Workflow Tools

Atmosly enhances your CI/CD pipeline by integrating specialized workflow tools at strategic stages. These tools improve pipeline security, vulnerability management, and allow execution of custom tasks.

Step 1: Access Workflow Configuration

• Navigate to Your Project: Open your selected project from the Atmosly dashboard.
• Select Workflow: Choose the workflow you wish to modify.
• Choose Pipeline Stage: On the Workflow Details page, select the pipeline stage (Source, Build, Deploy) to configure or add tools.

Workflow Details

In the Workflow Details view, you'll see a clear visual representation of each pipeline stage (Source, Build, Deploy). You can monitor pipeline progress, access detailed stage information.

The workflow includes Source, Build, and Deploy sections. Each section has a configuration sidebar that opens on the right side when clicked, allowing you to fill in specific details. You can go through all these section as mentioned individually.

Step 2: Add Workflow Tools

Follow these steps to integrate tools into specific pipeline stages:

• Identify Stage: In the workflow diagram, find the stage where the tool should be added (e.g., post-source, pre-build).
• Add Tool: Click the + (Plus) button next to the stage. A panel will open with available tool options:

Available Workflow Tools:

Atmosly currently offers the following list of tools that you can add to your custom workflow:

• Secret Detection: Scans your source code for sensitive information, such as API keys, credentials, and passwords.(Recommended for Pre-Build)
• Trivy Scan: Checks container images and file systems for security vulnerabilities.(Recommended for Post-Build)
• Custom Scripts: Allows the execution of your custom-defined scripts for specialized tasks.(Suitable for any stage)

Additional Customization Options via (+ Buttons):

Each section has an adjacent + button for extending its functionality:

Source Stage(+ Button): It includes the pre-build details. Click the "+" button to open a sidebar.

Pre-Build Details:

1. Custom Script: Configure compute resources and volume for custom pre-build tasks.
2. Secret Detection: Enable/disable scanning for sensitive information like API keys and passwords.
3. Failure Strategy: Decide whether to "Abort" the pipeline upon detecting an issue or "Skip" and continue.

Build Stage (+ Button): It includes the post-build details. Click the "+" button to open a sidebar.

Post-Build Details:

1. Custom Script: Define compute configurations and resources for post-build scripts.
2. Trivy Scan: Configure Trivy scan for vulnerabilities. Click on the trivy scan you will get the additional details like max critical , max high vulnerabilities and failure strategy.
3. Max Critical Vulnerability: Set the acceptable threshold for critical vulnerabilities.
4. Max High Vulnerability: Define limits for high vulnerabilities.
5. Failure Strategy: Choose between "Abort" or "Skip."

Deploy Stage (+ Button): It includes the post-deploy details. Click the "+" button to open a sidebar.

Post-Deploy Details:

1. Environment: Select an active environment for executing post-deployment tasks or custom scripts.

Step 3: Review and Deploy Workflow After setting up your tools and configurations:

• Carefully review all stages and configurations.
• Click Deploy to finalize and activate your workflow.

This comprehensive, structured approach ensures a secure, efficient, and flexible CI/CD workflow tailored to your project's needs.