Terraform runs and code deployments execute in Nullstone infrastructure.
Organizations want the ability to host these activities within their infrastructure to have tighter security controls.
Since this is done for security controls:
Nullstone should not store secrets or credentials in the Nullstone system to access the organization's infrastructure
The mechanism to register runners should be secure and simple
How will it work?
Nullstone provides instructions to create a cluster of runners for Terraform runs and code deployments.
These runners are structured as follows:
configurable to automatically register with Nullstone
runners are run with an IAM role that gives them permissions to provision infra (instead of storing credentials in Nullstone db)
An organization can view a list of registered runners and info about them in an admin panel. (liveness, current activity)
An admin can terminate runners.
When Nullstone has runs or deployments to execute, a signal is sent to the cluster/runners.
Overview
Terraform runs and code deployments execute in Nullstone infrastructure. Organizations want the ability to host these activities within their infrastructure to have tighter security controls.
Since this is done for security controls:
How will it work?
Nullstone provides instructions to create a cluster of runners for Terraform runs and code deployments. These runners are structured as follows:
An organization can view a list of registered runners and info about them in an admin panel. (liveness, current activity) An admin can terminate runners.
When Nullstone has runs or deployments to execute, a signal is sent to the cluster/runners.