JSON Schema for the Heroku Platform API

Today we’re making an important piece of Platform API tooling available: A machine-readable JSON schema that describes what resources are available via the API, what their URLs are, how they are represented and what operations they support. The schema opens up many interesting use cases, both for users and for us at Heroku working on improving and extending the API. A few examples are:

  • Auto-creating client libraries for your favorite programming language
  • Generating up-to-date reference docs
  • Writing automatic acceptance and integration tests

We are already using the schema to maintain the API reference documentation on Dev Center and to generate several v3 client libraries:

Of these, Heroics is officially supported by Heroku and the other three are community projects created by Heroku engineers. If you find bugs or have suggestions for enhancements, please send a pull request. We’re interested in having even more client libraries and hope hackers in the Heroku community will start building libs for other languages, either auto-generated ones using JSON Schema or hand-written ones.

Read more →

Programmatically release code to Heroku

Currently in beta, the Heroku Platform API lets developers automate, extend and combine the Heroku platform with other services in a programmatic, self-service way. Today we are setting the capstone into the API by adding slug and release endpoints to the API beta.

These API endpoints are special. They expose a very core part of what Heroku does best: Quickly and safely releasing new versions of an app onto the Heroku platform.

Using the new slug and release endpoints, platform developers can build integrations and services that completely sidestep the traditional Heroku Git deployment flow. So instead of requiring git push heroku master to deploy, it’s now possible to do things like:

  • Write a script that builds an app in a local directory on your machine, tars it up, and deploys it directly to a Heroku app
  • Extend your favorite continuous integration server or service to deploy directly to Heroku if unit tests pass – no need to use Git or manage SSH keys
  • Move slugs around between Heroku apps, for example to promote a release on a staging app to a production app

Are you a CI service provider, source code repository provider, or just a plain old hacker interested in the opportunities this opens up? We want to work with you, get in touch with friis@heroku.com.

The slug and release endpoints complete the functionality that we plan to expose in the first version of the Heroku Platform API. The API is still in beta and we welcome questions and feedback in the Heroku API Forum.

Read more →

Why Heroku Adopted a Code of Conduct Policy and Sponsored The Ada Initiative

Editor's note: This is a guest post from Rikki Endsley. Rikki Endsley is a technology journalist and the USENIX Association's community manager. In the past, she worked as the associate publisher of Linux Pro Magazine, ADMIN, and Ubuntu User, and as the managing editor of Sys Admin magazine. Find her online at rikkiendsley.com and @rikkiends on Twitter.

A code of conduct is a signal to attendees that conference organizers have carefully considered the issues involved with attending events, and that they want to make their conference welcoming and safe for everyone. Heroku recently adopted an event sponsorship policy that shows that the company recognizes the importance of formal codes of conduct. By announcing its new code of conduct policy, Heroku plans to help cultivate a more inviting and diverse community. Sara Dornsife, Director of Developer Marketing at Heroku, says that before agreeing to sponsor an event, the company will verify that the conference has a code of conduct in place. “If they do not, we will introduce them to the Ada Initiative so that they can get help to adopt one. If they refuse to adopt one, we will not sponsor.”

Read more →

Announcing a new and improved Node.js Buildpack

Last week we released a new version of our node buildpack that features dependency caching, faster downloads of the node binary, and support for any recent version of node. This new build process is now the default for all node apps on Heroku, so keep deploying your apps as you normally would and you should start to notice the speed improvements.

Read more →

A Patch in Time: Securing Ruby

There have been thousands of reported security vulnerabilities in 2013 alone, often with language that leaves it unclear if you're affected. Heroku's job is to ensure you can focus on building your functionality, as part of that we take responsibility for the security of your app as much as we're able. On Friday, November 22nd a security vulnerability was disclosed in Ruby (MRI): CVE-2013-4164 . Our team moved quickly to identify the risk to anyone using the Heroku platform and push out a fix.

Read more →

Browse the blog archives or subscribe to the full-text feed.

Visit the Engineering Blog