Configuring Protections

To define a protection, create a Prodvana config file.

protection:
  name: is-not-weekend
  taskConfig:
    program:
      cmd:
      - deployment-schedule-validator.py
      imageTag: 3.10.3-slim
      imageRegistryInfo:
        containerRegistry: dockerhub-public
        imageRepository: python

Apply the config file using pvnctl.

pvnctl configs apply path/to/is-not-weekend.pvn.yaml

It is also possible to define a protection using Kubernetes configs, such as a Kubernetes job.

protection:
  name: is-not-weekend
  kubernetesConfig:
    type: KUBERNETES  # KUSTOMIZE also supported
    local:
      path: .  # change this accordingly

Using a Protection

Using a Protection on a Release Channel

To attach a protection to a release channel, add the following to the application configuration.

application:
  name: my-application
  releaseChannels:
    - name: my-release-channel
      ...
      protections:
        - ref:
            name: my-protection

Run pvnctl configs apply on the application config and the protection will now show up in the release channel page, under my-demo-organization.prodvana.io -> Applications -> your application -> your release channel.

As defined above, the protection is purely informative. To have use protections as part of deployment, add a lifecycle config to the release channel's application config.

application:
  name: my-application
  releaseChannels:
    - name: my-release-channel
      ...
      protections:
        - ref:
            name: my-protection
          lifecycle:
            - preApproval: {}
            - postDeployment:
                    checkDuration: 120s

The config above tells Prodvana to check the result of the protection before approvals are submitted and for 120 seconds after the deployment has completed.

Using a Protection on a Runtime, Service, Application

📘

Coming soon!

You will be able to define protections tied to a runtime, service, or application soon. Talk to us for beta access.

Injected Environment Variables

Once protections are attached to an object, the relevant environment variables identifying the object is injected into programs in the protection, both for protections defined using taskConfig and kubernetesConfig.

ObjectVariables Injected
Release ChannelPVN_APPLICATION=app-name
PVN_RELEASE_CHANNEL=release-channel-name