Explainer

How Xtages works?

Getting started

  1. Install our GitHub App - Xtages Connector Screenshot: finish your setup wizard
  2. Authorize Xtages Connector to have access to your organization Screenshot: authorize Xtages Connector GitHub app
  3. Create an Xtages project
    1. This will create a repository in your GitHub account based on our default template
    Screenshot: card to create a new Xtages project Screenshot: form to create a new Xtages project
  4. Once the repository is created we will automatically run the continuous integration (CI) workflow
    1. The CI will run for each new push to your main or master branch
    Screenshot: CI build running
  5. Once the build is successful, you can deploy to staging Screenshot: actions dropdown menu to deploy build to staging
  6. The build running in staging can then be promoted to production Screenshot: actions dropdown menu to promote build to production
  7. (optional) You can roll back the build that was deployed in production to the latest working version

Need a database?

We got it ready for you! If your service requires a DB we can provision one for you.

Go to Resources and request your PostgreSQL database. You can interact with your DB by using the standard environment variables from Postgres. Check our documentation to see how to connect to the DB.

Security

We take security very seriously and we would like you to understand how Xtages is built and our decisions around security.

Here are some frequently asked questions regarding security:

Can I isolate the GitHub app installation?

Yes! You can create a sandbox GitHub organization, which is free and available for anyone, using this link and install the Xtages Connector GitHub app there. When you create a new Xtages project, a repository will be created under that GitHub organization.

How are the permissions requested in the GitHub app being used?

Our permissions are required so we can:

  1. create a repository when a new Xtages project is created
  2. be notified when a new push is made to your main (or master) branch. (coming soon) Execute pre-checks every time a PR is opened or updated
  3. pull code from your repository, so we can run tests, build and deploy your server app.

How is my database secured?

We manage the database instance for you. We create a password for it that you can access through environment variables. This password is created and stored in a secret manager where they are encrypted and secure. That being said, you can change the password to the instance and we won’t have access to it.

Your data is encrypted at rest and your database instance is not shared. If you ever decide to leave Xtages you can take your data with you.

How is my service secured?

We give our customers an *.xtages.dev HTTPS URL to access their service, this ensures that the information in transit is secure. Xtages also provides the capability to associate your own domain and point it to your service running in production. You can read more about that in our documentation.

How are my logs secured?

Your build and application/service logs are encrypted at rest.

Do you have a secrets manager?

We currently don’t have a secrets manager, though we’re planning to add that capability very soon.