Application Management

Provide developers with an easy and seamless way to deploy cloud-native applications.

Creating Applications

The definition below creates an application on Kubernetes using Shipa and GitHub Actions:

app:
  name: app1
  teamowner: shipa-team
  framework: aks-prod

Component

Type

Description

name

string

The name of the application.

Required: Yes

teamowner

string

The name of the team who will own the application.

Required: Yes

framework

string

The name of the policy framework that should be used for creating and deploying the application.

Required: Yes

Environment Variables

The definition below creates environment variables to an existing application on Shipa.

app-env:
  app: app1
  envs:
    - name: CR_ENV1
      value: test-1
    - name: CR_ENV3
      value: test-3
  norestart: true
  private: false

Component

Type

Description

app

string

The name of the existing application that should should receive the environment variables.

Required: Yes

envs

envs

Details of the environment variables that should be created.

norestart

bool

If the application should be restarted when environment variables are added or removed.

If not specified, the application won't be restarted automatically.

Required: No

private

bool

If the values of the environment variables being set should be displayed encrypted.

If not specified, the environment variable values will be displayed in plain text.

Required: No

Application Variables

Multiple environment variables can be set at once when creating the environment variables.

Component

Type

Description

name

string

The name of the environment variable to be set.

Required: Yes

value

string

The value that should be assigned to the environment variable

Required: Yes

Deploying Applications

The definition below deploys an application to Kubernetes using Shipa.

app-deploy:
  app: github-app-v3
  image: docker.io/shipasoftware/bulletinboard:1.0
  port: 8000
  private-image: false
  registry-user: [email protected]
  registry-secret: secret
  steps: 2
  step-weight: 1
  step-interval: 3m
  shipayaml: ./example/shipa.yaml

Component

Type

Description

app

string

The name of the application where deployment should happen.

Required: Yes

image

string

The image URL that should be used by Shipa for deployment.

Required: Yes

port

int

A specific port that should be assigned to the application for it to be exposed.

If not specified, Shipa will automatically expose port 8888 to the application.

Required: No

private-image

bool

If the image is hosted in a private registry.

If not specified, Shipa will assume the image is hosted in a public registry and will not try to authenticate when pulling the image.

Required: No

registry-user

string

The username of the private registry for authentication, so Shipa can pull the image.

Required: No

Condition: Only when private-image is set to true

registry-secret

string

The password of the private registry for authentication, so Shipa can pull the image.

Required: No

Condition: Only when private-image is set to true

steps

int

How many steps should be used for deploying a new version to the application, when using canary.

If not used, Shipa will deploy the new version and shift 100% of the traffic to the new version.

Required: No

step-weight

int

The weight of traffic that should shift to the new version on each step.

If not used, Shipa will deploy the new version and shift 100% of the traffic to the new version.

Required: No

step-interval

int

The wait time in minutes between each step.

If not used, Shipa will deploy the new version and shift 100% of the traffic to the new version.

Required: No

shipayaml

file path

Path to the shipa.yaml file to be added to the application deployment

Required: No

Network Policies

The definition below adds a network policy entry to an application at deployment:

network-policy:
  app: github-app-v3
  ingress:
    policy_mode: allow-custom-rules-only
    custom_rules:
      - id: gateway
        enabled: true
        description: gateway block test
        allowed_frameworks:
          - cinema-gateway
  egress:
    policy_mode: allow-all
  restart_app: false

Component

Type

Description

app

string

The application name to which the network policy should be applied to.

ingress

Ingress definition that will be applied to the application.

if not defined, Shipa will leverage the network policies defined at the policy framework level.

Required: No

policy_mode

string

The policy mode that should be applied to your application network policy.

Options are:

  • allow-all
  • deny-all
  • allow-custom-rules-only

Required: No

Condition: Only when policy_mode is set to allow-custom-rules-only

custom_rules

If policy_mode is set to allow-custom-rules-only, you can define custom rules for detailed ingress or egress configuration for the application.

Required: No

Condition: Only when policy_mode is set to allow-custom-rules-only

id

string

The name of the custom rule.

Required: No

Condition: Only when policy_mode is set to allow-custom-rules-only

enabled

bool

If the custom rule is enabled by default or not for this application.

Required: No

Condition: Only when policy_mode is set to allow-custom-rules-only

description

string

The description of the custom rule being enforced.

Required: No

Condition: Only when policy_mode is set to allow-custom-rules-only

allowed_apps

string

The specific applications that communicate with your application.

Required: No

Condition: Only when policy_mode is set to allow-custom-rules-only

ports

Port configuration where your application can accept ingress or egress.

Required: No

Condition: Only when policy_mode is set to allow-custom-rules-only

port

int

Specific port (or list of ports) where your application can accept ingress or egress.

Required: No

Condition: Only when policy_mode is set to allow-custom-rules-only

protocol

string

The protocol your application can accept ingress or egress.

Required: No

Condition: Only when policy_mode is set to allow-custom-rules-only

egress

Egress definition that will be accepted by your application.

if not defined, Shipa will leverage the network policies defined at the policy framework level.

Required: No

restart_app

bool

If the application should be restarted automatically once the network policy is defined.

Network policies are only in effect once the application is restarted.

Required: No

Managing CNAME

app-cname:
  app: gha-app
  cname: app-name.shipa.io
  encrypted: true

Component

Type

Description

app

string

The name of the application where the new CNAME should be added.

Required: Yes

cname

string

The CNAME that should be assigned to the application.

Required: Yes

encrypted

bool

Defines if the new CNAME should be HTTP or HTTPS.

If encrypted, an HTTPS endpoint will be added to the application and a certificate will be automatically generated using Let's Encrypt.

Required: No

If not defined, an HTTP endpoint will be automatically generated.


Did this page help you?