Why env0
Solutions
Infrastructure as Code (IaC) Automation Teams and GovernanceManaged Self-Service env0 for the Enterprise
DocumentationPricing
Resources
Case StudiesIn the NewsVideosWebinars
Blog
Login
Get a Demo
FREE TRIALContact us
Mar 1, 2023

Chris' Corner - March 2023

Chris Noon
Sales Engineer

Introduction

The development within the env0 platform is fantastic, one of the many reasons I love working here. The features come thick and fast and this is the motivation behind this monthly blog, to highlight the latest features and showcase Chris’ favorites.

If you want to keep up to date with the features as they are released, follow the changelog.

So far in 2023, we’ve released the following features:

  • Azure DevOps Integration - Full integration with the Azure DevOps VCS.
  • Plugins - Native plugin integration for open-source software such as OPA, TFlint, Checkov, etc.
  • Private Module Registry - Folder-Based Modules - Folder-based module registry for easy and secure access.
  • Project Level Custom Workflows - The ability to set governance and compliance checks at a project level.
  • Log Forwarding to Google Cloud Logging
  • Workflow Enhancements - Variable segregation between environments within Workflows.
  • Environment Locking - Admin ability to lock environments to stop updates or destroys.
  • Remote Plans - Run a Terraform plan locally on your machine against the env0 application for speed of development.
  • Deployment Comments - Add comments to each environment to aid in collaboration.
  • Custom TTL Policy - Now customize TTL timelines within an Organisation and Project.
  • New Integrations - Plugins and Sumo Logic

This month's highlighted feature will be Project Level Custom Flows. 

What’s the problem?

env0 originally had the custom flow feature restricted to per environment. This meant any time you wanted multiple environments to run through plugin checks with agents such as OPA, TFlint, CheckOV, etc you would have to present the code in each environment folder.

Not only is this time-consuming, but it means any updates to the plugin checks may not be pushed to all relevant environments creating logistical or security concerns.

We listened to our customers and prioritized the highlighted feature to remove these pain points with Custom Flows defined for all environments within a Project.

How does env0 solve the problem?

We now have the ability to set plugin checks at the Project level, which then applies to all environments within that project. This can be extremely useful in several scenarios, a key one to mention is having an application project or sub-project. All application deployments will then be subjected to the relevant checks defined by the user and/or the business.

The documentation to set up the project-level custom flows can be found here:

https://docs.env0.com/docs/project-level-custom-flow

It’s also relevant to mention that env0 has two methods of integrating third-party tools. Either writing a script that is consumed at the custom flow level or using our native plugin feature.

New Feature

This can be easily enabled by navigating to the Project Settings within the chosen Project. Select the POLICIES tab and press configure under the Custom Flow section.

Select the VCS, in this example, I’m using GitHub. Populate the Repository, Branch, and Custom Flow File Path. Take note that the path doesn’t end at a directory, but the specific .yml or .yaml file.

Once you applied the configuration, ensure you enable the check box, Apply custom flow to all environments in the project.

This will make sure any new deployments in the Project will be subject to this check.

If you’re a little lost, don’t worry, follow along with the video below that integrates an OPA check into our Application Projects.

Code

<code>
version: 2
deploy:
 steps:
   terraformPlan:
     after:
       - name: Generate plan output
         run: terraform show -json .tf-plan > tf-plan.json
       - name: Running OPA check
         use: https://github.com/env0/env0-opa-plugin
         inputs:
           path: ${ENV0_ROOT_DIR}/integrations/opa/rego
           flags: --input tf-plan.json --fail-defined --format=raw
           query: data.terraform.validation.violations[msg]
</code>

‍

Thanks for reading! If you have any questions you can reach out to Chris on LinkedIn, or schedule a demo with the Sales Engineering Team.

Interested in learning more about env0?
Request a Demo
SHARE
You may also like
Day 0 Environment Creation
Share outputs between IaC stacks
Why Observability tools are important when using IaC
Go back to blog
CNCF Member Badge
Company
About UsIn the NewsPress ReleasesCase StudiesAdditional ResourcesCareers
Developer and DevOps
APITerraform ProviderTerratag Open Source
Terraform Cloud AlternativeDIY AlternativeAtlantis Alternative
FREE TRIAL
Follow Us
Terms of ServicePrivacy PolicySecuritySystem Status
© Copyright env0 2023
This website uses cookies. We use cookies to ensure that we give you the best experience on our website. Learn More
PreferencesDenyAccept
Privacy Preference Center
When you visit websites, they may store or retrieve data in your browser. This storage is often necessary for the basic functionality of the website. The storage may be used for marketing, analytics, and personalization of the site, such as storing your preferences. Privacy is important to us, so you have the option of disabling certain types of storage that may not be necessary for the basic functioning of the website. Blocking categories may impact your experience on the website.
Reject all cookiesAllow all cookies
Manage Consent Preferences by Category
Essential
Always Active
These items are required to enable basic website functionality.
Marketing
These items are used to deliver advertising that is more relevant to you and your interests. They may also be used to limit the number of times you see an advertisement and measure the effectiveness of advertising campaigns. Advertising networks usually place them with the website operator’s permission.
Personalization
These items allow the website to remember choices you make (such as your user name, language, or the region you are in) and provide enhanced, more personal features. For example, a website may provide you with local weather reports or traffic news by storing data about your current location.
Analytics
These items help the website operator understand how its website performs, how visitors interact with the site, and whether there may be technical issues. This storage type usually doesn’t collect information that identifies a visitor.
Confirm my preferences and close