You asked, we delivered! Spacelift used to allow just one version control system (VCS) integration by type (for example, one for GitHub, one for Gitlab, and so on). Not anymore! From today, you can create multiple integrations per VCS.
But that is only the beginning…
You may ask “why do I need this?” One integration allows us to connect all selected repos to the third-party tool, so why do we need more options here? To answer this question, let’s take a look at a simple example: Your organization has multiple teams working on different projects. For each project you have different teams, including developers, testers, and maybe DevOps engineers. It is common and best practice to differentiate their access to cloud accounts and resources, correct?
On the other hand, you probably also control who has access to repositories and what kind of access they have. The problem occurs when both these elements are disrupted by something in the middle. You then have nicely crafted access to VCS and cloud, but with an integration in the middle that often has unlimited access to one or both sides.
Fine-grained tuning of access management is the biggest challenge for integrated tools in the chain, as these tools often do not follow the designed access paths.
With this new feature, you can deeply integrate your access management by creating many integrations to use VCS. For example, the QA team should have read-only access to developers’ repositories and full access to their own. Developers, however, don’t need access to QA-related repos, but they certainly need full access to their code.
The situation is similar on the other side of the delivery — QA needs to have access to QA environments, developers to the DEV one. The Enhanced VCS integration allows you to configure the accesses so that the chain repository -> integration -> Space -> cloud is connected in a fine-tuned way.
We changed the GUI a little. Now, Source code is a separate option on the left side menu. This enables easier access and management of all aspects of VCS management.
This change makes your work and navigation through the Spacelift panel more convenient.
The image below shows some integrations already created. As you can see, I have a few integrations with BitBucket and GitHub. Depending on the VCS, the access management can be more or less grained. Therefore, I will create a new GitHub integration to show all the possibilities.
The goal is to add new integrations to connect one repository from my organization in GitHub to Space. This Space’s name is AWS_qa.
The screen above shows two integrations with the DEFAULT label. This means that these integrations are connected to all Spaces. These integrations will be automatically selected by default when I create a new stack.
Create the integration
Let’s click the Set up integration button and select Wizard to create a new integration for GitHub. GitHub creates a new application for me, which I will configure in the next step.
I continue the configuration of my new integration on Spacelift’s side:
Please notice the Space I selected. Then I click the Set up button.
We are almost finished.
Now, I click the Install the app button and configure access to the repositories I want.
After setup is complete, my integration is ready for use.
Create the stack
The integration is ready, so let’s try to create a stack using it.
In the first step, I deliberately selected the wrong Space. This space cannot use my new integration.
Let’s see which VCS I can use here.
Well, the new integration is not available:
If I change the Space (previous screen) to AWS_qa, which I defined in the VCS integration:
Now I can use my newly created integration, and I have access to only one repository (exactly as I selected during configuration):
Check which stacks use the integration
When you have many integrations, you need to know which one is used. Spacelift allows you to check this by selecting your integration in the VCS Management tab. Here, you can see all stacks configured with selected integration and also in which Space the stack exists.
The Enhanced VCS integration enables you to create a fully consistent flow from the repository with the code to the cloud where you create your infrastructure. This moves the security of the whole delivery chain to a new level and allows you to establish better control over the operations.
Having an unlimited number of integrations gives the organization huge flexibility and is perfect for ensuring the correctness of deployment at a new level.
Would you like to see how to secure the full delivery chain with customized integrations? Book a demo with our engineering team to discuss your options in more detail.
The Most Flexible CI/CD Automation Tool
Spacelift is an alternative to using homegrown solutions on top of a generic CI. It helps overcome common state management issues and adds several must-have capabilities for infrastructure management.