Integrations and CI/CD
Continuous integration (CI) and continuous delivery (CD) aim to bridge the gap between development and operations, accelerating production by identifying defects early and automating necessary activities.
ALFA and Axiomatics Policy DevOps (APD) are designed for quickly implementing ABAC CI/CD pipelines. More specifically, APD integrates with Authorization Hub, git, and image repositories to provide the building blocks for an automated pipeline for your authorization domains and policies.
Choosing an integration approach
APD supports several methods for delivering policies and the authorization domain to ADS. The right approach depends on how your ADS is deployed and how frequently policies change.
| Method | Best for | How policy updates reach ADS | Details |
|---|---|---|---|
| Authorization Hub integration | Teams using Axiomatics Authorization Hub as a control plane | Push from APD to Authorization Hub; ADS fetches from Authorization Hub at startup or on demand | Authorization Hub integration |
| Container image | Teams with containerized ADS and standard CI/CD pipelines | APD stages the build context; pipeline builds and pushes the image; redeployment required per change | Container image repository integration |
| Custom integration | Teams that need policy updates without image rebuilds, or with an existing delivery mechanism | APD compiles domain.yaml; a custom Gradle task delivers it via SCP, Kubernetes, or REST | Custom integrations |
These approaches can also be combined. For example, use Authorization Hub for development and test environments while using image-based deployment for production.