Workflow Tools

Customize your workflow by adding and configuring tools at different stages like post-source or pre-build. This guide will walk you through the process of adding tools such as Secret Detection, Trivy Scan, or your custom scripts to enhance your workflow’s functionality.

Step 1: Access Workflow Configuration

To begin, navigate to the specific project you are working on:

1. Select Your Project: From the dashboard, select the project for which you wish to modify the workflow.
2. Build Details: Access the workflow details.

Workflow Details

The Workflow Details section includes a visual representation of the pipeline workflow. This visualization highlights each stage, including source, build, deploy, and tools integrated in the pipeline. Users can monitor the progress of each step and take necessary actions like restarting or retriggering specific stages.

1. Viewing Workflow Stages: Click on any stage within the Build Details view to get more information or start/restart a particular step if required.
2. Retriggering a Stage: To address issues or rerun a specific stage, click on the corresponding "Restart" button next to the stage.

The workflow includes Source, Build, and Deploy sections. Each section has a configuration sidebar that opens on the right side when clicked, allowing you to fill in specific details.

Step 2: Add a Tool to a Stage

Follow these steps to add a tool to the desired stage of your workflow:

1. Identify the Stage: Locate the stage (e.g., post-source, pre-build) where you want to add the tool. Click on the '+' sign next to the stage name in the workflow diagram.
2. Choose Tools: A side panel will appear where you can select from the available list of tools.

Atmosly currently offers the following list of tools that you can add to your custom workflow:

• Secret Detection: Scans for exposed secrets in your code.
• Trivy Scan: Detects vulnerabilities within your container images or file systems.
• Custom Scripts: Add your own scripts to tailor the workflow to your needs.

Step 3: Configure the Tool

Once you've selected a tool, configure it to suit your needs:

1. Tool Configuration: Click on your chosen tool to bring up the configuration dialog.
   • For Secret Detection, toggle the enable switch and configure any necessary settings.
   • For Trivy Scan, enable the tool and specify parameters like scan targets.
   • For Custom Scripts, input or upload your script into the provided configuration area.
2. Save Settings: Confirm the settings by clicking 'Save', which applies the configurations to your workflow.

Step 4: Review and Deploy

Ensure your workflow is set up correctly:

1. Review the Workflow: Double-check that all tools and stages are configured as required.
2. Deploy Workflow: Implement the new workflow settings by clicking 'Deploy'.

The workflow includes Source, Build, and Deploy sections. Each section has a configuration sidebar that opens on the right side when clicked, allowing you to fill in specific details.

Source Section :

Description of source configuration :

Configure the application source.
Configuration Fields:

1. Application Source Type: Specify the type of source (e.g., Git).
2. Git Source: Indicate the Git provider (e.g., GitHub, GitLab).
3. Repository: Provide the repository URL or name.
4. Build Type: Choose between continuous or manual builds.
5. Branch: Specify the branch to use.

Build Section :

Description of Build configuration:

Configure the container build process.
Configuration Fields:

1. Container Repository: Select the repository to push the built container.
2. Dockerfile Path: Specify the path to the Dockerfile in your repository.
3. Build Context: Provide the directory path where the Docker build command will run.
4. Platform: Select the build platform (e.g., AMD or ARM).
5. Compute Configuration: Define compute resources for the build process.
6. Volume Details: Specify any attached volumes.
7. Spot Instance: Enable or disable spot instance usage via a checkbox.
8. Cache Enable: Enable or disable build caching via a checkbox.

Deploy Section :

Description of Deploy Configuration:

Configure the deployment environment and build strategy.
Configuration Fields:

1. Environment: Select an environment from the dropdown list of available environments.
2. Build Type: Choose between automatic or manual builds.

Additional Options (+ Buttons):

Each section has an adjacent + button for extending its functionality:

Source (+ Button): It includes the pre-build details. Click the "+" button to open a sidebar.

Pre-Build Details:

1. Custom Script: Configure compute resources and volume for custom pre-build tasks.
2. Secret Detection: Enable/disable scanning for sensitive information like API keys and passwords.
3. Failure Strategy: Choose between "Abort" or "Skip."

Build (+ Button): It includes the post-build details. Click the "+" button to open a sidebar.

Post-Build Details:

1. Custom Script: Specify compute configuration and volume for post-build tasks.
2. Trivy Scan: Configure Trivy scan for vulnerabilities. Click on the trivy scan you will get the additional details like max critical , max high vulnerabilities and failure strategy.
3. Max Critical Vulnerability: Set the acceptable threshold.
4. Max High Vulnerability: Define the maximum limit.
5. Failure Strategy: Choose between "Abort" or "Skip."

Deploy (+ Button): It includes the post-deploy details. Click the "+" button to open a sidebar.

Post-Deploy Details:

1. Environment: Add any active environment for post-deployment tasks.

This workflow provides a structured and flexible approach to configuring Source, Build, and Deploy processes, with additional customization options via the + buttons to cater to pre-build, post-build, and post-deploy requirements, ensuring a seamless CI/CD experience.