Hello Everybody.
Introduction
In this article we will discuss the creation of delegate scopes and attaching them to a installed delegate is possible using Graphql queries.
Why do you need delegate scope?
Consider you need to restrict access to a production environment. Without defining a scope, the Delegate scans all network ports to map out the Environment and performs checks to access the Artifact Servers and Cloud Providers it needs.
By defining a scope, you can limit the Delegate to connect to only the specific Environments, Applications, and Infrastructure Definition it needs.
Defining a scope is optional, but if you use scoping you can prevent the Delegate from constantly looking for what’s available or accessible.
You can apply multiple scopes to a Delegate. Again, there are multiple ways where you can create the delegate scopes. The following documentation provides information on creating and scoping the delegate through UI.
Scope Delegates to Harness Components and Commands - Harness.io Docs.
In this article we’ll be showing through an example that how we can leverage GraphQL API for automation of delegate scoping process.
for example:
- To create a delegate scope name “testscope” which as scope limited to application with application id “xyz123abc”
mutation {
addDelegegateScope(input: {
accountId: "<your account id >",
application: {
operator: EQUALS,
values: ["xyz123abc"]
},
name: "testscope"`
}) {
clientMutationId
message
}
}
Similarly like application other resources can be configured like "environment " , "infrastructureDefinition ", "service " etc.
- To attach a delegate scope “testscope” to a installed delegate with delegateId “qwr1234fds” following query can be used
mutation {
attachScopeToDelegate(input: {
accountId: "< your account id >",
delegateId: "qwr1234fds",
includeScopes: {
operator: EQUALS,
values: ["testscope"]
}
}) {
clientMutationId
message
}
}
We hope this was informative and would help further help in automation of delegate scopes.
Thank you for Reading.