Built-in policy libraries and new dashboards simplify trusted application delivery with Weaveworks’ September release.
Weaveworks has released version 2022.09 of its GitOps platform for cloud-native application development and deployment. The most important innovations in the release concern improvements that help developers to ensure security and compliance even with continuous software deployment.
Trusted Application Delivery
Weaveworks’ declared goal is to provide companies with more targeted support in securing their software supply chain. The GitOps specialist therefore took over the provider Magalix at the beginning of the year and gradually integrated its policy and compliance engine into Weave GitOps. Magalix’s policy-as-code approach provides companies with more comprehensive control options to ensure security and compliance throughout the software lifecycle. In this context, the Weaveworks managers speak of Trusted (Application) Delivery.
Based on the version management software Git and the open source tool Flux handed over by Weaveworks to the CNCF (Cloud Native Computing Foundation), the free version Weave GitOps Core already provides rule-compliant and verifiable methods for software deployment and Infrastructure as Code (IaC). In conjunction with the Magalix engine, developers can now ensure that compliance and security guidelines are adhered to in the same way during the automated, step-by-step deployment of their applications (progressive deployment).
To do this, Weave GitOps integrates a curated library that takes into account more than 100 industry standards and best practices – including SOC II, PCI-DSS, GDPR, HIPAA, MITER ATTACK. In addition to the Open Policy Agent (OPA), comprehensive options for policy checks and troubleshooting are available, for example to automatically check Kubernetes manifests before applications and their updates are deployed in productive environments. If required, developers can also add individual rules to the policy library – using the Rego language known from OPA.
Run GitOps run
With the extension GitOps Run, which is initially available as a technology preview in Release 2022.09, those responsible for DevOps can test different configurations of their planned iterative deployment in advance of the actual Git push. Comparable to kubectl port-forward GitOps Run works in the background and automatically aligns the local working directory with the Kubernetes cluster in the active kubeconfig. As soon as developers have decided which changes should be implemented, GitOps Run can be stopped and the Git Push can be triggered.
Also new in Weave GitOps 2022.09 is an update to Team Workspaces, which now offer multi-tenancy and application portability. In larger organizations in particular, the central administration console can be used to provide the same application across multiple clusters and instances, each of which implements different policies and is managed by different teams.
