Continuous Deployment with Freight

Early on at Sentry we set up Jenkins to automatically deploy after a passing build. Eventually we wanted better control over where we were deploying, and when (i.e. branch FOO to staging). To solve this we started with simple parameterized builds, and effectively had something working. Unfortunately when it came down to adding external controls we hit the age-old API issues within Jenkins itself.

Enter Freight

When we started going heads down on Sentry this year, it was a goal to make sure our tooling was functional and accessible. While we don’t want to invest a lot of time into those things, we want to ensure our day-to-day workflows are smooth. We started off by looking at what tools exist, and found things like GitHub’s Heaven. Originally going down that path, we quickly (though reluctantly) decided we were better off writing our own, as we’re not rubyists, and some of the design decisions simply didn’t make sense for our security model.

Enter Freight. Freight is heavily inspired by GitHub’s Heaven project, but it has a few key distinctions:

  • It’s not coupled to GitHub
  • It can run entirely behind a firewall

Beyond that there’s a lot of things in common, but at the core they’re both just task runners.

Freight Deploy List

Freight Deploy Log

A Simple Core

Just like Heaven, Freight is entirely focused on executing deploys, primarily through simple commands.

A few key things are already done for you:

  • Multiple apps and environments.
  • Management of the source repository (unique per app).
  • Basic workspace management (repository is copied over, and deploy is executed from new location).
  • Abstractions for deploy provider, validation checks, and notifiers.

In our case, we simply plug in our existing Fabric deploy scripts (using the Shell provider):

    "command": "bin/fab -a -i {ssh_key} -R {environment} {task}:sha={sha}"

Freight automatically fills these in with the appropriate values at runtime.

We’ve also bundled in checks for GitHub Context (we use CircleCI), as well as notifications for Slack.

API Driven

Freight is an API-first project. It’s becoming what is the modern standard in reusable and accessible tooling. The choice allows us the ability to quickly whip up a React-based frontend, as well as integrations such as hubot-freight:

Freight Hubot Integration

We’ve also built out a very basic command line utility, freight-cli:

$ freight deploy --help
Usage: freight deploy [OPTIONS] APP

  --env TEXT
  --ref TEXT
  -f, --force
  --help       Show this message and exit.

$ freight deploy getsentry --env staging
Created new Task with ID = 404

$ freight tail 404
(waiting for output..)
>> Check has passed: github
>> Running ['git', 'fetch', '--all', '-p']
Fetching origin
Warning: Permanently added ',' (RSA) to the list of known hosts.
>> Running ['git', 'clone', '/tmp/freight-repo-1', '/tmp/freight-workspace-70653104e33011e496e95a5015beb482']
Cloning into '/tmp/freight-workspace-70653104e33011e496e95a5015beb482'...

An Early Preview

We’re huge believers in open source, and while Freight is fairly early, we’ve kept all of it’s development public. The source, as well as the intended goals are all available on GitHub. While today the setup requires you to have a little bit of knowledge around how Python packages work, it’s fairly quick to run on Heroku.

It’s our hope to continue the open source tradition that started Sentry wherever possible, and developer services are the lifeblood of a lot of what we do. Give it a try and let us know what you think.

Welcome Armin Ronacher

We’ve been building Sentry the product for a while now, but we’ve only recently begun building Sentry the business. With the overwhelming adoption of both our open source and paid products, it’s become clear that we no longer have a little side project — It’s time to up our game.

Enter Armin Ronacher. Many of you may know Armin through his wildly popular Flask and Jinja projects as well as his presence in the Python community. Armin is a long-time colleague and friend. When he and I would talk about the future, it was clear that given the opportunity we could build something special together.

That’s why it’s my pleasure to officially welcome Armin to Sentry. Armin is a machine and brings a breadth of experience to the team, especially in areas where we want to grow. This is the beginning of something great and I hope you’re as excited as we are.

Sentry + Facepunch Studios

Culturally, the common thread at Sentry is gaming. More often than not we’ll close out a day by hopping on voice chat and firing up a game. Lately, that game has been Rust.

Rust is a multiplayer sandbox survival game for the PC, Mac, and Linux. It’s inspired by titles like DayZ and Minecraft in the sense that you must collect resources and craft items in order to progress. There’s no objectives, no storyline — just you and a world full of other players trying not to die.

We got word that the people behind Rust were using Sentry to prioritize their bug fixes. After recovering from hyperventilation and several high-five related injuries, we talked to Garry Newman, creator of Rust (and yes, Garry’s Mod) about his experience.

Culturally, the common thread at Sentry is gaming. More often than not we’ll close out a day by hopping on voice chat and firing up a game. Lately, that game has been Rust.

Read the full story in our Customer Spotlight with Facepunch Studios.

Announcing the Sentry API

Today we’re excited to introduce the Sentry API, which will help ops teams and developers integrate Sentry deeper into their workflows.

Although the API is in its early stages, it’s expanding rapidly. Here are a few things you can do right off the bat:

  • Retrieve/update an individual event
  • Retrieve/update/delete a group of events
  • List all events in a group
  • List all groups in a project
  • Bulk mutate a list of groups

For example, here’s how you might resolve everything after a deploy:

PUT /api/0/projects/{project_id}/groups/
  "status": "resolved"

For more examples, view the full API Documentation.

The Sentry API is the starting point for many things to come. We’re excited to see what you do with it.

Introducing Organizations

Historically, managing org structure, membership, and billing in Sentry has been a pain. Today we’re announcing several giant steps towards making this better.

The most significant of these changes is the introduction of Organizations. Organizations are a new parent entity that will encapsulate Teams and Projects. Organizations will now be where you manage membership and billing. We’ve also included a couple of new tools to increase visibility across your organization.

Billing and Membership

Billing and membership is now managed at the organization level. Teams across an organization will share a quota. This means admins can create new teams without having to setup an additional subscription.

Stats and Audit Log

To make it easier to see usage across your organization, we’ve included a basic Stats page:


We’ve also added a simple Audit Log to highlight important actions taken across your organization:

Audit Log

Simple member management

We’ve made a lot of progress towards simplifying our membership model. Some major changes:

Phasing out Access Groups in favor of Teams

Now that the complexities of Teams have been moved to the organization level, Access Groups no longer make sense. Although Access Groups will continue to function as before, you will no longer be able to create or modify them. Teams will replace the role of Access Groups from this point forward.

We’ve provided an Access Group Migration Tool to make this a snap.

No more Team Owner

There’s no longer a concept of ‘Team Owner.’ This is now handled on the organization level.

Action items

  • Rename your Organization - We generated these based on your team names and that is probably not ideal for everyone.
  • Rename your Teams - Teams no longer share a global namespace. Rename them to whatever you want.
  • Be aware of broken links - We unfortunately had to break most pre-existing URLs as part of this change. This means links in emails too. Sorry :(
  • Migrate your Access Groups to Teams

We’d be happy to assist you with any of these. Let us know if we can help.