https://github.com/leprechaun/gocd-configurator

A simple python script that transliterates yaml to gomatic python, somewhat opinionated
https://github.com/leprechaun/gocd-configurator

as-code configuration gocd gocd-server yaml

Last synced: 27 days ago
JSON representation

A simple python script that transliterates yaml to gomatic python, somewhat opinionated

• Host: GitHub
• URL: https://github.com/leprechaun/gocd-configurator
• Owner: leprechaun
• Created: 2018-05-20T21:03:01.000Z (about 8 years ago)
• Default Branch: master
• Last Pushed: 2024-03-03T16:43:27.000Z (over 2 years ago)
• Last Synced: 2025-03-04T13:47:01.519Z (about 1 year ago)
• Topics: as-code, configuration, gocd, gocd-server, yaml
• Language: Python
• Homepage:
• Size: 9.77 KB
• Stars: 0
• Watchers: 3
• Forks: 1
• Open Issues: 3
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

          
# gocd-configurator

A simple declarative YAML config to manage gocd.

*NO this isn't meant to manage pipelines*

## Problem statement

I'd rather not be editing `cruise.xml`, ever, because it's sad.

I don't want to check it into git because it's still pretty coupled w/ the GoCD installation.

I'd like to have my GoCD pipeline (config repos) managed through git itself, as simple list.

I'd like to have my AuthZ and AuthN clearly visible, through git. And even manageable!

## Solution

*Tada!*

This repo lets you write a structured YAML document, which expresses most of my own needs for `cruise.xml`.

```

server:

  auth: # auth configs

    - name: passwd

      type: cd.go.authentication.passwordfile

      properties: # passed straight to gomatic

        PasswordFilePath: /go-working-dir/config/passwd

  users: # Global users that can either view, or admin GoCD

    viewers:

      - some-user

    admins:

      - a-power-user-that-is-trusted

projects:

  - name: name-of-my-project

    # Each of these will result in a config repo

    repos: 

      - url: https://example-git-host/path/to/repo.git

    # These pipeline groups are just here for AuthN.

    # If your configrepos use different pipeline-groups, there isn't much we can do here. yet ...

    pipeline_groups:

      - my-projects-pipeline-group

    # Each of the groups below will grant privileges to the pipeline-groups above

    groups:

      # Each group will result in group called "${project_name}-${group_name}"

      # with the permissions attributed. `view` is granted by default.

      - name: business-analysts

        members:

          - mr-business-analyst

      - name: admins

        permissions:

          - operate

          - admin

        members:

          - mrs-administrator

```

In addition to the projet specific groups, I believe everyone should see everything going on. Therefore, all users will have 'view' on all pipeline groups.