Is role filtering AND or OR?

Say I have two projects in my dashboard (Prj1, Prj2), and I have servers that have different roles (web, db)

If ROLES are AND, I can do something like this.

Server A: Roles [Prj1, web]
Server B: Roles [Prj1, db]
Server C: Roles [Prj2, web]
Server D: Roles [Prj2, db]

Now if ROLES are OR, I can’t do this. Instead, I’ll have to do the following.

Server A: Roles [prj1-web]
Server B: Roles [prj1-db]
Server C: Roles [prj2-web]
Server D: Roles [prj2-db]

I would prefer the first way if possible. Just wondering how the filtering works.

[Edited after my first reply]
Hi Chase,

Thanks for reaching us! Using your own words: Roles are OR. You’re gonna have to put a single role that indicates the Project and the role, like Prj1-Web or Prj2-DB. When you assign a step to 2 roles, the step will be executed on any machine that has at least 1 of those roles.

Please disregard my previous post! I realized i was wrong a couple of minutes later and I rushed back to fix it. Sorry about that.



perfect. Just how I wanted it!

Hi Chase,

I’m very sorry to inform you that i got that wron. I’m editing my reply to avoid confusion for other users that reach this conversation.

My sincere apologies :frowning:


well, thanks for the catch. I’m disappointed in the edited answer but at least I can proceed now :-p

Thanks anyways.

Terribly sorry about that.

You could have two different Octopus Projects (project1 and project2) that could deploy to different environments. For example:

Project1 deploys to Environment1 which has ServerA and ServerB. This way you’ll only have to scope steps by the roles Web or DB.

Project2 deploys to Environment2 which has ServerC and ServerD. Same logic.

This way Project1 will not be able to touch the machines on Environment2, nor will Project2 be able to touch machines on Environment1.

Would this be applicable to your scenario?

I’m actually trying to avoid that exact scenario. I work for a very large corporation that has any number of projects (we’re currently spinning Octopus up with 4, but will grow far beyond that).

Each project runs through the same gauntlet of environments


When I look at the Environments page, I only want to see those 7 environments. If I used your approach, I would have 28 environments, which is a little overwhelming.

As it stands, since the above concept is out of the question, I will be maintaining a boat load of roles, which is ok, just not ideal.

It would be nicer to simply be able to maintain roles like below.

Roles to filter Server abilities:  [IIS]   [DB]
Roles to filter projects: [Proj1]    [Proj2]
Roles to filter apps: [WebAPI]    [Website]

I hope I explained that well enough

Hi Chase,

You explained it well enough :). On our current roles logic you will have to go with:

Server A: Roles [prj1-web]
Server B: Roles [prj1-db]
Server C: Roles [prj2-web]
Server D: Roles [prj2-db]

Sorry its not exactly how you wanted it :confused:

On a brighter side: There is a Uservoice sugestion to have a way to exclude roles on childe steps:

This way you could do:

-Do something on [prj1]
--Do something on [prj1] but not on [web]
--Do something on [prj1]but not on [db]

-Do something on [prj2]
--Do something on [prj2] but not on [web]
--Do something on [prj2]but not on [db]

Would that work for you? If that is the case please vote on that request and also try to add a comment on how would you rather have this implemented.



This “could” work but is still cumbersome. I believe it would be better if we could change the filtering type “and vs or”.

Just my two cents.