Click or drag to resize

Neon.Deployment Namespace

The Neon.Deployment library includes utility classes for managing deployments for CI/CD.

Note Note
These classes are not entirely general purpose at this point. neonFORGE maintainers are currently using this for CI/CD for opensource and private neonFORGE related projects. We may make these more generic in the future.
Classes
  ClassDescription
Public classAwsCli
Wraps the AWS-CLI with methods for common operations.
Public classDeploymentHelper
Deployment related defintions and utilities.
Public classOnePassword
Wraps the 1Password CLI.
Public classOnePasswordException
Thrown by the OnePassword for errors.
Public classCode exampleProfileClient

Defines the interface for the client used to communicate with the Neon Profile Service or a custom service. These services provides access to user and workstation specific settings including secrets and general properties. This is used for activities such as CI/CD automation and integration testing. This solves the following problems:

  • Gaining access to secrets. neonFORGE has standardized on 1Password for password management and the Neon Profile Service abstracts the details of authenticating with 1Password and accessing secrets.

    This interface supports two kinds of secrets: passwords and values. These are somewhat of an artifact of how we implemented this using 1Password. Secret passwords are values retrieved from a 1Password item's password field and secret values correspond to a 1Password item value field. We found this distinction useful because 1Password reports when passwords are insecure or duplicated but we have other secrets where these checks can be distracting. Custom implementation can choose to follow this pattern or just treat both types of secret the same.

    You can also obtain a specific property from a secret password or value by using this syntax:

    Examples
    SECRETNAME[PROPERTY]

    This is useful for obtaining both the username and password from a login, or all of the different properties from a credit card, etc. This blurs the difference between secret passwords and secret values a bit but we're going to retain both concepts anyway.

  • Profile values are also supported. These are non-secret name/value pairs used for describing the local environment as required for CI/CD. For example, we use this for describing the IP addresses available for deploying a test neonKUBE cluster. Each developer will often need distict node IP addresses that work on the local LAN and also don't conflict with addresses assigned to other developers.

    neonFORGE's internal implementation simply persists profile values on the local workstation as a YAML file which is referenced by our profile service.

  • Abstracting access to the user's master password. neonFORGE has implemented an internal Windows application that implements a profile service that prompts the developer for their master 1Password, optionally caching it for a period of time so the user won't be prompted as often. This server also handles profile and secret lookup.
Public classProfileException
Thrown by IProfileClient instance when the profile server returned an error.
Public classProfileHandlerResult
Describes the results returned by ProfileServer handlers.
Public classProfileRequest
Abstracts Neon Profile Service named pipe command requests.
Public classProfileResponse
Abstracts Neon Profile Service named pipe command responses.
Public classProfileServer
Implements a named-pipe based server that will be used to receive requests from ProfileClient. This server listens on a named pipe and only allows connections from other processes running on behalf of the current user.
Public classProfileStatus
Enumerates the profile error code strings.
Interfaces
  InterfaceDescription
Public interfaceCode exampleIProfileClient

Defines the interface for the client used to communicate with the Neon Profile Service or a custom service. These services provides access to user and workstation specific settings including secrets and general properties. This is used for activities such as CI/CD automation and integration testing. This solves the following problems:

  • Gaining access to secrets. neonFORGE has standardized on 1Password for password management and the Neon Profile Service abstracts the details of authenticating with 1Password and accessing secrets.

    This interface supports two kinds of secrets: passwords and values. These are somewhat of an artifact of how we implemented this using 1Password. Secret passwords are values retrieved from a 1Password item's password field and secret values correspond to a 1Password item value field. We found this distinction useful because 1Password reports when passwords are insecure or duplicated but we have other secrets where these checks can be distracting. Custom implementation can choose to follow this pattern or just treat both types of secret the same.

    You can also obtain a specific property from a secret password or value by using this syntax:

    Examples
    SECRETNAME[PROPERTY]

    This is useful for obtaining both the username and password from a login, or all of the different properties from a credit card, etc. This blurs the difference between secret passwords and secret values a bit but we're going to retain both concepts anyway.

  • Profile values are also supported. These are non-secret name/value pairs used for describing the local environment as required for CI/CD. For example, we use this for describing the IP addresses available for deploying a test neonKUBE cluster. Each developer will often need distict node IP addresses that work on the local LAN and also don't conflict with addresses assigned to other developers.

    neonFORGE's internal implementation simply persists profile values on the local workstation as a YAML file which is referenced by our profile service.

  • Abstracting access to the user's master password. neonFORGE has implemented an internal Windows application that implements a profile service that prompts the developer for their master 1Password, optionally caching it for a period of time so the user won't be prompted as often. This server also handles profile and secret lookup.
Public interfaceIProfileRequest
Abstracts Neon Profile Service named pipe command requests.
Public interfaceIProfileResponse
Abstracts Neon Profile Service named pipe command responses.