Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

concourse-autotree-hooks

Package Overview
Dependencies
Maintainers
1
Versions
5
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

concourse-autotree-hooks

A script to manage Concourse webhooks automatically using Terraform.

  • 0.2.1
  • latest
  • Source
  • npm
  • Socket score

Version published
Maintainers
1
Created
Source

Concourse Autotree Webhooks

This tool will help you automatically manage webhooks for Concourse repositories in Bitbucket by generating Terraform configurations.

Currently this tool only works for Bitbucket, but other support may be added and PRs are welcome.

Changelog

0.2.0
  • Generated hook resources now include the team name to prevent collisions of same names on different teams. To migrate from the previous version, do the following.
    • terraform state pull > old.state
    • Replace all bitbucket_hook resource names with one prefixed with "$TEAMNAME_". If you have only one team, here's a shortcut: sed -i.bak -e "s/bitbucket_hook\./bitbucket_hook.$TEAM_NAME/g" old.state
    • terraform state push old.state
    • Regenerate your TF files with the new version of this tool.

Prerequisites

  • Terraform
  • terraform-provider-bitbucket from master branch, until they release skip_cert_verification. (This can be skipped if you don't need skip_cert_verification)
  • Bitbucket username and password
  • Concourse pipelines repository, formatted according to the autotree layout.

Setup

Install this tool globally:

npm install -g concourse-autotree-hooks
yarn global add concourse-autotree-hooks

This module gives the command autotree-hooks-generate. Be sure to create a folder for any generated files and always run commands in that folder.

Terraform Backends

Create a file called backend.json. This file should contain data about the Terraform backend you intend to use, in JSON format. An example of an S3 backend:

{
	"s3": {
		"bucket": "my-terraform-state",
		"dynamodb_table": "my-terraform-state-locking",
		"acl": "private",
		"key": "terraform/hooks.tfstate",
		"region": "us-west-2",
		"encrypt": true
	}
}

Any backend supported by Terraform is supported, and any configuration for those backends is supported as well -- this file is just a mapping to keep your personal Terraform configuration separate from the automatically managed Terraform files.

Credentials

Put your credentials into a file called terraform.tfvars like this:

username = "whatever@someplace.com"
password = "secret"

It is recommended that you do not commit the terraform.tfvars file to a repository as it contains credentials. You can use the .gitignore in this module as a base if you want.

Concourse Resources

Clone the Concourse pipelines repository to your local system, somewhere that's reachable by the generate.js script. It doesn't have to be in the same directory, as the generator will resolve paths like ~/git/something/../whatever automatically.

git clone whatever.git

Please note that you must have a webhook_token configured on any resources that you want webhooks for. This script will not notice any resources that do not have a webhook token. It is recommended that you use a freshly generated password for this value. Special characters are supported.

Usage

Generate Terraform Files

Run autotree-hooks-generate to create all the terraform configurations. Flags for the script are below.

autotree-hooks-generate --concourse-root ~/concourse --concourse-webhook-url https://xxx.xxx.xxx.xxx

Flags

NameDefault ValueDescription
concourse-rootN/A, requiredA file path to the Concourse Pipelines repository.
concourse-webhook-urlN/A, requiredThe protocol and hostname where Bitbucket can reach your Concourse instance.
noopfalseSpecify --noop to see what the generator would do, rather than actually do it.
manage-repositoriesfalseCreate a resource to manage each repository as well as webhooks. Not recommended.
cleanfalseDo nothing but clean up files. Can be combined with --noop
filter-repo-ownerN/AIf specified, use only repositories that begin with this string.
skip-cert-verificationfalseIf specified, webhooks will ignore SSL errors.
bitbucket-provider-versionN/AIf specified, the generated Terraform Bitbucket provider will use this version string.

Import Resources

If you've run the script with the --manage-repositories flag, it is likely that you have a lot of existing repositories that you do not want to re-create for Terraform. The generator script creates importHelper.sh to do this for you:

source importHelper.sh

Terraform should successfully import all your existing repositories.

Run Terraform

Now you can run Terraform normally. If this is a first run, you should initialize Terraform:

terraform init

When ready, run Terraform:

terraform apply

If you see any actions being taken on your repositories (any changes to a bitbucket_repository resource), CANCEL THE PLAN and file an issue with the output. This plan is intended to make no changes to your repositories themselves, only the hooks.

Known Issues / TODO

  • Support for *.auto.tfvars files
  • Support for source control other than Bitbucket

Development

Please use a style consistent with the rest of the project. An ESLint file has been provided, and Yarn will install plugins for it.

Please do not check in any Terraform(.tf) or variables(.tfvars) files.

Keywords

FAQs

Package last updated on 04 Sep 2020

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc