concourse-autotree-hooks
Advanced tools
A script to manage Concourse webhooks automatically using Terraform.
This tool will help you automatically manage webhooks for Concourse repositories in Bitbucket by generating Terraform configurations.
Currently this tool only works for Bitbucket, but other support may be added and PRs are welcome.
terraform state pull > old.statebitbucket_hook resource names with one prefixed with "$TEAMNAME_". If you have only one team, here's a shortcut: sed -i.bak -e "s/bitbucket_hook\./bitbucket_hook.$TEAM_NAME/g" old.stateterraform state push old.stateskip_cert_verification. (This can be skipped if you don't need skip_cert_verification)autotree layout.Install this tool globally:
npm install -g concourse-autotree-hooks
yarn global add concourse-autotree-hooks
This module gives the command autotree-hooks-generate. Be sure to create a folder for any generated files and always run commands in that folder.
Create a file called backend.json. This file should contain data about the Terraform backend you intend to use, in JSON format. An example of an S3 backend:
{
"s3": {
"bucket": "my-terraform-state",
"dynamodb_table": "my-terraform-state-locking",
"acl": "private",
"key": "terraform/hooks.tfstate",
"region": "us-west-2",
"encrypt": true
}
}
Any backend supported by Terraform is supported, and any configuration for those backends is supported as well -- this file is just a mapping to keep your personal Terraform configuration separate from the automatically managed Terraform files.
Put your credentials into a file called terraform.tfvars like this:
username = "whatever@someplace.com"
password = "secret"
It is recommended that you do not commit the terraform.tfvars file to a repository as it contains credentials. You can use the .gitignore in this module as a base if you want.
Clone the Concourse pipelines repository to your local system, somewhere that's reachable by the generate.js script. It doesn't have to be in the same directory, as the generator will resolve paths like ~/git/something/../whatever automatically.
git clone whatever.git
Please note that you must have a webhook_token configured on any resources that you want webhooks for. This script will not notice any resources that do not have a webhook token. It is recommended that you use a freshly generated password for this value. Special characters are supported.
Run autotree-hooks-generate to create all the terraform configurations. Flags for the script are below.
autotree-hooks-generate --concourse-root ~/concourse --concourse-webhook-url https://xxx.xxx.xxx.xxx
| Name | Default Value | Description |
|---|---|---|
| concourse-root | N/A, required | A file path to the Concourse Pipelines repository. |
| concourse-webhook-url | N/A, required | The protocol and hostname where Bitbucket can reach your Concourse instance. |
| noop | false | Specify --noop to see what the generator would do, rather than actually do it. |
| manage-repositories | false | Create a resource to manage each repository as well as webhooks. Not recommended. |
| clean | false | Do nothing but clean up files. Can be combined with --noop |
| filter-repo-owner | N/A | If specified, use only repositories that begin with this string. |
| skip-cert-verification | false | If specified, webhooks will ignore SSL errors. |
| bitbucket-provider-version | N/A | If specified, the generated Terraform Bitbucket provider will use this version string. |
If you've run the script with the --manage-repositories flag, it is likely that you have a lot of existing repositories that you do not want to re-create for Terraform. The generator script creates importHelper.sh to do this for you:
source importHelper.sh
Terraform should successfully import all your existing repositories.
Now you can run Terraform normally. If this is a first run, you should initialize Terraform:
terraform init
When ready, run Terraform:
terraform apply
If you see any actions being taken on your repositories (any changes to a bitbucket_repository resource), CANCEL THE PLAN and file an issue with the output. This plan is intended to make no changes to your repositories themselves, only the hooks.
*.auto.tfvars filesPlease use a style consistent with the rest of the project. An ESLint file has been provided, and Yarn will install plugins for it.
Please do not check in any Terraform(.tf) or variables(.tfvars) files.
FAQs
A script to manage Concourse webhooks automatically using Terraform.
We found that concourse-autotree-hooks demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.
Security News
A Stanford study reveals 9.5% of engineers contribute almost nothing, costing tech $90B annually, with remote work fueling the rise of "ghost engineers."