From ab59ea091a2374653ea8aeb5ed7675de61c08461 Mon Sep 17 00:00:00 2001 From: Stuart Clark Date: Thu, 3 Aug 2017 01:23:08 +0100 Subject: Add Consul & BoltDB datasource support (#178) * Add libkv support * Add vendoring --- docs/content/functions/general.md | 45 +++++++++++++++++++++++++++++++++++++++ docs/content/index.md | 4 ++-- 2 files changed, 47 insertions(+), 2 deletions(-) (limited to 'docs') diff --git a/docs/content/functions/general.md b/docs/content/functions/general.md index ab362573..16a54957 100644 --- a/docs/content/functions/general.md +++ b/docs/content/functions/general.md @@ -511,6 +511,51 @@ $ gomplate -d foo=https://httpbin.org/get -H 'foo=Foo: bar' -i '{{(datasource "f bar ``` +##### Usage with Consul data + +There are three URL schemes which can be used to retrieve data from [Hashicorp Consul](https://consul.io/). +The `consul://` (or `consul+http://`) scheme can optionally be used with a hostname and port to specify a server (e.g. `consul://localhost:8500`). +By default this will be contacted by HTTP, but the `$CONSUL_HTTP_SSL` can be used to switch to HTTPS mode. Alternatively +the `consul+https://` scheme can be used. + +If the server address isn't included the variable `$CONSUL_HTTP_ADDR` will be checked, otherwise `localhost:8500` will be used. + +The following environment variables can be used: + +| name | usage | +| -- | -- | +| `CONSUL_HTTP_ADDR` | Hostname and optional port for connecting to Consul. Defaults to localhost and port 8500. | +| `CONSUL_TIMEOUT` | Timeout (in seconds) when communicating to Consul. Defaults to 10 seconds. | +| `CONSUL_HTTP_TOKEN` | The Consul token to use when connecting to the server. | +| `CONSUL_HTTP_AUTH` | Should be specified as :. Used to authenticate to the server. | +| `CONSUL_HTTP_SSL` | Switch to HTTPS mode if set to a true value. It accepts 1, t, T, TRUE, true, True, 0, f, F, FALSE, false, False. Alternatively use the `consul+https://` scheme. | +| `CONSUL_TLS_SERVER_NAME` | The server name to use as the SNI host when connecting to Consul via TLS. | +| `CONSUL_CACERT` | If specified points to a CA file for verifying Consul server using TLS. | +| `CONSUL_CAPATH` | If specified points to a directory of CA files for verifying Consul server using TLS. | +| `CONSUL_CLIENT_CERT` | Client certificate file for certificate authentication. Both a certificate and key are required. | +| `CONSUL_CLIENT_KEY` | Client key file for certificate authentication. Both a certificate and key are required. | +| `CONSUL_HTTP_SSL_VERIFY` | Disable Consul TLS certificate checking. It accepts 1, t, T, TRUE, true, True, 0, f, F, FALSE, false, False. | + +If a path is included it is used as a prefix for all uses of the datasource. + +##### Usage with BoldDB data + +[BoldDB](https://github.com/boltdb/bolt) is a simple local key/value store used by many Go tools. + +It can be accessed using the `boltdb://` scheme in addition to the full path to the database file +and the bucket name specified using the #fragment identifier (e.g. `boltdb:////tmp/database.db#bucket). + +As access is vi [libkv](https://github.com/docker/libkv) the first 8 bytes of all values is used as an +incrementing last modified index value. Therefore all values must be at least 9 bytes long, with the first +8 being ignored. + +The following environment variables can be used: + +| name | usage | +| -- | -- | +| `BOLTDB_TIMEOUT` | Timeout (in seconds) to wait for a lock on the database file when opening. | +| `BOLTDB_PERSIST` | If set keep the database open instead of closing after each read. It accepts 1, t, T, TRUE, true, True, 0, f, F, FALSE, false, False. | + ##### Usage with Vault data The special `vault://` URL scheme can be used to retrieve data from [Hashicorp diff --git a/docs/content/index.md b/docs/content/index.md index 244d475d..611f6701 100644 --- a/docs/content/index.md +++ b/docs/content/index.md @@ -9,8 +9,8 @@ menu: A [Go template](https://golang.org/pkg/text/template/)-based CLI tool. `gomplate` can be used as an alternative to [`envsubst`](https://www.gnu.org/software/gettext/manual/html_node/envsubst-Invocation.html) but also supports -additional template datasources such as: JSON, YAML, AWS EC2 metadata, and -[Hashicorp Vault](https://www.vaultproject.io/) secrets. +additional template datasources such as: JSON, YAML, AWS EC2 metadata, [BoldDB](https://github.com/boltdb/bolt), +[Hashicorp Consul](https://www.consul.io/) and [Hashicorp Vault](https://www.vaultproject.io/) secrets. I really like `envsubst` for use as a super-minimalist template processor. But its simplicity is also its biggest flaw: it's all-or-nothing with shell-like variables. -- cgit v1.2.3