CI Server Authentication

Major orgs

To automate deployments from major branches to their related org, you need to configure the secure authentication from CI server to a SF connected app.

Note: You need openssl installed on your computer (available in Git bash)

• Remain in your initialization branch cicd, or a sub branch of your lowest level major branch (usually integration)
• For each major branch to link to an org, run the sfdx-hardis command Configuration -> (sfdx hardis:project:configure:auth)

For example, run the command for integration, uat, preprod and production major branches.

If messages ask you to run twice the same command, it's normal, it's for technical reasons :)

If you have errors in your apex tests classes, you may not be able to configure the app for Production org. You will need do create the connected app manually by following the instructions in yellow in the error message. You can do it later, after having succeeded to merge the first merge request in lower major branch (usually integration)

How to set CI variables on different Git providers:

• Gitlab: Protect variables = false, Mask variables = true
• Azure: Set Variables in Pipeline -> Tab Classic
• GitHub
• BitBucket

Under the hood

This command will create/update:

• .sfdx-hardis.yml configuration file (repo)
• Self signed certificate (encrypted in repo)
• Connected App (uploaded to org via metadata api)
• CI environment variables (manually set in CI/CD server UIs)

Dev Hub

If you are using scratch orgs, you need to also configure authentication for the Dev Hub (even if you already configured authentication for production org)

To do that, run the following command

sfdx hardis:project:configure:auth --devhub