Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/jonasvinther/nomad-gitops-operator
A GitOps operator for Hashicorp Nomad
https://github.com/jonasvinther/nomad-gitops-operator
gitops go golang hashicorp hashicorp-nomad
Last synced: about 1 month ago
JSON representation
A GitOps operator for Hashicorp Nomad
- Host: GitHub
- URL: https://github.com/jonasvinther/nomad-gitops-operator
- Owner: jonasvinther
- License: mit
- Created: 2021-10-15T18:44:37.000Z (over 3 years ago)
- Default Branch: main
- Last Pushed: 2024-07-10T11:23:12.000Z (7 months ago)
- Last Synced: 2024-07-10T13:27:38.990Z (7 months ago)
- Topics: gitops, go, golang, hashicorp, hashicorp-nomad
- Language: Go
- Homepage:
- Size: 125 KB
- Stars: 76
- Watchers: 7
- Forks: 10
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- Funding: .github/FUNDING.yml
- License: LICENSE
Awesome Lists containing this project
README
# Nomoporator
Nomoporator is a GitOps operator for Hashicorp Nomad.## How to use
### Setting up Nomoporator
#### Environment variables
It's also possible configure Nomoporator via environment variables by setting them like this:
```
NOMAD_ADDR - Required to overide the default of http://127.0.0.1:4646.
NOMAD_TOKEN - Required with ACLs enabled.
NOMAD_CACERT - Required with TLS enabled.
NOMAD_CLIENT_CERT - Required with TLS enabled.
NOMAD_CLIENT_KEY - Required with TLS enabled.
```### Bootstrapping using a local path
> Get help with `./nomoporator bootstrap fs -h`
```
Bootstrap Nomad using a local pathUsage:
nomoperator bootstrap fs [path] [flags]Flags:
--base-dir string Path to the base directory (default "./")
--delete Enable delete missing jobs
-h, --help help for fs
--path string glob pattern relative to the base-dir (default "**/*.nomad")
--var-path string var glob pattern relative to the base-dir (default "**/*.vars.yml")
--watch Enable watch modeGlobal Flags:
-a, --address string Address of the Nomad server
```Use it like this:
```
./nomoperator bootstrap fs --base-dir /path/to/base/dir --path jobs/*.nomad
```### Bootstrapping using a git repository
> Get help with `./nomoporator bootstrap git -h`
```
Bootstrap Nomad using a git repositoryUsage:
nomoperator bootstrap git [git repo] [flags]Flags:
--branch string git branch (default "main")
--delete Enable delete missing jobs (default true)
-h, --help help for git
--password string SSH private key password
--path string glob pattern relative to the repository root (default "**/*.nomad")
--ssh-insecure-ignore-host-key Ignore insecure SSH host key
--ssh-key string SSH private key
--url string git repository URL
--username string SSH username (default "git")
--var-path string var glob pattern relative to the repository root (default "**/*.vars.yml")
--watch Enable watch mode (default true)Global Flags:
-a, --address string Address of the Nomad server
```Use it like this:
```
./nomoperator bootstrap git --url https://github.com/jonasvinther/nomad-state.git --path jobs/*.nomad --branch main
```## Run as Nomad job
```yaml
job "nomoperator" {
datacenters = ["dc1"]
group "nomoperator" {
count = 1
task "nomoperator" {
driver = "exec"
config {
command = "nomoperator"
args = ["bootstrap", "git", "--url", "https://github.com/jonasvinther/nomad-state.git", "--branch", "main", "--path", "jobs/*.nomad"]
}
artifact {
source = "https://github.com/jonasvinther/nomad-gitops-operator/releases/download/v0.0.2/nomad-gitops-operator_0.0.2_linux_amd64.tar.gz"
destination = "local"
mode = "any"
}
}
}
}
```## SSH
You can use SSH keys to connect to a private git repository.
* Generate a public and private key
```bash
ssh-keygen -t ed25519 -C "nomoperator" -f "nomoperatordeploykey" -N ""
```If you would like to set password remove `-N ""` and enter the password. Make sure to set `--username sshusername ` and `--pasword sshpassword` when running nomoperator.
* Configure the server git repository with public key
* Generate `known_hosts` for the git server in `/path_to/known_hosts` which is accessible via nomoperator.
```bash
ssh-keyscan -t ed25519 github.com
```If your git server uses non started port use the `-p` flag.
```bash
ssh-keyscan -t ed25519 -p 2222 mygitserver.com
```If you would like to avoid using hosts files you can set `--ssh-insecure-ignore-host-key=true`. This is highly discouraged due to security risks.
* Run as nomad job
```yaml
job "nomoperator" {
datacenters = ["dc1"]
group "nomoperator" {
count = 1
task "nomoperator" {
driver = "exec"
env {
SSH_KNOWN_HOSTS = "/path_to/known_hosts"
SSH_KEY = <