avvoenv.1.ronn

avvoenv(1) -- fetch service environment variables

SYNOPSIS

avvoenv [-h|--help] [-q|--quiet] [-V|--version] [-v|--verbose]

avvoenv exec [-a|--add =] [-c|--consul ] [--dev] [-e|--exclude ] [-F|--force] [-h|--help] [-I|--isolate] [-i|--include ] [--no-rancher-metadata] [-p|--app-id ] [-q|--quiet] [-r|--app-user ] [-s|--service ] [-t|--vault-token ] [-u|--vault ] [-v|--verbose]

avvoenv write [-a|--add =] [-c|--consul ] [--dev []] [-e|--exclude ] [-f|--format ] [-h|--help] [-i|--include ] [--no-rancher-metadata] [-p|--app-id ] [-q|--quiet] [-r|--app-user ] [-s|--service ] [-t|--vault-token ] [-u|--vault ] [-v|--verbose]

avvoenv service [-h|--help] [-q|--quiet] [-s|--service ] [-v|--verbose]

DESCRIPTION

avvoenv fetches the environment variables for an Avvo service.

The exec command will execute the given command with the fetched environment variables.

The write command will write the fetched environment variables to a file.

The service command will print what avvoenv thinks is the name of the current service, or canonicalise the name given with the --service option.

OPTIONS

• -a, --add =: Add an environment variable. This option can be provided multiple times, and/or with a list of multiple space-separated key value pairs. In the second case the argument must be quoted.

• -c, --consul : Set the Consul URL, overriding the CONSUL_HTTP_ADDR environment variable, and the default of http://127.0.0.1:8500.

• --dev: Authenticate with Vault via LDAP instead of with the . Will prompt for a user and password on standard input. The USER environment variable is used as the default user name.

• -e, --exclude : Exclude any fetched environment variables matching , where is a shell glob pattern. ? matches any single character. * matches any sequence of characters or nothing. [...] matches any character inside the brackets, with - specifying a range eg [0-9] or [a-z] [!...] is the inverse of [...]

• -F, --force: Ignore errors and always execute . If any errors are encountered then only the inherited environment variables will be provided.

• -f, --format : Set the write output format. Can be one of , , , , , or . If not provided the format will be determined from the file extension of the argument, defaulting to for unknown file extensions.

• -h, --help: Print the help output and exit.

• -I, --isolate: Ignores the inherited environment variables when executing .

• -i, --include : Exclude all fetched environment variables not matching , where is a shell glob pattern. ? matches any single character. * matches any sequence of characters or nothing. [...] matches any character inside the brackets, with - specifying a range eg [0-9] or [a-z] [!...] is the inverse of [...]

• --no-rancher-metadata: Skip environment variables fetched from the Rancher metadata. On non-Rancher environments the Rancher metadata will be automatically skipped. See also the NO_RANCHER_METADATA environment variable.

• -p, --app-id : Authenticate with Vault via app-id. If the argument is provided it will override the VAULT_APP_ID environment variable.

• -q, --quiet: Silence output.

• -r, --app-user : Set the user-id for use with Vault app-id authentication. If the argument is provided it will override the VAULT_APP_USER environment variable.

• -s, --service : Set the service name, overriding the SERVICE environment variable. If neither --service or SERVICE are provided the ./requirements.yml will be consulted, and if that's not present then working directory name will be used.

• -t, --vault-token : Set the token used to authenticate with Vault, overriding the VAULT_TOKEN environment variable and ~/.vault-token file.

• -u, --vault : Set the Vault URL, overriding the VAULT_ADDR environment variable, and the default of https://127.0.0.1:8200.

• -V, --version: Print the version and exit.

• -v, --verbose: Verbose mode, multiples increase the verbosity. -v warn logging -vv info logging -vvv debug logging -vvvv trace logging If not supplied, and --quiet is also not supplied, then error logging. The highest level of --verbose or the AVVOENV_LOG_LEVEL will be used.

EXAMPLES

Run the current service, with all options coming from the environment:

avvoenv exec bin/server

Print what avvoenv thinks the current service name is:

avvoenv service

Run the current service with config from the local (non-SSL) Vault and Consul:

avvoenv exec \
  --vault 'http://127.0.0.1:8200' \
  --vault-token 'dev_root_token' bin/server

Write a defaults file for amos, with the Vault and Consul URLs, and Vault token from the environment:

avvoenv write --service amos amos.defaults

Display the current config for gnomon on staging (- as the argument outputs to standard output):

avvoenv write --dev --service gnomon \
  --vault 'https://bcon1stag.corp.avvo.com:8200' \
  --consul 'http://docker1stag.corp.avvo.com:8500' -

FILES

• ~/.vault-token: The token used to authenticate with Vault.

• ./requirements.yml: Used to determine the service name when neither --service or SERVICE are provided.

ENVIRONMENT

• AVVOENV_LOG_LEVEL: Set the logging verbosity, either , , , , or an integer from 0 to 4 inclusive.

• CONSUL_HTTP_ADDR: The Consul URL, overriding the default of http://127.0.0.1:8500.

• NO_RANCHER_METADATA: If set (to any value) skip environment variables fetched from the Rancher metadata. On non-Rancher environments the Rancher metadata will be automatically skipped. See also the --no-rancher-metadata option.

• SERVICE: The service name, overriding that in the ./requirements.yml (or the working directory name if that's not present).

• USER: The default user to authenticate as with the --dev option.

• VAULT_ADDR: The Vault URL, overriding the default of https://127.0.0.1:8200.

• VAULT_APP_ID: The application ID used with Vault app-id authentication.

• VAULT_APP_USER: The application user ID used with Vault app-id authentication.

• VAULT_TOKEN: The token used to authenticate with Vault, overriding the ~/.vault-token file.

AUTHORS

avvoenv is written and maintained by the Avvo Infrastructure Team [email protected]

SEE ALSO

vault(1), consul(1), exec(2)