spg is a tool that generates spring profiles.

spg

ci ci

spg is a tool that generates Spring profiles based on the current environment.

If you develop your micro services with real environments and your yaml files not up to date probably you spend time fixing. The project aims to save you time and you can use it during development and testing.

Installation

There are several ways to install the project.

If you are using MacOS you can install it with Homebrew:

brew tap nekinci/tap
brew install spg

If you want to use it with Docker you can install it with Docker:

docker pull nekinci/spg:latest
alias spg='docker run  -v ${PWD}:/go/src/app -v ${HOME}/.spg:/home/spg/.spg nekinci/spg:latest'

If you want to use npm you can install it with npm:

npm install -g spgjs

Or you can install it with manual installation of the project:

You can visit release page to see the latest version. After that you can download the project and add it to your PATH.

Usage

Firstly you need to create a configuration file. As I explained in the Configuration section you can use the configuration file with the your environment.

And then you must set the configuration file with the spg command:

spg config set <path to configuration file>

If you want to see the current configuration file you can use the spg config print command:

spg config print

Or you can unset the configuration file with the spg config unset command:

spg config unset

To generate a profile you can use the spg generate command. The following example shows how to generate a profile for the my-profile environment. my-profile environment must be defined in the configuration file. -o or --output option is optional. The default value is application-result.yaml. If you want to change the output file you can use the -o or --output option. And lastly you must be give the already exist profile file as an parameter. The following command is a working example:

spg generate -p my-profile -o my-new-profile.yml application.yml application-dev.yml

Configuration

Example: You have a application.yaml file with the following content:

server:
  port: 8080
client:
  urls:
    serviceA: servicea.test.com
    serviceB: serviceb.test.com

Let's assume you want debug the application in prp environment. But you don't have a application-prp.yaml file. And you don't know prp urls. Probably you don't want to create a new file. Because your job is to debug or develop your application. With spg you can generate a application-prp.yaml file with the following content:

server:
  port: 8080
client:
  urls:
    serviceA: servicea.prp.com
    serviceB: serviceb.prp.com

But first you need to define trainer config file that contains url information of your services. Because spg don't know the url of your services. The following config file is an example:

version: v1
information:
  absolute-configs:
    - config-key: spring.http.encoding.force # means change the value of spring.http.encoding.force to true
      environment:
        oc: true
        test: false
        prp: true
        prod: false
    - config-key: keycloak.securityConstraints[0].authRoles[0] # means change the first role of the first security constraint
      environment:
        oc: user
        test: user
        prp: admin
        prod: admin
    - config-key: keycloak.roles[].value # means change all role values under keycloak.roles
      environment:
        oc: user
        test: user
        prp: admin
        prod: admin
    - config-key: "*.keycloak.b" # e.g: abc.keycloak.b, a.b.c.keycloak.b, keycloak.b means change all values of keycloak.b
      environment:
        oc: true
        test: false
        prp: true
        prod: false
  fields:
    - keys: # metadata keys for decide which fields to change
        - a-service
        - aService
      type: url
      environment:
        oc: 
          scheme: http
          value: a-service:8080
        test:
          scheme: http
          value: a-service-test.cloud.com
        prp:
          scheme: http
          value: a-service-prp.cloud.com
        prod:
          scheme: https
          value: a-service.com

Known Issues

  • Don't handled yet metadata in trainer yaml file* (e.g. information.fields.keys)
  • Config array selectors only support for primitive types. Don't supported for complex types.* (e.g. maps or arrays)
Owner
Niyazi Ekinci
Developer
Niyazi Ekinci
Similar Resources

A tool for secrets management, encryption as a service, and privileged access management

A tool for secrets management, encryption as a service, and privileged access management

Vault Please note: We take Vault's security and our users' trust very seriously. If you believe you have found a security issue in Vault, please respo

Jan 2, 2023

A simple, modern and secure encryption tool (and Go library) with small explicit keys, no config options, and UNIX-style composability.

age age is a simple, modern and secure file encryption tool, format, and library. It features small explicit keys, no config options, and UNIX-style c

Dec 28, 2022

🌘🦊 DalFox(Finder Of XSS) / Parameter Analysis and XSS Scanning tool based on golang

🌘🦊 DalFox(Finder Of XSS) / Parameter Analysis and XSS Scanning tool based on golang

Finder Of XSS, and Dal(달) is the Korean pronunciation of moon. What is DalFox 🌘 🦊 DalFox is a fast, powerful parameter analysis and XSS scanner, bas

Jan 5, 2023

Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one place

cent Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one place Inst

Jan 9, 2023

A modern tool for the Windows kernel exploration and tracing

A modern tool for the Windows kernel exploration and tracing

Fibratus A modern tool for the Windows kernel exploration and observability Get Started » Docs • Filaments • Download • Discussions What is Fibratus?

Dec 30, 2022

A scanner/exploitation tool written in GO, which leverages Prototype Pollution to XSS by exploiting known gadgets.

A scanner/exploitation tool written in GO, which leverages Prototype Pollution to XSS by exploiting known gadgets.

ppmap A simple scanner/exploitation tool written in GO which automatically exploits known and existing gadgets (checks for specific variables in the g

Jan 9, 2023

kubescape is the first tool for testing if Kubernetes is deployed securely as defined in Kubernetes Hardening Guidance by to NSA and CISA

kubescape is the first tool for testing if Kubernetes is deployed securely as defined in Kubernetes Hardening Guidance by to NSA and CISA

Kubescape is the first tool for testing if Kubernetes is deployed securely as defined in Kubernetes Hardening Guidance by to NSA and CISA Tests are configured with YAML files, making this tool easy to update as test specifications evolve.

Jan 8, 2023

🌀 Dismap - Asset discovery and identification tool

 🌀 Dismap - Asset discovery and identification tool

🌀 Dismap - Asset discovery and identification tool [English readme Click Me] Dismap 定位是一个资产发现和识别工具;其特色功能在于快速识别 Web 指纹信息,定位资产类型。辅助红队快速定位目标资产信息,辅助蓝队发现疑

Jan 3, 2023

Exploitation of CVE-2018-18925 a Remote Code Execution against the Git self hosted tool: Gogs.

Exploitation of CVE-2018-18925 a Remote Code Execution against the Git self hosted tool: Gogs.

CVE-2018-18925 Exploitation of CVE-2018-18925 a Remote Code Execution against the Git self hosted tool: Gogs. Gogs is based on the Macaron framework.

Nov 9, 2022
Related tags
linenoise is a library that generates strings of random characters that can be used as reasonably secure passwords.

linenoise linenoise is a library that generates strings of random characters (herein called a "noise") that can be used as reasonably secure passwords

Dec 7, 2022
:lock: acmetool, an automatic certificate acquisition tool for ACME (Let's Encrypt)
:lock: acmetool, an automatic certificate acquisition tool for ACME (Let's Encrypt)

acmetool is an easy-to-use command line tool for automatically acquiring certificates from ACME servers (such as Let's Encrypt). Designed to flexibly

Dec 29, 2022
DirDar is a tool that searches for (403-Forbidden) directories to break it and get dir listing on it
DirDar is a tool that searches for (403-Forbidden) directories to break it and get dir listing on it

DirDar v1.0 Description ??‍☠️ bypass forbidden directories - find and identify dir listing - you can use it as directory brute-forcer as well Compatab

Jan 1, 2023
SSRFuzz is a tool to find Server Side Request Forgery vulnerabilities, with CRLF chaining capabilities

SSRFuzz is a tool to find Server Side Request Forgery vulnerabilities, with CRLF chaining capabilities Why?

Dec 8, 2022
A fast tool to mass scan for a vulnerability on Microsoft Exchange Server that allows an attacker bypassing the authentication and impersonating as the admin (CVE-2021-26855).
A fast tool to mass scan for a vulnerability on Microsoft Exchange Server that allows an attacker bypassing the authentication and impersonating as the admin (CVE-2021-26855).

proxylogscan This tool to mass scan for a vulnerability on Microsoft Exchange Server that allows an attacker bypassing the authentication and imperson

Dec 26, 2022
A scalable overlay networking tool with a focus on performance, simplicity and security

What is Nebula? Nebula is a scalable overlay networking tool with a focus on performance, simplicity and security. It lets you seamlessly connect comp

Dec 29, 2022
A tool to check for vulnerabilities in your Golang dependencies, powered by Sonatype OSS Index
A tool to check for vulnerabilities in your Golang dependencies, powered by Sonatype OSS Index

Nancy nancy is a tool to check for vulnerabilities in your Golang dependencies, powered by Sonatype OSS Index, and as well, works with Nexus IQ Server

Dec 22, 2022
A fast tool to scan CRLF vulnerability written in Go
A fast tool to scan CRLF vulnerability written in Go

CRLFuzz A fast tool to scan CRLF vulnerability written in Go Resources Installation from Binary from Source from GitHub Usage Basic Usage Flags Target

Jan 1, 2023
EarlyBird is a sensitive data detection tool capable of scanning source code repositories for clear text password violations, PII, outdated cryptography methods, key files and more.
EarlyBird is a sensitive data detection tool capable of scanning source code repositories for clear text password violations, PII, outdated cryptography methods, key files and more.

EarlyBird is a sensitive data detection tool capable of scanning source code repositories for clear text password violations, PII, outdated cryptograp

Dec 10, 2022
Nuclei is a fast tool for configurable targeted vulnerability scanning based on templates offering massive extensibility and ease of use.
Nuclei is a fast tool for configurable targeted vulnerability scanning based on templates offering massive extensibility and ease of use.

Fast and customisable vulnerability scanner based on simple YAML based DSL. How • Install • For Security Engineers • For Developers • Documentation •

Dec 30, 2022