Run
List of all the workflow runs. Clicking on a listed workflow run provides detailed information.
- Logs: Displays detailed logs including workflow run info, enforced policies, sourcing IaC from VCS, gathering artifacts, executing workflow steps, workflow run status, and cleanup logs.
- Errors: Displays errors if the workflow fails during execution.
- Compare Parameters: Select a workflow run to compare parameters with a specific run ID.
- Parameters: View all parameters like revisions, input variables, Terraform configurations, runner options, and deployment environment.
- Compliance Checks: Policy evaluation results from the last run.
- Infracost Estimation: Infrastructure cost estimates from the last run, both speculated and incurred.
- Terraform Plan: Displays the generated Terraform plan for the workflow.
- Provisioned Resources: Summary of all resources and their drift status.
- Comments: Add and send comments across the workflow.
To run a workflow, navigate to the Runs vertical tab and press the run button. You will then be shown a preview of the workflow settings which will be submitted for running this workflow.
Click on Run Workflow button to initiate the workflow. You can always view the extensive logs under Logs tab or the snapshot of workflow settings used to schedule a workflow under Parameters tab.
If you have enforced a policy then the policy evaluation will be run as part of the Workflow Run. Once the Workflow Run successfully finishes, you can see the outputs in the logs as well under Artifacts vertical tab
Congratulation! you are now equipped with knowledge to get started with StackGuardian Platform.
Accessing Workflow Files in StackGuardian​
StackGuardian simplifies accessing and working with workflow files by providing a dedicated workspace for users to manage their workflow runs. Below are the file paths and directories available within the user's workspace for running their workflows:
Mount Workflow Files in Workflow Steps
-
Root Directory:
/mnt/sg_workspace
- This serves as the starting point for accessing all workflow files.
-
Workflow Steps Directory:
- Path:
/mnt/sg_workspace/user/{repository-name}
- This directory contains the version control system (VCS) repository, named after the repository's name, and includes all the files from the user's repository.
- Note: A
tfplan.json
file is also available in this directory after the Terraform plan step completes. This file is accessible both pre-apply and post-apply.
Example:
/mnt/sg_workspace/user/template-tf-aws-s3-demo-website/tfplan.json
- Path:
-
Artifacts Directory:
- This directory stores all the artifacts generated by the workflow steps. It is crucial for accessing any outputs or logs produced during the workflow run.
Understanding these file paths and directories helps users customize or further process files within the Terraform workflow. It provides a clear structure for accessing and managing files throughout the workflow run.
Private Module VCS Auth in Workflows​
In order to fetch private modules from version control repositories, you can authenticate correctly using the following ways:
-
Integration:
StackGuardian integrates with Bitbucket, Azure DevOps, and GitHub. When creating a workflow, you provide the repository URL and credentials within the
VCS settings
. If your repository is private, StackGuardian uses these credentials to fetch the required code during workflow runs. -
Secrets:
Optionally, you can use secrets to manage your authentication credentials. Create a secret with the format
username:password
or just the password, where the default username isx-access-token
. Secrets provide a more secure way to store sensitive information.
Fetching Private Modules:​
When utilizing private modules in your workflow, follow this format for your module block:
module "vpc" {
source = "git::https://example.com/vpc.git"
}
Ensure that the repository URL is in the HTTPS format as shown above. It's common to mistakenly use the generic Git repository URL, which might not work as expected.