envy

package module

v0.4.0 Latest Latest Go to latest Published: Oct 17, 2018 License: MIT Imports: 10 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/haines/envy

Links

Open Source Insights

README ¶

envy

envy is a command-line application for fetching shared environment variables.

Values are stored securely in AWS Parameter Store, and can be saved to a local .env file or directly sourced into your shell.

Installation

Releases are published on Github.

with Homebrew 🍺

A Homebrew cask is available at haines/tap.

$ brew cask install haines/tap/envy

with Docker 🐳

Docker images are tagged with release versions. The latest tag follows the master branch.

$ docker pull ahaines/envy:$version

manually 🔧

envy is distributed as a static binary, so installation just requires it to be downloaded from the releases page, then made executable:

$ curl -L $url -o /usr/local/bin/envy
$ chmod +x /usr/local/bin/envy

Binaries can be verified by running

$ gpg --keyserver ha.pool.sks-keyservers.net --recv-keys 6E225DD62262D98AAC77F9CDB16A6F178227A23E
gpg: key B16A6F178227A23E: public key "Andrew Haines <andrew@haines.org.nz>" imported

$ curl -fsSL "${url}.asc" | gpg --verify - /usr/local/bin/envy
gpg: Signature made Tue Apr 10 11:18:05 2018 UTC
gpg:                using RSA key 6E225DD62262D98AAC77F9CDB16A6F178227A23E
gpg: Good signature from "Andrew Haines <andrew@haines.org.nz>" [unknown]

Usage

$ envy --input /path/to/template --output /path/to/result

To see details of all the command-line options, run

$ envy --help

Templates

The input template file is a Go text template, which has access to the following functions in interpolations:

param "path" "to" "value" - fetches a value from AWS Parameter Store
quote "value" - wraps a value in single quotes, escaping embedded single quotes with '\'' (closing the string, concatenating a literal ', and re-opening the string)
var "name" - fetches a value supplied with --var name=value at the command line

For example,

export FOO={{ param "secrets" "foo" | quote }}

would render as

export FOO='bar'

if the value bar was stored in Parameter Store under the key /secrets/foo.

File permissions

When writing to a file, envy ensures that the file's permissions are 600 (only accessible by its owner). To customize the permissions, use e.g. --chmod 640. To leave the permissions alone, use --no-chmod.

Sourcing output directly

envy reads from stdin and writes to stdout by default, so you can source things directly into your shell (assuming you trust the origin of the template!):

# Bash 4, Zsh
$ source <(envy --input /path/to/template)

# Bash 3
$ source /dev/stdin <<<"$(envy --input /path/to/template)"

Authenticating with AWS

with environment variables

Credentials are taken from the AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY environment variables, if set.

with a shared credentials file

If the access key environment variables aren't set, envy can use a shared credentials file, just like the aws command-line interface.

If the file is not located at the default path (~/.aws/credentials), its location can be specified with the AWS_SHARED_CREDENTIALS_FILE environment variable.

The profile to use can be set by either the --profile command-line option, or the AWS_PROFILE environment variable. If no profile is specified, the default profile will be used (if it exists).

with an EC2 instance IAM role

When running on an EC2 instance, if the access key environment variables aren't set, envy can use the instance's IAM role to authenticate. You don't need to manually specify any credentials in this case.

Documentation ¶

Overview ¶

Package envy implements functions to read and parse a template file, interpolate with values fetched from AWS Parameter Store, and write the result to another file.

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func Run ¶

func Run(config *Config)

Run parses the template definition from the input file, executes it, and writes the result to the output file.

The template has access to the following functions:

param "path" "to" "value" // fetches a value from AWS Parameter Store.
quote "value"             // wraps a value in single quotes, escaping embedded single quotes with "'\''".
var "name"                // fetches a user-supplied value from the Variables map.

Types ¶

type Config ¶

type Config struct {
	Variables      map[string]string // user-supplied variables which can be interpolated with `var`.
	InputFilename  string            // if empty or "-", the template definition is read from stdin.
	OutputFilename string            // if empty or "-", the output is written to stdout.
	Permissions    os.FileMode       // the permissions to set on the output file.
	SkipChmod      bool              // if true, don't set permissions on the output file.
	Profile        string            // the AWS credentials profile to use to connect to Parameter Store.
	Region         string            // the AWS region in which to connect to Parameter Store.
}

Config holds the parameters for Run.

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
cmd
envy
test
helpers

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL