Frequently Asked Questions

I created a DevOps project in VS Code, triggered the build pipeline which ran successfully, and I noticed new resources created in my OCI tenancy/compartment. What is happening? #

When you click Create DevOps Project, the Graal Development Kit for Micronaut Launcher (GDK Launcher) extension calls the OCI DevOps service and creates the following resources in your tenancy or compartment:

Resource Type	Name used by GDK Tooling	Tenancy	User Compartment
OKE Deploy Environment	`<projectname>OkeDeployEnvironment`	X (Unique name per tenancy)
Notifications	`<usercompartmentname>NotificationTopic`		X
DevOps Project	`<projectname>`		X
Default Log Group	`Default_Group`		X
Default Compartment Access Policy	`CompartmentAccessPolicy`		X
Container Registry Repository	`<projectname>`		X
Artifact Registry Repository	`<projectname>ArtifactRepository`		X
ADM Knowledge Base	`<projectname>Audits`		X
Source Code Repository	many under `<projectname>`		X
OKE Cluster	Leads user to web Quick Create OKE page		X

The extension creates a policy to provide the DevOps service with access to the resources within the compartment. One policy is created per compartment. A policy specifies who can access which resources, and how. You can review the compartment policies: in the Oracle Cloud Console navigation menu, select Identity & Security. Under Identity select Policies, and view the CompartmentAccessPolicy which is a default policy to access compartment resources created from VS Code. Click it to see the policy statements.

The policies created by the OCI DevOps service match this pattern:

const rules = [
 `Allow any-user to read devops-family in compartment id ${compartmentID} where ALL {request.principal.type='devopsbuildpipeline', request.principal.compartment.id='${compartmentID}'}`,
 `Allow any-user to manage generic-artifacts in compartment id ${compartmentID} where ALL {request.principal.type='devopsbuildpipeline', request.principal.compartment.id='${compartmentID}'}`,
 `Allow any-user to manage repos in compartment id ${compartmentID} where ALL {request.principal.type='devopsbuildpipeline', request.principal.compartment.id='${compartmentID}'}`,
 `Allow any-user to manage compute-container-instances in compartment id ${compartmentID} where ALL {request.principal.type='devopsdeploypipeline', request.principal.compartment.id='${compartmentID}'}`,
 `Allow any-user to manage compute-containers in compartment id ${compartmentID} where ALL {request.principal.type='devopsdeploypipeline', request.principal.compartment.id='${compartmentID}'}`,
 `Allow any-user to use vnics in compartment id ${compartmentID} where ALL {request.principal.type='devopsdeploypipeline', request.principal.compartment.id='${compartmentID}'}`,
 `Allow any-user to use subnets in compartment id ${compartmentID} where ALL {request.principal.type='devopsdeploypipeline', request.principal.compartment.id='${compartmentID}'}`,
 `Allow any-user to use dhcp-options in compartment id ${compartmentID} where ALL {request.principal.type='devopsdeploypipeline', request.principal.compartment.id='${compartmentID}'}`,
 `Allow any-user to read all-artifacts in compartment id ${compartmentID} where ALL {request.principal.type='devopsdeploypipeline', request.principal.compartment.id='${compartmentID}'}`,
 `Allow any-user to manage clusters in compartment id ${compartmentID} where ALL {request.principal.type='devopsdeploypipeline', request.principal.compartment.id='${compartmentID}'}`
];

How does the OCI DevOps service handle unique resource names? For example, if one user creates two projects in two separate compartments? #

DevOps Project names must be unique per tenancy. The OCI DevOps Tools VS Code extension checks that the name is unique.

How do I delete a DevOps project created by the VS Code OCI DevOps Extension? #

You cannot currently delete a DevOps project from within VS Code. Instead, delete the DevOps project from the Oracle Cloud Console. Use the Delete action which is available from the root of the project.