|
| 1 | +SSM Parent |
| 2 | +---------- |
| 3 | + |
| 4 | +This is a parent process for Docker with one addition: it can read from AWS SSM Parameter store. |
| 5 | + |
| 6 | +The way it works is that ssm-parent can be used as an entrypoint for Docker. Firstly, it retrieves all specified parameters, then injects them to the environment, |
| 7 | +and finally runs the command. |
| 8 | + |
| 9 | +All parameters must be in JSON format, i.e.: |
| 10 | + |
| 11 | +``` |
| 12 | + { |
| 13 | + "ENVIRONMENT": "production" |
| 14 | + } |
| 15 | +``` |
| 16 | + |
| 17 | +If a few parameters are specified, all JSON entities will be read and merged into one, overriding existing keys, i.e. |
| 18 | + |
| 19 | +Parameter one: |
| 20 | +``` |
| 21 | + { |
| 22 | + "USERNAME": "myuser", |
| 23 | + "DATABASE": "production" |
| 24 | + } |
| 25 | +``` |
| 26 | + |
| 27 | +Parameter two: |
| 28 | +``` |
| 29 | + { |
| 30 | + "DATABASE": "test" |
| 31 | + } |
| 32 | +``` |
| 33 | + |
| 34 | +The result will be merged as this: |
| 35 | +``` |
| 36 | + { |
| 37 | + "USERNAME": "myuser", |
| 38 | + "DATABASE": "test" |
| 39 | + } |
| 40 | +``` |
| 41 | + |
| 42 | +### How to use |
| 43 | + |
| 44 | + |
| 45 | +That should be pretty self-explanatory. |
| 46 | + |
| 47 | +``` |
| 48 | +$ssm-parent help <aws:hosting> |
| 49 | +SSM-Parent is a docker entrypoint. |
| 50 | +
|
| 51 | +It gets specified parameters (possibly secret) from AWS SSM Parameter Store, |
| 52 | +then exports them to the underlying process. |
| 53 | +
|
| 54 | +Usage: |
| 55 | + ssm-parent [command] |
| 56 | +
|
| 57 | +Available Commands: |
| 58 | + help Help about any command |
| 59 | + print Prints the specified parameters. |
| 60 | + run Runs the specified command |
| 61 | +
|
| 62 | +Flags: |
| 63 | + -h, --help help for ssm-parent |
| 64 | + -n, --name stringArray Name of the SSM parameter to retrieve. Can be specified multiple times. |
| 65 | + -p, --path stringArray Path to a SSM parameter. Can be specified multiple times. |
| 66 | + -r, --recursive Walk through the provided SSM paths recursively. |
| 67 | + -s, --strict Strict mode. Fail if found less parameters than number of names. |
| 68 | +
|
| 69 | +Use "ssm-parent [command] --help" for more information about a command. |
| 70 | +``` |
| 71 | + |
| 72 | +The command `ssm-parent print` can be used to check the result. |
| 73 | + |
| 74 | +### Example Dockerfile part |
| 75 | + |
| 76 | +``` |
| 77 | +ENV PROJECT myproject |
| 78 | +ENV ENVIRONMENT production |
| 79 | +
|
| 80 | +RUN wget -O /tmp/ssm-parent.tar.gz https://github.com/springload/ssm-parent/releases/download/v0.4/ssm-parent_0.4_linux_amd64.tar.gz && \ |
| 81 | + tar xvf /tmp/ssm-parent.tar.gz && mv ssm-parent /sbin/ssm-parent && rm /tmp/ssm-parent.tar.gz |
| 82 | +
|
| 83 | +ENTRYPOINT ["/sbin/ssm-parent", "run", "-e", "-p", "/$PROJECT/$ENVIRONMENT/backend/", "-r", "--"] |
| 84 | +CMD ["caddy" , "--conf", "/etc/Caddyfile", "--log", "stdout"] |
| 85 | +``` |
| 86 | + |
| 87 | +### Config generation |
| 88 | + |
| 89 | +If your application can't be configured via environment variables, then the following script, utilising `envsubst`, can be used to generate configs. |
| 90 | +``` |
| 91 | +#!/bin/sh |
| 92 | +
|
| 93 | +echo "Bootstrapping Caddy" |
| 94 | +envsubst < /etc/Caddyfile.env > /etc/Caddyfile |
| 95 | +
|
| 96 | +exec $@ |
| 97 | +``` |
| 98 | + |
| 99 | +### How to build |
| 100 | + |
| 101 | +This project uses https://github.com/golang/dep as a dependency manager. Go v.1.10.1 was used. |
| 102 | + |
| 103 | +``` |
| 104 | + $git clone https://github.com/springload/ssm-parent.git |
| 105 | + $cd ssm-parent && dep ensure |
| 106 | + $go build |
| 107 | + # (after some hacking) |
| 108 | + $git tag vXXX && git push && git push --tags |
| 109 | + $goreleaser # to create a new release |
| 110 | +``` |
0 commit comments