Skip to main content

Targets

Targets define where a Task will run and using what credentials, after which teams review them.

The Target Object#

name#

The name of the Target.

message#

A description for the Target.

type#

The type of the integration for the Target.

channel#

The name of the Slack channel to send the review messages.

review#

The review configuration for Target: none, default, or teams.

Review ModeDescription
noneThe default mode. Skips reviews and new Tasks are ready to run.
anyoneAnyone with access to the review message in Slack can review the Task. You can control who can review the Task by using a private Slack channel.
teamOnly people from specific teams can review the Tasks. Requires a list of team names in the reviewers option. At least one person from each team has to approve the Task.

reviewers#

A comma-separated list of names with the Teams that must review Tasks on this Target.

channel#

The name of the Slack channel to send review messages. Optional when review=none

secrets#

A list of key-value pairs with passwords and keys required to run tasks. The required secret names are defined on the type of Integration in the Target.

runner#

Where tasks will run.

runops-hosted: runners will access resources reachable from the internet, like AWS or GCP APIs. They require no additional setup.

self-hosted: require additional setup to reach resources running on private networks.

token#

The secret token used to setup self-hosted runners

For runops V2 runner, below configuration is required

runner_provider#

The entity responsible for executing the tasks.

ProviderDescription
runopsRunops open source runner. Faster and can run "on premise".
githubDefault runner, if not provided.

secret_provider#

If using runops runner, then a third party secret provider is required. AWS secrets maneger, Hashcorp vault (databases and KV engines supported).)

ProviderDescription
awsIf using AWS secrets manager.
hashcorp/dbIf using hashcorp vault databases engine (dynamic secrets).
hashcorp/kvIf using hashcorp vault KV engine (static secrets).

secret_path#

The name or the path of the secret. For AWS, the secret name. For vault, the path, including the engine (i.e. '/v1/secret/foo' or '/databases/creds/my-postgres')

tags#

Tags are used to bind the runner to run only specific targets. Normally this is related to environments, such as 'dev' or 'prod', but can be any string.

config#

Configs are mostly used for hashcorp vault databases engines. Since this engine does not return the HOST and the PORT of the DB, some extra config is required (JSON format)

--config '{"PG_HOST":"", "PG_PORT":5432}'

Custom markup