Raftt Configuration File - raftt.yml
The configuration of Raftt is located in the raftt.yml
file that is created the first time you run raftt up
for the repository.
(It can also be created by running raftt setup
before running raftt up
).
Once the file is created, you need to modify it according to your needs, and we recommend committing it to your repo.
raftt.yml
Example
See below a sample raftt.yml
file containing all possible attributes.
A more detailed explanation can be found below
envDefinition: acme.raftt
host: admiral.acme.raftt.io
data: # Database seeding configuration
- service: db
type: postgres
user: postgres
dump: raftt/dump.sql
secrets: # Secret fetched from local machine
db-password:
inputcommand: python3 ./scripts/get_db_password.py
outputenv: DB_PASSWORD
raftt.yml Specification
envDefinition
A top-level element that contains the path to the .raftt
file containing the environment definition. The filename can be any arbitrary name, but we recommend to use a file extension of .raftt
or .rft
.
host (optional)
A top-level element that configures using a custom Raftt deployment. Contact us if you'd like one :).
data (optional)
A top level element containing a list of databases and their seeding methods. For more information, see here.
Each list entry contains the following keys:
service
- The name of the service that contains the databasetype
- The database type. Can be eitherpostgres
,mongodb
orscript
user
- The user used to connect to the databasedump
- The dump file that is loaded to the database in the seeding phase.keyProvider
- If ascript
type is used, the keyProvider is an additional script that returns a version of the loaded data. This is a significant optimization that shortens the amount of time it takes to deploy the environment.
secrets (optional)
A dictionary whose keys are the secret names that can be referenced as part of the environment.
Each dictionary entry contains the following attributes:
inputcommand
- The command whose output is the secret.tipSince this command runs locally, we recommend using an OS-independent command, so the same raftt.yml file can be shared between team members working with different operating systems.
A possible way to do it is having this command run a short OS-independent python script whose output is the secret.outputenv
- The name of the environment variable for which the value will be the output ofinputcommand
.outputvolume
- Boolean for whether to allow referencing the secret as a volume. If this is true, the secret may be loaded into the environment as a volume.
Secrets loaded into Raftt in this way are never persisted, and are available only within the context of the environment - isolated completely from other users. See Environment Security and Isolation for more information.
For example, the following raftt.yml definition:
secrets:
my-vol-secret:
inputcommand: echo "abcd"
outputvolume: true
my-env-secret:
inputcommand: echo "1234"
outputenv: MY_SECRET_ENV
Along with the following snippet in the docker-compose:
services:
...
my_service:
...
env:
- MY_SECRET_ENV
volumes:
- /SECRETS/my-vol-secret:/root/secret_file
Will make:
- The
MY_SECRET_ENV
env variable in themy_service
container equal1234
. - The file
/root/secret_file
in themy_service
container equalabcd
.
warmUpScript (optional)
A script executed from the context of the dev container before building and deploying the environment. For more details, see the dedicated warmup script documentation.
tearDownScript (optional)
Before an environment is frozen or otherwise destroyed, this script is given a chance to run on the dev container. This can be used to tear down external cloud resources.
We guarantee only 30 seconds of runtime - after that we continue with tearing down the environment regardless of completion.