test: stage: test script: echo "Running tests" build: stage: build script: echo "Building the app" deploy_staging: stage: deploy script: - echo "Deploy to staging server" environment: name: staging url: https://staging.example.com only: - master deploy_prod: stage: deploy script: - echo "Deploy to production server" environment: name: production url: https://example.com when: manual only: - master
when: manual action:
- Exposes a "play" button in GitLab's UI.
- Means the
deploy_prodjob will only be triggered when the "play" button is clicked.
You can find the "play" button in the pipelines, environments, deployments, and jobs views.
Clicking on the play button in any view will trigger the
deploy_prod job, and the deployment will be recorded under a new
If your environment's name is
production (all lowercase),
it will get recorded in Cycle Analytics.
Configuring dynamic environments
Other environments are good for deploying to stable environments like staging or production.
However, what about environments for branches other than
master? Dynamic environments can be used to achieve these.
Dynamic environments make it possible to create environments on the fly by
declaring their names dynamically in
Dynamic environments form the basis of Review apps.
url parameters for dynamic environments can use most available CI/CD variables,
However, you cannot use variables defined:
- On the Runner's side.
There are also other variables that are unsupported in the context of
For more information, see Where variables can be used.
GitLab Runner exposes various environment variables when a job runs and so you can use them as environment names.
In the following example, a job will deploy to all branches except
deploy_review: stage: deploy script: - echo "Deploy a review app" environment: name: review/$CI_COMMIT_REF_NAME url: https://$CI_ENVIRONMENT_SLUG.example.com only: - branches except: - master
In this example:
- The job's name is
deploy_reviewand it runs on the
- We set the
review/$CI_COMMIT_REF_NAME. Since the environment name can contain slashes (
/), we can use this pattern to distinguish between dynamic environments and the regular ones.
- We tell the job to run
For the value of:
environment:name, the first part is
review, followed by a
$CI_COMMIT_REF_NAME, which takes the value of the branch name.
$CI_COMMIT_REF_NAMEitself may also contain
/, or other characters that would be invalid in a domain name or URL, we use
$CI_ENVIRONMENT_SLUGso that the environment can get a specific and distinct URL for each branch.
For example, given a
100-Do-The-Thing, the URL will be something like
https://100-do-the-4f99a2.example.com. Again, the way you set up the web server to serve these requests is based on your setup.
You could also use
environment:url. For example,
https://$CI_COMMIT_REF_SLUG.example.com. We have used
$CI_ENVIRONMENT_SLUGhere because it is guaranteed to be unique. If you're using a workflow like GitLab Flow, collisions are unlikely and you may prefer environment names to be more closely based on the branch name. The example above would give you an URL like
You are not bound to use the same prefix or only slashes in the dynamic
environments' names (
/). However, this will enable the grouping similar environments feature.
The configuration in this section provides a full development workflow where your app is:
- Deployed as a Review App.
- Deployed to a staging server once the merge request is merged.
- Finally, manually deployed to the production server.
The following combines the previous configuration examples, including:
- Defining simple environments for testing, building, and deployment to staging.
- Adding manual actions for deployment to production.
- Creating dynamic environments for deployments for reviewing.
stages: - test - build - deploy test: stage: test script: echo "Running tests" build: stage: build script: echo "Building the app" deploy_review: stage: deploy script: - echo "Deploy a review app" environment: name: review/$CI_COMMIT_REF_NAME url: https://$CI_ENVIRONMENT_SLUG.example.com only: - branches except: - master deploy_staging: stage: deploy script: - echo "Deploy to staging server" environment: name: staging url: https://staging.example.com only: - master deploy_prod: stage: deploy script: - echo "Deploy to production server" environment: name: production url: https://example.com when: manual only: - master
A more realistic example would include copying files to a location where a webserver (for example, NGINX) could then read and serve.
The example below will copy the
public directory to
review_app: stage: deploy script: - rsync -av --delete public /srv/nginx/$CI_COMMIT_REF_SLUG environment: name: review/$CI_COMMIT_REF_NAME url: https://$CI_COMMIT_REF_SLUG.example.com
This example requires that NGINX and GitLab Runner are set up on the server this job will run on.
NOTE: Note: See the limitations section for some edge cases regarding naming of your branches and Review Apps.
The complete example provides the following workflow for developers:
- Create a branch locally.
- Make changes and commit them
- Push the branch to GitLab.
- Create a merge request.
Behind the scenes, GitLab runner will:
- Pick up the changes and start running the jobs.
- Run the jobs sequentially as defined in
- First, run the tests.
- If the tests succeed, build the app.
- If the build succeeds, the app will be is deployed to an environment with a name specific to the branch.
So now, every branch:
- Gets its own environment.
- Is deployed to its own location, with the added benefit of:
For more information on using the URL, see Using the environment URL.
Environments can be "protected", restricting access to them.
For more information, see Protected environments.
Working with environments
Having configured environments, GitLab provides many features to work with them. These are documented below.
Viewing environments and deployments
A list of environments and deployment statuses is available on project's Operations > Environments page.
This example shows:
- The environment's name with a link to its deployments.
- The last deployment ID number and who performed it.
- The job ID of the last deployment with its respective job name.
- The commit information of the last deployment such as who committed, to what branch, and the Git SHA of the commit.
- The exact time the last deployment was performed.
- A button that takes you to the URL that you have defined under the
- A button that re-deploys the latest deployment, meaning it runs the job defined by the environment name for that specific commit.
The information shown in the Environments page is limited to the latest deployments, but an environment can have multiple deployments.
- While you can create environments manually in the web interface, we recommend that you define your environments in
.gitlab-ci.ymlfirst. They will be automatically created for you after the first deploy.
- The environments page can only be viewed by Reporters and above. For more information on the permissions, see the permissions documentation.
- Only deploys that happen after your
.gitlab-ci.ymlis properly configured will show up in the Environment and Last deployment lists.
Viewing deployment history
GitLab keeps track of your deployments, so you:
- Always know what is currently being deployed on your servers.
- Can have the full history of your deployments per every environment.
Clicking on an environment shows the history of its deployments. Here's an example Environments page with multiple deployments:
This view is similar to the Environments page, but all deployments are shown. Also in this view is a Rollback button. For more information, see Retrying and rolling back.
Retrying and rolling back
If there is a problem with a deployment, you can retry it or roll it back.
To retry or rollback a deployment:
- Navigate to Operations > Environments.
- Click on the environment.
- On the page that lists the deployment history for the environment, click the:
- Rollback button against a previously successful deployment, to roll back to that deployment.
- Retry button against the last deployment, to retry that deployment.
The defined deployment process in the job's
script determines whether the rollback succeeds or not.
Using the environment URL
The environment URL is exposed in a few places within GitLab.
- In a merge request widget as a link:
- In the Environments view as a button:
- In the Deployments view as a button:
You can see this information in a merge request itself if:
- The merge request is eventually merged to the default branch (usually
- That branch also deploys to an environment (for example,
Going from source files to public pages
With GitLab's Route Maps you can go directly from source files to public pages on the environment set for Review Apps.
Stopping an environment
Stopping an environment:
- Moves it from the list of Available environments to the list of Stopped environments on the Environments page.
- Executes an
on_stopaction, if defined.
This is often used when multiple developers are working on a project at the same time, each of them pushing to their own branches, causing many dynamic environments to be created.
NOTE: Note: Starting with GitLab 8.14, dynamic environments will be stopped automatically when their associated branch is deleted.
Automatically stopping an environment
Environments can be stopped automatically using special configuration.
Consider the following example where the
deploy_review calls the
to clean up and stop the environment:
deploy_review: stage: deploy script: - echo "Deploy a review app" environment: name: review/$CI_COMMIT_REF_NAME url: https://$CI_ENVIRONMENT_SLUG.example.com on_stop: stop_review only: - branches except: - master stop_review: stage: deploy variables: GIT_STRATEGY: none script: - echo "Remove review app" when: manual environment: name: review/$CI_COMMIT_REF_NAME action: stop
When you have an environment that has a stop action defined (typically when
the environment describes a Review App), GitLab will automatically trigger a
stop action when the associated branch is deleted. The
stop_review job must
be in the same
stage as the
deploy_review one in order for the environment
to automatically stop.
You can read more in the
Grouping similar environments
Introduced in GitLab 8.14.
As documented in Configuring dynamic environments, you can
prepend environment name with a word, followed by a
/, and finally the branch
name, which is automatically defined by the
In short, environments that are named like
type/foo are presented under a
In our minimal example, we named the environments
$CI_COMMIT_REF_NAME is the branch name. Here is a snippet of the example:
deploy_review: stage: deploy script: - echo "Deploy a review app" environment: name: review/$CI_COMMIT_REF_NAME
In this case, if you visit the Environments page and the branches exist, you should see something like:
If you have enabled Prometheus for monitoring system and response metrics, you can monitor the performance behavior of your app running in each environment.
Once configured, GitLab will attempt to retrieve supported performance metrics for any environment that has had a successful deployment. If monitoring data was successfully retrieved, a Monitoring button will appear for each environment.
Clicking on the Monitoring button will display a new page showing up to the last 8 hours of performance data. It may take a minute or two for data to appear after initial deployment.
All deployments to an environment are shown directly on the monitoring dashboard, which allows easy correlation between any changes in performance and a new version of the app, all without leaving GitLab.
Web terminals were added in GitLab 8.15 and are only available to project Maintainers and Owners.
If you deploy to your environments with the help of a deployment service (for example, the Kubernetes integration), GitLab can open a terminal session to your environment.
This is a powerful feature that allows you to debug issues without leaving the comfort of your web browser. To enable it, just follow the instructions given in the service integration documentation.
Once enabled, your environments will gain a "terminal" button:
You can also access the terminal button from the page for a specific environment:
Wherever you find it, clicking the button will take you to a separate page to establish the terminal session:
This works just like any other terminal. You'll be in the container created by your deployment so you can:
- Run shell commands and get responses in real time.
- Check the logs.
- Try out configuration or code tweaks etc.
You can open multiple terminals to the same environment, they each get their own shell
session and even a multiplexer like
NOTE: Note: Container-based deployments often lack basic tools (like an editor), and may be stopped or restarted at any time. If this happens, you will lose all your changes. Treat this as a debugging tool, not a comprehensive online IDE.
Check out deployments locally
Since GitLab 8.13, a reference in the Git repository is saved for each deployment, so
knowing the state of your current environments is only a
git fetch away.
In your Git configuration, append the
[remote "<your-remote>"] block with an extra
fetch = +refs/environments/*:refs/remotes/origin/environments/*
Scoping environments with specs [PREMIUM]
Some GitLab Enterprise Edition features can behave differently for each environment. For example, you can create a secret variable to be injected only into a production environment.
In most cases, these features use the environment specs mechanism, which offers an efficient way to implement scoping within each environment group.
Let's say there are four environments:
Each environment can be matched with the following environment spec:
As you can see, you can use specific matching for selecting a particular environment,
and also use wildcard matching (
*) for selecting a particular environment group,
such as Review apps (
The most specific spec takes precedence over the other wildcard matching.
In this case,
review/feature-1 spec takes precedence over
You are limited to use only the CI predefined variables in the
environment: name. If you try to re-use variables defined inside
as part of the environment name, it will not work.
Below are some links you may find interesting: