Stackery slots security, CI/CD to Lambda loving platform

Stackery slots security, CI/CD to Lambda loving platform

Stackery has added security and CI/CD capabilities to its serverless development platform, giving customers the option of not using their existing DevOps setups when deploying serverless functions.

The latest rev of the serverless specialist’s AWS oriented platform adds CI/CD features including GitOps workflows and Agile change management, with automatic promotion of stack changes to the next environment when testing and verifications are passed. There are integrations for GitHub, GitLab and BitBucket, and for CI/CD tooling from CircleCI and Jenkins.

On the security side, additions include scoped IAM permissions and secrets management, as well as automated security audits.

CEO Tim Zonca, who joined the company six months ago, said its customers had been asking for the ability to scale the platform to additional teams without sacrificing governance and for ways to make delivery and deployment easier.

Which raises the question of what customers had been using for CI/CD previously for their serverless apps? Zonca said this had mainly been “gen one DevOps, CI/CD tools that are built with extensibility in mind, and not serverless” such as Jenkins and CircleCI.

Asked if having another CI/CD platform for serverless apps simply confused matters, Zonca said. “[Customers] tend to have a much more mature set of CI/CD capabilities with those other providers for other projects, and they’re figuring out how to do CI/CD and secure their delivery in a serverless world. Practices are still new enough that they haven’t fully built out their workflow.”

At the same time, he continued, they’re hesitant to “cobble together” CI/CD components for serverless. “And so they say, hey, look, if I can get my design phase, my development phase, and delivery phase all from Stackery [for serverless apps], and I could call out here or there just specifically for a few functions or workflows, we may already have built out, that’s way more advantageous and easier to maintain over the long run.”

CTO Chase Douglas added that where customers already have a centralised DevOps team and defined DevOps processes, Stackery had always been well integrated, but that some were “tired” of managing CI/CD for serverless functions separate from the Stackery platform. 

Douglas said the vuln scanning component relied on open source tooling, “like NPM audit, and Python safety checks”. At the same time, he said, it was investigating other options, depending on what customers ask for. “We know there’s lots of tools and vendors out there. And we have partnered with various vendors in the past for different kinds of functionality. So one can easily imagine adding in other providers for that service.”

Douglas added that all the added functionality still operated within customers’ own AWS accounts. “This is important so that when we work with our largest enterprise customers, they have concerns about code confidentiality and concerns about where builds are created.”