### Example env0.yml for Package Installation Source: https://docs.envzero.com/guides/admin-guide/templates/pulumi This code snippet demonstrates a basic env0.yml configuration file. It specifies the command to install required packages, using `npm i` as an example for Node.js projects. This file is crucial for setting up your deployment environment within env0. ```yaml install_dependencies: command: "npm i" ``` -------------------------------- ### Create Environment Without Template using cURL Source: https://context7.com/context7/envzero/llms.txt This example demonstrates deploying infrastructure directly from a repository without first creating a template. It specifies the repository, revision, path, and infrastructure type. The response includes the deployment status, indicating that it starts immediately. ```bash curl --request POST \ --url https://api.env0.com/environments/without-template \ --user "api-key-id:api-key-secret" \ --header "Content-Type: application/json" \ --data '{ \ "name": "dev-webapp-feature-branch", \ "projectId": "proj-xyz789", \ "organizationId": "org-abc123", \ "repository": "https://github.com/acme/webapp-infrastructure", \ "revision": "feature/new-database", \ "path": "terraform/webapp", \ "type": "terraform", \ "terraformVersion": "1.6.0", \ "tokenId": "token-123", \ "requiresApproval": false, \ "continuousDeployment": false, \ "ttl": { \ "type": "HOURS", \ "value": 8 \ }, \ "configurationChanges": [ \ { \ "name": "instance_type", \ "value": "t3.small", \ "type": 1 \ }, \ { \ "name": "environment", \ "value": "development", \ "type": 1 \ } \ ] \ }' # Response includes deployment that starts immediately { "id": "env-dev456", "name": "dev-webapp-feature-branch", "status": "DEPLOY_IN_PROGRESS", "latestDeploymentLogId": "deploy-xyz123", "lifespanEndAt": "2023-11-08T00:00:00Z" } ``` -------------------------------- ### Envzero Project Configuration Schema Example Source: https://docs.envzero.com/api-reference/organization/update-organization An example illustrating the structure of the Envzero project configuration. This example demonstrates how various boolean flags, policy types, and string identifiers are set for a project. ```yaml maxTtl: defaultTtl: doNotReportSkippedStatusChecks: true doNotConsiderMergeCommitsForPrPlans: true enableOidc: true enforcePrCommenterPermissions: true projectCustomFlowsPolicy: MERGE_WITH_TEMPLATES allowEnv0Secrets: true requireApprovalForPrApplies: true id: name: description: photoUrl: createdBy: createdAt: '2023-11-07T05:31:56Z' updatedAt: '2023-11-07T05:31:56Z' mode: paying trialEnd: '2023-11-07T05:31:56Z' role: isSelfHostedK8s: true ``` -------------------------------- ### API Key Creation and Usage Source: https://docs.envzero.com/api-reference Instructions on creating organization-level and personal API keys, and how to use them for authentication. ```APIDOC ## API Key Management and Authentication ### Creating an API Key with a Specific Role 1. Navigate to Organization Settings. 2. Click on the API Keys tab. 3. Click 'Add API Key' and provide a name. * **Note:** Save your API Key ID and secret immediately as the secret will not be available later. ### Creating a Personal API Key 1. Click on your avatar (top right). 2. Click on Personal Settings. 3. Select the API Keys tab. 4. Click 'Add API Key' and provide a name. * **Note:** Save your API Key ID and secret immediately as the secret will not be available later. ### Using an API Key to Authenticate Authentication is done using Basic Authentication. - **Username:** API Key ID - **Password:** API Key Secret Example using cURL: ```bash curl --user {API_Key_ID}:{API_Key_Secret} https://api.env0.com/[endpoint] ``` ### API Key Permissions - **Organization-level keys:** Can be assigned 'Organization Admin' or 'User' permissions. 'User' permissions can be further fine-grained per project. - **Personal keys:** Inherit the permissions of the user creating them. ### Rate Limits - **Limit:** 1000 requests per 60 seconds. - **Aggregation:** Requests are aggregated by IP, HTTP Method, and URI. - **Exceeding Limit:** Results in a `429` status code. ``` -------------------------------- ### GET /blueprints/variables-from-repository Source: https://docs.envzero.com/api-reference/templates/generate-terraform-variables-from-repository Retrieves environment variables from a specified repository. This endpoint is useful for fetching configuration details needed for environment setup. ```APIDOC ## GET /blueprints/variables-from-repository ### Description Retrieves environment variables from a specified repository. This endpoint is useful for fetching configuration details needed for environment setup. ### Method GET ### Endpoint https://api.env0.com/blueprints/variables-from-repository ### Parameters #### Query Parameters - **repository** (string) - Required - The name of the repository to fetch variables from. - **revision** (string) - Optional - The specific revision (e.g., branch or tag) of the repository. - **path** (string) - Optional - A specific path within the repository to look for variables. - **tokenId** (string) - Optional - An identifier for a token used for authentication. - **sshKeyIds** (string) - Optional - Identifiers for SSH keys to be used. - **githubInstallationId** (string) - Optional - The ID of a GitHub installation. - **bitbucketClientKey** (string) - Optional - The client key for Bitbucket authentication. - **vcsConnectionId** (string) - Optional - The ID of the Version Control System (VCS) connection. ### Request Example ```json { "example": "" } ``` ### Response #### Success Response (200) - **name** (string) - The name of the environment variable. - **value** (string) - The value of the environment variable. - **id** (string) - The unique identifier for the variable. - **isSensitive** (boolean) - Indicates if the variable is sensitive. - **isReadonly** (boolean) - Indicates if the variable is read-only. - **isRequired** (boolean) - Indicates if the variable is required. - **regex** (string) - A regular expression pattern associated with the variable. - **scope** (string) - The scope of the variable (e.g., SET). - **type** (integer) - The type of the variable. - **toDelete** (boolean) - Indicates if the variable should be deleted. - **projectId** (string) - The ID of the project associated with the variable. - **schema** (object) - Schema details for the variable. #### Response Example ```json { "example": [ { "name": "", "value": "", "id": "", "isSensitive": true, "isReadonly": true, "isRequired": true, "regex": "", "scope": "SET", "type": 0, "toDelete": true, "projectId": "", "schema": { "type": "", "enum": [] } } ] } ``` ``` -------------------------------- ### Environment Creation API Source: https://docs.envzero.com/guides/admin-guide/environments/setting-up-a-new-environment This section details the API endpoint for creating a new environment. It also explains how to prevent automatic deployment upon creation. ```APIDOC ## POST /api/environments/create-environment ### Description Creates a new environment. By default, environments are automatically deployed upon creation. To prevent auto-deployment, set the `preventAutoDeploy` query parameter to `true`. ### Method POST ### Endpoint /api/environments/create-environment ### Parameters #### Query Parameters - **preventAutoDeploy** (boolean) - Optional - If set to `true`, the environment will not be automatically deployed after creation. ### Request Body ```json { "environmentName": "string", "templateName": "string", "variables": {}, "options": {} } ``` ### Request Example ```json { "environmentName": "my-new-environment", "templateName": "default-template", "variables": { "TF_VAR_some_variable": "some_value" }, "options": { "enableApproval": false } } ``` ### Response #### Success Response (200) - **environmentId** (string) - The ID of the newly created environment. - **deploymentId** (string) - The ID of the deployment, if auto-deploy was enabled. #### Response Example ```json { "environmentId": "env-12345", "deploymentId": "dep-abcde" } ``` ``` -------------------------------- ### OpenAPI Specification for GET /blueprints Source: https://docs.envzero.com/api-reference/templates/list-templates This YAML snippet defines the OpenAPI specification for the GET /blueprints endpoint. It includes details about the server URL, authentication mechanism (API Key), request parameters (query and header), and the structure of the successful response (200 OK) with an example. ```yaml paths: /blueprints: get: servers: - url: https://api.env0.com request: security: - title: env0 API Key parameters: query: {} header: Authorization: type: http scheme: basic description: > env0 API authentication is done via API keys. An API Key can either be created by an organization administrator, in which case it will not be connected to any specific user, or via Personal API Keys to authenticate as a user. ### Creating an API Key with a Specific Role - Once you've created your organization, you can set up and manage API Keys. - Navigate to the Organization Settings page and click the API Keys tab. - Click Add API Key and enter a name for your key in the Name field. This name is for reference purposes only and isn't used directly in authentication. > ❗️Save Your API Key ID and secret > The secret will not be available after you close this window. ### Creating a Personal API Key - Click on your avatar (located on the top right of the screen) - Click on Personal Settings - Select the API Keys tab - Click Add API Key, and enter a name for your key in the Name field. This name is for reference purposes and isn't used directly in authentication. > ❗️Save your API Key ID & secret > The secret will not be available after you close this window. ### Using an API Key to Authenticate Authentication of the env0 API is done using the Basic Authentication method. Each request made should include the API Key ID as the username, and the API Key secret as the password. For example, when using curl, we can include these parameters via flag `--user {API Key ID}:{API Key Secret}`. ### API Key Permissions When creating an API key through the organization settings, you will need to choose if you’d like to grant it Organization Admin or User permissions. In case of the latter, you can assign fine-grained permissions per project. Personal API Keys can be created through the user’s profile page and will have the same permissions as the user has. ### Rate Limits env0 API allows up to 1K requests per 60 seconds, requests are aggregated by IP, HTTP Method and URI. If you exceed this limit, you will receive a `429` status code. cookie: {} parameters: path: {} query: organizationId: schema: - type: string required: false description: An Organization ID to filter by projectId: schema: - type: string required: false description: A Project ID to filter by header: {} cookie: {} body: {} response: '200': application/json: schemaArray: - type: array items: allOf: - $ref: '#/components/schemas/BlueprintApi.Blueprint' refIdentifier: '#/components/schemas/BlueprintApi.FindAll.Response' examples: example: value: - name: description: retry: onDestroy: times: 123 errorRegex: onDeploy: times: 123 errorRegex: runTestsOnPullRequest: true isTerragruntRunAll: true projectIds: - tagPrefix: repository: revision: path: fileName: helmChartName: terraformVersion: opentofuVersion: terragruntVersion: terragruntTfBinary: terraform pulumiVersion: ansibleVersion: type: opentofu tokenName: tokenId: sshKeys: - id: name: githubInstallationId: 123 bitbucketClientKey: isBitbucketServer: true ``` -------------------------------- ### Ansible Deployment and Destruction Steps (YAML) Source: https://docs.envzero.com/guides/admin-guide/custom-flows Defines the steps for deploying and destroying resources using Ansible. Includes versioning, shell selection, and specific steps for setup, Galaxy installation, check, playbook execution, and state storage for deployment. Destruction steps include setup. Uses YAML format. ```yaml version: type: number shell: sh (default) or bash deploy: onCompletion: - type: string onSuccess: - type: string onFailure: - type: string steps: setupVariables: after: - type: string ansibleGalaxy: before: - type: string after: - type: string ansibleCheck: before: - type: string after: - type: string ansiblePlaybook: before: - type: string after: - type: string destroy: onCompletion: - type: string onSuccess: - type: string onFailure: - type: string steps: setupVariables: after: - type: string ``` -------------------------------- ### GET /policy-catalog Source: https://context7.com/context7/envzero/llms.txt Retrieve pre-built policy templates for common governance scenarios. These templates provide a starting point for defining custom policies. ```APIDOC ## Get Policy Catalog ### Description Retrieve pre-built policy templates for common governance scenarios. ### Method GET ### Endpoint https://api.env0.com/policy-catalog ### Response #### Success Response (200) An array of policy catalog items, each containing: - **name** (string) - The name of the policy template. - **description** (string) - A brief description of the policy's purpose. - **category** (string) - The category of the policy (e.g., Cost, Security). - **cloudProviders** (array) - A list of supported cloud providers. - **template** (string) - The Rego code for the policy template. #### Response Example ```json [ { "name": "Cost Threshold Approval", "description": "Require approval for deployments exceeding cost threshold", "category": "Cost", "cloudProviders": ["AWS", "GCP", "Azure"], "template": "package env0\n\ndefault result = \"allow\"\n\nresult = \"pending\" {\n input.costEstimation.monthlyCostDiff > 100\n}" }, { "name": "Require Security Group Review", "description": "Require approval when security groups are modified", "category": "Security", "cloudProviders": ["AWS"], "template": "package env0\n\ndefault result = \"allow\"\n\nresult = \"pending\" {\n some resource in input.plan.resourceChanges\n resource.type == \"aws_security_group\"\n}" } ] ``` ### Categories Security, Networking, IAM, Compliance, Cost, Performance ``` -------------------------------- ### Env0 Workflow Configuration Example (YAML) Source: https://docs.envzero.com/guides/admin-guide/workflows/create-a-new-workflow This YAML snippet demonstrates a typical Env0 workflow configuration, defining multiple environments with dependencies, template references, VCS integration, and conditional deployment settings. ```yaml environments: vpc: name: 'VPC and Network' templateName: 'VPC' db: name: DB templateName: 'DB' requiresApproval: true needs: - vpc eks: name: EKS templateName: 'EKS' needs: - vpc service1: name: 'Billing Service' vcs: type: 'terraform' terraformVersion: '1.5.7' repository: 'https://github.com/env0/templates' path: 'aws/hello-world' githubInstallationId: 123456789 # bitbucketClientKey for bitbucket # gitlabProjectId for gitlab disabled: ${DISABLE_SERVICE_1} # omit service1 deployment, # if the interpolated env var DISABLE_SERVICE_1 is true needs: - db - eks service2: name: 'Configuration Service' templateName: 'Configuration Service' revision: feature-branch disabled: ${DISABLE_SERVICE_2} # Variable interpolation support needs: - db - eks service3: name: 'Notification Service' templateName: 'Notification Service' workspace: env0-workspace disabled: ${DISABLE_SERVICE_3} needs: - db - eks ``` -------------------------------- ### Create Deployment Source: https://docs.envzero.com/api-reference/modules/list-module-test-runs Initiates a new deployment for a given environment. This endpoint accepts a comprehensive payload detailing the deployment configuration, including VCS information, deployment type, and environment variables. ```APIDOC ## POST /websites/envzero/deployments ### Description Creates a new deployment for an environment. Requires detailed configuration including deployment type, VCS information, and environment variables. ### Method POST ### Endpoint /websites/envzero/deployments ### Parameters #### Request Body - **deploymentType** (string) - Required - The type of deployment (e.g., 'deploy', 'destroy', 'prPlan'). - **deploymentRevision** (string) - Optional - The revision identifier for the deployment. - **workspaceName** (string) - Optional - The name of the workspace. - **rootDir** (string) - Optional - The root directory for the deployment. - **organizationId** (string) - Required - The ID of the organization. - **templateId** (string) - Optional - The ID of the deployment template. - **templateDir** (string) - Optional - The directory of the deployment template. - **templateName** (string) - Optional - The name of the deployment template. - **environmentName** (string) - Optional - The name of the environment. - **environmentCreatorName** (string) - Optional - The name of the environment creator. - **environmentCreatorUserId** (string) - Optional - The user ID of the environment creator. - **environmentCreatorEmail** (string) - Optional - The email of the environment creator. - **deployerName** (string) - Optional - The name of the deployer. - **deployerUserId** (string) - Optional - The user ID of the deployer. - **deployerEmail** (string) - Optional - The email of the deployer. - **reviewerName** (string) - Optional - The name of the reviewer. - **reviewerEmail** (string) - Optional - The email of the reviewer. - **reviewerUserId** (string) - Optional - The user ID of the reviewer. - **vcsProvider** (string) - Optional - The version control system provider (e.g., 'gitlab', 'github'). See `EnvironmentApi.VcsProvider` schema for options. - **prAuthor** (string) - Optional - The author of the pull request. - **prNumber** (string) - Optional - The number of the pull request. - **prSourceRepository** (string) - Optional - The source repository of the pull request. - **prSourceBranch** (string) - Optional - The source branch of the pull request. - **prTargetBranch** (string) - Optional - The target branch of the pull request. - **commitHash** (string) - Optional - The commit hash. - **commitUrl** (string) - Optional - The URL of the commit. - **oidcToken** (string) - Optional - The OIDC token for authentication. - **vcsAccessToken** (string) - Optional - The access token for the VCS. - **tfPlanJson** (string) - Optional - The JSON output of the Terraform plan. - **cliArgsPlan** (string) - Optional - Command-line arguments for the Terraform plan. - **cliArgsApply** (string) - Optional - Command-line arguments for the Terraform apply. ### Request Example ```json { "deploymentType": "deploy", "organizationId": "org-123", "environmentName": "staging", "vcsProvider": "github", "commitHash": "a1b2c3d4e5f6" } ``` ### Response #### Success Response (200) - **id** (string) - The unique identifier of the created deployment. - **deploymentLogId** (string) - The ID of the deployment log. - **environmentId** (string) - The ID of the associated environment. - **organizationId** (string) - The ID of the organization. - **triggerName** (string) - The name of the trigger that initiated the deployment (e.g., 'user', 'terraform-cli'). - **testSummary** (object) - Summary of test results. - **passed** (integer) - Number of tests passed. - **failed** (integer) - Number of tests failed. - **skipped** (integer) - Number of tests skipped. - **errored** (integer) - Number of tests errored. - **testFilesResults** (object) - Detailed results for test files. - **moduleId** (string) - The ID of the module used for deployment. #### Response Example ```json { "id": "deploy-xyz789", "deploymentLogId": "log-abc123", "environmentId": "env-def456", "organizationId": "org-123", "triggerName": "user", "testSummary": { "passed": 10, "failed": 0, "skipped": 0, "errored": 0 }, "testFilesResults": {}, "moduleId": "mod-ghi321" } ``` ``` -------------------------------- ### Extend Dockerfile: Install AWS and Gcloud CLIs Source: https://docs.envzero.com/guides/admin-guide/self-hosted-kubernetes-agent/extending-deployment-image This Dockerfile example demonstrates how to extend the default env zero deployment image by pre-installing the AWS CLI and Google Cloud CLI (gcloud) with a specified version. It uses the `install-package-cli.js` utility provided by env zero and custom `curl` commands to install additional tools like the GitHub CLI. ```dockerfile # Sets the base image to the latest version of the env zero deployment agent. FROM ghcr.io/env0/deployment-agent:latest # Sets an environment variable to specify the version of the Google Cloud CLI to be installed. If you omit this, the default version will be installed. ENV ENV0_GCLOUD_VERSION=532.0.0 # Executes env zero's "install-package-cli.js" utility, which is provided to pre-install # CLI tools (e.g., aws, gcloud) into the image before runtime. RUN node install-package-cli.js aws gcloud # Custom installtion of your package RUN curl -sSL "https://github.com/cli/cli/releases/download/v2.53.0/gh_2.53.0_linux_amd64.tar.gz" -o gh.tar.gz \ && tar -zxvf gh.tar.gz \ && mv gh_2.53.0_linux_amd64/bin/gh /usr/local/bin/ \ && rm -rf gh.tar.gz gh_2.53.0_linux_amd64 ``` -------------------------------- ### Project Websites API Documentation Source: https://docs.envzero.com/api-reference/environments/list-deployments This section details the schemas used within the Project Websites API, including configurations for deployment plans, environment workflows, and related attributes. ```APIDOC ## Project Websites API Schemas This documentation outlines the data structures used by the Project Websites API for defining and managing projects and their environments. ### Schemas #### `DeploymentApi.Plan.Plan` Represents a deployment plan, detailing changes to be made. - **moduleName** (string) - The name of the module. - **name** (string) - The name of the plan. - **action** (`DeploymentApi.Plan.ChangeAction`) - The action to be performed. - **attributes** (array of `DeploymentApi.Plan.AttributeChange`) - A list of attribute changes. *Required*: `name`, `action`, `attributes` #### `DeploymentApi.Plan.PlanSummary` Summarizes the outcome of a deployment plan. - **added** (number) - Number of items added. - **changed** (number) - Number of items changed. - **destroyed** (number) - Number of items destroyed. - **imported** (number) - Number of items imported. *Required*: `added`, `changed`, `destroyed`, `imported` #### `EnvironmentApi.WorkflowEnvironments.WorkflowFile` Defines the configuration for workflow environments. - **settings** (object) - Workflow settings. - **environmentRemovalStrategy** (string, enum: `destroy`, `detach`) - Strategy for environment removal. - **environments** (object) - A map of environment configurations. *Required*: `environments` #### `EnvironmentApi.WorkflowEnvironments.WorkflowSubEnvironment` Configuration for a specific sub-environment within a workflow. - **environmentId** (string) - The ID of the environment. - **toDestroy** (boolean) - Whether the environment should be destroyed. - **isRemoteBackend** (boolean) - Whether the backend is remote. - **k8sNamespace** (string) - Kubernetes namespace for the environment. - **vcs** (object) - Version control system configuration. - **type** (`IacType`) - Type of VCS. - **tokenName** (string) - Name of the VCS token. - **tokenId** (string) - ID of the VCS token. - **sshKeys** (array of `BlueprintApi.SshKey`) - List of SSH keys. - **githubInstallationId** (number | null) - GitHub installation ID. - **bitbucketClientKey** (string | null) - Bitbucket client key. - **isBitbucketServer** (boolean) - Whether it's a Bitbucket Server instance. - **isGitLabEnterprise** (boolean) - Whether it's GitLab Enterprise. - **isGitHubEnterprise** (boolean) - Whether it's GitHub Enterprise. - **isGitLab** (boolean) - Whether it's GitLab. - **isAzureDevOps** (boolean) - Whether it's Azure DevOps. - **isHelmRepository** (boolean) - Whether it's a Helm repository. - **vcsConnectionId** (string | null) - VCS connection ID. - **repository** (string) - VCS repository URL. - **revision** (string) - VCS revision (branch or tag). - **path** (string) - Path within the repository. - **fileName** (string) - Name of the configuration file. - **helmChartName** (string) - Name of the Helm chart. - **terraformVersion** (`BlueprintApi.TerraformVersion`) - Terraform version. - **opentofuVersion** (`BlueprintApi.OpentofuVersion`) - OpenTofu version. - **terragruntVersion** (string) - Terragrunt version. - **terragruntTfBinary** (`BlueprintApi.TerragruntTfBinary`) - Path to the Terragrunt Terraform binary. - **pulumiVersion** (`BlueprintApi.PulumiVersionType`) - Pulumi version. - **ansibleVersion** (`BlueprintApi.AnsibleVersionType`) - Ansible version. *Required*: `repository`, `type` - **name** (string) - Name of the sub-environment. - **templateName** (string) - Name of the environment template. - **templateId** (string) - ID of the environment template. - **templateType** (`IacType`) - Type of the environment template. - **revision** (string) - VCS revision for the environment configuration. - **workspace** (string) - Workspace for the environment. - **needs** (array of strings) - List of dependencies. - **terragruntWorkingDirectory** (string) - Working directory for Terragrunt. - **requiresApproval** (boolean) - Whether approval is required for deployment. - **disabled** (string | boolean) - Whether the environment is disabled. *Required*: `name` #### `WorkflowDeploymentOptions` Placeholder for deployment options within a workflow. Specific fields are not detailed in the provided text. ``` -------------------------------- ### GET /module/{moduleId}/tests Source: https://docs.envzero.com/api-reference/modules/list-module-test-runs Retrieves a list of test runs for a given module ID. You can control the number of results and the starting point using limit and offset query parameters. Authentication is required using an env0 API Key. ```APIDOC ## GET /module/{moduleId}/tests ### Description Retrieves a list of test runs for a specific module ID. This endpoint supports pagination via `limit` and `offset` query parameters. ### Method GET ### Endpoint `/module/{moduleId}/tests` ### Parameters #### Path Parameters - **moduleId** (string) - Required - The ID of the module to retrieve test runs for. #### Query Parameters - **limit** (string) - Optional - The number of test runs to return per page. Maximum is 100, defaults to 100. - **offset** (string) - Optional - The offset of the first test returned. Defaults to 0. #### Request Body This endpoint does not accept a request body. ### Request Example ```bash curl -X GET \ 'https://api.env0.com/module/YOUR_MODULE_ID/tests?limit=10&offset=0' \ -H 'Authorization: Basic YOUR_API_KEY_ID:YOUR_API_KEY_SECRET' ``` ### Response #### Success Response (200) - **status** (string) - The status of the test run (e.g., IN_PROGRESS). - **blueprintRevision** (string) - The revision of the blueprint used for the test. - **prNumber** (string) - The pull request number associated with the test run. - **startedBy** (string) - The ID of the user who started the test run. - **startedByUser** (object) - Information about the user who started the test run. - **email** (string) - The email of the user. - **user_id** (string) - The ID of the user. - **created_at** (string) - The timestamp when the user was created. - **app_metadata** (object) - Application-specific metadata for the user. - **picture** (string) - URL to the user's profile picture. - **name** (string) - The name of the user. - **last_login** (string) - The timestamp of the user's last login. - **given_name** (string) - The given name of the user. - **family_name** (string) - The family name of the user. - **createdAt** (string) - The timestamp when the test run was created. - **queuedAt** (string) - The timestamp when the test run was queued. - **startedAt** (string) - The timestamp when the test run started. - **finishedAt** (string) - The timestamp when the test run finished. - **error** (object) - Any error details associated with the test run. - **customEnv0EnvironmentVariables** (object) - Custom environment variables for the test run. - **environmentId** (string) - The ID of the environment. - **projectId** (string) - The ID of the project. - **projectName** (string) - The name of the project. - **deploymentLogId** (string) - The ID of the deployment log. #### Response Example ```json [ { "status": "IN_PROGRESS", "blueprintRevision": "", "prNumber": "", "startedBy": "", "startedByUser": { "email": "", "user_id": "", "created_at": "", "app_metadata": {}, "picture": "", "name": "", "last_login": "", "given_name": "", "family_name": "" }, "createdAt": "2023-11-07T05:31:56Z", "queuedAt": "2023-11-07T05:31:56Z", "startedAt": "2023-11-07T05:31:56Z", "finishedAt": "2023-11-07T05:31:56Z", "error": {}, "customEnv0EnvironmentVariables": { "environmentId": "", "projectId": "", "projectName": "", "deploymentLogId": "" } } ] ``` ``` -------------------------------- ### Create Project API Request Source: https://context7.com/context7/envzero/llms.txt Illustrates how to create a new project within an organization using a POST request. It includes an example for creating a top-level project and a nested project with a parentProjectId. ```bash curl --request POST \ --url https://api.env0.com/projects \ --user "api-key-id:api-key-secret" \ --header "Content-Type: application/json" \ --data '{ \ "name": "Production Infrastructure", \ "description": "Production environment deployments", \ "organizationId": "org-abc123", \ "parentProjectId": null \ }' # Response { "id": "proj-xyz789", "name": "Production Infrastructure", "description": "Production environment deployments", "organizationId": "org-abc123", "parentProjectId": null, "createdAt": "2023-11-07T14:20:00Z", "isArchived": false } # Create nested project curl --request POST \ --url https://api.env0.com/projects \ --user "api-key-id:api-key-secret" \ --header "Content-Type: application/json" \ --data '{ \ "name": "Database Team", \ "organizationId": "org-abc123", \ "parentProjectId": "proj-xyz789" \ }' ``` -------------------------------- ### OpenAPI Specification for envZero Cloud Configurations Source: https://docs.envzero.com/api-reference/cloud-compass/list-organizations-cloud-accounts This YAML describes the GET /cloud/configurations API endpoint. It details the server URL, authentication mechanism (Basic Auth with API Key ID and Secret), required query parameters, and the structure of the 200 OK JSON response, including an example payload. ```yaml paths: path: /cloud/configurations method: get servers: - url: https://api.env0.com request: security: - title: env0 API Key parameters: query: {} header: Authorization: type: http scheme: basic description: > env0 API authentication is done via API keys. An API Key can either be created by an organization administrator, in which case it will not be connected to any specific user, or via Personal API Keys to authenticate as a user. ### Creating an API Key with a Specific Role - Once you've created your organization, you can set up and manage API Keys. - Navigate to the Organization Settings page and click the API Keys tab. - Click Add API Key and enter a name for your key in the Name field. This name is for reference purposes only and isn't used directly in authentication. > ❗️Save Your API Key ID and secret > The secret will not be available after you close this window. ### Creating a Personal API Key - Click on your avatar (located on the top right of the screen) - Click on Personal Settings - Select the API Keys tab - Click Add API Key, and enter a name for your key in the Name field. This name is for reference purposes and isn't used directly in authentication. > ❗️Save your API Key ID & secret > The secret will not be available after you close this window. ### Using an API Key to Authenticate Authentication of the env0 API is done using the Basic Authentication method. Each request made should include the API Key ID as the username, and the API Key secret as the password. For example, when using curl, we can include these parameters via flag `--user {API Key ID}:{API Key Secret}`. ### API Key Permissions When creating an API key through the organization settings, you will need to choose if you’d like to grant it Organization Admin or User permissions. In case of the latter, you can assign fine-grained permissions per project. Personal API Keys can be created through the user’s profile page and will have the same permissions as the user has. ### Rate Limits env0 API allows up to 1K requests per 60 seconds, requests are aggregated by IP, HTTP Method and URI. If you exceed this limit, you will receive a `429` status code. cookie: {} parameters: path: {} query: organizationId: schema: - type: string required: true description: An Organization ID to filter by header: {} cookie: {} body: {} response: '200': application/json: schemaArray: - type: array items: allOf: - $ref: '#/components/schemas/CloudResourceApi.CloudConfiguration' refIdentifier: >- #/components/schemas/CloudResourceApi.FindCloudConfigurationByOrgId.Response examples: example: value: - id: organizationId: provider: AWS name: cloudId: health: true configuration: accountId: bucketName: prefix: regions: - shouldPrefixUnderLogsFolder: true lastScan: startedAt: '2023-11-07T05:31:56Z' finishedAt: '2023-11-07T05:31:56Z' startedBy: status: PASSED error: lastTest: testAt: error: dataFrom: '2023-11-07T05:31:56Z' dataUntil: '2023-11-07T05:31:56Z' earliestHistory: '2023-11-07T05:31:56Z' latestHistory: '2023-11-07T05:31:56Z' createdByUser: email: user_id: created_at: app_metadata: {} picture: name: last_login: given_name: ``` -------------------------------- ### POST /environments Source: https://context7.com/context7/envzero/llms.txt Deploys an environment from a template with specified configuration, including approval requirements and TTL. ```APIDOC ## POST /environments ### Description Deploys an environment from a template with configuration including approval requirements and TTL. ### Method POST ### Endpoint https://api.env0.com/environments ### Parameters #### Request Body - **name** (string) - Required - The name of the environment. - **projectId** (string) - Required - The ID of the project. - **blueprintId** (string) - Required - The ID of the blueprint (template) to use. - **requiresApproval** (boolean) - Optional - Whether the environment requires approval. - **continuousDeployment** (boolean) - Optional - Whether continuous deployment is enabled. - **pullRequestPlanDeployments** (boolean) - Optional - Whether to deploy plans on pull requests. - **autoDeployOnPathChangesOnly** (boolean) - Optional - Whether to auto-deploy only on path changes. - **ttl** (object) - Optional - Time-to-live settings for the environment. - **type** (string) - Required - The type of TTL (e.g., "HOURS"). - **value** (integer) - Required - The value of the TTL. - **configurationChanges** (object) - Optional - Configuration changes to apply. - **name** (string) - Required - The name of the configuration change. - **value** (string) - Required - The value of the configuration change. - **scope** (string) - Required - The scope of the change (e.g., "ENVIRONMENT"). - **type** (integer) - Required - The type of configuration change. - **driftDetectionRequest** (object) - Optional - Drift detection settings. - **enabled** (boolean) - Required - Whether drift detection is enabled. - **cron** (string) - Required - The cron schedule for drift detection. ### Request Example ```json { "name": "production-vpc-us-west-2", "projectId": "proj-xyz789", "blueprintId": "tmpl-123", "requiresApproval": true, "continuousDeployment": true, "pullRequestPlanDeployments": true, "autoDeployOnPathChangesOnly": false, "ttl": { "type": "HOURS", "value": 168 }, "configurationChanges": { "name": "vpc_cidr", "value": "10.0.0.0/16", "scope": "ENVIRONMENT", "type": 1 }, "driftDetectionRequest": { "enabled": true, "cron": "0 2 * * *" } } ``` ### Response #### Success Response (200) - **id** (string) - The ID of the created environment. - **name** (string) - The name of the environment. - **projectId** (string) - The ID of the project. - **organizationId** (string) - The ID of the organization. - **userId** (string) - The ID of the user who created the environment. - **status** (string) - The current status of the environment (e.g., "DEPLOY_IN_PROGRESS"). - **requiresApproval** (boolean) - Indicates if approval is required. - **continuousDeployment** (boolean) - Indicates if continuous deployment is enabled. - **latestDeploymentLogId** (string) - The ID of the latest deployment log. - **createdAt** (string) - The timestamp when the environment was created. - **driftStatus** (string) - The status of drift detection. #### Response Example ```json { "id": "env-abc123", "name": "production-vpc-us-west-2", "projectId": "proj-xyz789", "organizationId": "org-abc123", "userId": "user-456", "status": "DEPLOY_IN_PROGRESS", "requiresApproval": true, "continuousDeployment": true, "latestDeploymentLogId": "deploy-789", "createdAt": "2023-11-07T16:00:00Z", "driftStatus": "NEVER_RUN" } ``` ``` -------------------------------- ### Get Policy Catalog using Bash Source: https://context7.com/context7/envzero/llms.txt Retrieves a catalog of pre-built policy templates from the Env0 API, suitable for various governance scenarios like cost control, security, and compliance. Each catalog entry includes a name, description, category, supported cloud providers, and a template snippet. ```bash curl --request GET \ --url https://api.env0.com/policy-catalog \ --user "api-key-id:api-key-secret" ```