Security for Application Delivery shifts left with GitOps for Visual Studio Code

May 31, 2022

The VS Code extension adds a Weave GitOps button in the sidebar of your IDE that allows you to access GitOps features without switching to another dashboard. You can view GitOps components and components as well as trigger reconciliation- read our latest blog for details.

Related posts

Trusted Application Delivery: Security shifts left with GitOps and Policy as Code

The Shift to Continuous Delivery and Microservices

What is the Enterprise Market Perspective of GitOps?

This post has been authored by Josefa Riveros, Product Manager and Leonardo Murillo, Principal Solutions Architect.

Developers Want Control and Visibility

The importance of DevOps is now widely recognized across the industry. The value is no longer anecdotal, it's been quantifiably demonstrated through ample research. DevOps Research and Assessment (DORA) has shown how elite performing organizations are achieving dramatic improvements in their ability to deliver value to users faster by deploying more often, getting changes from code to production in less time, reducing the number of failures, and recovering from the issues that do fall through the cracks faster with reduced user impact. If you want a deep dive - here it is.

A key contributor to these radical improvements lies in development teams owning their services from code to production. This core element of the DevOps transformation is critical to reducing handoffs and accelerating feedback cycles.

However, development teams are exposed to a whole new range of expectations and needs around this new way of doing things. In order to succeed, they will need increasing levels of control and visibility, across multiple environments and throughout the lifecycle of their application.

Cognitive Load of Context Switching

Infrastructure and operation teams are looking at ways in which they can increase the control and visibility of development teams securely, but so far most solutions require developers and DevOps engineers to switch context constantly.

The tools, workflows and processes that developers must adopt in order to understand the status of their applications as they are delivered or during runtime usually falls outside of their development workflows. CLIs and web based interfaces are the dominant options today for developers to inspect and understand their application delivery and operation.

The problem with this is context switching - every time a developer must move away from their code and IDE and into some other system, there is a cognitive penalty that will negatively impact their ability to perform at their best.

This overhead translates into reduced developer efficiency and increased developer burnout. Not to mention it increases the chance of human error when dealing with critical issues that may need fixing.

Application Delivery as an Integral Part of the Development Process

What has become clear is that the delivery of the application across multiple environments, as well as visibility into the application during runtime, is now an integral part of the development process. Development teams are seeing great benefits from true observability without having to move away from their current workflows and without having to switch tools or mental context.

The overarching objective that organizations are looking to achieve is to accelerate, to enable developers to build, troubleshoot and ship features faster to their users.

At Weaveworks we believe that a superior developer experience can significantly accelerate the software development lifecycle.

The Rise of Visual Studio Code

Visual Studio Code has seen a meteoric rise, becoming an almost de facto standard as IDE for most developers. In the 2021 Stack Overflow Developer Survey, over 71% of respondents indicated that they use Visual Studio Code as their integrated development environment!

Microsoft has done an outstanding job in delivering Visual Studio Code as an open source project and the community has responded - with over 129,000 GitHub stars and over 1,600 contributors, the project continually evolves to satisfy the needs of developers building on top of basically any stack.

This great level of community involvement has also resulted in a wide range of extensions becoming available to add-on all sorts of functionality, making Visual Studio Code not just a choice for IDE but also a choice for a vibrant ecosystem of capabilities.

A Superior Developer Experience with GitOps Extension for Visual Studio Code

The GitOps Extension for Visual Studio Code allows application developers to manage and observe the delivery of workloads and the runtime status of the resources managed and deployed using GitOps, without ever leaving the development environment.

With the GitOps Extension developers can enable GitOps in any Kubernetes cluster; it will automatically identify whether the cluster is running in Azure Arc or Azure AKS and use the native Azure extension. For any other cluster, it will use the standard Flux installation process.

Security_for_Application_Delivery_shifts_left_with_GitOps_for_Visual_Studio_Code.png


Once your cluster is GitOps-enabled, application teams are able to see status, logs and versions of the GitOps controllers. Developers can then add Git source repositories, as well as deploy workloads from their local Git clones!

One common challenge development teams are facing when using GitOps, is identifying the status of the reconciliation process that is keeping the runtime consistent with the desired state. With the GitOps Extension for Visual Studio Code developers can instantly see the status of sources and workloads and any error messages, as well as the version of the resources being deployed.

Security_for_Application_Delivery_shifts_left_with_GitOps_for_Visual_Studio_Code1.png

Security_for_Application_Delivery_shifts_left_with_GitOps_for_Visual_Studio_Code2.png

Once workloads are deployed, developers will be able to see all resources created by them, as well as trace back how any one resource was deployed.

Security_for_Application_Delivery_shifts_left_with_GitOps_for_Visual_Studio_Code3.png

Go Ahead and Try it Out!

We think integrating GitOps into the IDE is an incredibly valuable step towards providing a superior developer experience for application delivery, accelerating the development lifecycle and ultimately, delivering value to users faster.

But we need your feedback so this extension can satisfy the need of application teams! Go to the VSCode Marketplace and follow the instructions to install our extension. Feel free to add issues to request features or report bugs, and since it’s fully open source, you may be able to contribute some on your own.


Related posts

Trusted Application Delivery: Security shifts left with GitOps and Policy as Code

The Shift to Continuous Delivery and Microservices

What is the Enterprise Market Perspective of GitOps?

Whitepaper: Trusted Delivery with GitOps and Policy as Code

Download our latest whitepaper and learn how automated security and compliance checks, in the form of policy as code, make automated continuous deployments safe and secure.

Download your Copy