snagsby

command module

v0.6.1 Latest Latest Go to latest Published: Feb 10, 2023 License: MIT Imports: 10 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/roverdotcom/snagsby

Links

Open Source Insights

README ¶

Snagsby

Snagsby reads a JSON object from an S3 bucket and outputs the keys and values in a format that can be evaluated by a shell to set environment variables.

It's useful for reading configuration into environment variables from S3 objects in Docker containers.

It can help with workflows like this one: https://blogs.aws.amazon.com/security/post/Tx2B3QUWAA7KOU/How-to-Manage-Secrets-for-Amazon-EC2-Container-Service-Based-Applications-by-Usi

Installation

Linux and OSX 64 bit binaries are available on Github

curl -L https://github.com/roverdotcom/snagsby/releases/download/v0.1.6/snagsby-0.1.6.linux-amd64.tar.gz \
    | tar zxf - -C /usr/local/bin

JSON Format

The s3 object should contain a single JSON object:

// s3://my-bucket/config.json
{
  "processes": 2,
  "multiline_config": "123\n456\n789",
  "api_key": "abc123",
  "yes": true,
  "no": false,
  "float_like": 7.777
}

Upload to s3://my-bucket/config.json with server side encryption and tight bucket access restrictions/policies.

Snagsby can be configured with the SNAGSBY_SOURCE env var or you can pass the source url on the command line.

snagsby s3://my-bucket/config.json?region=us-west-2

Would render:

export API_KEY="abc123"
export FLOAT_LIKE="7.777"
export MULTILINE_CONFIG="123\n456\n789"
export NO="0"
export PROCESSES="2"
export YES="1"

You can supply sources in a comma delimited SNAGSBY_SOURCE environment variable:

SNAGSBY_SOURCE="s3://my-bucket/secrets1.json, s3://my-bucket/secrets2.json" ./bin/snagsby

# -e will fail on errors and exit 1
./bin/snagsby -e \
  s3://my-bucket/config.json \
  s3://my-bucket/config2.json

An example docker entrypoint may look like:

#!/bin/sh

set -e

eval $(./bin/snagsby \
  s3://my-bucket/config.json?region=us-west-2 \
  s3://my-bucket/config-production.json?region-us-west-1)

exec "$@"

AWS Configuration

You can configure AWS any way the golang sdk supports: https://github.com/aws/aws-sdk-go#configuring-credentials

Snagsby enables support for the shared configuration file (~/.aws/config) in the golang aws sdk.

The preferred method when in ec2 is to rely on instance profiles. When running in aws ecs snagsby will use the task iam role.

You can configure the default region by setting the AWS_REGION environment variable. It's recommended you set the region on each source: s3://my-bucket/snagsby-config.json?region=us-west-2

Documentation ¶

There is no documentation for this package.

Source Files ¶

View all Source files

main.go

Directories ¶

Path	Synopsis
pkg
app
config
formatters
resolvers

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL