Skip to main content

Integrations

You must provide all the configuration values of an integration type when creating a Target for it to work properly.

Databases#

Mysql#

SQL scripts targeting a Mysql database.

Type: mysql

Configurations:

NameDescription
MYSQL_HOSTThe Mysql database hostname. No formatting or port numbers, just the hostname.
MYSQL_DBThe name of the Mysql schema
MYSQL_USERThe database username
MYSQL_PASSThe database password
MYSQL_PORTOptional, defaults to 3306
FIELD_SEPARATOROptional, defaults to tab for mysql and to , for mysql-csv

Postgres#

SQL scripts targeting a Postgres database.

Type: postgres

Configurations:

NameDescription
PG_HOSTThe Postgres database hostname. No formatting or port numbers, just the hostname.
PG_DBThe name of the Postgres database
PG_USERThe database username
PG_PASSThe database password
PG_PORTOptional, defaults to 5432
FIELD_SEPARATOROptional, defaults to tab for postgres and to , for postgres-csv

MongoDB#

Javascript MongoDB queries

Type: mongodb

Configurations:

NameDescription
MONGO_CONNECTION_URIThe MondoDB URI, in the format: < protocol :// user:pass @ host:port / database ? parameters >

SQL Server#

SQL scripts target a Microsoft SQL Server database

Type: sql-server

Configurations:

NameDescription
MSSQL_CONNECTION_URIThe server name which will be used to connect to the SQL instance, format: [protocol:]server[instance_name][,port]
MSSQL_USERThe database username
MSSQL_PASSThe database password
MSSQL_DBThe name of the SQL Server database
FIELD_SEPARATOROptional, defaults to table output, using other character will suppress spaces

Connection URI examples:

  • MSSQL_CONNECTION_URI=tcp:192.168.10.110,1490
  • MSSQL_CONNECTION_URI=192.168.10.110 (defaults to tcp and port 1433)

Containers#

Docker#

Supported Types

Type: shell

Shell commands.

Example:

--script 'echo 123'

Type: rails

Runs Ruby code in the context of Rails.

Example:

--script 'Model.long_running_method'

Kubernetes#

Supported Types

Type: k8s

kubectl commands. You don't need to provide the kubectl piece of the command in the script.

Example:

--script 'get pods'

Type: k8s-exec

Bash script targeting a Pod or Deployment running in a Kubernetes cluster. You can use this type of Task to run scripts inside running containers (Pods), including local HTTP calls with curl, Rails runner or Elixir IEX commands, and many more.

The script must have the format:  deploy/{deployment_name} -- {bash_script}, where bash_script will be executed inside one of the pods of deployment_name

Example:

--script 'deploy/rails-app -- rails runner "puts User.first.to_json"'

Configuration:

NameDescription
KUBE_CONFIG_DATAA base64 encoded kubeconfig YAML file. Check this guide for instructions on how to create the config file.

AWS ECS#

Type: ecs-exec

Bash script targeting a Task running in an ECS cluster. You can use this type of Task to run scripts inside running containers (Tasks), including local HTTP calls with curl, Rails runner or Elixir IEx commands, and many more.

--script 'rails runner "puts User.first.to_json"'

Configuration:

1. ECS Service#

Attach the following IAM policy to the ECS Task. Feel free to add specific clusters or tasks to the resources to limit access to the policy.

{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"ssmmessages:CreateControlChannel",
"ssmmessages:CreateDataChannel",
"ssmmessages:OpenControlChannel",
"ssmmessages:OpenDataChannel"
],
"Resource": "*"
}
]
}

Set the enable-execute-command option to true in the ECS Service.

info

You need awscli version 2.1 or higher.

aws ecs update-service \
--service 'my-ecs-service' \
--cluster 'my-ecs-cluster' \
--enable-execute-command

2. AWS User for Runops#

A set of AWS credentials for a user with the following IAM policy. These are the credentials we will configure as Secrets. You can add specific ECS Clusters or Tasks to the Resource object to further limit the policy.

{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"ecs:ExecuteCommand",
"ecs:DescribeTasks"
],
"Resource": "*"
}
]
}

3. Target secrets#

NameDescription
AWS_ACCESS_KEY_IDAWS Credentials.
AWS_SECRET_ACCESS_KEYAWS Credentials.
ECS_CLUSTERThe name of the ECS Cluster.
ECS_TASK_IDThe ID of the ECS Task.
ECS_CONTAINERThe name of the running container of the ECS Task.

AWS ECS Rails Runner Exec#

Type: rails-console-ecs

A wrapper to command rails runner on ECS, example:

runops tasks create -t `<target>` -s 'puts "Hello World From ECS"'

In order for this to work the ECS need to be configured properly, check this additional information:

Target Secrets#

NameDescription
ECS_AWS_ACCESS_KEY_IDECS AWS Access Key ID.
ECS_AWS_SECRET_ACCESS_KEYECS AWS Secret Access Key.
ECS_AWS_REGIONECS AWS Region.
ECS_CLUSTERThe name/ARN of the ECS Cluster.
ECS_SERVICE_NAMEThe name of the ECS service
ECS_CONTAINERThe name of the running container of the ECS Task.

Limitations#

  • Executing an invalid ECS task will not result in an Runops Task error.
  • One off (standalone) tasks doesn't work yet
  • It's not possible to run a command in a specific task, it will select the first task of a given cluster/service

Infrastructure#

Terraform#

Plan and apply Terraform projects from a remote Git repository.

Type: terraform

Configuration:

NameDescription
REPOSITORY_URLThe ssh-formated URL of the Git repository.
DEPLOY_KEYA base64-encoded private key for ssh access to the Git repository. This key can have only read-access to the repository.
CLIENT_IDAzure Client ID.
CLIENT_SECRETAzure Client Secret.
SUBSCRIPTION_IDAzure Subscription ID.
TENANT_IDAzure Tenant ID.
AWS_ACCESS_KEY_IDAWS Access Key ID.
AWS_SECRET_ACCESS_KEYAWS Secret Key.

Cloud#

AWS#

Bash scripts targeting an AWS Account using the AWS CLI binary or python boto3 scripts.

Type: awscli

AWS CLI commands

Type: python

Python with boto3 scripts

Configuration:

NameDescription
AWS_ACCESS_KEY_IDAWS Access Key ID.
AWS_SECRET_KEYAWS Secret Key.

GCP#

NameDescription
SERVICE_ACCOUNT_KEYA base64 Google Cloud Platform service account json file.

Azure#

Azure CLI (az) access.

Type: azurecli

Configuration:

NameDescription
CLIENT_IDAzure Client ID.
CLIENT_SECRETAzure Client Secret.
SUBSCRIPTION_IDAzure Subscription ID.
TENANT_IDAzure Tenant ID.

Heroku#

Heroku CLI access.

Configuration:

NameDescription
HEROKU_API_KEYThis token is used for authentication in all other Heroku API requests, and can be regenerated at will by the user in the heroku.com web interface.

Consoles#

Elixir IEx#

You can run iEX commands with any of the containers integrations for a running Elixir application. See Kubernetes or ECS

Rails#

Run Rails console commands

You can run Rails runner with any of the containers integrations for a running Elixir application. See Kubernetes or ECS

Type: rails

To execute rails scripts. The command executed under the hooks is rails {script}.

Type: rails-console

To execute "rails runner" commands. The command executed under the hooks is rails runner {script}.

Type: rails-console-k8s

To execute rails commands on a rails app running on a kubernetes cluster.

The command that is performed under the hook is kubectl exec -n {namespace} {deployment-name} -- bundle exec rails runner {script}.

Configuration:

NameDescription
KUBE_CONFIG_DATAa base64 of the kubeconfig file.
NAMESPACEThe kubernetes namespace.
DEPLOYMENTThe deployment name at kubernetes.

Django#

Django admin commands

You can run Django admin commands with any of the containers integrations for a running Elixir application. See Kubernetes or ECS

Vaults#

Hashicorp-vault#

Hashicorp vault CLI access.

Type: hashicorp-vault

Configuration:

NameDescription
VAULT_ADDRVault addres.
VAULT_TOKENVault token.
VAULT_PORTOptional, defaults to 8200.
VAULT_NAMESPACEOptional namespace.