Bubbly is an open-source platform that gives you confidence in your continuous release process.

Related tags

DevOps Tools bubbly



Bubbly - Release Readiness in a Bubble

Bubbly emerged from a need that many lean software teams practicing Continuous Integration and Delivery have: the need to be better performers. The idea is quite simple: build a model that can capture all the metrics that you care about, extract data from any tool in your process, and use those metrics to drive better and more automated decisions.

Release Readiness is a term that we use to define the state of being ready to release software. What is interesting to consider is how different teams define their release readiness. Often teams have planned to implement some features and run automated quality and security checks throughout the process (static analysis, automated tests, CVE checks, etc.). Ultimately the decision of being release ready comes down to a measure of confidence. So how best to inform this measure of confidence in an efficient and reliable way?

Bubbly Status

Go Report Card


The problem around Release Readiness is one of data. All the tools used in the software process produce data, and that data should be used to measure attributes such as feature-completeness, quality and security of your product.

The real problem is that this data gets scattered all over the place which results in:

  1. Broken relationships across the data
  2. Non-standard interfaces which make accessing the data hard (sometimes impossible)
  3. Massive overhead maintaining multiple data stores and data bases, ensuring that the data is up to date and accurate
  4. Lack of understanding of the data's hierarchy

Proposed Solution

Bubbly has been built to address the core problems mentioned above. This has been achieved by implementing a very lightweight data platform using a user-defined schema and data pipelines, with everything defined as code using a DSL built on top of HashiCorp's Configuration Language (HCL).

A user defines a schema that models the metrics and Key Performance Indicators (KPIs) that you care about. This could include automated test results, OSS components, CVEs, development metrics, traceability across requirements, and anything else that you can think of

Data pipelines extract the data from a data source (i.e. the original source of the data), transform the data into your schema and load the results into a persistent database.

A GraphQL API is automatically generated based on the user-defined schema, which is the main way of getting data out from Bubbly. What's noteworthy is that the generated GraphQL API is extended to include some cool tricks to make life that litle bit better

The data in Bubbly can now be used to make automated decisions in pipelines (e.g. check that results are good) and can be used to power dashboards. Any dashboard that supports GraphQL (like Grafana) can be used to visualize the data. Bubbly also ships with its own UI, and this was born out of the need to understand the data hierarchy (something that ordinary dashboards do not do too well with).

Check out the Core Concepts for more information on things like the schema, HCL and data pipelines.


The goal of Bubbly was to be a "bridge" between data, and make connecting and accessing data as simple, reliable and fun as possible! Writing data pipelines feels awesome!

We are not aiming to replace every tool you are already using, in fact, without other tools Bubbly itself is useless. The goal is to complement every other tool by making their data more accessible.

Some ways in which Bubbly could be used are:

  • Real-time knowledgebase of all products and their high-level release readiness state.
  • Catalogue of OSS components, licenses, CVEs and approvals/rejections for those.
  • A decision protocol to formally define your Release Readiness Criteria, and automatically apply that to all products.

If you want to see some use cases that we are currently solving with Bubbly, check out the Use Cases.


The things that Bubbly is not aiming to be:

  • A testing tool/framework.

  • A traditional monitoring tool (think Ops metrics, like Prometheus).

  • Another dashboard (like Grafana).

    We like to make the distinction between a "dashboard" which typically has some specific views to visualize data, vs a "knowledgebase" which is more like a web app that has multiple dashboards inside it.


TODO: this is in progress... Check back soon!

Why Open Source?

Bubbly is open source, licensed under the Mozilla Public License v2.

We have a few reasons for being open source:

  1. The team and company behind Bubbly are all big fans of open source, so it was never really considered not making it open source.
  2. We want to focus on building the best product, and we firmly believe making the project OSS will help us achieve this.
  3. We want to enable teams to be better. And that's why we are launching a SaaS service for Bubbly to get you up and running in minutes.


Bubbly was born due to (what we believe is) a gap in the market. For each project, when we needed to solve this issue we would re-invent something and build that on top of amazing OSS projects.

Hence, the only real alternative that we know of is building it yourself with something like Elastic and Elastic Beats, or InfluxDB Telegraf. You can of course roll your own SQL database, and define a schema (or schema migrator) and implement your own data access layer, which then needs to provide an SDK or a DSL in order to use, which means picking a language and implementing an API or a parser, and setup your own data-driven architecture using a pub/sub model or a message queue, deployed with security and auth tokens, coupled with a CLI... (do you see where this is going?)

Of course it can be a very viable approach to build these things yourself, but what often happens in internal projects that start small, is that they snowball into something that needs to be reused in other projects and features get added on top (not designed from within), and eventually you end up developing a separate product that has it's own release schedules and sophisticated software archtiecture, when really what you should have been focusing on all along is your company's product.

Let Bubbly be our product that you can apply to solve these problems, and if you need extra features or support then let us know! We might already be working on the feature that you need, or can prioritise it if we know people need it, and of course we are open to being sponsored and helping you to deploy Bubbly.

And as it is open source we really welcome contributions!


See our Installation Guide

Getting Started

See our Getting Started Guide


See our Contributing Guide


Mozilla Public License Version 2.0

  • .github/workflows/integration.yaml: Take gosec into use

    .github/workflows/integration.yaml: Take gosec into use

    Have gosec, snyk , unit tests and integration tests running in our GitHub actions workflows and results captured with Bubbly into generic tables.

    Quote from Jacob:

    E.g. we don't want snyk_vulnerability but instead something like table "cve" { ... } , and then it doesn't matter if you run snyk or some other tool and the goal of the pipeline is to standardise all the results so that we can use them for "release readiness"

    opened by maniankara 5
  • Add version command to Bubbly CLI

    Add version command to Bubbly CLI

    I have just finished watching a workshop on Go, and while trying out some ideas accidentally implemented the version command for Bubbly CLI:

    ./build/bubbly version
    bubbly version undefined 4ab0314473f46af7a6a4de3db4587799897f4434

    The undefined stands for Git tag, which the current commit does not have.

    It's a very light-touch PR, I have not modified any existing code, apart from pruning some less than helpful comments from env package. And updated the Makefile a bit.

    I can't see how this would adversely affect any part of Bubbly but if you disagree, please feel free to shoot down the PR :shipit:

    UPDATE: I've also updated the Dockerfiles to make it build static binaries (CGO_ENABLED=0) for inclusion into the Docker image. This opens up using static versions of distroless images, something that the comment in the Dockerfile claimed we were doing, but actually weren't as our Bubbly binary was actually dynamically linked. This improves the situation because now the action is not in a disagreement with the documented intent. Goreleaser has been set up to build static images from the very beginning.

    opened by olliefr 4
  • Implement the `limit` argument to the root types in GraphQL

    Implement the `limit` argument to the root types in GraphQL

    We would like to be able to limit the number of items, returned by the top-level GraphQL query, such as

    my_outstanding_personal_qualities(limit: 5) {

    ❗ Note, that this feature is limited only to the root types, just as the order_by and distinct_on currently are.

    So, the following won't work:

    my_outstanding_personal_qualities(limit: 5) {
      rich_and_beautiful_friends_they_bring(limit: 50) {

    The inner limit (value 50) would produce an error. This is due to the way our SQL queries are being built.

    opened by olliefr 4
  • Fix/store reinitialization bug

    Fix/store reinitialization bug

    I discovered that if you tear down the bubbly worker and reinitialize, the Store will be reinitialised with the base schema that is established from the internalTables (so only containing _event, _resource and _schema tables) regardless of whether further schemas had been successfully applied to the store.

    This PR fixes the issue and adds a unit test to validate the fix and make sure this doesn't regress.

    opened by benmarsden 3
  • Add GraphQL resolver tests for multiple rows and scalar values

    Add GraphQL resolver tests for multiple rows and scalar values

    As discussed with @jlarfors, the following test cases must be covered

    • Multiple rows
    • Scalar values (unique = true)
    • [x] Test cases covering multiple rows
    • [x] Test cases covering scalar values
    opened by olliefr 3
  • Dependencies: upgrade to NATS server `v2`

    Dependencies: upgrade to NATS server `v2`

    This is a more speculative request.

    We depend on v1 of NATS server, which has some well-documented go.mod-related shenanigans [1].

    [1] NATS v2 & Go Modules (github.com)

    Proposed resolution

    • [x] Upgrade to github.com/nats-io/nats-server/v2.

    To this end, I was able to run all our tests successfully after running a single command from [1] to replace all imports of v1 with v2. But I have little experience with NATS server, so I am deferring this decision to @benmarsden.

    opened by olliefr 3
  • cleanup: fix linter warnings

    cleanup: fix linter warnings

    Rather whimsically, I set out to close #12 but then decided to clear out all linter warnings. Thus, the summary of changes:

    • Fix locks being copied (they shouldn't be) by changing relevant types to pointers.
    • Fix some errors being ignored.
    • Fix loop variables being caught in a function closure. That's a bug.
    • Use a single channel to receive instead of the select with a single case.
    • Remove dependence on ioutil deprecated in Go 1.16 (alternative functionality provided by io and os).
    • Remove dead code: unreferenced types and functions.
    • Tiny improvement to the docs.

    This takes us from about 20 linter warnings... to zero.

    This is a bit speculative, but the simple tests pass and I'm happy to answer the questions ❤️

    Closes #12

    bug cleanup 
    opened by olliefr 2
  • Bubbly API documentation link is invalid

    Bubbly API documentation link is invalid

    Bubbly documentation website has an API page which links to the documentation generated by Swagger.

    That link is wrong because it refers to staging:


    ~~Proposed solution~~

    ~~The link should refer to the production documentation:~~


    ~~Doing this would involve figuring out how to pass the environment name to Docusaurus and updating this template to use a variable instead of the hard-coded value: docs/docs/api/api.md~~


    It also 404s currently, but I had already logged this earlier today in bubbly-infra, so this is outside the scope of the current issue 🙃

    opened by olliefr 2
  • Update `goreleaser` config to create and push the Bubbly Docker image

    Update `goreleaser` config to create and push the Bubbly Docker image

    We used to have Bubbly Docker image built and pushed to Docker Hub on every commit to the main branch.

    This was obviously wrong, and it was taken out in PR #75.

    However, since then we have not been building Docker images at all 😢

    But now we have goreleaser which can do just that. To close this issue, goreleaser configuration must be extended to build and push the Bubbly Docker image on every tag of the format v* to the Bubbly repo.

    opened by olliefr 2
  • Build & release system for Bubbly

    Build & release system for Bubbly

    I'd like to log a few observations about the current process of building and releasing Bubbly and suggesting a few areas of improvement for the future.

    Current situation

    We build Bubbly in many different ways, depending on the situation. This means that different binaries of the same version may have not necessarily been built using the same environment (such as environment variables configuring the Go compiler).

    The current ways in which we build are:

    • The Makefile in the project's root builds the binary in build. Probably the first build process that we had set up. To my knowledge, it's not being used as part of any other configuration I mention in this note, but I'm happy to stand corrected.
    • Goreleaser has its own configuration in .goreleaser and places binaries in dist. There is a GitHub action named release that triggers Goreleaser on a tag having been pushed to the repo. Goreleaser also builds the Docker image and pushes it into the Docker Container Registry. It does so by reusing the Bubbly binary that it had already built and Dockerfile.goreleaser to configure Docker.
    • The Dockerfile in the project's root is a separate dockerfile, which builds the Bubbly binary using "official" Docker golang image and packages the binary into a distroless Docker image. This is so that the Docker image can be built without invoking Goreleaser for scenarios like the one of local testing.
    • Docker Compose (docker-compose.yml in project's root) uses that Dockerfile as well to build the Bubbly image before running a local dev environment.

    Now there are also a few other places in which the Bubbly binary is being built independently:

    • At the end of GitHub Action simple workflow. Presumably, to make sure that the binary can be built at all?
    • Integration tests in the GitHub Action integration workflow reuse Docker Compose configuration described above.

    Going forward

    I think that we should have one (configurable) way to build the Bubbly binary, that is only one entity should run go build -o bubbly; and the rest of the pipeline(s) must be composed from components making use of this artefact.

    It also makes sense to have this step in the build process containerised, so that it would not matter if it's run locally or in a GitHub Actions runner - the environment is going to be exactly the same.

    The future build process must also be capable of being integrated into the continuous deployment process (and going even further into the future: automatic rollback on suitably chosen metric). Because in our big and bright future we would like to have SLOs defined, and I think three nines is a good aspirational target. Three nines do not have enough error budget to reliably manage the service in manual mode 🚀

    One last thing...

    We also don't pin versions of the Go modules that we use which is considered harmful from the security perspective. At some point, I'd recommend that we:

    • pin module versions in go.mod;
    • pin the compiler version in GitHub Actions and our build scripts;
    • monitor golang-announce and popular vulnerability databases (Snyk maybe?) for the Go modules that we use and upgrade in a controlled way. This would integrate into the GitOps pipeline well and allow us to automate rollbacks if things go wrong.

    Cheers! :shipit:

    opened by olliefr 1
  • Add generation for typescript interfaces

    Add generation for typescript interfaces

    One thing to note is that the optional ? indicator for a member of the interface is currently added for all members... In the future our schema will have some not_null attribute in which case it would be possible to easily mark which fields are optional in typescript.

    But for now I figured this would aid the UI development as you won't need to instantiate every field for test data :)

    opened by jlarfors 1
  • Bubbly UI is hardcoded to use http://localhost:8111

    Bubbly UI is hardcoded to use http://localhost:8111

    Idea would be to use something like the window.env and write the BUBBLY_API to there.

    Then access this using some js, e.g.:

    const bubblyAPI = () => { return window["env"] ? window["env"]["bubblyAPI"] : "" }
    export { bubblyAPI }

    Right now the static files are hosted with Go using go:embed and one open question is how to add to the window.env using embedded files.

    opened by jlarfors 1
  • GraphQL order by only on fields

    GraphQL order by only on fields

    The current graphql api doesn't allow for ordering on edges, and that is largely due to that we are using the auto-generated order types from entgql.

    The fix is to create the graphql schema manually and have more control over the ordering types so that we can order by edges:


    opened by jlarfors 0
  • Creating `dev` or `nightly` Docker images

    Creating `dev` or `nightly` Docker images

    Currently the Docker images are not being built for releases tagged with a postfix, such as 0.0.2-beta.

    This is a sane default setting, because you don't want your latest image (as well as your major and major.minor) to be updated when there is a beta release.

    But at some point we may want to have the dev image, which is going to be built and pushed on any tag, including the postfixed ones.

    This idea is parked here for now.

    opened by olliefr 0
  • Use Snyk to run OSS license checks

    Use Snyk to run OSS license checks

    Snyk supports license scanning for the dependencies in a project. We currently have a bubbly pipeline to handle dependency vulnerabilities, but we would now like to extend that functionality to include license scanning.

    opened by nate-droid 0
  • 0.1.8-alpha(Sep 24, 2021)


    d385df1 Fix google tag manager plugin conflict for docs

    Docker images

    • docker pull valocode/bubbly:0.1.8-alpha
    • docker pull valocode/bubbly:0
    • docker pull valocode/bubbly:0.1
    • docker pull valocode/bubbly:0.1.8
    Source code(tar.gz)
    Source code(zip)
    bubbly_0.1.8-alpha_darwin_amd64.tar.gz(16.81 MB)
    bubbly_0.1.8-alpha_darwin_arm64.tar.gz(16.80 MB)
    bubbly_0.1.8-alpha_linux_amd64.tar.gz(16.19 MB)
    bubbly_0.1.8-alpha_linux_arm64.tar.gz(14.92 MB)
    bubbly_0.1.8-alpha_windows_amd64.tar.gz(16.39 MB)
    checksums.txt(524 bytes)
  • 0.1.7-alpha(Sep 23, 2021)


    745d391 Add google tag manager and DocSearch to docs

    Docker images

    • docker pull valocode/bubbly:0.1.7-alpha
    • docker pull valocode/bubbly:0
    • docker pull valocode/bubbly:0.1
    • docker pull valocode/bubbly:0.1.7
    Source code(tar.gz)
    Source code(zip)
    bubbly_0.1.7-alpha_darwin_amd64.tar.gz(16.81 MB)
    bubbly_0.1.7-alpha_darwin_arm64.tar.gz(16.80 MB)
    bubbly_0.1.7-alpha_linux_amd64.tar.gz(16.19 MB)
    bubbly_0.1.7-alpha_linux_arm64.tar.gz(14.92 MB)
    bubbly_0.1.7-alpha_windows_amd64.tar.gz(16.39 MB)
    checksums.txt(524 bytes)
  • 0.1.6-alpha(Sep 22, 2021)


    35905b8 Add meta-doubleopen example with component licenses e66dc6f Cleanup graphql schema 3735819 Initial auth implementation 673d071 Initial monitoring capability to pull SPDX licenses daily 767a0cd Minor rewrite of client. Add vulnerabilityreview and query commands 7d51feb Refactor gql to use two schemas and vulnerability review has a note field 05df215 Regenerate docs based on recent updates ba10bc4 Remove old LicenseUse ent type and replace with ReleaseLicese cb64c08 Setup zerolog for bubbly server 85bc7c5 Start splitting up generated from manual graphql schema ec963f5 Update UI with entgql where naming. Add status to events CLI 4316423 Update models extension with helper for where

    Docker images

    • docker pull valocode/bubbly:0.1.6-alpha
    • docker pull valocode/bubbly:0
    • docker pull valocode/bubbly:0.1
    • docker pull valocode/bubbly:0.1.6
    Source code(tar.gz)
    Source code(zip)
    bubbly_0.1.6-alpha_darwin_amd64.tar.gz(16.81 MB)
    bubbly_0.1.6-alpha_darwin_arm64.tar.gz(16.80 MB)
    bubbly_0.1.6-alpha_linux_amd64.tar.gz(16.19 MB)
    bubbly_0.1.6-alpha_linux_arm64.tar.gz(14.92 MB)
    bubbly_0.1.6-alpha_windows_amd64.tar.gz(16.39 MB)
    checksums.txt(524 bytes)
  • 0.1.5-alpha(Sep 14, 2021)


    87750e6 Goreleaser build snapshot on commits 213bbb0 Initial bubbly events to track policy evaluation d0b80ce Rename CI workflow to be more meaningful 6aaad5b Update CI pipeline to replicate actual release build

    Docker images

    • docker pull valocode/bubbly:0.1.5-alpha
    • docker pull valocode/bubbly:0
    • docker pull valocode/bubbly:0.1
    • docker pull valocode/bubbly:0.1.5
    Source code(tar.gz)
    Source code(zip)
    bubbly_0.1.5-alpha_darwin_amd64.tar.gz(16.67 MB)
    bubbly_0.1.5-alpha_darwin_arm64.tar.gz(16.66 MB)
    bubbly_0.1.5-alpha_linux_amd64.tar.gz(16.05 MB)
    bubbly_0.1.5-alpha_linux_arm64.tar.gz(14.79 MB)
    bubbly_0.1.5-alpha_windows_amd64.tar.gz(16.25 MB)
    checksums.txt(524 bytes)
  • 0.1.4-alpha(Sep 14, 2021)


    699b5b7 Add ability to create a patch with component adapters 5537f7e Add example adpater for components and vulnerabilities d292ec5 Migrate to latest ent/contrib. Add patches to vulnerability review e292c9f Update Dockerfile to run server command by default

    Docker images

    • docker pull valocode/bubbly:0.1.4-alpha
    • docker pull valocode/bubbly:0
    • docker pull valocode/bubbly:0.1
    • docker pull valocode/bubbly:0.1.4
    Source code(tar.gz)
    Source code(zip)
    bubbly_0.1.4-alpha_darwin_amd64.tar.gz(16.59 MB)
    bubbly_0.1.4-alpha_darwin_arm64.tar.gz(16.58 MB)
    bubbly_0.1.4-alpha_linux_amd64.tar.gz(15.98 MB)
    bubbly_0.1.4-alpha_linux_arm64.tar.gz(14.72 MB)
    bubbly_0.1.4-alpha_windows_amd64.tar.gz(16.18 MB)
    checksums.txt(524 bytes)
  • 0.1.3-alpha(Sep 8, 2021)


    b915ddf Fixing a couple of typos a1f5da5 Update Dockerfile to build UI and bump go version 79cf959 Use go:embed for builtin policies

    Docker images

    • docker pull valocode/bubbly:0.1.3-alpha
    • docker pull valocode/bubbly:0
    • docker pull valocode/bubbly:0.1
    • docker pull valocode/bubbly:0.1.3
    Source code(tar.gz)
    Source code(zip)
    bubbly_0.1.3-alpha_darwin_amd64.tar.gz(16.64 MB)
    bubbly_0.1.3-alpha_darwin_arm64.tar.gz(16.61 MB)
    bubbly_0.1.3-alpha_linux_amd64.tar.gz(16.02 MB)
    bubbly_0.1.3-alpha_linux_arm64.tar.gz(14.76 MB)
    bubbly_0.1.3-alpha_windows_amd64.tar.gz(16.22 MB)
    checksums.txt(524 bytes)
  • 0.1.2-alpha(Sep 6, 2021)


    ee9bc99 Migrate to cgo-free sqlite package

    Docker images

    • docker pull valocode/bubbly:0.1.2-alpha
    • docker pull valocode/bubbly:0
    • docker pull valocode/bubbly:0.1
    • docker pull valocode/bubbly:0.1.2
    Source code(tar.gz)
    Source code(zip)
    bubbly_0.1.2-alpha_darwin_amd64.tar.gz(16.63 MB)
    bubbly_0.1.2-alpha_darwin_arm64.tar.gz(16.61 MB)
    bubbly_0.1.2-alpha_linux_amd64.tar.gz(16.01 MB)
    bubbly_0.1.2-alpha_linux_arm64.tar.gz(14.76 MB)
    bubbly_0.1.2-alpha_windows_amd64.tar.gz(16.22 MB)
    checksums.txt(524 bytes)
  • 0.1.1-alpha.3(Sep 6, 2021)


    ee9bc99 Migrate to cgo-free sqlite package

    Docker images

    • docker pull valocode/bubbly:0.1.1-alpha.3
    • docker pull valocode/bubbly:0
    • docker pull valocode/bubbly:0.1
    • docker pull valocode/bubbly:0.1.1
    Source code(tar.gz)
    Source code(zip)
    bubbly_0.1.1-alpha.3_darwin_amd64.tar.gz(16.63 MB)
    bubbly_0.1.1-alpha.3_darwin_arm64.tar.gz(16.61 MB)
    bubbly_0.1.1-alpha.3_linux_amd64.tar.gz(16.01 MB)
    bubbly_0.1.1-alpha.3_linux_arm64.tar.gz(14.76 MB)
    bubbly_0.1.1-alpha.3_windows_amd64.tar.gz(16.22 MB)
    checksums.txt(534 bytes)
  • 0.1.1-alpha(Sep 6, 2021)


    7c280a8 Fix github actions to use npm (not yarn) and some links in docs

    Docker images

    • docker pull valocode/bubbly:0.1.1-alpha
    • docker pull valocode/bubbly:0
    • docker pull valocode/bubbly:0.1
    • docker pull valocode/bubbly:0.1.1
    Source code(tar.gz)
    Source code(zip)
  • 0.1.0-alpha(Sep 6, 2021)


    7a04c17 Add --no-fail option to create e1a5aee Add .gitignore exception for the ui/build directory so prevent go:embed from failing 3180acb Add a describe to data node 664c178 Add description for Order enum type d458f6d Add events for all resource runs 812ddd3 Add first and last arguments in place of limit a49883e Add initial ui with fresh sveltekit project 40dfa39 Add json marshalling for core.Table with capsule types 72ae855 Add metadata field to most entities dde06a3 Add more endpoints and refactor server to make it testable 687e652 Add owner edge to global entities 70a4a7b Add policy evaluation to code_scan and test_run save requests f8d1d86 Add policy save/view/set commands 75f40c2 Add release view command and cleanup release policies fetching df4d6c0 Add release violation type to schema 3cfa917 Add support for a 'time' hcl type c163726 Add tailwind to ui f8ddbe9 Add userID to store Handler ef2dc7f Add wrapper for executing query and unmarshalling to type a531749 Added data block converter 2fbb16f Added locals and other things... a22cdc4 Added some design and problem statement 103f476 Added very rudimentary test command for adapter 6babc85 Change schema unique constraints for test_run 140b13f Cleanup comments and print statements 261cb9d Cleanup tests and use of order_by ebc829a Create README.md 0fac425 Create image for release model and graph 47f26dc Create organisation entity and store handler for organisation requests f4a22d0 Define a default limit for all subqueries 05be48a First working version of policies 562b69f Fix release list to show correct status 4fadef7 Implement postgres subquery capability 2711d76 Initial API server and store ca95359 Initial v2 work 371fe9c Initial version of UI with release view 7cc6de3 Massive WIP... Need to clean up majorly and add some dummy license data a2dcf6d More work to documentation and README and some minor cleanups that were encountered eebf930 Removed error as possible value from policy violations 8dbd2bb Some cleanup on UI and update goreleaser and github workflows 477b86b Update README, goreleaser and github workflows f681037 Update README.md 5bf82ee Update bubbly in a bubble image 2f5b31a Update core.Data to use a block for fields 133b22a Update diagrams 86b5496 Update go:embed and ui base path 67d234a Update release model 24b7faf Update test git repositories 59138aa Updated go embed to work with __layout files (weird behaviour) 417287b Updates to README and documentation 2eb6d6e Use LATERAL JOINs to fix limit on relevant data 8b7f005 Use goreleaser defaults for versioning 1077580 Working resolver with tests for policy engine bee7d00 added version in cli d1752ab adding cve and license test data 20bd623 demo updates 0ea955f fixes minor typos 5519bfd helper function to parse boolean env variables cfe57aa removing a bug that overwrote default bubbly context values fcbbc76 removing swagger and goembed

    Docker images

    • docker pull valocode/bubbly:0.1.0-alpha
    • docker pull valocode/bubbly:0
    • docker pull valocode/bubbly:0.1
    • docker pull valocode/bubbly:0.1.0
    Source code(tar.gz)
    Source code(zip)
  • 0.0.2-beta(May 6, 2021)


    42c1f00 .github/workflows/integration.yaml: Take gosec into use d4b2501 Add (a very limited) limit argument support to GraphQL and the tests for it. 29a3f3a Add a Dockerfile for goreleaser 15f96ba Add a test case illustrating a problem with duplicate results in GraphQL response. 4fbfb99 Add auth to remote worker requests 1fd8a13 Add create tenant capability to API server and data store handler b7df9ac Add distinct_on argument support to GraphQL and the tests for it. b3018a7 Add order_by argument support to GraphQL and the tests for it. dfe8953 Add tests to the Store illustrating a bug with GraphQL field order and values. b40edff Added reset function to dataTree. 0fe8ce8 Added tests for schema diff and migration 53c68de Address PR findings 20e670a Alternative implementation for order_by and distinct_on arguments. eedec1f Avoid linking to external copy of license in README. c3e0bc4 Create MessageAuth and add to all NATS communication f4003c6 Fix logic behind traversing the datatree, to ensure that all nodes are visited once, only after all the parents have been visited 7f0047d Fix the integration test for SPDX data by rewriting the URLs. 399562c Fix to logic for initialising tenant schema so that it does not overwrite an existing schema 4b16953 Fixed ordering of select columns in graphql query 44d2479 Implementing multitenancy support for schemas in store c687803 Initial design, test and feature for the release readiness checklist 1f60208 Major fixes to store migration 396d69b Make Store test schema and data loaders context-aware. d63a53c Make api_version atribute optional. f4977ac Make dockertest utility use the BubblyContext to avoid hard coded values 9db1c48 Minor cleanups and add unique tests c20a6f9 Purge ci workflow which was building docker images for each change to main dc800d3 Rebase against store memory cache for multitenancy 0c98cd6 Refactor erroneous search+replace of 'Nodes' 140782e Refactor store to remove bubbly schema from state and prepare for adding auth b4f4728 Refactored store to have the tenant available for use 0a9ff9b Remove api_version atribute from documentation. 82b720d Remove api_version atribute from test and example bubbly files. 826fde9 Remove node hopping from the GraphQL resolver. ed6a805 Set ClientType for agent cmd only if agent command is actually run 91de864 Update README header 8509aa6 Update error message according to PR findings a9d09e3 Update error message according to PR findings 237fdf9 Use the tenant to specify the schema for postgres 5c8240e creating in-mem layer for multi-tenant schemas f4392b4 fix: add a hook to goreleaser to install swag before build bf0f49d fix: login to Docker Hub before releasing images 9b61d3c fix: release Docker images into the wild

    Docker images

    • docker pull valocode/bubbly:latest
    • docker pull valocode/bubbly:0.0.2-beta
    • docker pull valocode/bubbly:0
    • docker pull valocode/bubbly:0.0
    • docker pull valocode/bubbly:0.0.2
    Source code(tar.gz)
    Source code(zip)
    bubbly_0.0.2-beta_darwin_amd64.tar.gz(10.83 MB)
    bubbly_0.0.2-beta_darwin_arm64.tar.gz(10.71 MB)
    bubbly_0.0.2-beta_linux_amd64.tar.gz(10.55 MB)
    bubbly_0.0.2-beta_linux_arm.tar.gz(9.92 MB)
    bubbly_0.0.2-beta_linux_arm64.tar.gz(9.81 MB)
    bubbly_0.0.2-beta_windows_386.zip(10.32 MB)
    bubbly_0.0.2-beta_windows_amd64.zip(10.69 MB)
    checksums.txt(717 bytes)
  • 0.0.1-beta(Apr 8, 2021)


    2b8cc50 Added missing return codes to resource API handlers 35f61e7 Adding a bubbly file for Snyk information (#41) 2c7674f Adding first version of authentication and authorization 18075bc Addressing PR findings 5d74796 Change package names to valocode a0ad488 Docs deploy should run on main (typo) 72391ae Fix formatting for two lists in README 8ab0d24 Fixing find/replace mistakes with error messages 8caccd0 Move website directory to docs directory 3306ea3 Refactor GraphQL resolver tests. Add a regression test for a bug. aa389d3 Refactor bubbly agents c17e925 Refactored tests and the graphql resolvers to return the proper hierarchy fdb79b2 Remove redundant breaks from migrations.go adc7e08 Remove unused tables from the test schema. Clean-up comments. 3d511db Update GitHub actions to use Go 1.16 f80a249 Update the only test that was using old version of gofight. c902fb3 Upgrade to NATS server v2 765e429 add /api/v1/run/:name endpoint, which can be used to trigger a remote run resource on the Bubbly Worker with optional json/zip input data e65edf9 add guard to datastore query handler to check for errors in graphql.result 167defc add unit test validating functionality 1d7e836 cleaning up Readme file 8920efc fix echo error with trying to bind params and not body ef66a1a fix the store to reinitialise using the last applied schema 6103e93 remove redundant store.GetResource in favour of store.Query a1298b1 removing root user, using distroless image a971d1c unify clients' GetResource input and output formats 4e4bc9d upgrading docusaurus dependencies 0581497 writing a bubbly file and tutorial for gosec (#57)

    Source code(tar.gz)
    Source code(zip)
    bubbly_0.0.1-beta_darwin_amd64.tar.gz(10.81 MB)
    bubbly_0.0.1-beta_darwin_arm64.tar.gz(10.68 MB)
    bubbly_0.0.1-beta_linux_amd64.tar.gz(10.52 MB)
    bubbly_0.0.1-beta_linux_arm.tar.gz(9.89 MB)
    bubbly_0.0.1-beta_linux_arm64.tar.gz(9.79 MB)
    bubbly_0.0.1-beta_windows_386.zip(10.30 MB)
    bubbly_0.0.1-beta_windows_amd64.zip(10.67 MB)
    checksums.txt(717 bytes)
  • 0.0.1-alpha(Mar 12, 2021)


    28e52b4 ** add support for applying a bubbly schema file via CLI via bubbly schema apply subcommand 738adbf ** add support for the store to save resource create/update events to the event store. 132894e ** introduce build-and-deploy-docs workflow, which is run only when a new release is published c03ecb6 ** replace *_run resources with run resource kind 1754181 *api: add query resource and tests *client: add client.Query method for posting query requests to a bubbly server *client: clean up the client package 980e715 *cmd: package that introduces initial bubbly CLI with support for describe, apply and server commands *client: package that the bubbly client can use to interact with the bubbly server *config: package which introduces structs that store the Bubbly configuration loaded from command-line / config file arguments *util/normalise: package which introduces a strategy for normalising Bubbly CLI printing *events: package for initial definition of bubbly events *api & parser: update core.ResourceContext to include a getter for the config.ServerConfig e7eda5b *integration: add integration tests for client.Query and applying a query resource 0d7a6ba - fixes #133, fixes #130, fixes #131 - Add support for bubbly environment to extract list of possible environment variables - removes some redundant code and tests in the cmd package 5b9075c Access Tempo from Bubbly. Increase HTTP timeout. Document the Bubbly schema. 185c75f Add Grafana to Docker Compose 09ac68d Add JSON importer initial implementation 435dc2a Add NATS client, Component subscriptions to nats.Subscriptions, fix Agent's errgroup logic 6b6be1c Add extract/graphql initial implementation and test ff3a9ee Add gha workflow for documentation f31d7cc Add license and prepare for public release b921959 Add resolver a92a036 Add support for dynamic sources to extract/rest. 6ae95e4 Added importer tests d72a46c Added initial documentation for running integration tests 6a4264f Added initial implementation document 1e3b441 Added introduction 56c3994 Added more documentation e0e11b1 Added pipeline diagram for slide deck. 1cfba0b Added retry and sleep to store connection 9d3591f Added some more things around SQ issues ed557a8 Added some test table schema and pipelines ba34655 Added some visuals for the UI. Added section on 'why' not ready for a release 5db000d Added translator. Fixed dynamic block parsing. 24b42ea Added use cases 8cbfb97 Adding a new test and support for gofight (#16) b2bfec3 Adding first version of logging 84f7ca4 Adding rough draft of gin + cty upload 065be1a Adding support for schema diffs ac76d42 Adding support for versioning headers (#33) 0d0bbdd Address code review point: capitalisation e073557 Address code review points: appending items 4dd3b92 Address points from code review. c0cf9c9 Addressing PR findings 5145ada Addressing PR findings aea1341 Addressing PR findings fbe94ad Addressing more of the PR findings 5ce5943 Allow extract/rest ingest both JSON and XML 42e0a6d Apply suggestions from code review 8a1de84 Architectural refactoring and supporting features 024acb5 Bubbly tutorial for the docs 483d959 Bump up the version of gock to fix a bug. 5f4760e CI pipeline using github actions 1f71243 Change default size of ints stored in DB to 64-bit 892722b Change signature of helper methods in integration tests 3e921ff Changing unique constraint to single for table joins d1997ed Clean up dynamic sources implementation in extract/rest. 961bd39 Cleanup of API types and more comments. 8eb0fda Compartmentalise e2e test. No new features. f957ae5 Create a proper integration test using the server and a pipeline e0c84a3 Created support for Uploading and querying Memdb/graphql (#46) 6b1d319 Creating First Version of Best Practices and introducint GithubFlow 2be48da Creating support for Labels and Namespace in the Metadata e899fb9 Docker compose changes b01ee6e Empty file for ci pipeline 2be5c6d Empty file for ci pipeline 3160612 Feat/api design v1.1 (#23) 95880d7 First implementation of resource apply (#35) 49b8436 First version of data access layer 67dbe58 First version of resource posting and getting (#32) f6441fd Fix a return clause in agent datastore handler e80ac87 Fix docusaurus build by fixing link to blog aa7480a Fix return value on error in JSON importer c315121 Fix: make interval an optional attribute of pipeline_run aabd057 Fix: update the api/core package and tests to correctly handle namespaces (#69) 08fd13b Fixed Broken tests 4fa24d9 Fixed a typo in Makefile kind-cleanup target 7606dec Fixed typos and rewrote some confusing expressions. 726a08e Fixes return errors (#49) 6c51598 Fixing the schema_diff_test to not care about the order of the changelog 302f627 Git importer in pure Go (#62) 51394d1 Going back to docker-compose ec28b5b Implementation of the bubbly schema graph f9aa67d Improve importer error message handling 800a7fa Initial commit of specification 367820e Initial implementation of API Versioning 15c4555 Initial implementation of the new store c52ed5c Initial version of DataRef support e9b8f45 Initial version of kind a042255 Integrated NATS with the schema data graph 1a477e2 Introducing the first version of openapi definitions for endpoints f4075ac JSON & XML Importers conforming to API v1.1 (#31) 9a78042 Made a directory for dev k8s manifests 169cebb Made a directory for dev k8s manifests, changed bubbly service to loadbalancer for testing purposes 07e2639 Make CockroachDB default but allow use of Postgres in Docker compose 193bfef Make better use of GraphQL response top-level structure b5fe549 Merge branch 'dev' 271bc58 Merge pull request #10 from verifa/revert-9-wip/server-dev fdc859b Merge pull request #11 from verifa/wip/server-dev e0a9e6c Merge pull request #12 from verifa/branchingStrategies 8da9051 Merge pull request #17 from verifa/server/logging 1bc973d Merge pull request #22 from verifa/feat/init-cli-design 738c774 Merge pull request #36 from verifa/feat/update-docs 7e7cf60 Merge pull request #44 from verifa/brokenTests d3ef0ec Merge pull request #45 from verifa/feat/example-schema-pipeline da475f5 Merge pull request #47 from verifa/feat/init-cli-implement 41963f9 Merge pull request #58 from verifa/fix/importer-error-messages 7ae3ab0 Merge pull request #64 from verifa/fix/describe-command-err-handling 9888eb2 Merge pull request #67 from verifa/api/resource-namespacing 77775f5 Merge pull request #68 from verifa/feat/update-tests 1ddf8cd Merge pull request #9 from verifa/wip/server-dev ba10e22 Mock repository data for translator a963eac More specification, especially about schema, importers and translators 7fd7720 PR fixes 327ee18 Postman created Bubbly Commit reference: OTgzYmE0NjItMmIyYy00ZGE4LTgyMjMtNGQwM2I4ODYzMzE2 8b41b3f REST API Extract b17fb44 REST API Extract code review fixes 535acf8 Refactored the parser MASSIVELY and added validation for resource inputs 504ed8e Removed .idea 7ecb251 Removed kubernetes manifests 77ba0d0 Removing commented line 0732a8f Removing logs from test files be7ac88 Replace magic values with proper constants. Issue #77. eb86108 Replace pgx driver with the connection pool pgxpool f05819a Revert "Wip/server dev" 85de3c9 Setup k8s ingress to use nip.io and add grafana 7b3709f Small fixes to get kind/ targets working. 4e6bf34 Small improvements to Docker Compose infra 919db5d Standarizing http error return structure 4484ad8 Stop dumping HTTP req/resp on DBG 392bf27 Switching implementation to use Echo instead of Gin a89f325 Update XML Importer (#53) 6bfbe30 Update bubbly/TestApply to use Git Extract in place of mock up data cf1e635 Update importer tests 9dc158f Update testing docs and remove old dockerfile f657f64 Updated documentation and added schema workflow c2121a6 Updated tests to reflect new bubbly test data adf4fe8 Updated to GCP Artifact Registry 9180cb7 Updating Swagger files 1153848 Use underscore in resource names. No new features. 331254e Using data store as the storage for resources dd0c19f Working infra for docker-compose workflow 99dca53 Working version of datatree 6f1aa85 Working version of store, ready to be tested. 3791609 add a Makefile with support for test commands 56f189a add documentation for core concepts, bubbly resources and bubbly schema e633db2 add documentation for our CLI commands to docusaurus 189c303 add goreleaser with tag-based release workflow 8779082 add initial cloudbuild.yaml for building bubbly using cloud native buildpacks (#30) 0094298 adding a README in the main directory 301722f adding sanitization for SQL injections 6c15e0c adds initial documentation website (provided by docusaurus) and skeleton structure for our documentation a327d1f all: introduce env package and the BubblyContext throughout the entire codebase and tests cmd: Root command is now instanced like any other, i.e. via a NewCmdRoot function main.go: bubbly entrypoint updated to properly instance and set up an env.BubblyContext, which is then loaded into the root command and traces through entire program exec 7e1cbe0 api/core: expand tests to evaluate proper String and ID conversions 34f7486 api/v1: introduce the criteria, condition and operation resources bubbly: add unit tests for the criteria resource 341583f api: add tests for bubbly's api package 891ae21 api: add the task_run resource and make task a resource (implement Resource interface) 76f130b ci: introducce github action support, with 2 workflows and support for running locally via act. Add Bubbly dockerfile with multi-stage. 5ee29b9 ci: remove Dockerfile as it is irrelevant to this branch 632d791 ci: remove cloudbuild.yaml ea8a2cd ci: remove exec of integration workflow: this will be developed in a future PR. 8fd7561 ci: update integration on expression 9990422 ci: update simple workflow to run on every push 6ad7484 ci: update workflow naming 4503b11 cleaning up leftover routes 32841b9 cleanup ready for draft PR c9cdb11 cli: add initial CLI Design documentation into docs/CLI_DESIGN.md 5abca98 cli: consistent logging strategy and clean up root command (#63) 863955c client, bubbly & api/v1: add improved error wrapping, introduce structured logging, and clean up the bubbly client 6a227b2 client: fix a missing err handling case when reading the return of client.doRequest returns an error e1ec10a cloudbuild: add running tests as pre-build step (#43) c9d810a cmd & client & events: remove bubbly describe and associated events pkg 4c65c2a cmd/util: clean up package and add tests 54fc732 cmd: fix description of describe command b548030 cmd: remove NewCmdDescribe from rootCmd initialisation 97b2a1c config: fix faulty TestNewConfig, add test for config.SetupConfigs 44a42de config: restructure the config package, and add tests 5d5cfbe core: add tests for core/types.go 6371b35 core: clean up tests for core/types.go 7933c9c extract/rest: make most parameters optional 5ebcadf fix _event store entry construction to ensure non-null cty.StringVal for error entry 0b741a7 fixing empty NATS resource panic dd4af03 init hackings with remote run triggere 884affc initial event table, providing the ability to load resource status into the database and query resource events via graphQL 0ad8bd0 initial installation and deployment docs 141841a introduce the bubbly get command for querying bubbly's store via graphql for existing resources and events a60792d introduces the agent package and bubbly agent command, setting the groundwork for deploying bubbly services (API Server, Store, UI, etc) as independent components communicating across NATS 0693759 introducing schema migrations 366b91a normalise: add tests to the normalise package 0adae61 parser: centralise junit testdata to bubbly/testdata/junit, and add support for test cases to parser_json_test.go c1c7ae9 parser: some initial tests / test extensions 352d776 purge commented println for reviewing triggerblocks 465378b refactoring: replace importer, translator and publisher to conform to ETL terminology of extract, transform and load. 37efab5 removing resource namespaces 288f930 standardizing the API versioning path 306d422 update Bubbly Dockerfile to bake in CA certs, fix worker remote run intergration test b4d8dfa update go.mod and go.sum. Add to .gitignore for ignoring of test artifacts 0bdaf7f v1: add tests for api/v1/inputs.go c2a7192 verifa -> valocode

    Source code(tar.gz)
    Source code(zip)
    bubbly_0.0.1-alpha_darwin_amd64.tar.gz(10.34 MB)
    bubbly_0.0.1-alpha_darwin_arm64.tar.gz(10.22 MB)
    bubbly_0.0.1-alpha_linux_amd64.tar.gz(10.07 MB)
    bubbly_0.0.1-alpha_linux_arm.tar.gz(9.50 MB)
    bubbly_0.0.1-alpha_linux_arm64.tar.gz(9.37 MB)
    bubbly_0.0.1-alpha_windows_386.zip(9.88 MB)
    bubbly_0.0.1-alpha_windows_amd64.zip(10.22 MB)
    checksums.txt(724 bytes)
Valocode is developing Bubbly, an open source platform that gives you confidence in your continuous release process.
A tool to build, deploy, and release any application on any platform.

Waypoint Website: https://www.waypointproject.io Tutorials: HashiCorp Learn Forum: Discuss Waypoint allows developers to define their application buil

HashiCorp 4.6k Dec 28, 2022
Sqedule — a release auditing & approval platform

Sqedule — a release auditing & approval platform Sqedule is an application release auditing & approval platform. Auditing: Sqedule allows teams to hav

Fullstaq 9 Dec 28, 2022
go-opa-validate is an open-source lib that evaluates OPA (open policy agent) policy against JSON or YAML data.

go-opa-validate go-opa-validate is an open-source lib that evaluates OPA (open policy agent) policy against JSON or YAML data. Installation Usage Cont

chenk 6 Nov 17, 2022
KubeCube is an open source enterprise-level container platform

KubeCube English | 中文文档 KubeCube is an open source enterprise-level container platform that provides enterprises with visualized management of Kuberne

KubeCube IO 339 Jan 4, 2023
TriggerMesh open source event-driven integration platform powered by Kubernetes and Knative.

TriggerMesh open source event-driven integration platform powered by Kubernetes and Knative. TriggerMesh allows you to declaratively define event flows between sources and targets as well as add even filter, splitting and processing using functions.

TriggerMesh 373 Dec 30, 2022
The open source public cloud platform. An AWS alternative for the next generation of developers.

M3O M3O is an open source public cloud platform. We are building an AWS alternative for the next generation of developers. Overview AWS was a first ge

Micro Services 2.2k Jan 2, 2023
🔥 🔥 Open source cloud native security observability platform. Linux, K8s, AWS Fargate and more. 🔥 🔥

CVE-2021-44228 Log4J Vulnerability can be detected at runtime and attack paths can be visualized by ThreatMapper. Live demo of Log4J Vulnerability her

null 2.6k Jan 1, 2023
Nrod-go - Sample application to process Train Movements messages from the Network Rail Open Data feed

NROD Train Movements Processor Sample application to process Train Movements mes

ben 1 Dec 3, 2022
A very simple utility that allows you to run the desired command or script as soon as a certain process with a known PID completes correctly or with an error.

go-monkill A very simple utility that allows you to run the desired command or script as soon as a certain process with a known PID completes correctl

Michael Savin 7 Dec 17, 2022
A tool to build, deploy, and release any environment using System Containers.

Bravetools Bravetools is an end-to-end System Container management utility. Bravetools makes it easy to configure, build, and deploy reproducible envi

null 125 Dec 14, 2022
A helm v3 plugin to get values from a previous release

helm-val helm-val is a helm plugin to fetch values from a previous release. Getting started Installation To install the plugin: $ helm plugin install

Hamza ZOUHAIR 15 Dec 11, 2022
General-purpose actions for test and release in Go

go-actions This repository provides general-purpose actions for Go. setup This action runs actions/setup-go with actions/cache. For example, jobs: l

Hidetake Iwata 1 Nov 28, 2021
API for managing the release calendar

dp-release-calendar-api API for managing the release calendar Getting started Run make debug Dependencies No further dependencies other than those def

ONS Digital 0 Feb 10, 2022
Version library extracted from sigs.k8s.io/release-utils

go-version This package is extracted from sigs.k8s.io/release-utils. There were a couple of subtle changes made, so it has 0 dependencies and can be u

Carlos Alexandro Becker 6 May 6, 2023
Horusec is an open source tool that improves identification of vulnerabilities in your project with just one command.

Table of contents 1. About 2. Getting started 2.1. Requirements 2.2. Installation 3. Usage 3.1. CLI Usage 3.2. Using Docker 3.3. Older versions 3.4. U

ZUP IT INNOVATION 839 Jan 7, 2023
Continuous Delivery for Declarative Kubernetes, Serverless and Infrastructure Applications

Continuous Delivery for Declarative Kubernetes, Serverless and Infrastructure Applications Explore PipeCD docs Âť Overview PipeCD provides a unified co

PipeCD 651 Jan 3, 2023
Zadig is a cloud native, distributed, developer-oriented continuous delivery product.

Zadig Developer-oriented Continuous Delivery Product English | 简体中文 Table of Contents Zadig Table of Contents What is Zadig Quick start How to use? Ho

KodeRover 1.9k Jan 8, 2023
Zadig is a cloud native, distributed, developer-oriented continuous delivery product.

Zadig Developer-oriented Continuous Delivery Product ⁣ English | 简体中文 Table of Contents Zadig Table of Contents What is Zadig Quick start How to use?

KodeRover 30 May 12, 2021