Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/updatecli/updatecli

A Declarative Dependency Management tool
https://github.com/updatecli/updatecli

continuous-updates dependency-manager gitops hacktoberfest

Last synced: 2 months ago
JSON representation

A Declarative Dependency Management tool

Awesome Lists containing this project

README

        

= Updatecli

image:https://www.updatecli.io/images/updatecli.png[alt=Updatecli,float="right",align="center",width=200,height=200]

link:https://matrix.to/#/#Updatecli_community:gitter.im[image:https://img.shields.io/matrix/updatecli:matrix.org[]]
link:https://github.com/updatecli/updatecli/blob/main/LICENSE[image:https://img.shields.io/github/license/updatecli/updatecli[GitHub]]
link:https://goreportcard.com/report/github.com/updatecli/updatecli[image:https://goreportcard.com/badge/github.com/updatecli/updatecli[Go Report Card]]
link:https://github.com/updatecli/updatecli/releases[image:https://img.shields.io/github/downloads/updatecli/updatecli/total[GitHub Releases]]
link:https://github.com/updatecli/updatecli/releases[image:https://img.shields.io/github/downloads/updatecli/updatecli/latest/total[GitHub Releases]]
link:https://img.shields.io/github/actions/workflow/status/updatecli/updatecli/go.yaml?branch=main[image:https://img.shields.io/github/actions/workflow/status/updatecli/updatecli/go.yaml?branch=main[GitHub Workflow Status]]
link:https://api.securityscorecards.dev/projects/github.com/updatecli/updatecli[image:https://api.securityscorecards.dev/projects/github.com/updatecli/updatecli/badge[OpenSSF Scorecard]]
link:https://bestpractices.coreinfrastructure.org/projects/6731[image:https://bestpractices.coreinfrastructure.org/projects/6731/badge[OpenSSF Best Practices]]

_"Automatically open a PR on your GitOps repository when a third party service publishes an update"_

Updatecli is a tool used to apply file update strategies. Designed to be used from everywhere, each application "run" detects if a value needs to be updated using a custom strategy then apply changes according to the strategy.

You describe your update strategy in a file then you run updatecli to it.

Updatecli reads a yaml or a go template configuration file, then works into three stages

1. Sources: Based on a rule, updatecli fetches a value that will be injected in later stages such as latest application version.
2. Conditions: Ensure that conditions are met based on the value retrieved during the source stage.
3. Targets: Update and publish the target files based on a value retrieved from the source stage.

== Feature

* *Flexibility*: Easy to define tailored update strategies, you are just one yaml file from it.
* *Portability*: Easy to add to your workflow whatever it is. Just one command to run. Of course, it's easy to remove.
* *Extensibility*: Easy to add new go packages to support more workflows.

== Why

There are already many projects out there to continuously update your files, but they all have an opinionated way of doing it and they often want you to adopt a new platform.
Building and distributing software is a difficult task and good practices constantly evolve.
Updatecli was built to work independently of the underlying dependencies to update, wherever you need it and combining whatever workflow you are using, as you can see in the following section.

== Demo

link:https://asciinema.org/a/CR5DIxyTLnvtt8NllEeYAx83U[image:https://asciinema.org/a/CR5DIxyTLnvtt8NllEeYAx83U.svg[Asciinema]]

**The Quick-start is available on link:https://www.updatecli.io/docs/prologue/quick-start/[www.updatecli.io/docs/prologue/quick-start]**

== Installation

Updatecli is a Go binary available for Linux, MacOS and Windows from the link:https://github.com/updatecli/updatecli/releases[release page] or installed via link:https://www.updatecli.io/docs/prologue/installation/[other methods].

**Verify File Checksum Signature**

Instead of signing all release assets, Updatecli signs the checksums file containing the different release assets checksum.
You can download/copy the three files 'checksums.txt.pem', 'checksums.txt.sig', 'checksums.txt' from the latest https://github.com/updatecli/updatecli/releases/latest[release].
Once you have the three files locally, you can execute the following command

```
cosign verify-blob --certificate-identity-regexp "https://github.com/updatecli/updatecli" --certificate-oidc-issuer 'https://token.actions.githubusercontent.com' --cert https://github.com/updatecli/updatecli/releases/download/v0.85.0/checksums.txt.pem --signature https://github.com/updatecli/updatecli/releases/download/v0.85.0/checksums.txt.sig checksums.txt
```

A successful output looks like

```
Verified OK
```

Now you can verify the assets checksum integrity.

**Verify File Checksum Integrity**

Before verifying the file integrity, you should first verify the checksum file signature.
Once you've download both the checksums.txt and your binary, you can verify the integrity of your file by running:

```
sha256sum --ignore-missing -c checksums.txt
```

**Verify Container signature**

```
cosign verify --certificate-identity-regexp "https://github.com/updatecli/updatecli" --certificate-oidc-issuer "https://token.actions.githubusercontent.com" ghcr.io/updatecli/updatecli:v0.85.0
```

== Documentation

The documentation of Updatecli is available at link:https://www.updatecli.io/docs/prologue/introduction/[www.updatecli.io], but you can also look at the `examples` section to get an overview.

=== Example

This example is copy of the quickstart. You can also find it on link:https://www.updatecli.io/docs/prologue/quick-start/[www.updatecli.io/docs/prologue/quick-start]

We define an update strategy in "updatecli.yaml" then we run `updatecli apply --config updatecli.yaml`.
Our objective is to know if the Jenkins project published a new stable version, if they build an appropriated docker image specifically for jdk11 and automatically update our infrastructure accordingly.

[cols="2a,2a"]
|===
|```
## updatecli.yaml
name: Update Jenkins Version

scms:
default:
kind: github
spec:
user: olblak
email: [email protected]
owner: olblak
repository: charts
token: mySecretTokenWhichShouldNeverUsedThisWay
username: olblak
branch: main

sources:
jenkins:
name: Get latest Jenkins version
kind: jenkins
spec:
release: weekly

conditions:
docker:
name: "Test if Docker Image jenkins/jenkins is Published on DockerHub"
kind: dockerimage
spec:
image: jenkins/jenkins
architecture: amd64

targets:
bumpJenkins:
name: Update values.yaml to the latest Jenkins version
scmID: default
kind: yaml
spec:
file: charts/jenkins/values.yaml
key: $.jenkins.controller.imageTag

actions:
default:
title: Open a GitHub pull request with new Jenkins version
kind: github/pullrequest
scmID: default
target:
- bumpJenkins
spec:
automerge: true
mergemethod: squash
labels:
- dependencies
```

|What it says:

. Sources: +
What's the latest jenkins weekly version? +
=> 2.335 +

. Conditions: +
Is there a docker image "jenkins/jenkins" from Dockerhub with the tag "2.335" +
=> Yes then proceed otherwise abort +

. Targets: +
Do we have to update the key "jenkins.controller.imageTag" from file "./charts/jenkins/values.yaml" located on the GitHub repository olblak/charts to "2.335"? +
=> If yes then execute the action `default` opening a GitHub pull request to the "main" branch

|===

More information link:https://www.updatecli.io/docs/prologue/introduction/[here]

---

== Roadmap

We use the GitHub milestone link:https://github.com/updatecli/updatecli/milestone/73[**Next**] to prioritize our effort. As our requirements evolve we regularly add plugins or improve existing ones.

If you ever need a specific integration, feel free to either:

1. Contribute it, we are more than happy to help. link:https://github.com/updatecli/updatecli/blob/main/CONTRIBUTING.adoc[Link]
2. Comment on existing issues as we may prioritize issues affecting other users. link:https://github.com/updatecli/updatecli/issues[Link]
3. Sponsor financially the project link:https://github.com/sponsors/olblak[link]
4. Feel free to reach out to mailto:[email protected][[email protected],role=email] to see how we can help you.

== Contributing

As a community-oriented project, all contributions are greatly appreciated!

Here is a non-exhaustive list of possible contributions:

* ⭐️ this repository.
* Propose a new feature request.
* Highlight an existing feature request with :thumbsup:.
* Contribute to any repository in the link:https://github.com/updatecli/[updatecli] organization
* Share the love

More information available at link:https://github.com/updatecli/updatecli/blob/main/CONTRIBUTING.adoc[CONTRIBUTING]

== Conferences

* 2022
** CDcon (US) - Dependency Management: Where the Fork are We? link:https://youtu.be/157bsLD-0mM[Video]
* 2023
** FOSDEM (BE) - Cloud Native Dependencies link:https://fosdem.org/2023/schedule/event/continuous_update_everything/[Video]
** CIVO Cloud (UK) - Onward a Continuously Updated Kubernetes Marketplace link:https://www.youtube.com/watch?v=B2wmA627E4w[Video]
* 2024
** DevOps Days 15 year anniversary celebration (BE) - Continuously Update Everything

== Links

* link:https://github.com/updatecli/updatecli/blob/main/ADOPTERS.md[ADOPTERS]
* link:https://github.com/updatecli/updatecli/blob/main/CONTRIBUTING.adoc[CONTRIBUTING]
* link:https://www.updatecli.io/docs/prologue/introduction/[DOCUMENTATION]
* link:https://github.com/updatecli/updatecli/blob/main/LICENSE[LICENSE]

== Thanks to all the contributors ❤️

link:https://github.com/updatecli/updatecli/graphs/contributors"[image:https://contrib.rocks/image?repo=updatecli/updatecli[]]

== Thanks to the sponsors ❤️

link:https://www.prefect.io/[image:https://avatars.githubusercontent.com/u/41086007?v=4[alt=PrefectHQ,height=200, width=200]]