Home
Modeling Software Deployment
Modeling software deployment in HCL DevOps Deploy (Deploy) includes configuring components and component processes and adding those components to applications. Then, you use processes to deploy the components to environments.
Secret Stores
Allows you to retrieve credentials of individual servers from the Vault and authenticates a plug-in step in the deployment process.

Modeling Software Deployment
Modeling software deployment in HCL DevOps Deploy (Deploy) includes configuring components and component processes and adding those components to applications. Then, you use processes to deploy the components to environments.
- Components
  Components represent deployable items along with user-defined processes that operate on them, usually by deploying them.
- Resources
  A resource is a logical deployment target that typically resolves to an agent and a user-defined construct that is based on the architectural model of HCL DevOps Deploy (Deploy).
- Applications
  Applications are responsible for bringing together all the components that must be deployed together.
- Application environments
  An environment is a user-defined collection of resources that hosts an application.
- Application templates
  With an application template, you can save and reuse a collection of resources, environments, processes, and tagged components or component templates to create a standardized application.
- Application processes
  Application processes, like component processes, are created with the process editor. You use application processes to deploy or to roll back components.
- Application blueprints
  An application blueprint maps application components to a resource template. When you create an environment or provision one from the cloud, you can use the blueprint as a model.
- Application pipelines
  Allows you to run application processes in multiple environments and promote versions through a set of stages.
- Snapshots
  A snapshot is a collection of specific versions of components and processes. Typically, a snapshot represents a set of component versions that are known to work together. In most cases, snapshots include all of the components in an application.
- Manual application tasks
  A manual application task interrupts an application process until manual intervention is done. To create a manual task, add a manual step to an application process and select a notification template.
- Approval process
  You can add approval requirements to deployments. Deployments with approvals cannot be completed until all approvers respond. Approvers can respond to requests on the Work Items tab, or by email.
- Inventories
  You use different inventories to track installed components and properties in HCL DevOps Deploy (Deploy) elements.
- Processes
  Processes are automated tasks that run on agents.
- Statuses
  Create and apply statuses to track component inventory states or to track component versions in environments and resources.
- Properties
  Properties are variables that store information about many different elements, including components, environments, processes, and applications. You can also set global properties for the system.
- Tags
  A tag is a user-defined, shared, short label that you use to classify, view, and conduct operations on objects such as applications, components, agents, and resources.
- Webhooks
  Using the webhooks, you can send text-based responses to users in messaging platform such as MS Teams and Slack when a specific event occurs during deployment process.
- Secret Stores
  Allows you to retrieve credentials of individual servers from the Vault and authenticates a plug-in step in the deployment process.
  - Managing Vault secret stores
    Manage secret stores from the Secret Store tab by creating secret stores and adding AppRoles to a secret store.

Secret Stores

Allows you to retrieve credentials of individual servers from the Vault and authenticates a plug-in step in the deployment process.

Sometimes, we may need to provide user credentials in plug-in steps. For example, start tomcat plug-in step from Apache Tomcat plug-in. We also store passwords as secured properties, for example DB credentials. To make deployments more secure, instead of storing these passwords in DB, now you can store such information in Hashicorp Vault. The HCL DevOps Deploy (Deploy) secret store enables you to retrieve and use that information during deployment without having stored it in the database.

Deploy uses AppRole authetication, a Vault feature, that has a defined set of access. It uses role-id and secure-id as the master authentication mechanism, which allows Deploy to get the passwords that an approle has access to. For more information about the Vault Approle, refer to the Vault documentation.

The Vault secret store is different from Deploy secret store. Deploy secret stores can have multiple secret stores. Each secret store in Deploy can be connected to a vault server.

You can define an input property at any of the levels where secure passwords are allowed. For example, at application-level or at resource-level, you can retrieve password from the Vault using the below property:

${p:secret:vault:<secretStoreName>:<vaultAppRoleName>:<vaultSecretPath>:<vault-key>}