ZeroDownTime
/
CloudBender
3
0
Fork 0
Code Issues 1 Pull Requests 1 Releases Wiki Activity

chore: update docs

This commit is contained in:
Stefan Reimer 2021-11-15 13:20:58 +01:00
parent e64621547e
commit 7b4438ec5c
1 changed files with 22 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
README.md
View File

@ -2,7 +2,10 @@
# About
Toolset to render and manage [AWS CloudFormation](https://aws.amazon.com/cloudformation).
Toolset to deploy and maintain infrastructure in automated and trackable manner.
First class support for:
- [AWS CloudFormation](https://aws.amazon.com/cloudformation)
- [Pulumi](https://www.pulumi.com/docs/)
# Install
@ -23,24 +26,37 @@ Options:
Commands:
clean Deletes all previously rendered files locally
create-change-set Creates a change set for an existing stack
create-change-set Creates a change set for an existing stack - CFN only
create-docs Parses all documentation fragments out of rendered...
delete Deletes stacks or stack groups
get-config Get a config value, decrypted if secret
outputs Prints all stack outputs
preview Preview of Pulumi stack up operation
provision Creates or updates stacks or stack groups
render Renders template and its parameters
refresh Refreshes Pulumi stack / Drift detection
render Renders template and its parameters - CFN only
set-config Sets a config value, encrypts with stack key if secret
sync Renders template and provisions it right away
validate Validates already rendered templates using cfn-lint
validate Validates already rendered templates using cfn-lint...
```
## Config management
- Within the config folder each directory represents either a stack group if it has sub-directories, or an actual Cloudformation stack in case it is a leaf folder.
- The actual configuration for each stack is hierachly merged. Lower level config files overwrite higher-level values. Complex data structures like dictionaries and arrays are deep merged.
# Secrets
## Quickstart
TBD
CloudBender supports Mozilla's [SOPS](https://github.com/mozilla/sops) to encrypt values in any config yaml file since version 0.8.1
## Secrets handling
### Pulumi
CloudBender supports the native Pulumi secret handling.
See [Pulumi Docs](https://www.pulumi.com/docs/intro/concepts/secrets/) for details.
### Cloudformation
CloudBender supports [SOPS](https://github.com/mozilla/sops) to encrypt values in any config yaml file since version 0.8.1
If a sops encrypted config file is detected CloudBender will automatically try to decrypt the file during execution.
All required information to decrypt has to be present in the embedded sops config or set ahead of time via sops supported ENVIRONMENT variables.
SOPS support can be disabled by setting `DISABLE_SOPS` in order to reduce timeouts etc.