Announcing: Automations

We're excited to announce a major addition to Port that's going to completely change how you manage your development workflows. We're talking about Automations – a brand-new portal capability that takes your developer portal to the next level.

Why do internal developer portals need Automations?

Software development workflows are complex, involving multiple stakeholders, tools, and processes. 

These processes aren’t made of discrete, one-off, steps - in most cases, developers and managers use multiple-step workflows to arrive at the desired end result. Whether we’re talking about developer self-service, or managers checking that standards are upheld, processes involve approvals and steps. When we tie these together we provide better developer experiences and outcomes. 

This is the role of automations in a portal: process orchestration. Only with automation-powered process orchestration can you create the workflows that will run smoothly, require minimal manual intervention, and maintain your organizational guardrails. Automations are what tie the different pillars of the portal, from self-service through the catalog and scorecards. They are the secret sauce of building portal experiences that truly impact efficiency and operations.

Let’s dive into what you can do with automations.  

Automate repetitive tasks 

Automation's most immediate benefit is its ability to eliminate repetitive tasks such as:clean-ups, permission management, or terminating unused dev environments. 

Without automations, these tasks either require human oversight, or are done using cron jobs or scripts that are ad-hoc and unmanaged, the opposite of the idea of reusable scalable processes that’s behind platform engineering.

As with anything that’s adhoc and manual, the result is costly mistakes as well as security and compliance issues. For example, forgetting to revoke access for an ex-employee could expose sensitive data. Failing to terminate a dev environment may drain your cloud budget.

This is a common problem. Recently, we came across this Reddit thread where a developer asked how to implement ephemeral dev environments with TTL. The solution they were offered involved a complex setup with a Python script, CircleCI, Docker containers, and cron jobs.

This shouldn't be the norm. Since your developer portal already centralizes all aspects of the software development lifecycle, it's the perfect place to automate these tasks.

For example, when a developer requests a new dev environment through a self-service action, we recommend that the form requires developers to specify a TTL for the environment. An automation can then easily terminate the environment when the TTL expires. In fact, this was one of the first use cases for automations when we started scoping this in the product.

When developers request to spin up a dev environment, they need to input a TTL, Automations will then auto-terminate the environment once the TTL expires.

Manage notifications & alerts

Another core use for automations is alerting, ensuring that the right information reaches the right people at the right time. 

Port's software catalog is the key to mitigating alert fatigue. By understanding the relationships between software assets, owners, criticality, dependencies, and more, it provides the context Automations needs to prioritize and route alerts effectively while cutting through the noise.

Here are some common examples:

1. Developer-focused alerts & notifications:

Give developers timely, relevant information that directly impacts their work. Each alert will include relevant information from the catalog, providing additional context. 

• PR review reminders: Nudge developers when pull requests have been pending review for too long.
• Deployment status updates: Automatically notify developers when their deployments succeed or fail, giving them the opportunity to troubleshoot quickly.
• Dependency change alerts: Alert developers when changes are made to services or components with dependencies that matter to them.

2. Manager-focused alerts & notifications:

Automations are also used to keep managers informed and in control of their team's performance and goals. In each case, the alert will provide the context with a link to the right section in the software catalog, so that they can immediately see what is amiss. 

For example:

• SLO notifications: Alert managers when SLOs are not being met. 
• Performance degradation alerts: Notify managers when key metrics indicate a decline in service performance.
• Cost optimisation: Send a notification when the cloud cost of your team approaches a predefined threshold. 

3. Security/SRE alerts & notifications:

Using alerts, security and SRE teams can quickly respond to critical issues. For example:

• Critical vulnerability notifications: Alert security when a critical vulnerability affects a high-priority asset, enabling quick mitigation.
• Anomaly detection: Notify SREs of unusual patterns in system behavior that could indicate a potential problem.

Enforce policies

Automation isn't just about offloading tedious tasks or sending out smarter alerts. It's your key to consistent policy enforcement. 

Instead of relying on scattered documentation or hoping that everyone remembers the rules, Port Automations integrate your organizational policies directly into your development workflows. 

You can set Automations to: 

• Limit resource consumption: You might want to limit the number of development environments a single developer can spin up. With Automations, you can automatically trigger a manager approval workflow when a developer attempts to create the third dev environment in a specific month. You can even make this more granular, granting automatic approval if the developer has been with the company for more than two years.
  
  
• Control just-in-time access to production:  Imagine a scenario where on-call engineers need temporary access to production environments during their shifts. With Automations, you can automatically grant that access when the shift starts and revoke it when it ends. 

These are just a few examples of how Port Automations can help you enforce policies and maintain governance. By automating these processes, you ensure that your organization's standards and best practices are consistently met.

A detailed walk-through of how automations orchestrate processes

As mentioned earlier, automations let you orchestrate your business processes end to end, making sure you’re creating a great experience for your developers while ensuring your guardrails are kept. But what does it look like in a real life example? 

Let's take a look at a familiar scenario: incident management.

It's 3 AM. A critical alert wakes the on-call engineer up. Now, they need to perform the following tasks:

• Impact assessment: What’s the severity of the issue? Is it impacting production? Staging? Who will be affected?

• Alerting and coordination: They open an incident ticket and try to determine who needs to be involved. Digging through outdated documentation, they try to identify the owners, dependencies, and stakeholders.
• Investigation: The investigation begins, but the information is scattered across disparate tools and dashboards. They check infrastructure health, Kubernetes logs, and recent deployments, piecing together the puzzle. Eventually, they discover that a recent deployment seems to be the culprit, causing a spike in memory usage.
• Remediation and approval: A rollback is required, but a change request needs to be approved before deploying to production. 
• Resolution and communication: Finally, the rollback is deployed, and the system stabilizes. Now the engineer must update stakeholders, summarizing the incident, its impact, and the resolution steps taken.

It's now 8 AM. Exhausted, the engineer heads to work, hoping for a quiet day.

Sound familiar? We've all been there. This approach to incident management is not sustainable. It's inefficient, error-prone, and places a heavy burden on already stretched engineering teams.

Imagine this instead: Incident management with Port automations

Now, let's rewind and replay that 3AM alert, but this time, with Port automations in the picture:

1. Immediate, targeted alerts: The critical alert triggers an automation that instantly notifies the right on-call engineer, letting them know this is a high-priority issue requiring immediate attention.
   
   
2. Automated incident creation: The automation simultaneously opens an incident in the incident management system (e.g., PagerDuty, Opsgenie), pre-filling it with relevant details from the Port catalog.
   
   
3. Coordinated communication: A dedicated Slack channel for the incident is automatically created, instantly inviting the service owners, relevant team members, and any other stakeholders. No more scrambling to find the right people!
   
   
4. Centralized investigation: The on-call engineer accesses the portal catalog (from a link that was automatically sent in the incident channel) to quickly understand the asset's dependencies, view last deployments, and consult monitoring dashboards for further investigation. They saw instantly that the memory started to spike after a recent deployment.
   
   
5. Self-service remediation: Armed with this information, the engineer confidently initiates a rollback through a self-service action in Port. Because they're on-call, the rollback is automatically approved. The automation also ensures that their production access will be revoked at the end of their shift.
   
   
6. Automatic resolution and communication: Once the rollback is complete and the system stabilizes, an automation updates the incident status in the dedicated Slack channel and the incident management system, informing all stakeholders about the resolution and closing the loop.
   

It's 3:30 AM. The engineer has successfully resolved the incident, saving precious time and minimizing the impact on the business. Now, they can go back to sleep, knowing that everyone is informed and the system is stable.

This is the power of Port Automations.

Driving business impact with Automations

Now that we understand how to use automations within the SDLC, you might be wondering, "What does this all mean for my business?" The answer is simple: tangible impact on your bottom line.

Key metrics impacted by Automations:

• Improved compliance: Automations can enforce organizational policies, help you meet regulatory requirements and ensure alignment with company-wide standards. 
• Reduced MTTR (Mean Time to Resolution): When incidents do occur, automation can accelerate identification, response, and resolution. This minimizes downtime, and improves customer satisfaction.
• Increased feature velocity: Automation eliminates bottlenecks and manual delays in your development pipeline, enabling your teams to ship features faster and respond to market demands more quickly.
• Reduced infrastructure costs: By automating tasks like terminating ephemeral environments you can ensure that your infrastructure is used efficiently, reducing unnecessary expenses.

So, how do Automations work in Port?

Automations are made of two key parts: a trigger and an action.

A trigger: A trigger is an event in your software catalog that you want to act upon. For example: entity changes or a timer expiration (when a TTL expires). 

An action: An action is the logic you want to execute when the trigger event occurs. We support a variety of actions, including Webhook, Github Workflows, Gitlab Pipelines, Terraform Cloud, Azure Pipelines and more! 

When an event occurs in your software catalog, Port will automatically trigger the associated action. 

Conclusion

Port Automations is more than just a new feature; it's a paradigm shift in how you manage and optimize your SDLC. By automating repetitive tasks, delivering intelligent alerts, enforcing policies, and orchestrating end-to-end process workflows, Port empowers your teams to work smarter, faster, and more effectively.

This is just the beginning. As you explore the possibilities of Port Automations, you'll discover new ways to streamline your processes, improve collaboration, and drive innovation. 

Thank you to Tal Sabag, Paz Hershberg and Oz Shafriri!

Ready to experience the power of Port Automations? Book a demo with one of our Port experts and see it for yourself!