Skip to main content

What’s New this Week June 22, 2020

We are excited bring back our bi-weekly roll-up of our feature development, with updates on features from Experiments through to GA. This is our way of taking you on the journey of “How an Idea Becomes a Feature” at Armory. We’ve missed the last few posts, so this will be a meaty update! You can track features as they go from Experiment to Early Release and then to General Availability. Here is a link to the Early Release, Beta, and GA definitions at Armory.


Check out these blog posts for a deeper dive:

Below please find details on features we are building.

New Experiments

What is an Experiment? An experiment is a test version for us to present to you, our users, ideas on how to solve some of your pain points. This is your opportunity to provide us feedback. We want to hear the good, the bad, and the ugly, so we can create the best feature to solve your problem.

  • Pipelines as CRDs (PaCRD)
    • What is it?
      • PaCRD (a combination of “Pipelines as Code” and “Custom Resource Definitions”) is a pipelines-as-code feature designed specifically for Kubernetes users.
    • How does it work?
      • PaCRD is a Kubernetes controller that manages the lifecycle of Spinnaker applications and pipelines as objects within your cluster, stored as .yaml files. 
    • What are the benefits?
      • With PaCRD, you can:
        • Maintain your Spinnaker pipelines as code with the rest of your Kubernetes manifests.
        • Persist Pipeline and Application changes to your Spinnaker cluster with confidence.
        • Leverage existing tools like Helm and Kustomize to template your pipelines across teams and projects.
    • Where can I learn more?
  • Plug-in Framework: Cloud providers as plugins
    • What is it?
      • We continue to invest heavily in the Spinnaker plug-in framework, which we released in OSS Spinnaker in 2019. Our latest plug-in experiment, adding a caching agent extension point, will enable clouddriver providers to be added as plug-ins 
    • How does it work?
      • This example plugin for Hashi Nomad shows how a cloud provider plugin generally works. There are three main components that comprise the back-end of a cloud provider plugin: the caching agents (for Spinnaker to read the cloud provider resources), the atomic operations (for modifying these resources), and the searchable providers (for searching these resources).
    • What are the benefits?
      • This feature will make it easier and faster to build, update, and enable Spinnaker clouddrivers
      • As with other plug-ins, this feature will also help turn Spinnaker into a project with a lean core and a robust ecosystem
    • Where can I learn more?
  • Kubesvc (Kubernetes Service)
    • What is it?
      • Kubesvc is a highly performant service for Kubernetes that we are building, to enable Spinnaker to address some scaling issues with the Kubernetes v2 provider and to make the caching model more efficient
    • How does it work?
      • Kubesvc is a new service in charge of: 
        • Account management
        • Getting the data from the Kubernetes API server to Clouddriver
        • Performing operations against the Kubernetes API server
      • It sits between the clouddriver and the Kubernetes clusters, enabling better caching and eliminating a number of other scaling issues 
    • What are the benefits?
      • Kubesvc further enables at-scale Kubernetes deployments with Spinnaker   
    • Where can I learn more? 
  • Terraform Integration: Least Privilege
    • What is it?
      • We are introducing the concept of Least Privilege into our Spinnaker Terraform Integration, to ensure that only those who should have access to Terraform, do
    • How does it work?
      • Terraformer reaches out to Fiat (Spinnaker’s authorization service) to get the roles assigned to a user and filters the profiles to only those the user has access to. A user can’t run a Terraform stage using a profile they’re unauthorized to use.
    • What are the benefits?
      • Terraform Least Privilege adds additional security and compliance guardrails for your business, allowing your Sec team to rest easy knowing that only the right people have access to Terraform and that someone can’t inadvertently wipe out your infrastructure
    • Where can I learn more?
      • Interested in learning more? Contact us here!

Early Release

What is an early release of a feature? It is a feature that is working and installable, but some functionality is likely to be missing and a number of known and unknown issues are likely to surface. It’s a first version. Please call out anything you can’t live without, and what you’d like to see changed or improved.

  • Spinnaker as a Service (SaaS)
    • What is it?
      • Armory Spinnaker as a Service is a SaaS offering of Armory’s powerful Enterprise Spinnaker platform
    • How does it work?
      • We provide Armory Enterprise Spinnaker running as a service in Armory’s cloud account in a secure configuration
    • What are the benefits?
      • Substantial operational cost savings: It often takes 2-4 full-time engineers to install, operate and configure Spinnaker on prem. With Armory SaaS, we take care of all of that for you.
      • Significantly faster onboarding: Start deploying to production with Spinnaker in hours, instead of weeks or months.
      • Immediate access to the newest Armory Spinnaker features: Always be on the latest distribution, without having to manually update your Spinnaker instance.
    • Where can I learn more?
      • Learn more on our website here.
      • In addition we are excited to expand the Armory SaaS beta program to a limited number of additional Design Partners. If you are interested in early access to Armory Spinnaker as a Service, or in learning more about the product, reach out to us here!
  • Spinnaker Plug-In Framework
    • What is it?
      • The Spinnaker Plug-in framework leverages PF4J to simplify the loading and management of third-party extensions in Spinnaker. This helps to create a Spinnaker project with a lean core and an extensive ecosystem, and makes it much easier to extend Spinnaker for your particular needs. 
    • What’s new and what are the benefits?
      • Plug-in Enabled Services: We’re extending the plug-in framework to each of Spinnaker’s services. We’ve recently enabled plug-ins for Igor, Fiat, Rosco, Kayenta, in addition to Orca and Echo
      • Integration Testing: We’re adding in additional integration testing for plug-in back-ends and front-ends, to ensure that plug-ins will work with new releases of Spinnaker and Halyard (available Armory v2.21 / OSS v1.21)
      • Version Constraints: Versioning of plug-ins is not currently well-monitored in terms of compatibility with other Spinnaker services. We’ve added in version constraints to require the latest Spinnaker versions to ensure that they work properly
      • Plugin delivery via image files in DockerHub: For customers that cannot consume plug-ins from Git repos, we have enabled customers to load plug-ins as image files
      • Example Custom K8s CRD Handler: For customers that want to create their own CRD handles, we have created an example plug-in to copy and modify. Check it out here
    • Where can I learn more?
      • Interested in learning more about plug-ins, or in creating some? Reach out to us at [email protected]
  • Policy Engine Plug-in
    • What is it?
      • We are creating a version of our Policy Engine feature that works as a plug-in for Spinnaker. 
    • How does it work?
    • What are the benefits?
      • Armory customers will have an additional way of leveraging the Policy Engine, including using the Policy Engine with OSS Spinnaker
    • Where can I learn more?
      • Reach out to us here!
  • Aquasec Scanning for Orca, Dinghy, Clouddriver, and Halyard
    • What is it?
      • We’ve adding an Aquasec Enterprise scan to a number Armory Spinnaker services
    • How does it work?
      • Aquasec performs security scans on Armory Spinnaker services to detect CVEs and other security issues, so that we can rapidly detect and remediate any potential issues 
    • What are the benefits?
      • Improved security for Armory customers
    • Where can I learn more?
      • Reach out to us here!
  • Monitoring Playbook Outline
    • We’ve created a beta version of the Spinnaker Monitoring Playbook, detailing a) what the key metrics to monitor are to answer the question of “Is Spinnaker Healthy?” and b) how to set up those metrics. 
    • Reach out to us by email on or Spinnaker Slack to learn more!

General Availability

What is general availability? This is a  feature we have added and fully support in our product offering. Please let us know what is working well, and what you’d like to see expanded, added, or improved.

  • Spinnaker v2.20 (OSS Release 1.20.5)
    • What’s new?
      • This release included improvements with Armory’s Terraform integration (support for named profiles), Pipelines as Code feature (application-level notifications), Plug-ins (now support clouddriver plug-ins), Cloud Foundry support (reduced latency for large deployments), and overall security enhancements
      • Highlights from the open source release include improvements in the Kubernetes V2 Run Job stage, the default enabling of Kustomize, support for hiding arbitrary stages from end users, ECS support for load balancer views and task health status in deployments
      • Check out the release notes to learn more!
  • Pipelines as Code (Dinghy) Updates
    • What’s new?
      • We’ve made major improvements to the ARM CLI, added in fixes to better support multi-org repos, and added support for authenticating GitHub webooks
  • New Armory Spinnaker Docs Site
    • What’s new?
      • We’ve completely revamped our docs site! Our Docs team has done a truly amazing job.  
    • What are the benefits?
      • The new docs site has a much better look and feel, better in-page navigation, and better native search functionality. Check out the blog post here
  • Armory Spinnaker Docs
Here are the latest release notes:

We appreciate your feedback – let us know what you think! Want to get an early release or need any help configuring these features? Contact us here.
Armory’s platform exists to help software teams ship better software, faster. If you want to try these or any other Armory features, you can: