on
Brigade 2 Alpha 4
The Brigade maintainers are excited to announce the latest alpha release for Brigade v2, Brigade v2.0.0-alpha.4. With this release, we expect to transition away from major feature work or breaking changes and instead move into beta territory. In doing so, we’ll start focusing more on squashing bugs, improving UX, adding documentation and making other refinements to the codebase.
There have been many notable improvements in the handful of releases since the Brigade v2 announcement post. Here we’ll go over the highlights.
GitHub Authentication
Brigade 2 has supported user authentication via OpenID Connect since its first alpha release. In alpha.4, we’ve now added support for GitHub OAuth.
We anticipate many developers will choose this route for a low-overhead option to secure their Brigade instance, as it is quite likely that users will have pre-existing GitHub accounts at the ready.
To set up GitHub authentication with Brigade, one would create a
GitHub OAuth App with the authorization callback URL set to point to the
/v2/session/auth endpoint on the Brigade instance’s public-facing API server
address. The OAuth Apps’s client ID and a newly-generated client secret can
then be provided as values when installing the Brigade 2 Helm chart. (They go
under github in the thirdPartyAuth section of the chart’s values file.)
Streamlined Admin login
For initial setup, Brigade offers a streamlined method for designating which users should be assigned admin privileges out of the gate, bypassing the need for the operator to manually create the proper role assignments for each admin beforehand.
Each user added to the admins list in the same thirdPartyAuth section as
above will then be automatically granted admin privileges upon initial login.
Entries in this list should represent each user’s identifier according to the
chosen authentication strategy, e.g. their email address when using OpenID
Connect or their username on GitHub.
Admins can then proceed with creating scoped role assignments for all future users authenticating into the system.
CLI updates
The brig CLI now ships with a handful of new and/or update commands. Let’s
review them below.
Event clone
There may be cases where an event has already run and a user would like to
clone this event’s details to run again, perhaps with an updated Worker
configuration. Maybe the default config file (e.g. brigade.js) for a Worker
required a patch or some other type of update, and they would like to use this
to run the same event as before. In that case, brig event clone is the
command to use:
$ brig event clone -i <original event uuid>
Event retry
Consider the case when a user wishes to re-run a prior event with the same
worker configuration used originally. Perhaps a job failed somewhere in the
pipeline due to an intermittent error and the user expects it will succeed
given another chance. This is what brig event retry is intended for.
$ brig event retry -i <original event uuid>
Follow flag
For the two new event commands above, as well as brig event create, a new
flag (-f/--follow) can be used to follow logs as soon as the event has been
pulled from the queue for processing. Previously, one would create the event
and then issue the corresponding brig event logs -f -i <event uuid> command.
Now this can be done in one CLI invocation:
$ brig event create -p <project id> -f
Project Secrets
Lastly, the brig project secret set command has been updated to allow users
to add secrets via a file to a project ad hoc. It takes a reference to a flat
JSON or YAML file and updates a given project with the parsed secret values.
$ jq -n '{ password: "top$secret!" }' > project-secret.json
$ brig project secret set -p hello-world -f project-secret.json
Set secret "password" for project "hello-world".
Come join us
We’re really excited about the progress being made on Brigade 2 and we’d be delighted to help users and developers get up to speed. Check out the previous blog post and/or the v2 README for tutorials on how to get started.
Please file issues to tell us about problems you encounter or even to make feature requests! We’re also available to answer questions in the #brigade channel on the Kubernetes Slack.
Thanks for reading and see you on the internet!