How Spaceship deploys software: a look under the hood
We can sit here and talk about Continuous Delivery best practices and how to structure your team to boost confidence in new releases ad nauseam. And those conversations are without a doubt critical to have. But at some point, you also need to know how the sausage gets made.
To understand and trust a technology solution – especially those that automate complex processes – you need a basic understanding of what exactly goes on under the hood. With that in mind, let’s take a look at how Spaceship deploys software.
What exactly does Spaceship do?
Spaceship helps orchestrate systems through a declarative process. Specifically, it integrates many external systems to provide visibility and transparency into changes in your environments.
It does so through four core stages of the delivery lifecycle:
- Events: Something that may generate a shipment.
- Triggers: The logic that determines if a given event will create a shipment.
- Shipments: A changeset for an application that you want to deliver to one or more environments.
- Deliveries: The act of taking the shipment (aka changeset) and creating a complete declarative state for an environment. This can be used as a noun and a verb (i.e. we deliver a delivery).
How it all comes together: Two common use cases for Spaceship
Understanding this lifecycle, how exactly does it all come together? Let’s take a look at two common use cases that show how it gets applied in everyday scenarios to improve a typical release process.
Use Case #1: Reduce risk in delivering changes to production
Every time you deliver a change to an application or its configuration, it’s important to get visibility into what’s happening in users’ live running environments. Spaceship provides that visibility to reduce risk.
First, rather than accumulating risk by letting multiple deliveries pile up, Spaceship advocates delivering code whenever it’s better than what’s currently running in production. Delivering more often can drive up the chances of delivering bad code to production, but Spaceship provides several methods for quick recovery to reduce that risk. For instance, having a standard delivery process through which Spaceship delivers new code for each environment creates an auditability and transparent ledger of changes. Any issues that arise can be quickly diagnosed by looking at what has changed in an environment making it easy to see what those issues are, where they are happening, and when they arrived.
Second, Spaceship integrates with outside services where you already work like GitHub. Spaceship Connect monitors for pushes to GitHub, evaluates against know triggers, and then creates new deliveries for your environments using the same transparent and auditable workflow. This allows teams to use GitOps to ensure production stays in sync with the main branch. Importantly, since each Spaceship delivery is the complete changeset at a given point in time, it makes reverting changes back to a known good state easy if anything goes wrong.
Use Case #2: Improve debugging and auditability
Even if you take all the right precautions, it’s inevitable something will go wrong at some point. That’s where debugging and auditability become extremely important, as they are the best way to understand what went wrong and how to fix it. At Spaceship, we recognize that being able to see what changed recently is instrumental in this process.
Here’s how we make this happen. Spaceship has a unidirectional flow for deliveries to environments that follows the pattern of an event happening, triggers evaluating the event and then generating shipments and deliveries for one or more environments. This unidirectional flow of information allows Spaceship to put together a log that makes it easy to understand what’s changing in every environment. This log is the activity feed in the Spaceship platform, and it allows users to do things like taking a piece of an environment at any two points in time and seeing what’s changed between those two points. Seeing what’s changed recently in this way gives teams a huge head start in debugging efforts. Furthermore, being able to produce reports of what changed in the live system as well as who approved those changes becomes extremely important for things like achieving SOC-2 Compliance and introducing change controls.
How does this work in action? With the Spaceship Connect app, you can wait on CI checks to finish (this becomes the event) before deploying changes to an environment (which is important for making sure the application is in a known good state). This allows teams to integrate with the status returned from a Github CI check rather than a push event. Then the trigger kicks in: If anything fails the CI check, it won’t deploy. Once everything passes, it will follow the same procedure noted above to create a shipment of one or more deliveries for app environments.
Or let’s say your team uses Buildpacks and there is a new security update for the runtime image for your code. Even if you’ve made no code changes, Spaceship will pick up that there’s a new version of the Buildpack available, grab the latest version of your code and rebase the old app image onto the new run image to deliver a new, more secure image to your environment. In this case, the event that kicks off this process would be someone pushing an updated version of the Buildpack with security fixes to the Buildpack registry. And because Buildpacks are open source, Spaceship can generate a link to see what has changed with both the Buildpack over time and with your own source code.
Why should you care?
Everything Spaceship does increases visibility, transparency and auditability for live environments to help your team reduce risk and improve confidence in changes. Overall, this approach makes it more difficult for individuals to go into the infrastructure and make manual changes that are hard to track. Instead, we intentionally automate to guarantee your team has a record of everything happening in your environment. Ultimately, this record should help increase trust in everything you deliver.
Interested in learning more? Contact us today to dig deeper into how Spaceship can benefit your team.