Meet the Forge Runtime

Meet the Forge Runtime
SHORYA RAJ | SOFTWARE ENGINEER | ATLASSIAN | @SHAZZA Meet the Forge runtime AWS Lambda, Atlassian Runtimes, and the features we provide
AWS Lambda Runtime Atlassian Runtime Features Agenda
Runtime Layers Diving into AWS Runtime Layers AWS Lambda Runtimes Runtime Contract The contract a custom runtime must fulfil AWS Lambda What is Lambda?
Functions as a Service “Just right the business logic” AWS Lambda Customizable Through runtime layers Managed Compute Provisioning, Scaling, Ops
Composable Up to 5 layers Runtime Layers Contributes to shared resource contraints Custom Execution Environment 001
Runtime Contract AWS API Lambda Runtime Layer (webserver) Other Layers (runtime core) Developer Code function execute() { return { message: 'hello world!' } } module.exports = { execute };
Runtime Contract AWS API FETCH Developer Code function execute() { return { message: 'hello world!' } } module.exports = { execute }; Lambda Runtime Layer (webserver) Other Layers (runtime core)
Runtime Contract AWS API FETCH INVOKE Developer Code function execute() { return { message: 'hello world!' } } module.exports = { execute }; Lambda Runtime Layer (webserver) Other Layers (runtime core)
Runtime Contract AWS API FETCH INVOKE Developer Code function execute() { return { message: 'hello world!' } } module.exports = { execute }; Lambda Runtime Layer (webserver) Other Layers (runtime core)
Runtime Contract AWS API Developer Code function execute() { return { message: 'hello world!' } } module.exports = { execute }; FETCH INVOKE Lambda Runtime Layer (webserver) Other Layers (runtime core)
Runtime Contract AWS API Developer Code function execute() { return { message: 'hello world!' } } module.exports = { execute }; FETCH INVOKE SUCCESS Lambda Runtime Layer (webserver) Other Layers (runtime core)
Runtime Contract AWS API Developer Code function execute() { return { message: 'hello world!' } } module.exports = { execute }; FETCH INVOKE SUCCESS FUNCTION ERROR Lambda Runtime Layer (webserver) Other Layers (runtime core)
Runtime Contract AWS API Developer Code function execute() { return { message: 'hello world!' } } module.exports = { execute }; FETCH INVOKE SUCCESS FUNCTION ERROR LAMBDA ERROR Lambda Runtime Layer (webserver) Other Layers (runtime core)
FEATURES FOR CUSTOMERS FEATURES FOR DEVELOPERS
Secure FEATURES FOR CUSTOMERS FEATURES FOR DEVELOPERS
Secure Seamless FEATURES FOR CUSTOMERS FEATURES FOR DEVELOPERS
Secure Seamless Responsive FEATURES FOR CUSTOMERS FEATURES FOR DEVELOPERS
Secure Seamless Responsive FEATURES FOR CUSTOMERS FEATURES FOR DEVELOPERS
Easy to useSecure Seamless Responsive FEATURES FOR CUSTOMERS FEATURES FOR DEVELOPERS
Easy to use Easy to run Secure Seamless Responsive FEATURES FOR CUSTOMERS FEATURES FOR DEVELOPERS
Easy to use Easy to run Powerful Secure Seamless Responsive FEATURES FOR CUSTOMERS FEATURES FOR DEVELOPERS
Easy to use Easy to run Powerful Secure Seamless Responsive FEATURES FOR CUSTOMERS FEATURES FOR DEVELOPERS
Easy to use Easy to run Powerful Secure Seamless Responsive FEATURES FOR CUSTOMERS FEATURES FOR DEVELOPERS FEATURES FOR ALL
Features Isolates Auth Handling Context Handling Tunneling
Features Isolates Auth Handling Context Handling Tunneling Security Isolates have a similar security model to iframes
Features Isolates Auth Handling Context Handling Tunneling Security Isolates have a similar security model to iframes Tenant/Context Isolation Isolates are thrown away after each invocation, so there is a “clean” for each invocation.
Features Isolates Auth Handling Context Handling Tunneling Security Isolates have a similar security model to iframes Tenant/Context Isolation Isolates are thrown away after each invocation, so there is a “clean” for each invocation. We control what you have access to globals and API’s are provided to the isolate, so can control what they do (e.g. blocking network egress)
Features Isolates Auth Handling Context Handling Tunneling API.Fetch We provide an API that handles making fetch requests out of the isolate.
const xkcdResponse = await api .fetch(‘https://xkcd.com/'); Auth Handling API.Fetch
Features Isolates Auth Handling Context Handling Tunneling API.Fetch We provide an API that handles making fetch requests out of the isolate.
Features Isolates Auth Handling Context Handling Tunneling API.Fetch We provide an API that handles making fetch requests out of the isolate. Automatic Token Injection Injects tokens as requested into requests. Hides developer having to see tokens/secrets
Auth Handling API.Fetch Token injection const xkcdResponse = await api .fetch(‘https://xkcd.com/');
Auth Handling API.Fetch Token injection const watchersResponse = await api .asApp() .fetch(`https://api.atlassian.com/ex/ confluence/${cloudId}/content/$ {contentId}/watchers`);
Auth Handling API.Fetch Token injection const watchersResponse = await api .asApp() .fetch(`https://api.atlassian.com/ex/ confluence/${cloudId}/content/$ {contentId}/watchers`); const resp = await api.fetch( 'https://api.github.com/user/repos', { headers: { Authorization: 'token {github}' }, });
Features Isolates Auth Handling Context Handling Tunneling API.Fetch We provide an API that handles making fetch requests out of the isolate. Automatic Token Injection Injects tokens as requested into requests. Hides developer having to see tokens/secrets
Features Isolates Auth Handling Context Handling Tunneling API.Fetch We provide an API that handles making fetch requests out of the isolate. Automatic Token Injection Injects tokens as requested into requests. Hides developer having to see tokens/secrets Auth / Consent Flows Developer doesn’t have to deal with going through the consent flow (for certain OAuth Providers)
Auth Handling API.Fetch Token injection const watchersResponse = await api .asApp() .fetch(`https://api.atlassian.com/ex/ confluence/${cloudId}/content/$ {contentId}/watchers`); const resp = await api.fetch( 'https://api.github.com/user/repos', { headers: { Authorization: 'token {github}' }, });
Auth Handling API.Fetch Token injection Consent Flows const watchersResponse = await api .asApp() .fetch(`https://api.atlassian.com/ex/ confluence/${cloudId}/content/$ {contentId}/child/content`);
Auth Handling API.Fetch Token injection Consent Flows const watchersResponse = await api .asRequestUser() .fetch(`https://api.atlassian.com/ex/ confluence/${cloudId}/content/$ {contentId}/child/content`);
Auth Handling API.Fetch Token injection Consent Flows
Features Isolates Auth Handling Context Handling Tunneling API.Fetch We provide an API that handles making fetch requests out of the isolate. Automatic Token Injection Injects tokens as requested into requests. Hides developer having to see tokens/secrets Auth / Consent Flows Developer doesn’t have to deal with going through the consent flow (for certain OAuth Providers)
Features Isolates Auth Handling Context Handling Tunneling Tenant/Context Selection Since we control invocation, we can automatically select and provide the right tenant/context
Features Isolates Auth Handling Context Handling Tunneling Tenant/Context Selection Since we control invocation, we can automatically select and provide the right tenant/context Automatic API handling Since we provide the context and the API, we can hydrate both for you ( .onSite().asUser().takeAction()).
Context Handling const watchersResponse = await api .asRequestUser() .fetch(`https://api.atlassian.com/ex/ confluence/${cloudId}/content/$ {contentId}/child/content`);
Context Handling const watchersResponse = await api .asRequestUser() .requestConfluence(`/content/$ {contentId}/child/content`);
Features Isolates Auth Handling Context Handling Tunneling Tenant/Context Selection Since we control invocation, we can automatically select and provide the right tenant/context Automatic API handling Since we provide the context and the API, we can hydrate both for you ( .onSite().asUser().takeAction()).
Features Isolates Auth Handling Context Handling Tunneling Tenant/Context Selection Since we control invocation, we can automatically select and provide the right tenant/context Automatic API handling Since we provide the context and the API, we can hydrate both for you ( .onSite().asUser().takeAction()). Cross-product context Can incorporate more complicated cross-product cases
Features Isolates Auth Handling Context Handling Tunneling Same core runtime The CLI will ship with the same core runtime that the Lambda uses. Your code therefore can behave the same
Features Isolates Auth Handling Context Handling Tunneling Same core runtime The CLI will ship with the same core runtime that the Lambda uses. Your code therefore can behave the same Leverage the tools you are used to You can use whatever tools (e.g. VSCode, Chrome Devtools) you already use to help build and debug
Trusted By Default Atlassian Runtime Custom API Support … not without limitations
… means we can add magic Custom API Support … and enforce restrictions Ability to inject our own APIs
Inform the end user Of what the app is doing Trusted By Default Lower risk of developer error We run the code So we have some controls…
Compliance RTBF, SOC2, etc. Trusted By Default Execution Limits More complex integrations Compute + Storage, kept within Atlassian
Environment different to Node/Browser Runtime ships alongside developer code Atlassian only provides a minimal set Developers can polyfill what they need Limitations
Atlassian only provides a minimal set Developers can polyfill what they need Limitations Environment different to Node/Browser Runtime ships alongside developer code
AWS Lambda Runtime Atlassian Runtime Features Recap
Next Steps Booths Come have a chat with us at our booth to learn more! Labs Try out Forge! Schubert 3 Beta! Later this year, please scan the QR code!
SHORYA RAJ | SOFTWARE ENGINEER | ATLASSIAN | @SHAZZA Thank you!

Check these out next

Meet the Forge Runtime

Recomendados

Más contenido relacionado

Presentaciones para ti(20)

Similar a Meet the Forge Runtime(20)

Más de Atlassian(20)

Último(20)

Meet the Forge Runtime