CloudTruth Documentation
Sign InAPIIntegrationsGitHubVisit our website
  • Overview
  • Getting Started
  • Architecture
    • 🔒Security Overview
  • Copilot
  • 🏢Org management
    • Account Setup
    • Access Control
      • 🔑API Tokens
      • 🌐Protecting Projects and Environments
      • 👥Users
    • Audit Log
  • 🛠️Config Management
    • Projects
    • Parameters
      • Sharing Config Data
      • Parameter Management
        • Internal Values
          • Dynamic Values
        • External Values
          • Terraform Remote State Files
        • Parameter Override
        • Environment Value Override
      • Parameter and Parameter Value Inheritance
      • Value Comparison
      • Value History
      • Value Validation
      • Value Expiration
    • Environments and Tags
    • Templates
      • 📒Sample Templates
    • Actions
      • Import Actions
      • Push Actions
    • CLI & API
      • CloudTruth CLI
      • Rest API
    • Integrations
      • Argo CD
      • Atlassian Compass
      • AWS
        • AWS Connection
        • AWS Role
          • CloudFormation
          • Terrraform
          • AWS Console
        • Parameter Store (SSM)
        • S3
        • Secrets Manager
      • Azure Key Vault
      • Bitbucket Pipelines
      • Docker
      • Docker Compose
      • GitHub
      • GitHub Actions
      • GitLab
      • Harness
      • Jenkins
      • Kubernetes
      • Pulumi
      • Terraform
      • Terragrunt
      • Explorer
      • Circle CI
    • Events, Notifications, Webhooks
    • Types
  • 🔎REPORTING
    • Compare
    • History
    • Expirations
  • 🚀PRODUCT
    • What is CloudTruth?
    • Interactive Demo
    • Kubernetes
    • Terraform
    • CI/CD Pipeline Configuration
    • Cloud CMDB
    • Secrets Management
    • GitOps
    • Our Manifesto
    • Open Source
    • FAQs
    • Our Mission
  • 📚Reference
    • 🎓Quick Start Videos
      • What is CloudTruth?
      • CloudTruth in Action
      • Environments and Projects
      • Secrets, Parameters, ENV variables
      • Audit Logs, RBAC, SSO
      • Containers - Kubernetes, Docker
      • Infrastructure as Code (IaC) - Terraform, Cloudformation, CDK, Azure Bicep, Pulumi
      • CICD Pipelines - GitHub Actions, ArgoCD, Jenkins, CircleCI, Harness, GitLab Pipelines
      • AWS Videos - Secret Manager, Parameter Store, S3, IAM
      • Azure Videos - Azure DevOps, Azure Bicep, PowerShell
    • Knowledge Base
      • Best Practices
        • Versioned Releases
      • CLI
        • History comparison of deleted parameters with null values
      • Integrations
        • Advanced AWS IAM policy permissions
        • K8s pull image from private Docker registry
        • S3 Region Selection
      • Templates
        • Templates render quotations in key values as quot
    • Roadmap and New Features
    • JMESPath Reference
    • REST API
Powered by GitBook

Copyright© 2023 CloudTruth

On this page
  • Creating Tags
  • Referencing Tags
  • Updating Tags
  • Comparing Changes

Was this helpful?

  1. Reference
  2. Knowledge Base
  3. Best Practices

Versioned Releases

PreviousBest PracticesNextCLI

Last updated 1 year ago

Was this helpful?

A common pattern for managing configuration is to send changes through an approval process. CloudTruth will introduce an approval workflow feature in the future. In the interim, one can accomplish the same goals by using tags against our versioned configuration store. This can be tied into your release cycle or used explicitly to update configuration between releases. It enables you to have a stable set of configurations to make several incremental changes before batching them into a single push to your production systems. One can approximate an approval process with the manual step of only allowing authorized users to update tags to current.

Creating Tags

Tags are intrinsically tied to environments. To create one, go to the Environments page, select the desired environment and click the Create Tag button. Give the tag a name, and optionally select a point in time that the tag represents (defaults to now).

Select the Immutable option to prevent the tag from being updated to reflect recent changes.

You can also create tags using the CLI:

cloudtruth environments tag set production stable --current

Referencing Tags

Once you have tags set up for your critical environments, you can use them when referencing your configuration at any of our integration points (push actions, Kubernetes operator, CLI, API, etc)

CLI examples

cloudtruth --project backend --env production parameters list --as-of stable --format json
cloudtruth --project backend --env production template get dotenv --as-of stable

Kubernetes Operator Example

Use the tag specifier on any project mappings that you desire to use a tag on. You can also specify it globally for all project mappings by use of a helm property override at install time:

helm install \
    --set appSettings.apiKey=<api_key> \
    --set projectMappings.root.environment=production \
    --set projectMappings.root.tag=stable \
    kubetruth cloudtruth/kubetruth

Push Action Example

Tags are required for Push Action, as can be seen in the create/edit dialog for a push action:

Updating Tags

To edit a tag, go to the Environment page, select the environment containing the tag, then click the triple-dot menu for the tag and select Edit Tag.

Show the date picker and click in the timestamp field to have the option of selecting a specific timestamp or selecting Now to update the tag to right now, thereby promoting it to contain all current values.

Once updated, any subsequent operations that reference this tag at one of our integration points will now get any updated values.

You can also update tags using the CLI, e.g. for use within a CI/CD pipeline:

cloudtruth environments tag set production stable --current

Comparing Changes

To approximate an approval process, use the History page to check any Current changes against a tag (works for Parameters and Templates):

📚