Supported plugins π§©
Descriptionβ
Plugins are open source tools or software that are integrated in Brainboard and made available to use as part of your CI/CD pipelines.
These plugins are maintained and updated by Brainboard team, giving you always the latest releases available.
Terraformβ
This plugin allows you to execute Terraform
actions on your code.
Configuration options
- Command: Terraform commands to execute. 4 options are available:
- validate
- plan
- apply
- destroy
- Version: refers to the version of Terraform binary to use.
- Ignore failure: if enabled, the execution of the following stage will be triggered even if the task fails.
- Target: is a regex to specify which resource(s) will be the target of the execution.
- Require approval: means that this task will not be executed until approved by people added in the approvers' list.
- The task remains blocked until all approvers added in the list approve it.
Refer to this documentation page to understand how resource targeting works in Terraform.
Sample output
Securityβ
1. TFSECβ
This plugin allows you to scan the Terraform code with tfsec
and provide output.
tfsec
is a static analysis security scanner for your Terraform code.
Configuration options
- Version: always points to the latest version.
- Disable grouping: disable grouping of similar results.
- Disabled checks
- Ignore failure: if enabled, the execution of the following stage will be triggered even if the task fails.
- Include ignored: include ignored checks in the result output.
- Include passed: include passed checks in the result output.
- Minimum severity: you can specify the minimum severity of result that should be reported. By default, every severity is reported. You must use one of
CRITICAL
,HIGH
,MEDIUM
,LOW
. - Require approval: means that this task will not be executed until approved by people added in the approvers' list.
- The task remains blocked until all approvers added in the list approve it.
Sample output
2. Terrascanβ
This plugin allows you to scan the Terraform code with Terrascan
and provide output.
Terrascan
is a static code analyzer for Infrastructure as Code.
It provides 500+ out-of-the-box policies so that you can scan IaC against common policy standards such as the CIS Benchmark.
Configuration options
- Version: always points to the latest version.
- Ignore failure: if enabled, the execution of the following stage will be triggered even if the task fails.
- Require approval: means that this task will not be executed until approved by people added in the approvers' list.
- The task remains blocked until all approvers added in the list approve it.
- Scan rules: specify rules to scan, example: βscan-rules=βruleID1,ruleID2β.
- Show passed: display passed rules, along with violations.
- Skip rules: specify one or more rules to skip while scanning. Example: βskip-rules=βruleID1,ruleID2β.
Sample output
Cost estimationβ
1. Infracostβ
This plugin allows you to have a cost estimation for your infrastructure from your Terraform code.
Configuration options
- API key: you can generate it from your Infracost account.
- Command: 2 commands supported
- Breakdown: this command shows a breakdown of costs.
- Diff: this command shows a diff of monthly costs between the deployed infrastructure and planned changes.
- Version: always points to the latest version.
- Ignore failure: if enabled, the execution of the following stage will be triggered even if the task fails.
- Disable cache.
- Project name.
- Require approval: means that this task will not be executed until approved by people added in the approvers' list.
- The task remains blocked until all approvers added in the list approve it.
- Show skipped: list unsupported and free resources.
Sample output
Policy as codeβ
1. OPAβ
This plugin allows you to check your Terraform code against security policies that you define.
OPA
is a policy-based control for cloud native environments.
Configuration options
- Policy: the content of
rego
file that contains your policy. - Version: always points to the latest version.
- Decision.
- Ignore failure: if enabled, the execution of the following stage will be triggered even if the task fails.
- Require approval: means that this task will not be executed until approved by people added in the approvers' list.
- The task remains blocked until all approvers added in the list approve it.
Sample output
2. Checkovβ
This plugin allows you to scan you Terraform code to find misconfigurations before they're deployed.
Configuration options
- Version: always points to the latest version.
- BC API key.
- Checks.
- Custom arguments.
- Ignore failure: if enabled, the execution of the following stage will be triggered even if the task fails.
- Skip checks.
- Require approval: means that this task will not be executed until approved by people added in the approvers' list.
- The task remains blocked until all approvers added in the list approve it.
Sample output
Notificationsβ
1. Emailβ
This plugin allows you to send an email to multiple emails.
This is Brainboard plugin.
Configuration options
- Emails: list of email address that will receive a copy of the message.
- Message: YAML content to be emailed.
- Custom arguments.
- Ignore failure: if enabled, the execution of the following stage will be triggered even if the task fails.
2. Slackβ
This plugin allows you to send a notification to your Slack channel.
Configuration options
- Message: YAML content to be sent.
- URL of your Slack channel.
- Custom arguments.
- Ignore failure: if enabled, the execution of the following stage will be triggered even if the task fails.
3. Microsoft Teamsβ
This plugin allows you to send a notification to your MS Teams channel.
Configuration options
- Message title: title of the message.
- Message: text to be sent.
- Incoming webhook URL of your MS Teams channel.
- Hide pipeline URL: do not add button with link to the pipeline in the adaptive card.
- Ignore failure: if enabled, the execution of the following stage will be triggered even if the task fails.
Setup instructionsβ
If you want to configure Microsoft Teams to receive notifications from Brainboard pipelines, an incoming hook needs to be set up in the channel of your choice. To do so, follow the steps from the Brainboard video tutorial:
Webhooksβ
This plugin allows you to communicate with an external system that is accessible through an API.
This is Brainboard plugin.
Configuration options
- URL of the external system.
- Basic auth password.
- Basic auth username.
- Ignore failure: if enabled, the execution of the following stage will be triggered even if the task fails.
- Message: payload to send with the API post request.
- Require approval: means that this task will not be executed until approved by people added in the approvers' list.
- The task remains blocked until all approvers added in the list approve it.
Request a new integrationβ
If you want to see your software integrated in Brainboard, you can request it or upvote for it in our public roadmap.