All Collections
Using Salto
Deploying Changes
Integrating Pull Requests and Automating with Salto
Integrating Pull Requests and Automating with Salto
Support avatar
Written by Support
Updated over a week ago

(!) Available in the Enterprise plan


Salto allows you to leverage your git provider by automatically attaching a pull request to deployment records. These pull requests capture all of the planned configuration changes in Salto deployments and allow you to:

  1. Comment, discuss and get approval from colleagues about the planned configuration changes

  2. Connect your preferred CI/CD tool in order to automate validations and deployments. You can further integrate any other external tool for additional use cases, e.g. static code analysis tools.

  3. Push and deploy additional NACL edits, made out of the Salto Platform

Integrating pull requests with Salto deployments

Salto can be configured to automatically create a pull request for any deployment record targeting a certain environment.

In order to enable this behavior, you will first need to:

  1. Connect a git provider with your Salto org

  2. Connect your environment to a git repository and branch. To do so, go to the Audit tab at the top and click on the ‘Connect Git’ CTA

Once the above 2 steps are completed, please navigate to the relevant environment’s Settings tab and enable the ‘Require Pull Requests’ toggle.
Note: Pull requests are not supported with on-prem git providers

  • Once ‘Require Pull Requests’ is enabled, for any new deployment reaching the ‘deployments preview’ state, Salto will automatically create a pull request capturing the deployment details.

  • The pull request will be updated automatically upon any deployment preview change occurring as a result of element selection modification, manual edits or fetch on the deployment target environment.

  • The deploy operation in Salto will be disabled in case the pull request is not mergeable according to the branch protection rules specified in the repository settings.

Using the Salto CLI for CI/CD Automation

Having a PR that captures your deployments’ information opens the door for CI/CD automated jobs that are triggered upon creation and / or changes to the PR. These automated jobs can leverage Salto’s CLI in order to automate deployment preview checks, validation runs and deployment / promotion of changes.

Setup instructions and complete CLI interface can be found here.

Injecting CI Configuration Files

In order to trigger CI jobs upon PR creation / modification, the git branches should include configuration files for the CI tool that is being used.

To Inject your CI config files into the branches created by Salto:

  1. Create a branch in the same repository in which the PRs are created and push any CI configuration files.

From the environment Settings tab, under the Require Pull Request toggle, click on Link the location of your CI configuration files and specify the branch that hold your CI configuration files

CI Configuration File Examples

CI configuration file examples for various git providers can be found here

Deploying additional edits using Pull Requests

Users can also use the created pull request to make additional edits to the deployed elements. This can be used to perform advanced editing on your files - for example, replacing a value in many files, or introducing a large amount of new elements created by some internal script.

To include external edits in your Salto deployment:

  1. Clone the git repository to some local repo

  2. Checkout the PR "after" branch

  3. Perform your edits directly on the NACL files

  4. Commit and push these edits to your remote repo

Salto will automatically detect incoming changes, and will ask the deployer to pull these commits into the deployment.

When committing additional changes to Pull Requests, avoid force-pushing your commits as that may prevent Salto from pulling these changes properly.

Did this answer your question?