4 min read
Kosli allows regulated organizations to scale their continuous delivery so that they can deploy changes to production at maximum speed without the risk of non-compliance. It does this by recording all of the data you need to get through regulatory events like audits.Â
With Kosli you can record everything that happens in your software delivery process from initial requirement all the way through to deployment to production. Events like builds, tests, scans, code reviews, etc. are all recorded and stored in a centralized data store where it is easily retrievable for audit and compliance purposes.
But, there’s more to Kosli than passing audits. The great thing about recording all of this data is that you can use it to trigger further DevOps automations. We call this Kosli Actions and in this article we will show you some of the things you can do with the central system of record you have already built up.Â
Take Action on DevOps Events
DevOps platforms usually consist of a multitude of distributed systems and tools. Â
At scale, these platforms can produce millions of events per month. Kosli provides an easy way for you to record and query these events so that you can prove you have followed your processes - no matter how fast you deliver changes. This scalable, automated compliance empowers your developers to do continuous delivery in the strictest security and regulatory environments.
With Kosli you have a database of all your DevOps events, but what we have realized is that you can do so much more with this data than simply automate compliance. When you have a record like this there’s all kinds of automation you can build.Â
Maybe you want to update a Jira ticket when a deployment occurs. Or start a Pagerduty incident when an unauthorized workload runs in production. Or get a feed of all scaling events in your monitoring graphs. You can do all of this and much more with Kosli Actions.
What is a Kosli Action?
A Kosli Action is when you create a trigger (e.g. a deployment to production) that sends a message to a target (e.g. a webhook).
We currently support triggers based on environment events such as new deployments, scaling events, and compliance changes. We will continue to roll out additional triggers for every Kosli attestation and event, prioritized by feedback from our users.
We are launching with two targets: Slack webhooks and generic webhooks, with more coming soon. Â
Example: Monitor deployments from Slack
How does Actions work? Let’s illustrate with an example: here’s how you can create an Action that subscribes Kosli events to your slack channel using the Kosli Slack App:
This is how you could set up deployment notifications for an environment monitored in Kosli:
This is what you’ll find in the Kosli Actions page:
And here is the results - every deployment (no matter the source) will show up in Slack:
Example: Run a GitHub action every time production changes
What about a more involved example? Say you want to run an automated test to validate runtime workloads every time an environment changes. For instance, we could check that every running container image has been scanned and has no high severity vulnerabilities.Â
Let’s consider how a Kosli Action would accomplish this from trigger > target.Â
1. Monitor for environment changes
Ok, so let’s start from the beginning. Kosli environment monitoring allows you to record what is running in your environments over time. In this example, we will set up a Kosli Action for our cyberdojo production environment, which happens to be an ECS Fargate cluster. Â
2. Take action
We set up a Kosli Action to trigger every time production (aws-prod) has a new deployment. In this example we use Open Policy Agent to evaluate known vulnerabilities based on Kosli attestation data.
In Zapier we create a Zap that receives the webhook and triggers the workflow in GitHub:
3. Attest the result âś…
Now every production deployment triggers a GitHub action no matter where the change comes from. In this example, we run an Open Policy Agent check to ensure that the image has known provenance and no vulnerabilities with CVE score greater than 7.5.
Enabling Event Driven DevOps Architectures
Most DevOps platforms consist of open loop systems - i.e. there are no feedback loops built into the automation, it is mostly a series of gates. Kosli Actions provide a way to create truly event-driven decoupled automation.
“An event-driven architecture uses events to trigger and communicate between decoupled services”
We recently demoed Trails to our existing customers and we were super grateful for your feedback. We’re even more excited about the potential for Actions and look forward to hearing about the use cases in your organizations.
What will you choose to automate with Kosli Actions? Feel free to share your feedback in the community Slack, ask questions, or dive in and start setting up your Actions right away.
