README
¶
installation:
With go:
- clone this repo,
cdinto it go build -o $GOPATH/bin ./cmd/cogs
Faster install, PLATFORM can equal Linux/Windows/Darwin:
PLATFORM="Darwin" COGS_VERSION="0.4.0" \
curl -SLk "github.com/Bestowinc/cogs/releases/download/v${COGS_VERSION}/cogs_${COGS_VERSION}_${PLATFORM}_x86_64.tar.gz" | \
tar xvz -C /usr/local/bin cogs
COGS COnfiguration manaGement S
Usage:
cogs gen <ctx> <cog-file> [--out=<type>] [--keys=<key,>] [-n] [-e]
Options:
-h --help Show this screen.
--version Show version.
--no-enc, -n Skips fetching encrypted vars.
--envsubst, -e Perform environmental substitution on the given cog file.
--keys=<key,> Return specific keys from cog manifest.
--out=<type> Configuration output type [default: json].
Valid types: json, toml, yaml, dotenv, raw.
--not=<key,> Exclude specific keys, comma separated.
annotated spec:
add this envsubst
name = "basic_service"
# key value pairs for a context are defined under <ctx>.vars
[docker.vars]
var = "var_value"
other_var = "other_var_value"
[sops]
# a default path to be inherited can be defined under <ctx>.path
path = ["./test_files/manifest.yaml", "subpath"]
[sops.vars]
# a <var>.path key can map to four valid types:
# 1. path value is "string_value" - indicating a single file to look through
# 2. path value is [] - thus <ctx>.path will be inherited
# 3. path value is a ["two_index, "array"] - either index being [] or "string_value":
# - [[], "subpath"] - path will be inherited from <ctx>.path if present
# - ["path", []] - subpath will be inherited from <ctx>.path if present
# 4. ["path", "subpath"] - nothing will be inherited
var1.path = ["./test_files/manifest.yaml", "subpath"]
var2.path = []
var3.path = [[], "other_subpath"]
# dangling variable should return 'some_var = ""' since only name override was defined
some_var.name = "some_name"
# key value pairs for an encrypted context are defined under <ctx>.enc.vars
[sops.enc.vars]
enc_var.path = "./test_files/test.enc.yaml"
[kustomize]
path = ["./test_files/kustomization.yaml", "configMapGenerator.[0].literals"]
# a default deserialization path to be inherited can be defined under <ctx>.path
# once <var>.path has been traversed, attempt to deserialize the returned object
# as if it was in dotenv format
type = "dotenv"
[kustomize.vars]
# var1.name = "VAR_1" means that the key alias "VAR_1" will
# be searched for to retrieve the var1 value
var1 = {path = [], name = "VAR_1"}
var2 = {path = [], name = "VAR_2"}
goals:
-
Allow a flat style of managing configurations across disparate contexts and different formats (plaintext vs. encrypted)
- aggregates plaintext config values and SOPS secrets in one manifest
- ex: local development vs. docker vs. production environments
- aggregates plaintext config values and SOPS secrets in one manifest
-
Introduce an automated and cohesive way to validate and correlate configurations
TODO: allow a gradual introduction of new variable names by automating:- introduction of new name for same value (
DB_SECRETS -> DATABASE_SECRETS) - and deprecation of old name (managing deletion of old
DB_SECRETSreferences)
- introduction of new name for same value (
scope of support:
- microservice configuration
- parse YAML manifests
- valid viper package input (so able to output JSON, YAML, and TOML)
- SOPS secret management
- docker-compose YAML env config scheme
subcommands
-
cogs gen- outputs a flat and serialized K:V array
-
cogs migrateTODOcogs migrate <OLD_KEY_NAME> <NEW_KEY_NAME> [<envs>...]cogs migrate --commit <OLD_KEY_NAME> <NEW_KEY_NAME> (<envs>...)
Aims to allow a gradual and automated migration of key names without risking sensitive environments:
# config.yaml pre migration
DB_SECRETS: "secret_pw"
Should happen in two main steps:
cogs migrate DB_SECRETS DATABASE_SECRETS
- should default to creating the new key name in all environments
- creates new variable in remote file or cog manifest
# config.yaml during migration
DB_SECRETS: "secret_pw"
DATABASE_SECRETS: "secret_pw"
cogs migrate --commit DB_SECRETS DATABASE_SECRETS <env>...
- removes old key name for all
<envs>specified
# config.yaml post migration
DATABASE_SECRETS: "secret_pw"
- should apply to plaintext K/Vs and SOPS encrypted values
running example data locally:
gpg --import ./test_files/sops_functional_tests_key.ascshould be run to import the test private key used for encrypted dummy data- Building binary locally :
go build -o $GOPATH/bin ./cmd/cogs - Kustomize style var retrieval:
cogs gen kustomize ./basic.cog.toml - Encrypted var retrieval:
cogs gen sops ./basic.cog.toml some-service.cog.tomlshows how a toml definition correlates to the JSON counterpart
further references
Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
var EnvSubst bool = false
EnvSubst decides whether to use environmental substitution or not
var NoEnc bool = false
NoEnc decides whether to output encrypted variables or now
Functions ¶
Types ¶
type Cfg ¶
type Cfg struct {
// Defaults to key name unless explicitly declared
Name string
Value string
Path string
// default should be Cfg key name
SubPath string
// contains filtered or unexported fields
}
Cfg holds all the data needed to generate one string key value pair
type Gear ¶
type Gear struct {
Name string
// contains filtered or unexported fields
}
Gear represents one of the contexts in a cog manifest. The term "gear" is used to refer to the operating state of a machine (similar to how a microservice can operate locally or in a remote environment) rather than a gear object. The term "switching gears" is an apt representation of how one Cog manifest file can have many contexts/environments
func (*Gear) ResolveMap ¶
ResolveMap outputs the flat associative string, resolving potential filepath pointers held by Cfg objects by calling the .ResolveValue() method
type Queryable ¶
Queryable allows a query path to return the underlying value for a given visitor
func NewYamlVisitor ¶
NewYamlVisitor returns a visitor object that satisfies the Queryable interface
Source Files
Directories