cloud.gov monthly update: Buildpack notifications, volume services, and other new features

We’ve been hard at work shipping out new features to help you make your apps better, more secure, and improve your experience developing and deploying them. There’s a lot more in here than usual. We hope you see some features and additions in here that you’ve been waiting for. As always, get in touch with us if you have any questions or feedback about these features. See you next month.

Added

• Part of keeping your app on cloud.gov secure is using the latest version of your app’s buildpack. In addition to keeping you updated in these release notes, we’ll now send you an email notification when a new version of your buildpack is available.
• We have experimental support for volume services. Since a cloud.gov app normally has a short-lived file system, this enables you to build an app that requires persistent file storage. Contact us if you’d like to try this.
• One of our engineers gave us the ability to make Mermaid diagrams on the cloud.gov website, and we almost got carried away creating visualizations of different parts of the platform. Here are a couple we think will help you out:
  • A comparison of how apps with custom domains and those with the default *.app.cloud.gov domain are served to users.
  • How to incorporate a CI/CD workflow into your app.

• The cloud.gov dashboard now lets you manage environment variables for your apps. To see it in action, go to an app page in the dashboard and try viewing, adding, or editing an environment variable. You can also see all the environment variables set by the system from the same view. Change variables with caution, as environment variables will be lost if your app is recreated. We recommend storing non-sensitive configuration variables in your application manifest and sensitive variables in user-provided services.

  Thanks to our antipodal compatriots with the Australian Government Digital Transformation Agency for this code contribution.

Updates

Make sure to use the latest version of the Cloud Foundry CLI. The most recent updates contain new commands and bug fixes. You can download the latest binary for Windows, Mac, or Linux from GitHub.

Announcement

• We will not, as we previously announced, be switching users with cloud.gov accounts to sign in with MAX.gov.
• cloud.gov removed the insecure 3DES cipher from all (including customers) CloudFront CDN distributions ahead of the 120 day deadline. Learn more about this from the Department of Homeland Security.

Coming soon

Sandbox apps will expire after 90 days

We plan to automatically delete apps in sandbox spaces after 90 days. We’ll send email notifications before this happens. If you’re developing something you need to keep long-term, we recommend moving it to a prototyping space. If you’d like to start the process of purchasing a prototyping package, get in touch with us.

Additional TIC compliance support

To support agency implementations of Trusted Internet Connection (TIC) requirements, we’ve published documentation about complying with TIC for apps on cloud.gov. To support a wider range of agency TIC needs, we’ve also built a way to support restricting users to trusted IP ranges. We’re waiting to fully implement it until after it’s passed FedRAMP review, but in the meantime, let us know if you have questions or want to use it.

Platform releases

We upgraded the Cloud Foundry deployment to v278.

You should restage your application to incorporate fixes in the base filesystem and ensure you’re running the most recent language version supported by your buildpack.

Additional upgrades

• Diego v1.29.2
• Stemcell v3468.5
• Buildpacks:
  • Staticfile v1.4.18
  • Java v4.6
  • Ruby v1.7.5
  • NodeJS v1.6.10
  • Go v1.8.13
  • Python v1.6.1
  • PHP v4.3.43
  • .NET-core v1.0.30
  • Binary v1.0.15