User Guide¶
Welcome to the Farm User Guide. This section provides comprehensive documentation for end users who want to use Farm to manage their software components and documentation.
Overview¶
Farm provides a centralized portal that helps you:
- Organize and discover software components across your organization
- Maintain documentation associated with each component
- Manage user access and authentication
Getting Started¶
New to Farm? Start with the Getting Started guide to learn how to set up and begin using Farm.
Core Features¶
Component Catalog¶
The Catalog is the heart of Farm. It provides a centralized registry for all software components in your organization, including:
- Services and microservices
- Shared libraries
- APIs
- Websites and frontend applications
- Infrastructure resources (pipelines, queues, databases, clusters)
- Data assets (datasets, data pipelines, ML models)
- Security artifacts (secrets, policies, certificates)
Documentation Management¶
Farm allows you to manage documentation associated with each component. This helps teams:
- Keep documentation close to the components they describe
- Discover relevant documentation easily
- Maintain documentation versioning
Authentication¶
Learn about user authentication in Farm, including:
- User registration with password strength validation
- Login and JWT token management
- Refresh token rotation
- User roles and rate limiting
Organizations¶
Farm supports multi-tenant organizations, providing isolated scopes for catalog components, teams, pipelines, and environments. Each organization has members with role-based access:
- Create and manage organizations
- Add or remove members and assign roles (owner, admin, member)
- Scope resources to a specific organization using the
X-Organization-Idrequest header
Environments and Deployments¶
Farm tracks deployment environments and component deployments, enabling:
- Environment management (development, staging, production, sandbox)
- Deployment recording with status tracking
- Deployment matrix showing latest versions across environments
Pipelines¶
Farm lets you define and execute multi-stage pipelines directly from the portal. Features include:
- Stage-by-stage pipeline definition with configurable commands and environments
- Real-time log streaming via WebSocket as each stage runs
- Run history with per-stage status and exit codes
IaC Visibility¶
The IaC module ingests infrastructure-as-code state from Terraform, Pulumi, and similar tools. It provides:
- Stack inventory with per-run history and drift detection
- Module catalog with semantic versioning and component linking
- A compliance dashboard summarizing drift and failed runs across all stacks
Teams and Ownership¶
Organize your organization with team management:
- Create teams by type (dev, infra, security, data, platform)
- Assign members to teams
- Link catalog components to team ownership
CI/CD Integrations¶
Farm connects to external CI/CD platforms so teams can monitor builds, trigger pipelines, and view deployment status directly from the developer portal. Supported platforms: ArgoCD, CircleCI, Jenkins, and Travis CI. Each platform is connected per-organization using encrypted credentials stored in the database. See the CI/CD Integrations reference for endpoint details.
Helm Integration¶
Farm discovers Helm releases from Kubernetes Secrets and provides a dedicated UI card on the component detail page for components with a helmChart field in their catalog-info.yaml. See the Helm Integration guide for full details.
Kubernetes Operator¶
Farm connects to a Kubernetes cluster to discover running workloads, Custom Resource Definitions (CRDs), and Argo Rollout statuses. Components annotated with farm.io/kubernetes-name are automatically linked to their cluster workloads. See the Kubernetes Operator guide for full details.
System Discovery¶
Farm provides a discovery mechanism to see which features and modules are currently active in your organization's portal. This allows users to:
- Identify active plugins and their versions
- Access a centralized list of system capabilities
- Stay informed about platform updates
Observability¶
Farm provides a built-in observability hub that aggregates metrics, traces, and logs from your infrastructure. Features include:
- Native PromQL chart rendering against your Prometheus instance
- Distributed trace waterfall viewer (Jaeger / Grafana Tempo)
- LogQL log queries against Loki with automatic level detection
- PromQL-based alerting rules linked to catalog components or environments
- Real-time WebSocket notifications for pipeline runs and audit events
Elasticsearch Index Visibility¶
The Elasticsearch Index section on each catalog component lets you link one or more Elasticsearch index patterns and monitor their health — document count, store size, and cluster health — without leaving Farm. A Kibana deep-link is generated automatically when NEXT_PUBLIC_KIBANA_URL is configured.
Cloud Providers¶
Farm discovers and registers cloud resources from AWS, GCP, and Azure. Connected per-organization via encrypted credentials, it imports tagged resources into the Catalog and displays monthly cost estimates.
Tag Governance¶
The tag governance engine lets org admins define required tag keys per resource type. A scheduled audit job evaluates all discovered resources and records violations with remediation hints. Exports to Kyverno ClusterPolicy YAML are also supported.
Kyverno Integration¶
Farm reads Kyverno PolicyReports from connected clusters and surfaces violations alongside tag governance results on the component detail page.
Keycloak SSO¶
Farm integrates with Keycloak for enterprise SSO login, automatic Keycloak group-to-team sync, and Keycloak client credentials as a secret source in pipeline stage configs.
Istio Service Mesh¶
Farm surfaces Istio traffic metrics (RPS, error rate, P50/P95/P99 latency), mTLS and AuthorizationPolicy security posture, service topology, and canary VirtualService weight controls directly on each catalog component.
Linkerd Service Mesh¶
Farm surfaces Linkerd traffic metrics (RPS, error rate, P50/P95/P99 latency), ServerAuthorization and AuthorizationPolicy security posture, ServiceProfile route rules, and a service topology graph on each catalog component.
OPA Policy Engine¶
Farm integrates with Open Policy Agent for on-demand policy evaluation. Submit a policy path and input document to receive an allow/deny result with optional violation details. Results linked to catalog components are persisted for historical review.
Container Registry¶
Farm connects to container registries (DockerHub, ECR, Harbor) to browse repositories, inspect image manifests, and surface vulnerability scan results on the component detail page.
FinOps and Cost Management¶
The FinOps module integrates with OpenCost to display infrastructure cost data per component and per team. View 7-day and 30-day CPU, memory, PV, and network cost breakdowns, set per-component cost budgets, and identify the top spenders across the platform.
SLO Management¶
Farm provides Service Level Objective tracking for your catalog components. Define availability, latency, and error rate targets with automated error budget calculation. Burn-rate alerts notify you before SLO breaches occur.
Incident Management¶
The incident management module coordinates your organization's response to production issues. Track incidents from detection through resolution with severity levels, timeline updates, status transitions, and structured post-mortem workflows.
Custom Dashboards¶
Build custom dashboards with configurable widget grids to visualize operational data. Combine metrics charts, status indicators, team activity feeds, and alert summaries into a single view tailored to your team's needs.
Service Templates¶
Scaffold new services from curated golden path templates. Select a template, fill in variables, preview the generated file tree with a dry run, and push a fully configured project to your target repository in minutes.
Environment Requests¶
Request deployment environments through a self-service workflow with administrator approval. Choose between ephemeral and persistent environments, select a resource tier, set a TTL, and monitor provisioning status from submission to expiry.
Quick Links¶
| Topic | Description |
|---|---|
| Getting Started | Set up and begin using Farm |
| Catalog | Manage software components |
| Documentation | Create and manage documentation |
| Pipelines | Define and execute multi-stage pipelines with live log streaming |
| IaC Visibility | IaC stack inventory, drift detection, and module catalog |
| Observability | Metrics, traces, logs, alerting rules, and Elasticsearch index stats |
| Authentication | User management and access |
| Organizations | Multi-tenant isolation and member management |
| CI/CD Integrations | ArgoCD, CircleCI, Jenkins, Travis CI |
| Helm Integration | Helm release discovery and chart metadata |
| Kubernetes Operator | Workload, CRD, and Argo Rollouts discovery |
| Cloud Providers | AWS, GCP, Azure resource discovery |
| Tag Governance | Required tag policies and violation reporting |
| Kyverno Integration | PolicyReport ingestion and ClusterPolicy export |
| Keycloak SSO | Enterprise SSO login and group sync |
| Istio Service Mesh | Traffic metrics, security posture, canary control |
| Linkerd Integration | Linkerd traffic metrics, security posture, and topology |
| OPA Integration | Open Policy Agent policy evaluation and result history |
| Container Registry | Repository browsing and vulnerability scanning |
| FinOps | Infrastructure cost management with OpenCost |
| SLO Management | Service Level Objectives and error budget tracking |
| Incident Management | Incident response, timeline, and post-mortem workflows |
| Custom Dashboards | Configurable widget grids for operational visibility |
| Service Templates | Scaffold new services from curated golden path templates |
| Environment Requests | Self-service environment provisioning with approval workflows |
| FAQ | Frequently asked questions |