Skip to content

Commit 3a6e40e

Browse files
haggarethaggaret
committed
Creating and exposing /credentials as a volume in the container
1 parent 7bf7b9e commit 3a6e40e

File tree

3 files changed

+27
-37
lines changed

3 files changed

+27
-37
lines changed

Dockerfile

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2,10 +2,14 @@ FROM jfloff/alpine-python:2.7-slim
22

33
MAINTAINER Signiant DevOps <devops@signiant.com>
44

5+
RUN mkdir -p /credentials
6+
57
ADD parameter_sync.py /parameter_sync.py
68
ADD parameter_sync.sh /parameter_sync.sh
79

810
RUN pip install boto3
911
RUN chmod a+x /parameter_sync.py /parameter_sync.sh
1012

13+
VOLUME /credentials
14+
1115
ENTRYPOINT ["/parameter_sync.sh"]

README.md

Lines changed: 21 additions & 22 deletions
Original file line numberDiff line numberDiff line change
@@ -10,13 +10,13 @@ Keep file contents in sync with matching parameters in AWS Parameter Store
1010
- AWS_REGION - AWS Region to search (defaults to us-east-1)
1111
- PARAM_PREFIX - The prefix for the parameters to keep in sync
1212
- resulting filenames will be the parameter name minus the PARAM_PREFIX
13-
- eg.
14-
Following parameters in parameter store: TESTING_param1.txt, TESTING_param2.conf
15-
export PARAM_PREFIX=TESTING_
16-
TESTING_param1.txt will be compared against param1.txt
17-
TESTING_param2.conf will be compared against param2.conf
18-
- CRED_FOLDER_PATH - path to where files are stored (defaults to /credentials)
19-
- in order to access the files outside of the container, make sure to mount this path into the container
13+
- eg. Following parameters in parameter store: TESTING_param1.txt, TESTING_param2.conf
14+
- export PARAM_PREFIX=TESTING_
15+
- TESTING_param1.txt will be compared against param1.txt
16+
- TESTING_param2.conf will be compared against param2.conf
17+
18+
The docker container exposes /credentials as a volume - this can be shared with other
19+
containers or mounted to the local file system
2020

2121

2222
## Example Docker runs
@@ -30,29 +30,28 @@ folder 'credentials-dir' which is mounted into the container at '/credentials'.
3030

3131
````
3232
docker run -d -e "FREQUENCY=600" \
33-
-e "VERBOSE=1" \
34-
-e "AWS_ACCESS_KEY_ID=MY_ACCESS_KEY_ID \
35-
-e "AWS_SECRET_ACCESS_KEY=MY_SECRET_KEY \
36-
-e "PARAM_PREFIX=TESTING_" \
37-
-v credentials-dir:/credentials \
38-
signiant/aws-parameter-syncer
33+
-e "VERBOSE=1" \
34+
-e "AWS_ACCESS_KEY_ID=MY_ACCESS_KEY_ID \
35+
-e "AWS_SECRET_ACCESS_KEY=MY_SECRET_KEY \
36+
-e "PARAM_PREFIX=TESTING_" \
37+
-v credentials-dir:/credentials \
38+
signiant/aws-parameter-syncer
3939
````
4040

4141
This example checks AWS Parameter Store in the us-west-2 region every 120 seconds (2 minutes)
4242
for parameters containing 'TESTING_'. The credentials in AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY are
43-
used to access the AWS Parameter Store. The parameter values will be checked against files in the local
44-
folder '/my/local/credentials/path' which is mounted into the container at '/some/other/path'.
43+
used to access the AWS Parameter Store. The parameter values will be checked against files in the container
44+
volume '/credentials' which is NOT mounted locally. This volume could be shared with other containers if
45+
desired.
4546

4647

4748
````
4849
docker run -d -e "FREQUENCY=120" \
49-
-e "AWS_ACCESS_KEY_ID=MY_ACCESS_KEY_ID \
50-
-e "AWS_SECRET_ACCESS_KEY=MY_SECRET_KEY \
51-
-e "AWS_REGION=us-west-2"
52-
-e "PARAM_PREFIX=TESTING_" \
53-
-e "CRED_FOLDER_PATH=/some/other/path"
54-
-v /my/local/credentials/path:/some/other/path \
55-
signiant/aws-parameter-syncer
50+
-e "AWS_ACCESS_KEY_ID=MY_ACCESS_KEY_ID \
51+
-e "AWS_SECRET_ACCESS_KEY=MY_SECRET_KEY \
52+
-e "AWS_REGION=us-west-2"
53+
-e "PARAM_PREFIX=TESTING_" \
54+
signiant/aws-parameter-syncer
5655
````
5756

5857

parameter_sync.sh

Lines changed: 2 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -6,6 +6,8 @@ if [ "$VERBOSE" ]; then
66
VERBOSE='--verbose'
77
fi
88

9+
CRED_FOLDER_PATH=/credentials
10+
911
# Check for required ENV Variables
1012
if [ -z "$PARAM_PREFIX" ]; then
1113
echo "Must supply a parameter prefix by setting the PARAM_PREFIX environment variable"
@@ -37,21 +39,6 @@ else
3739
echo "Frequency set to $FREQUENCY seconds"
3840
fi
3941

40-
if [ -z "$CRED_FOLDER_PATH" ]; then
41-
CRED_FOLDER_PATH=/credentials
42-
echo "CRED_FOLDER_PATH environment variable missing - assuming default of ${CRED_FOLDER_PATH}"
43-
fi
44-
45-
if [ ! -e "$CRED_FOLDER_PATH" ]; then
46-
echo "${CRED_FOLDER_PATH} doesn't exist, will attempt to create it"
47-
echo "NOTE: If this was not expected - please mount credentials path at ${CRED_FOLDER_PATH}"
48-
mkdir -p ${CRED_FOLDER_PATH}
49-
if [ "$?" -ne 0 ]; then
50-
echo "Unable to create ${CRED_FOLDER_PATH} - exiting..."
51-
exit 1
52-
fi
53-
fi
54-
5542
# Loop forever, sleeping for our frequency
5643
while true
5744
do

0 commit comments

Comments
 (0)