DEV Community

Cover image for Bamboo: the worst CI/CD tool I ever had the "pleasure" to work with.
Lucas Maltempi Monfardine
Lucas Maltempi Monfardine

Posted on • Edited on

Bamboo: the worst CI/CD tool I ever had the "pleasure" to work with.

Being I a very experienced professional in automation area, with many years of knowledge in a vast majority of marketing leader CI/CD Tools, like Gitlab-CI (ok, Gitlab-CI, mostly), I've recently got challenged to build some pipelines using this fantastic Atlassian tool: Bamboo.
Why? Because that's what the company uses and pays for, and it's the one I'm allowed to use.
Below I'll present a few things that I've discovered regarding this schizophrenic wonderful tool.

GUI Editor

If you are a experienced DevOps, there's probably a feature you like a lot and miss in all those simple, lightweight, cool CLI tools. That's it: a Graphical User Interface. Well, fear no more. Atlassian has put a lot of effort into building a very fast, practical and beautiful way to graphically edit your pipelines directly on Bamboo web interface. This way you can configure your pipeline just by click-click-click, drag, and always be unsure if the outcome will be as expected.
The only good thing on that is: you can export your pipeline to YAML (or Java) after it's done.

Encrypted Secrets

If you are creating your pipeline directly in the UI, you can just paste sensitive data in the Variables menu rows, and if Bamboo thinks the data is sensitive, based in the name of the variable (it MUST contain "password", "passphrase", "secret" or "sshkey" in the name) it will automatically convert the value to a encrypted secret for you.
Plan variables
Now, if you are coding your pipeline (YAML, Java), what would be better than using the same variables menu and just inject the values in the runtime? Exactly: Put encoded values in your YAML.
Bamboo has a very unique system for secrets encryption, where you insert your original value and it will be converted to some hashed value that looks like a standard text concatenated to some base64. Don't fool yourself, the value is encrypted with a key unique to your server, and won't work in any other instance of Bamboo.
Secret encryption
Ok, now I can get this value and use anywhere I want on my YAML, right?
Right, Bamboo?
Yeah, kinda. But you MUST follow the same rules applied to the UI. That means, if you define your variable like this, it will never be decrypted/usable.
Won't work
Now, if you just include secret in the name of the variable, you can see the magic happen in your pipeline.
Will work
Fantastic, isn't it?

Cache

Not much to write about this topic. If yo are building a CI pipeline, you want it to be as fast as it can. How can you save a lot of time from downloading dependencies everytime you run a build? Cache.
So, what about cache in Bamboo? It DOES-NOT-EXIST. Simply like that, nothing else to say.

Permission granularity

This may be a good feature, depending on the way you look. But listen:

  • You have a project inside Bamboo. You gotta include users (or groups) and grant them permissions there.
  • Then you have repositories, which are linked to your Git. And you gotta set permission to who can see the repositories you included in your project. And you have to also specify which users and groups can see each of the repositories you have included, despite having previously set permissions at project level.
  • Now you get your project, and your repository, and you want to configure a plan. Guess what? Exactly. You have to set the same permissions again. Why? Well, somebody thought it was a good idea.

WIP

Top comments (1)

Collapse
 
mrwormhole profile image
Talha Altınel

looks like bitnami/sealed-secrets rofl