- View environments and deployments
- Types of environments
- Deployment tier of environments
- Configure manual deployments
- Configure Kubernetes deployments
- CI/CD variables for environments and deployments
- Set dynamic environment URLs after a job finishes
Working with environments
- Environment rollback
- Environment URL
- Stopping an environment
- Prepare an environment without creating a deployment
- Group similar environments
- Environment incident management
- Monitoring environments
- Web terminals
- Check out deployments locally
- Scoping environments with specs
- Related topics
Environments describe where code is deployed.
Each time GitLab CI/CD deploys a version of code to an environment, a deployment is created.
- Provides a full history of deployments to each environment.
- Tracks your deployments, so you always know what is deployed on your servers.
If you have a deployment service like Kubernetes associated with your project, you can use it to assist with your deployments. You can even access a web terminal for your environment from within GitLab.
- You must have a minimum of Reporter permission.
To view a list of environments and deployments:
Go to the project’s Operations > Environments page. The environments are displayed.
To view a list of deployments for an environment, select the environment name, for example,
Deployments show up in this list only after a deployment job has created them.
There are two types of environments:
- Static environments have static names, like
- Dynamic environments have dynamic names. Dynamic environments are a fundamental part of Review apps.
You can create an environment and deployment in the UI or in your
In the UI:
- Go to the project’s Operations > Environments page.
- Select New environment.
- Enter a name and external URL.
- Select Save.
Specify a name for the environment and optionally, a URL, which determines the deployment URL. For example:
deploy_staging: stage: deploy script: - echo "Deploy to staging server" environment: name: staging url: https://staging.example.com
Trigger a deployment. (For example, by creating and pushing a commit.)
When the job runs, the environment and deployment are created.
environmentkeywords, see the
To create a dynamic name and URL for an environment, you can use predefined CI/CD variables. For example:
deploy_review: stage: deploy script: - echo "Deploy a review app" environment: name: review/$CI_COMMIT_REF_NAME url: https://$CI_ENVIRONMENT_SLUG.example.com only: - branches except: - master
In this example:
review/$CI_COMMIT_REF_NAME. Because the environment name can contain slashes (
/), you can use this pattern to distinguish between dynamic and static environments.
- For the
url, you could use
$CI_COMMIT_REF_NAME, but because this value may contain a
/or other characters that would not be valid in a domain name or URL, use
$CI_ENVIRONMENT_SLUGvariable is guaranteed to be unique.
You do not have to use the same prefix or only slashes (
/) in the dynamic environment name.
However, when you use this format, you can group similar environments.
environmentkeywords, see the
Introduced in GitLab 13.10.
Sometimes, instead of using an industry standard
environment name, like
production, you might want to use a code name, like
While there is no technical reason not to use a name like
customer-portal, the name
no longer indicates that the environment is used for production.
To indicate that a specific environment is for a specific use, you can use tiers:
|Environment tier||Environment name examples|
|Staging, Model, Pre, Demo|
|Dev, Review apps, Trunk|
You can create a job that requires someone to manually start the deployment. For example:
deploy_prod: stage: deploy script: - echo "Deploy to production server" environment: name: production url: https://example.com when: manual only: - master
when: manual action:
- Exposes a play button for the job in the GitLab UI.
- Means the
deploy_prodjob is only triggered when the play button is clicked.
You can find the play button in the pipelines, environments, deployments, and jobs views.
Introduced in GitLab 12.6.
If you are deploying to a Kubernetes cluster
associated with your project, you can configure these deployments from your
The following configuration options are supported:
In the following example, the job deploys your application to the
production Kubernetes namespace.
deploy: stage: deploy script: - echo "Deploy to production server" environment: name: production url: https://example.com kubernetes: namespace: production only: - master
When you use the GitLab Kubernetes integration to deploy to a Kubernetes cluster, you can view cluster and namespace information. On the deployment job page, it’s displayed above the job trace:
Learn how to release production changes to only a portion of your Kubernetes pods with incremental rollouts.
When you create an environment, you specify the name and URL.
If you want to use the name or URL in another job, you can use:
$CI_ENVIRONMENT_NAME. The name defined in the
$CI_ENVIRONMENT_SLUG. A “cleaned-up” version of the name, suitable for use in URL and DNS, for example. This variable is guaranteed to be unique.
$CI_ENVIRONMENT_URL. The environment’s URL, which was specified in the
.gitlab-ci.ymlfile or automatically assigned.
If you change the name of an existing environment, the:
$CI_ENVIRONMENT_NAMEvariable is updated with the new environment name.
$CI_ENVIRONMENT_SLUGvariable remains unchanged to prevent unintended side effects.
Introduced in GitLab 12.9.
In a job script, you can specify a static environment URL.
However, there may be times when you want a dynamic URL. For example,
if you deploy a Review App to an external hosting
service that generates a random URL per deployment, like
In this case, you don’t know the URL before the deployment script finishes.
If you want to use the environment URL in GitLab, you would have to update it manually.
To address this problem, you can configure a deployment job to report back a set of
variables. These variables include the URL that was dynamically-generated by the external service.
GitLab supports the dotenv (
.env) file format,
and expands the
environment:url value with variables defined in the
To use this feature, specify the
artifacts:reports:dotenv keyword in
For an overview, see Set dynamic URLs after a job finished.
The following example shows a Review App that creates a new environment
for each merge request. The
review job is triggered by every push, and
creates or updates an environment named
The environment URL is set to
review: script: - DYNAMIC_ENVIRONMENT_URL=$(deploy-script) # In script, get the environment URL. - echo "DYNAMIC_ENVIRONMENT_URL=$DYNAMIC_ENVIRONMENT_URL" >> deploy.env # Add the value to a dotenv file. artifacts: reports: dotenv: deploy.env # Report back dotenv file to rails. environment: name: review/$CI_COMMIT_REF_SLUG url: $DYNAMIC_ENVIRONMENT_URL # and set the variable produced in script to `environment:url` on_stop: stop_review stop_review: script: - ./teardown-environment when: manual environment: name: review/$CI_COMMIT_REF_SLUG action: stop
As soon as the
review job finishes, GitLab updates the
It parses the
deploy.env report artifact, registers a list of variables as runtime-created,
uses it for expanding
environment:url: $DYNAMIC_ENVIRONMENT_URL and sets it to the environment URL.
You can also specify a static part of the URL at
environment:url:, such as
https://$DYNAMIC_ENVIRONMENT_URL. If the value of
example.com, the final result is
The assigned URL for the
review/your-branch-name environment is visible in the UI.
Note the following:
stop_reviewdoesn’t generate a dotenv report artifact, so it doesn’t recognize the
DYNAMIC_ENVIRONMENT_URLenvironment variable. Therefore you shouldn’t set
- If the environment URL isn’t valid (for example, the URL is malformed), the system doesn’t update the environment URL.
- If the script that runs in
stop_reviewexists only in your repository and therefore can’t use
GIT_STRATEGY: none, configure pipelines for merge requests for these jobs. This ensures that runners can fetch the repository even after a feature branch is deleted. For more information, see Ref Specs for Runners.
Once environments are configured, GitLab provides many features for working with them, as documented below.
When you roll back a deployment on a specific commit, a new deployment is created. This deployment has its own unique job ID. It points to the commit you’re rolling back to.
For the rollback to succeed, the deployment process must be defined in
If there is a problem with a deployment, you can retry it or roll it back.
To retry or rollback a deployment:
- Go to the project’s Operations > Environments.
- Select the environment.
- To the right of the deployment name:
- To retry a deployment, select Re-deploy to environment.
- To roll back to a deployment, next to a previously successful deployment, select Rollback environment.
The environment URL is displayed in a few places in GitLab:
- In a merge request as a link:
- In the Environments view as a button:
- In the Deployments view as a button:
You can see this information in a merge request if:
- The merge request is eventually merged to the default branch (usually
- That branch also deploys to an environment (for example,
With GitLab Route Maps, you can go directly from source files to public pages in the environment set for Review Apps.
When you stop an environment:
- On the Environments page, it moves from the list of Available environments to the list of Stopped environments.
on_stopaction, if defined, is executed.
Dynamic environments stop automatically when their associated branch is deleted.
You can configure environments to stop when a branch is deleted.
The following example shows a
deploy_review job that calls a
to clean up and stop the environment.
deploy_review: stage: deploy script: - echo "Deploy a review app" environment: name: review/$CI_COMMIT_REF_NAME url: https://$CI_ENVIRONMENT_SLUG.example.com on_stop: stop_review rules: - if: $CI_MERGE_REQUEST_ID stop_review: stage: deploy script: - echo "Remove review app" environment: name: review/$CI_COMMIT_REF_NAME action: stop rules: - if: $CI_MERGE_REQUEST_ID when: manual
Both jobs must have the same
only/except configuration. Otherwise,
stop_review job might not be included in all pipelines that include the
deploy_review job, and you cannot trigger
action: stop to stop the environment automatically.
The job with
action: stop might not run
if it’s in a later stage than the job that started the environment.
Read more in the
Introduced in GitLab 12.8.
You can set environments to stop automatically after a certain time period.
.gitlab-ci.yml file, specify the
keyword. You can specify a human-friendly date as the value, such as
1 hour and 30 minutes or
After the time period passes, GitLab automatically triggers a job to stop the environment.
Due to resource limitations, a background worker for stopping environments only runs once every hour. This means that environments aren’t stopped at the exact timestamp specified, but are instead stopped when the hourly cron worker detects expired environments.
In the following example, each merge request creates a Review App environment.
Each push triggers the
review_app job and an environment named
is created or updated. The environment runs until
stop_review_app is executed:
review_app: script: deploy-review-app environment: name: review/$CI_COMMIT_REF_NAME on_stop: stop_review_app auto_stop_in: 1 week rules: - if: $CI_MERGE_REQUEST_ID stop_review_app: script: stop-review-app environment: name: review/$CI_COMMIT_REF_NAME action: stop rules: - if: $CI_MERGE_REQUEST_ID when: manual
As long as the merge request is active and keeps getting new commits, the Review App doesn’t stop. Developers don’t need to worry about re-initiating Review App.
stop_review_app is set to
auto_stop_in: 1 week,
if a merge request is inactive for more than a week,
GitLab automatically triggers the
stop_review_app job to stop the environment.
You can view a deployment’s expiration date in the GitLab UI.
- Go to the project’s Operations > Environments page.
- Select the name of the deployment.
In the top left, next to the environment name, the expiration date is displayed.
You can manually override a deployment’s expiration date.
- Go to the project’s Operations > Environments page.
- Select the deployment name.
- On the top right, select the thumbtack ().
auto_stop_in setting is overwritten and the environment remains active until it’s stopped manually.
Introduced in GitLab 12.10.
To delete a stopped environment in the GitLab UI:
- Go to the project’s Operations > Environments page.
- Select the Stopped tab.
- Next to the environment you want to delete, select Delete environment.
- On the confirmation dialog box, select Delete environment.
Introduced in GitLab 13.2.
By default, when GitLab CI/CD runs a job for a specific environment, it triggers a deployment and (optionally) cancels outdated deployments.
To use an environment without creating a new deployment, and without
cancelling outdated deployments, append the keyword
action: prepare to your
build: stage: build script: - echo "Building the app" environment: name: staging action: prepare url: https://staging.example.com
You can group environments into collapsible sections in the UI.
For example, if all of your environments start with the name
then in the UI, the environments are grouped under that heading:
The following example shows how to start your environment names with
$CI_COMMIT_REF_NAME variable is populated with the branch name at runtime:
deploy_review: stage: deploy script: - echo "Deploy a review app" environment: name: review/$CI_COMMIT_REF_NAME
Production environments can go down unexpectedly, including for reasons outside of your control. For example, issues with external dependencies, infrastructure, or human error can cause major issues with an environment. Things like:
- A dependent cloud service goes down.
- A 3rd party library is updated and it’s not compatible with your application.
- Someone performs a DDoS attack to a vulnerable endpoint in your server.
- An operator misconfigures infrastructure.
- A bug is introduced into the production application code.
You can use incident management to get alerts when there are critical issues that need immediate attention.
If you set up alerts for Prometheus metrics, alerts for environments are shown on the environments page. The alert with the highest severity is shown, so you can identify which environments need immediate attention.
When the issue that triggered the alert is resolved, it is removed and is no longer visible on the environments page.
If the alert requires a rollback, you can select the deployment tab from the environment page and select which deployment to roll back to.
In a typical Continuous Deployment workflow, the CI pipeline tests every commit before deploying to production. However, problematic code can still make it to production. For example, inefficient code that is logically correct can pass tests even though it causes severe performance degradation. Operators and SREs monitor the system to catch these problems as soon as possible. If they find a problematic deployment, they can roll back to a previous stable version.
GitLab Auto Rollback eases this workflow by automatically triggering a rollback when a critical alert is detected. GitLab selects and redeploys the most recent successful deployment.
Limitations of GitLab Auto Rollback:
- The rollback is skipped if a deployment is running when the alert is detected.
- A rollback can happen only once in three minutes. If multiple alerts are detected at once, only one rollback is performed.
GitLab Auto Rollback is turned off by default. To turn it on:
- Go to Project > Settings > CI/CD > Automatic deployment rollbacks.
- Select the checkbox for Enable automatic rollbacks.
- Select Save changes.
To monitor the behavior of your app as it runs in each environment, enable Prometheus for monitoring system and response metrics. For the monitoring dashboard to appear, configure Prometheus to collect at least one supported metric.
All deployments to an environment are shown on the monitoring dashboard. You can view changes in performance for each version of your application.
GitLab attempts to retrieve supported performance metrics for any environment that has had a successful deployment. If monitoring data was successfully retrieved, a Monitoring button appears for each environment.
To view the last eight hours of performance data, select the Monitoring button. It may take a minute or two for data to appear after initial deployment.
Metric charts can be embedded in GitLab Flavored Markdown. See Embedding Metrics in GitLab Flavored Markdown for more details.
If you deploy to your environments with the help of a deployment service (for example, the Kubernetes integration), GitLab can open a terminal session to your environment. You can then debug issues without leaving your web browser.
The Web terminal is a container-based deployment, which often lack basic tools (like an editor), and can be stopped or restarted at any time. If this happens, you lose all your changes. Treat the Web terminal as a debugging tool, not a comprehensive online IDE.
- Are available to project Maintainers and Owners only.
- Must be enabled.
In the UI, you can view the Web terminal by selecting a Terminal button:
You can also access the terminal button from the page for a specific environment:
Select the button to establish the terminal session:
This works like any other terminal. You’re in the container created by your deployment so you can:
- Run shell commands and get responses in real time.
- Check the logs.
- Try out configuration or code tweaks.
You can open multiple terminals to the same environment. They each get their own shell
session and even a multiplexer like
A reference in the Git repository is saved for each deployment, so
knowing the state of your current environments is only a
git fetch away.
In your Git configuration, append the
[remote "<your-remote>"] block with an extra
fetch = +refs/environments/*:refs/remotes/origin/environments/*
- Introduced in GitLab Premium 9.4.
- Environment scoping for CI/CD variables was moved to all tiers in GitLab 12.2.
- Environment scoping for Group CI/CD variables added to GitLab Premium in 13.11.
You can limit the environment scope of a CI/CD variable by
defining which environments it can be available for.
For example, if the environment scope is
production, then only the jobs
with the environment
production defined would have this specific variable.
The default environment scope is a wildcard (
*), which means that
any job can have this variable, regardless of whether an environment is defined.
If the environment scope is
review/*, then jobs with environment names starting
review/ would have that variable available.
Some GitLab features can behave differently for each environment. For example, you can create a project CI/CD variable to be injected only into a production environment.
In most cases, these features use the environment specs mechanism, which offers an efficient way to implement scoping in each environment group.
For example, if there are four environments:
Each environment can be matched with the following environment spec:
You can use specific matching to select a particular environment.
You can also use wildcard matching (
*) to select a particular environment group,
like Review Apps (
The most specific spec takes precedence over the other wildcard matching. In this case,
review/feature-1 spec takes precedence over
- Use GitLab CI to deploy to multiple environments (blog post)
- Review Apps: Use dynamic environments to deploy your code for every branch.
- Deploy Boards: View the status of your applications running on Kubernetes.
- Protected environments: Determine who can deploy code to your environments.
- Environments Dashboard: View a summary of each environment’s operational health.
- Deployment safety: Secure your deployments.
In some cases, environments do not stop when a branch is deleted.
For example, the environment might start in a stage that also has a job that failed.
Then the jobs in later stages job don’t start. If the job with the
for the environment is also in a later stage, it can’t start and the environment isn’t deleted.
To ensure the
action: stop can always run when needed, you can:
Put both jobs in the same stage:
stages: - build - test - deploy ... deploy_review: stage: deploy environment: name: review/$CI_COMMIT_REF_NAME url: https://$CI_ENVIRONMENT_SLUG.example.com on_stop: stop_review stop_review: stage: deploy environment: name: review/$CI_COMMIT_REF_NAME action: stop when: manual
needsentry to the
action: stopjob so the job can start out of stage order:
stages: - build - test - deploy - cleanup ... deploy_review: stage: deploy environment: name: review/$CI_COMMIT_REF_NAME url: https://$CI_ENVIRONMENT_SLUG.example.com on_stop: stop_review stop_review: stage: cleanup needs: - deploy_review environment: name: review/$CI_COMMIT_REF_NAME action: stop when: manual