[November 20 Webinar] Detecting & Correcting Infrastructure Drift

➡️ Register Now

Product

Announcing Enhanced VCS Integration

Announcing enhanced VCS integration

You asked, we delivered! Spacelift used to allow just one version control system (VCS) integration by type (for example, one for GitHub, one for Gitlab, and so on). Not anymore! From today, you can create multiple integrations per VCS. 

But that is only the beginning…

What problem does this solve?

You may ask “why do I need this?” One integration allows us to connect all selected repos to the third-party tool, so why do we need more options here? To answer this question, let’s take a look at a simple example: Your organization has multiple teams working on different projects. For each project you have different teams, including developers, testers, and maybe DevOps engineers. It is common and best practice to differentiate their access to cloud accounts and resources, correct? 

On the other hand, you probably also control who has access to repositories and what kind of access they have. The problem occurs when both these elements are disrupted by something in the middle. You then have nicely crafted access to VCS and cloud, but with an integration in the middle that often has unlimited access to one or both sides.

Fine-grained tuning of access management is the biggest challenge for integrated tools in the chain, as these tools often do not follow the designed access paths.

problems enhanced vcs integration solves

From today, you can follow your access pattern with Spacelift. As Spacelift’s Spaces can easily mirror your cloud accounts or environments, the Enhanced VCS integration can follow your access principles and procedures from source code in VCS to target where the code is deployed.

The benefits of the new Enhanced VCS integration

With this new feature, you can deeply integrate your access management by creating many integrations to use VCS. For example, the QA team should have read-only access to developers’ repositories and full access to their own. Developers, however, don’t need access to QA-related repos, but they certainly need full access to their code.

The situation is similar on the other side of the delivery — QA needs to have access to QA environments, developers to the DEV one. The Enhanced VCS integration allows you to configure the accesses so that the chain repository -> integration -> Space -> cloud is connected in a fine-tuned way.

How can you find the new feature?

We changed the GUI a little. Now, Source code is a separate option on the left side menu. This enables easier access and management of all aspects of VCS management.

spacelift source code option

This change makes your work and navigation through the Spacelift panel more convenient.

The Enhanced VCS integration in action

The image below shows some integrations already created. As you can see, I have a few integrations with BitBucket and GitHub. Depending on the VCS, the access management can be more or less grained. Therefore, I will create a new GitHub integration to show all the possibilities.

VCS feature in action

The goal is to add new integrations to connect one repository from my organization in GitHub to Space. This Space’s name is AWS_qa.

The screen above shows two integrations with the DEFAULT label. This means that these integrations are connected to all Spaces. These integrations will be automatically selected by default when I create a new stack.

Create the integration

Let’s click the Set up integration button and select Wizard to create a new integration for GitHub. GitHub creates a new application for me, which I will configure in the next step.

I continue the configuration of my new integration on Spacelift’s side:

Create the integration

Please notice the Space I selected. Then I click the Set up button.

We are almost finished.

set up button

Now, I click the Install the app button and configure access to the repositories I want.

Install the app and select repositories

After setup is complete, my integration is ready for use.

Create the stack

The integration is ready, so let’s try to create a stack using it.

In the first step, I deliberately selected the wrong Space. This space cannot use my new integration.

add stack details

Let’s see which VCS I can use here.

Well, the new integration is not available:

Create the stack

If I change the Space (previous screen) to AWS_qa, which I defined in the VCS integration:

integrate vcs

Now I can use my newly created integration, and I have access to only one repository (exactly as I selected during configuration):

access the repository

Check which stacks use the integration

When you have many integrations, you need to know which one is used. Spacelift allows you to check this by selecting your integration in the VCS Management tab. Here, you can see all stacks configured with selected integration and also in which Space the stack exists.

Wrapping up

The Enhanced VCS integration enables you to create a fully consistent flow from the repository with the code to the cloud where you create your infrastructure. This moves the security of the whole delivery chain to a new level and allows you to establish better control over the operations. 

Having an unlimited number of integrations gives the organization huge flexibility and is perfect for ensuring the correctness of deployment at a new level.

Would you like to see how to secure the full delivery chain with customized integrations? Book a demo with our engineering team to discuss your options in more detail.

The Most Flexible CI/CD Automation Tool

Spacelift is an alternative to using homegrown solutions on top of a generic CI. It helps overcome common state management issues and adds several must-have capabilities for infrastructure management.

Start free trial

The Practitioner’s Guide to Scaling Infrastructure as Code

Transform your IaC management to scale

securely, efficiently, and productively

into the future.

ebook global banner
Share your data and download the guide