Automation & CI/CD

In the following tutorials, you will learn how to configure a GitHub repository for Continuous Integration/Continuous Deployment (CI/CD).

CI / CD

Continuous Integration (CI) automates the process of integrating code changes from multiple contributors into a shared repository, where automated builds and tests verify each change. Continuous Deployment (CD) extends this by automatically deploying validated changes to production environments. Together, CI/CD enables teams to deliver updates more frequently and reliably while reducing manual errors. For security.manager NEXT policies, this means policy changes can be version-controlled, tested, and deployed automatically.

The tutorials show a basic setup with a repository with one branch, but in production environments it is recommended to use multiple branches for different stages of the deployment pipeline. A common approach uses three branches:

  • test for development and initial validation,

  • stage for pre-production testing and stakeholder review, and

  • prod for the live production environment.

This multi-branch strategy allows teams to test policy changes thoroughly in isolated environments before deploying them to production, reducing the risk of errors affecting end users. Each branch can be configured with its own CI/CD workflow that automatically deploys to the corresponding ArcGIS Server environment.

Best practices

When using CI/CD, follow these best practices to maintain a robust and secure workflow for managing security.manager NEXT policies.

Repository organization

Organize your work with the repository, so other users can contribute easily.

  • Create a README.md containing information about the purpose of the repository, the setup, policy structure documentation, and deployment procedures.

  • Use meaningful commit messages that describe policy changes.

  • Tag releases for major policy updates.

Security considerations

Consider the security of the repository and the information it contains.

  • Use private repositories for sensitive policy configurations.

  • Regularly rotate GitHub Secrets credentials.

  • Implement branch protection rules for production workflows.

Testing and validation

Test and verify your work on the repository and the policies it contains.

  • Test policy changes in development environments first.

  • Use feature branches for experimental policies.

  • Implement rollback procedures for failed deployments.

  • Review all policy changes through pull requests.

  • Maintain backup copies of working policy configurations.

Content

Set up a GitHub Repository

In this tutorial, you will learn how to create a GitHub repository and do the basic setup.

JSON schema

In this tutorial you will learn to add a JSON schema to get autocompletion support when working with VS Code.

GitHub Actions

In this tutorial you will learn how to use GitHub Actions to automatically deploy policy changes to ArcGIS Server.

Policy validation

In this tutorial you will learn how to activate policy validation for the action.