DevOps practices, like Agile, have transformed the software delivery process. Using CI/CD, automations and feedback loops, the process of building and deploying software is getting increasingly efficient. However, some painful manual processes remain and act as bottlenecks. The biggest culprit preventing the industry from achieving true continuous development is application configuration management.
Application configuration management can be divided into four main activities.
Gathering configurations for all connected applications and integrated services, all of which have multiple sources and departments, which, depending on the scale of the application and organization, could mean tens to hundreds of people and applications.
Sharing configurations, securely of course, with the relevant developer and product managers to allow for the relevant activities to be performed.
Deploying configurations in a way that allows rolling back possible.
Auditing configurations to be able to determine who has access to which configurations and what was changed, when and by who.
There isn't a single platform that allows users to accomplish all of the above activities. This results in a complicated manual processes or distributed automations that are not standardized.
This adds a maintenance and coordination overhead, which results in an increase in lead times. Add security concerns on top of that, and you have a significant portion of lead times and deployment failures being caused by any one of the above activities.
There is nothing more frustrating than hunting down a misconfigured
The most commonly used solutions include:
storing configurations in a VCS
encrypt them with clients like gitcrypt
using pgp keys or client secret to decrypt the values (which are usually stored in a separate application)
While this tends to tackle some of the issue, it falls significantly short of what needs to be done.
The values are encrypted so the history is useless
Off-boarding is cumbersome due to security concerns
Removing the history and re-encrypting all the keys is a headache
There is no way to manage groups of who has access to what
ConfigTree was specifically designed to tackle all of these issues By using automations and a point and click interface to manage versions, configurations, users... we will achieve minimal management overheads.
With an organization based invite system, sharing configurations is easy and off-boarding only requires removing the user from your organization and you are done. With a fine grained permission control based on applications and environments, you can control who views configuration and to what level.
Using the versioning and publish mechanisms, auditing and deployment is as simple as a single api call.
For DevOps and Security teams, ConfigTree consolidates all of the management and auditing requirements of configuration management in an easy to use SaaS platform, ready to become part of any CI/CD pipeline.
Come join us at ConfigTree.co!