Going to Production
Novu operates in a multi environment setup. Currently Novu Supports 2 environments:
- Development - This is the environment where the development team works on workflows.
- Production - This is the environment that is used to trigger workflows to your customers.
Pushing changes to Cloud
Echo operates in a GitOps model. This means that the source of truth for your workflows and configurations are located in your Git as Code.
The general workflow for pushing changes to Cloud is as follows:
- Create a feature branch
- Develop workflows locally with Echo Studio
- Sync changes to the Development environment to test e2e
- Merge the feature branch to your
devbranch- This will trigger a CI/CD pipeline that will deploy the changes to the Development environment
- Test the changes in the Development environment
- Merge the
devbranch to themainbranch- This will trigger a CI/CD pipeline that will deploy the changes to the Production environment
Networking
Novu Cloud workers will need to be able to communicated with your Echo Endpoint. You will need to ensure that your firewall rules allow traffic from the internet. Due to the autoscaling nature of Novu Cloud, we don’t have a set of IP Addresses that you can whitelist.
Security
Novu Cloud workers are GDPR, SOC2 type II and ISO 27001 compliant. We take security very seriously and have implemented a number of security measures to ensure that your data is safe. The Echo SDK have a builtin security mechanism that ensures that the requests are authentic from Novu Cloud using an HMAC signature.
To enable HMAC Verification please enable on your Echo SDK
export const echo = new Echo({
apiKey: YOUR_API_KEY,
devModeBypassAuthentication: false,
});
For local development with Studio devModeBypassAuthentication should be set to true.
The X-Novu-Signature header included in each signed event contains a timestamp and one or more signatures that we verify.
The timestamp is prefixed by t=, and each signature is prefixed by a scheme.
Schemes start with v, followed by an integer. Currently, the only valid live signature scheme is v1.
Handling the signature verification is done by the Echo SDK, you don’t need to perform any action.
CI/CD Integrations
Novu currently supports the following CI integrations:
- GitHub Actions - Direct Integration
- GitLab CI - Using our CLI command
- Jenkins - Using our CLI command
- CircleCI - Using our CLI command
- Bitbucket Pipelines - Using our CLI command
- Azure DevOps - Using our CLI command
- Travis CI - Using our CLI command
- Other - For any other CI/CD tool, you can use our CLI command
Direct integration with other CI/CD tools is on our roadmap. If you would like to see a specific CI/CD tool integrated, please reach out to us.
Was this page helpful?