search

containers / fetchit

FetchIt is used to manage the life cycle and configuration of Podman containers
https://fetchit.readthedocs.io/
GNU Affero General Public License v3.0
124 stars 23 forks source link

Kustomize, Helm, sops or any other tool to change input before fetchit method run #308

Closed ancosma closed 11 months ago

ancosma commented 1 year ago

I'm using fetchit with kube method and the input is generated by running kustomize and sops. The main problem is that the output contains decrypted secrets so storing in repo in not safe - it has to run on the server before the content is feed to podman kube. Seems that's not possible to do in fetchit currently. Would be nice to have some mechanism like config-management-plugins like in ArgoCD to be able to run for example kustomize build and take the output and feed it into the method (in my case kube). Would you accept a PR for such a feature (kinda pre-processor of the input)? If yes, maybe we can discuss about the possible config before I proceed with the implementation. Something like

pre-sync: ["kustomize", "build"]
# or
pre-sync: "kustomize build"
# or
generate: ["kustomize", "build"]

to be added to each method?

ancosma commented 11 months ago

Closing this as the use-case is doable with systemd's ExecStartPre config (and quadlet).