git2consul.go

The git2consul.go tool is used to populate a Consul key/value store from a git repo.

The baseline source code was forked from go-git2consul which was inspired by the orginal git2consul tool.

Improvements Over NodeJS git2consul

uses the official Consul Go Lang client library
uses native Go Lang git implementation go-git
removal of nodejs and git runtime dependencies
configuration is sourced locally instead of it being fetched from the Consul K/V
transaction atomicity implies the set of keys is stored either entirely or not at all. Along with atomicity the number of the KV API calls is limited. However there is a pending issue as Consul transaction endpoint can handle only 64 items in the payload. The transactions are executed in 64 elements chunks.

Installation

git2consul.go comes in two variants:

as a single binary file which after downloading can be placed in any working directory - either on the workstation (from which git2consul will be executed) or on the Consul node (depends whether access to the git repository is available from the Consul nodes or not)
as a source code that can be build on the user workstation (How to build from src?)

Documentation

Example

Simple example usage.

$ git2consul -config config.json -basic -user mygituser -password mygitpass -once

Simple example config file.

{
  "repos": [
    {
      "name": "example",
      "url": "http://github.com/DummyOrg/ExampleRepo.git"
    }
  ]
}

Command Line Options

$ git2consul -help
Usage of git2consul:
  -basic
        run with basic auth
  -config string
        path to config file
  -debug
        enable debugging mode
  -key string
        path to priv ssh key
  -once
        run git2consul once and exit
  -password string
        auth password
  -ssh
        run with ssh auth
  -user string
        auth user
  -version
        show version

Configuration

Configuration is provided with a JSON file and passed in via the -config flag. Repository configuration will take care of cloning the repository into local_store, but it will not be responsible for creating the actual local_store directory. Similarly, it is expected that there is no collision of directory or file that contains the same name as the repository name under local_store, or git2consul will exit with an error. If there is a git repository under a specified repo name, and the origin URL is different from the one provided in the configuration, it will be overwritten.

Default configuration

git2consul will attempt to use sane defaults for configuration. However, since git2consul needs to know which repository to pull from, minimal configuration is necessary.

Configuration	Required	Default Value	Available Values	Description
local_store	no	`os.TempDir()`	`string`	Local cache for git2consul to store its tracked repositories
webhook:address	no		`string`	Webhook listener address that git2consul will be using
webhook:port	no	9000	`int`	Webhook listener port that git2consul will be using
repos:name	yes		`string`	Name of the repository. This will match the webhook path, if any are enabled
repos:url	yes		`string`	The URL of the repository
repos:branches	no	master	`string`	Tracking branches of the repository
repos:source_root	no		`string`	Source root to apply on the repo.
repos:expand_keys	no		true, false	Enable/disable file content evaluation.
repos:skip_branch_name	no	false	true, false	Enable/disable branch name pruning.
repos:skip_repo_name	no	false	true, false	Enable/disable repository name pruning.
repos:mount_point	no		`string`	Sets the prefix which should be used for the path in the Consul KV Store
repos:credentials:username	no		`string`	Username for the Basic Auth
repos:credentials:password	no		`string`	Password/token for the Basic Auth
repos:credentials:private_key:pk_key	no		`string`	Path to the priv key used for the authentication
repos:credentials:private_key:pk_username	no	git	`string`	Username used with the ssh authentication
repos:credentials:private_key:pk_password	no		`string`	Password used with the ssh authentication
repos:hooks:type	no	polling	polling, github, stash, bitbucket, gitlab	Type of hook to use to fetch changes on the repository
repos:hooks:interval	no	60	`int`	Interval, in seconds, to poll if polling is enabled
repos:hooks:url	no	??	`string`	???
consul:address	no	127.0.0.1:8500	`string`	Consul address to connect to. It can be either the IP or FQDN with port included
consul:ssl	no	false	true, false	Whether to use HTTPS to communicate with Consul
consul:ssl_verify	no	false	true, false	Whether to verify certificates when connecting via SSL
consul:token	no		`string`	Consul API Token

Webhooks

Webhooks will be served from a single port, and different repositories will be given different endpoints according to their name

Available endpoints:

<webhook:address>:<webhook:port>/{repository}/github
<webhook:address>:<webhook:port>/{repository}/stash
<webhook:address>:<webhook:port>/{repository}/bitbucket
<webhook:address>:<webhook:port>/{repository}/gitlab

Options

source_root (default: undefined)

The "source_root" instructs the app to navigate to the specified directory in the git repo making the value of source_root is trimed from the KV Store key. By default the entire repo is evaluated.

When you configure the source_root with /top_level/lower_level the file /top_level/lower_level/foo/web.json will be mapped to the KV store as /foo/web.json

mount_point (default: undefined)

The "mount_point" option sets the prefix for the path in the Consul KV Store under which the keys should be added.

expand_keys (default: undefined)

The "expand_keys" instructs the app to evaluate known types of files. The content of the file is evaluated to key-value pair and pushed to the Consul KV store.

Supported formats

Text file - the file content is pushed to the KV store as it is.
Yaml file - the file is evaluated into key-value pair. i.e configuration.yml

---
services:
  apache:
    port: 80
  ssh:
    port: 22

will be evaluated to the following keys:

/configuration/services/apache/port
/configuration/services/ssh/port

skip_branch_name (default: false)

The "skip_branch_name" instructs the app to prune the branch name. If set to true the branch name is pruned from the KV store key.

skip_repo_name (default: false)

The "skip_repo_name" instructs the app to prune the repository name. If set to true the repository name is pruned from the KV store key.

credentials

The "credentials" option provides the possibility to pass the credentials to authenticate to private git repositories.

Sample config with basic auth (login:password/token)

{
  "repos": [
    {
      "name": "example",
      "url": "http://github.com/DummyOrg/ExampleRepo.git",
      "credentials: {
            "username": "foo",
            "password": "bar"
      }
    }
  ]
}

Sample config with ssh auth

{
  "repos": [
    {
      "name": "example",
      "url": "http://github.com/DummyOrg/ExampleRepo.git",
      "credentials: {
            "private_key": {
                  "pk_key": "/path/to/priv_key",
                  "pk_username": "foo",
                  "pk_password": "bar"
            }
      }
    }
  ]
}

Developing

See CONTRIBUTING.md for details.

Dependencies

Go 1.10+
dep

Compiling From Source

$ dep ensure
$ go build -o build/bin/git2consul

For Development/Debugging

$ go build -gcflags='-N -l' -o build/bin/git2consul

License

See LICENSE for details.

Acknowledgement

See ACKNOWLEDGEMENT.md for details.

Code of Conduct

See CODE_OF_CONDUCT.md for details.

hansenc / git2consul-go