stuttgart-things/machineshop

git based CLI interface for managing configuration as code

TASKS

task: Available tasks for this project:
* branch:              Create branch from main
* build:               Build code
* build-image:         Build container image
* commit:              Commit + push code into branch
* delete-branch:       Delete branch from origin
* install:             Install
* build-ko:            Build image w/ KO
* lint:                Lint
* pr:                  Create pull request into main
* release:             Relase binaries
* run:                 Run
* tag:                 Commit, push & tag the module
* test:                Test
* tests:               Built cli tests

TASK EXAMPLES

task run # will output build version
task run CMD=get PARAMETERS=--system=sops # will run with build command get + parameters
task release TAG=2.6.1 # will release bins with version 2.2.9

FEATURES

RENDER TEMPLATES w/ DEFAULTS AND PARAMETERS (RENDER)
INSTALL MULTIPLE BINARIES FROM WEB SOURCES AT ONCE/IN PARALLEL (INSTALL)
RENDER + EXECUTE MULTIPLE SCRIPTS (INSTALL)
RETRIEVE SECRETS FROM VAULT (GET)

DEPLOYMENT

BINARY BY RELEASE

```bash # LINUX x86_64 VERSION=v1.9.0 wget https://github.com/stuttgart-things/machineshop/releases/download/${VERSION}/machineshop_Linux_x86_64.tar.gz tar xvfz machineshop_Linux_x86_64.tar.gz sudo mv machineshop /usr/bin/machineshop rm -rf LICENSE README.md sudo chmod +x /usr/bin/machineshop machineshop version ```

CONTAINER IMAGE

```bash # RUN COMMAND sudo nerdctl run ghcr.io/stuttgart-things/machineshop/machineshop-9c3178088556daa12a17db5edcc6b5b7:1.9.10 version ``` ```bash # JUMP INTO SHELL nerdctl run -it --entrypoint bash \ ghcr.io/stuttgart-things/machineshop/machineshop-9c3178088556daa12a17db5edcc6b5b7:1.9.10 ```

DEV

CREATE BRANCH

```bash task branch ```

CREATE PULL-REQUEST/MERGE

```bash task pr ```

BUILD RELEASE

```bash task release TAG=v1.8.0 # EXAMPLE VERSION ```

BUILD CONTAINER-IMAGE w/ KO

```bash task ko TAG=v1.9.0 # EXAMPLE VERSION ```

USAGE EXAMPLES

CREATE

creates things on github

REPOSITORY

```bash export GITHUB_TOKEN= machineshop create \ --kind repo \ --group stuttgart-things \ --repository machineshop2 \ --message "test repository - machineshop" \ --private true ```

BRANCH

```bash export GITHUB_TOKEN= machineshop create \ --kind branch \ --branch hello \ --repository machineshop \ --group stuttgart-things \ --files "Dockerfile:Dockerfile" \ ```

PULL-REQUEST

```bash export GITHUB_TOKEN= machineshop create \ --kind pr \ --title test2 \ --branch hello \ --repository machineshop \ --group stuttgart-things \ --labels "release,deploy" # optional ```

MERGE

```bash export GITHUB_TOKEN= machineshop create \ --kind merge \ --group stuttgart-things \ --repository stuttgart-things \ --message "test" \ --merge rebase \ --id 243 ```

PUSH

push things to targets

MINIO (BUCKET)

```bash export MINIO_ACCESS_KEY=sthings export MINIO_SECRET_KEY= export MINIO_ADDR=artifacts.automation.sthings-vsphere.labul.sva.de export MINIO_SECURE=true machineshop push \ --target minio \ --source pod.yaml \ --destination manifests:pod-example.yaml # : ```

MS TEAMS

```bash WEBHOOK_URL=https://365sva.webhook... machineshop push \ --target teams \ --source "hello from machineshop cli" \ --destination ${WEBHOOK_URL} \ --color blue ```

HOMERUN

```bash HOMERUN_URL=https://homerun.homerun-dev.sthings-vsphere.labul.sva.de/generic machineshop push \ --destination ${HOMERUN_URL} \ --target homerun \ --title "hello" \ --system shell \ --message "test sdfsdfslkljh" \ --tags "shell;linux" \ --author "machineshop" \ --severity "INFO" machineshop push \ --destination ${HOMERUN_URL} \ --target homerun \ --title "hello" \ --system shell \ --message "test sdfsdfslkljh" \ --tags "shell;linux" \ --author "machineshop" \ --severity "INFO" \ --assignee "patrick.hermann" \ --assigneeUrl "patrick.hermann@sva.de" \ --artifacts "INFO" \ --url "https://github.com/stuttgart-things/stuttgart-things/actions/runs/10639438939" ```

RENDER

render things from templates from various input sources

EXAMPLE TEMPLATE

```yaml --- runs: packagePublishHelmChart: # FLAT VALUE name: package-publish-{{ .chartName }} # LOOP OVER LIST {{ range .food }} - {{ . }}{{ end }} # RANDOM ELEMENT FROM EXISTING LIST favoriteFood: {{ .RANDOMfood }} cpu: {{ .vmConfig_l_cpu }} ram: {{ .vmConfig_m_ram }} ```

EXAMPLE MULTIKEY-TEMPLATE

```yaml --- template: nfsCsi: | apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: name: nfs-csi namespace: {{ .namespace }} spec: interval: {{ .interval }} # ... longhorn: | apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: name: longhorn namespace: {{ .namespace}} #... ```

EXAMPLE DEFAULTS FILE

```yaml --- chartName: helloHelm food: - schnitzel - apple - hamburger vmConfig: m: cpu: 6 ram: 8192 l: cpu: 8 ram: 10240 ```

LOCAL

```bash machineshop render \ --source local \ --template ../golang/machineshop/tests/template-square.yaml \ --brackets square \ --output stdout \ --defaults /home/sthings/projects/stuttgart-things/packer/environments/labul-pve.yaml ```

GIT

```bash machineshop render --source git \ --git https://github.com/stuttgart-things/stuttgart-things.git \ --defaults packer/environments/labul-vsphere.yaml \ --template packer/os/ubuntu23-vsphere.pkr.tpl.hcl \ --output stdout ```

RENDER FROM MULTIKEY YAML TEMPLATE

```bash machineshop render \ --source local \ --template tests/infra.yaml \ --output stdout \ --kind multikey \ --key longhorn \ --defaults tests/default.yaml ```

DELETE

delete things on git(hub)

BRANCH

```bash export GITHUB_TOKEN= machineshop delete \ --kind branch \ --branch hello \ --repository stuttgart-things \ --group stuttgart-things ```

FILES

```bash export GITHUB_TOKEN= machineshop delete \ --kind files \ --branch main \ --repository stuttgart-things \ --group stuttgart-things \ --files ".github/workflows/lint-k8s-manifests.yaml" \ --user patrick-hermann-sva ```

GET

get things from systems

VAULT-REQUIREMENT: VAULT APPROLE EXPORTS

```bash export VAULT_NAMESPACE=root export VAULT_ROLE_ID=1d42d7e7-8c14-e5f9-801d-b3ecef416616 export VAULT_SECRET_ID= export VAULT_ADDR=https://≤VAULT_ADDR>[:8200] ```

SOPS-REQUIREMENT: AGE_KEY EXPORTS

```bash export SOPS_AGE_KEY=AGE-... # or export SOPS_AGE_KEY_FILE=home/sthings/projects/golang/sops/sops.key ```

GET VAULT SECRET VALUE BY PATH

```bash machineshop get --path apps/data/scr:password | tail -n +8 machineshop get --path apps/data/scr:password --output file --destination /tmp/password.txt machineshop get --path kubeconfigs/data/dev21:kubeconfig --output file --destination /tmp/dev211 --b64 true ```

GET SOPS SECRET VALUE BY PATH

```bash machineshop get --system=sops --path=/home/sthings/projects/golang/sops/bla.yaml:password | tail -n +11 ```

LICENSE

APACHE 2.0

Copyright 2023 patrick hermann. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Author Information

Patrick Hermann, stuttgart-things 05/2023