### Running Spacelift Installer (Shell) Source: https://github.com/spacelift-io/user-documentation/blob/main/docs/product/administration/install.md This command initiates the Spacelift installer script. The optional `-c` flag allows you to specify a custom configuration file path; otherwise, it defaults to `config.json`. ```shell ./install.sh [-c ""] ``` -------------------------------- ### Example Spacelift Uninstall Command (Shell) Source: https://github.com/spacelift-io/user-documentation/blob/main/docs/product/administration/install.md This is a simple example of running the `uninstall.sh` script without any additional flags. By default, it will prompt for confirmation and retain S3 buckets, the database, and KMS keys for potential restoration. ```shell ./uninstall.sh ``` -------------------------------- ### Extracting Spacelift Release Artifacts (Shell) Source: https://github.com/spacelift-io/user-documentation/blob/main/docs/product/administration/install.md These commands extract the Spacelift self-hosted release archive and navigate into the newly created directory. Replace `` with the actual version number of the installed release. This prepares the environment for running the installation scripts. ```shell tar -zxf self-hosted-.tar.gz cd self-hosted- ``` -------------------------------- ### Spacelift Installation Completion Output (Shell) Source: https://github.com/spacelift-io/user-documentation/blob/main/docs/product/administration/install.md This shell output shows the successful completion message of the Spacelift installer. It provides critical information, including the Load balancer DNS for setting up DNS entries and the Launcher container image URL. ```shell Installation info: * Load balancer DNS: spacelift-server-1234567890.eu-west-1.elb.amazonaws.com * Launcher container image: 123456789012.dkr.ecr.eu-west-1.amazonaws.com/spacelift-launcher:v0.0.6 [2023-01-24T11:30:59+0000] INFO: Spacelift version v0.0.6 has been successfully installed! ``` -------------------------------- ### Configure CloudFormation Stack Capabilities Source: https://github.com/spacelift-io/user-documentation/blob/main/docs/vendors/cloudformation/getting-started.md Set environment variables within Spacelift to manage CloudFormation stack capabilities. For example, setting `CF_CAPABILITY_IAM` to `1` acknowledges the need for IAM resource creation during stack deployment. ```Shell CF_CAPABILITY_IAM=1 ``` -------------------------------- ### GitHub Integration Setup Options Source: https://github.com/spacelift-io/user-documentation/blob/main/docs/getting-started/integrate-source-code/GitHub.md Describes the two primary methods for setting up a GitHub integration within Spacelift: using the recommended wizard or manual configuration. The wizard simplifies the process, while manual setup is for specific edge cases. ```APIDOC GitHub Integration Setup: - Recommended: Set up via wizard - Alternative: Set up manually (use only if other methods fail) ``` -------------------------------- ### Spacelift Installer Confirmation Prompt Source: https://github.com/spacelift-io/user-documentation/blob/main/docs/installing-spacelift/cloudformation/install.md Example output from the Spacelift installer script during execution. It shows the installation version, target AWS account ID, and prompts the user for confirmation to proceed with the installation. ```shell ./install.sh [2023-01-24T12:17:52+0000] INFO: installing version v0.0.6 of Spacelift into AWS account 123456789012 Are you sure you want to continue? Only 'yes' will be accepted: yes ``` -------------------------------- ### Kubernetes Deployment Manifest Source: https://github.com/spacelift-io/user-documentation/blob/main/docs/vendors/kubernetes/getting-started.md This YAML defines a Kubernetes Deployment for an Nginx application. It specifies the number of replicas, container image, and exposed ports, creating a stateless application. ```yaml apiVersion: apps/v1 kind: Deployment metadata: name: nginx-deployment spec: selector: matchLabels: app: nginx replicas: 2 # tells deployment to run 2 pods matching the template template: metadata: labels: app: nginx spec: containers: - name: nginx image: nginx:1.14.2 ports: - containerPort: 80 ``` -------------------------------- ### Installer Confirmation Prompt (Shell) Source: https://github.com/spacelift-io/user-documentation/blob/main/docs/product/administration/install.md This shell output demonstrates the interactive confirmation prompt during the Spacelift installation process. Users must type 'yes' to confirm the AWS account ID and proceed with the installation. ```shell ./install.sh [2023-01-24T12:17:52+0000] INFO: installing version v0.0.6 of Spacelift into AWS account 123456789012 Are you sure you want to continue? Only 'yes' will be accepted: yes ``` -------------------------------- ### Example Certificate Text Format Source: https://github.com/spacelift-io/user-documentation/blob/main/docs/installing-spacelift/cloudformation/advanced-installations.md This is an example of a typical X.509 certificate in PEM format. For use with Spacelift's `ca_certificates` configuration, this content needs to be base64-encoded and placed on a single line. ```text -----BEGIN CERTIFICATE----- MIIFsTCCA5mgAwIBAgIUDD/4VBfLx5K/tAY+SckH05TJ8i8wDQYJKoZIhvcNAQEL BQAwaDELMAkGA1UEBhMCR0IxETAPBgNVBAgMCFNjb3RsYW5kMRAwDgYDVQQHDAdH bGFzZ293MRkwFwYDVQQKDBBBZGFtIEMgUm9vdCBDQSAxMRkwFwYDVQQDDBBBZGFt IEMgUm9vdCBDQSAxMB4XDTIzMDMxMzExMzYxMVoXDTI1MTIzMTExMzYxMVowaDEL MAkGA1UEBhMCR0IxETAPBgNVBAgMCFNjb3RsYW5kMRAwDgYDVQQHDAdHbGFzZ293 MRkwFwYDVQQKDBBBZGFtIEMgUm9vdCBDQSAxMRkwFwYDVQQDDBBBZGFtIEMgUm9v dCBDQSAxMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAxjv/+sInXiQ+ 2Fb+itF8ndlpmmYUoZwYN4dx+2wrcbOVngTvy4sE+33nGBzH4vt4pOhKTWwaYXFI 0CzqoIoazi8Zl0medyrwtIUDZ1pNcVugb4KAFb9Jbq40Ik3xG6t16maxQJGTiAG2 /xVtsuYdhnBGx//61SEbEwSpR145/Qf1cba8RlRQMz4QUWNe8XXo3SYaX2kxiw2V 1Op+fQxg2jf1AyzQXX1ch1jyG5RLESPUMFkBiQwi7LOSCaavfJEUzwqeoORgd7Ti uyMV+4Gsb1XAnK7KXYwisGeP5/QNFPAByfAdPjR20rMYYHfxqEDth4Najjmu/iyF P Gk4CobRhitTtJXT/QxWcvtrRu1BCVnedyESMyiya4Q9dn27rFjjg3ZARqWOZhyq OTWHo2mO2FzEJuxhvYNe2iYVp2s8wMTB02nP3wpWoYwje2yDwcjkIl8uXKzEZ9Gf FATJaCLoO8o5J2HXsgOIqXlpzU9tUtEew/xTzZqX5A34o8/+NgUtm0F7joWa5mDC QB7L8cKfACydfpekJx/gFUGSy/5vdfBzOczc6Bmh66yHPBRDcgyDFnnx34m/XVQa rBwwIDDbqu3sscdOgm9v8csCJd0YlXGb/x4oAA61IITnsNd9NCw0GJIquSEcYiCE A0YrQTKVfRAXuhSZ1VPIuxXiF2K3XTMCAwEAAaNTMFEwHQYDVR0OBBYEFD55R4mt 0hNOJUgPL0JBKZB1jybSMB8GA1UdIwQYMBaAFD55R4mt0hNOJUgPL0JBKZB1jybS MA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggIBAHecVjMklTkS2Py5 XNpJ9cdzG66GuPDw8aQZIunrxqYud74CA1Y0K26kyDJkLnWzVa7nT+F0d8Qn3tov vFwI3xy5l+4upmuZ3u1jFEMiSk8C2FPohLDnDo3rwEUCGvJ6a4Gas7YyHPGL3DrJ 0dcu9wsX9cYB2YJ27QosZ5s6zmmUvBGTI30JNvPnSoC7kzqD3ArxvTEW9WaUqoJt 88lsMnn6+ps9A6exb/fK909ZWaEJWRd9cdMET0fna7EhhkO+Cqz415RgMxlK7ggT 97CvkjvvLNeFT5naHbzUANqfMVRRcUaP3PjTC9z5cDo9CaPaFjV/+Uxax2mAlARk fqYyWoqvZH90czpvFG1jUo6P4NpyxZS8layJwD24qX+EON43WYApLsl/jE2A/JmQ MdgWNhOy4HP8U8+aANr0Ev7gWWNi6VcR8T6PT/rbAGjnPmVmoZ4rc7CdoS8ZQZJh K8ELA17+pnMTgo7wxfARqL+p+mqgtUxRbiWitev8F2hUVB/SwP8hpcGrdhTEN7td pSW1ykPeGJFKSBo5QHanqqPFCzqtFeoL9DhYx5/xE6FpKMLg3vVcFsHu6glS8iMV 4Hvb2fXuhXxLTBCbD1+5lLP/bHXogQKmp2H6Oj0e6WBmQ0xqGou4Il6bavsZCx2v ADWvlue5jXdNu5xPZdsNVNAluAne ``` -------------------------------- ### JSON: Custom VPC Configuration Example Source: https://github.com/spacelift-io/user-documentation/blob/main/docs/installing-spacelift/cloudformation/advanced-installations.md An example JSON configuration for Spacelift's custom VPC installation. It specifies VPC ID, subnet IDs, and security group IDs required for a custom deployment. ```json { "vpc_config": { "use_custom_vpc": true, "vpc_id": "vpc-091e6f4d35908e7c1", "private_subnet_ids": "subnet-01a25f47c5a7e94fc,subnet-035169be40fbfbbbf,subnet-09c72e8ab5499eed1", "public_subnet_ids": "subnet-08aa756ab626d690f,subnet-0d03bb49f32922d93,subnet-0d85c4a80db226099", "drain_security_group_id": "sg-045061f7120343acd", "load_balancer_security_group_id": "sg-086a38a75894c4fc5", "server_security_group_id": "sg-0cb943fd285fc5c85", "scheduler_security_group_id": "sg-0ef464fd834fc5a43", "installation_task_security_group_id": "sg-03b9b0e17cce91d3a", "database_security_group_id": "sg-0b67dd8ad00e237fd", "availability_zones": "eu-west-1a,eu-west-1b,eu-west-1c" } } ``` -------------------------------- ### GitHub App Configuration via Wizard Source: https://github.com/spacelift-io/user-documentation/blob/main/docs/getting-started/integrate-source-code/GitHub.md Details the steps and parameters required when configuring a GitHub integration using the Spacelift setup wizard. This includes selecting integration type, ownership, and providing application details. ```APIDOC GitHub App Setup (Wizard): 1. Select integration target: - GitHub.com - Self-hosted GitHub installation 2. Select account ownership: - Personal account - Organization account 3. Create GitHub App on GitHub.com: - Enter Integration Name (unique, cannot be changed later) - Click 'Create GitHub app' 4. Fill additional information: - Integration Name: Unique identifier, determines webhook endpoint. - Integration Type: Default (all spaces) or Space-specific. - Note: Only one default integration per VCS provider per Spacelift account. - VCS Checks: Individual checks per stack or aggregated checks across stacks. - Labels: For organizing integrations. - Description: Markdown-formatted free-form text. 5. Finalize setup: Click 'Set up'. The app will be installed on GitHub. ``` -------------------------------- ### Serving Self-Hosted Docs Locally via Docker with Mike Source: https://github.com/spacelift-io/user-documentation/blob/main/CONTRIBUTING.md This comprehensive Docker command sets up and serves the self-hosted documentation locally. It pulls the Python Alpine image, installs necessary dependencies like Git and MkDocs, installs project requirements, and then runs `mike serve` from the `self-hosted-releases-prod` branch, making the documentation accessible on port 8000. ```Shell docker run --pull always --rm -it -p 8000:8000 -v ${PWD}:/docs python:$(cat .python-version | tr -d '\n')-alpine sh -c "apk add git && git config --global --add safe.directory /docs && pip install mkdocs && pip install -r /docs/requirements.txt && cd /docs && mike serve --branch self-hosted-releases-prod -a '0.0.0.0:8000'" ``` -------------------------------- ### AWS EKS Kubeconfig Update Command Source: https://github.com/spacelift-io/user-documentation/blob/main/docs/vendors/kubernetes/getting-started.md This bash command updates the kubeconfig file to authenticate with a specified AWS EKS cluster. It requires the AWS region and cluster name as parameters, ensuring the worker can connect to the correct cluster. ```bash aws eks update-kubeconfig --region $region-name --name $cluster-name ``` -------------------------------- ### Install Development Version of Mike Source: https://github.com/spacelift-io/user-documentation/blob/main/CONTRIBUTING.md Installs the development version of the Mike tool, which is used for managing self-hosted documentation versions. This command fetches the latest version directly from the GitHub repository. ```python pip install git+https://github.com/jimporter/mike.git ``` -------------------------------- ### Example Output for AWS IoT Data Endpoint Query Source: https://github.com/spacelift-io/user-documentation/blob/main/docs/product/administration/advanced-installations.md This snippet shows an example JSON output from the `aws iot describe-endpoint` command. It illustrates the format of the `endpointAddress` which is needed for creating the private hosted zone and A record in Route53 for the IoT data endpoint. ```shell { "endpointAddress": "b2mdsfpsxca6rx-ats.iot.us-east-1.amazonaws.com" } ``` -------------------------------- ### Install Spacectl CLI with GitHub Action Source: https://github.com/spacelift-io/user-documentation/blob/main/docs/integrations/source-control/github.md This snippet demonstrates how to use the Setup Spacectl GitHub Action to install the Spacectl CLI tool within a GitHub Actions workflow. This allows for easy interaction with Spacelift from your CI/CD pipelines. ```yaml name: Spacelift CLI Setup on: [push] jobs: build: runs-on: ubuntu-latest steps: - name: Checkout code uses: actions/checkout@v3 - name: Setup Spacectl CLI uses: spacelift-io/setup-spacectl@v1 - name: Run Spacectl command run: spacectl version ``` -------------------------------- ### Test Deployed Lambda Functions Source: https://github.com/spacelift-io/user-documentation/blob/main/docs/vendors/cloudformation/getting-started.md After successful deployment, invoke the created Lambda functions via the API Gateway URL. Use `curl` with the appropriate suffix (e.g., `hello1` or `hello2`) to test the endpoints. ```Shell curl /hello1 curl /hello2 ``` -------------------------------- ### Execute Installer for Disaster Recovery Setup Source: https://github.com/spacelift-io/user-documentation/blob/main/docs/installing-spacelift/cloudformation/disaster-recovery.md This command executes the Spacelift installer script with a provided configuration file. It is used after updating the configuration to include disaster recovery settings, ensuring the installer applies the new settings and completes the DR setup. ```bash ./install.sh -c config.json ``` -------------------------------- ### Install Spacelift Migration Kit Source: https://github.com/spacelift-io/user-documentation/blob/main/docs/product/migrating-to-spacelift.md Steps to clone the Spacelift Migration Kit repository from GitHub, navigate into the directory, install Python dependencies using Poetry, and activate the Python virtual environment. ```Shell git clone git@github.com:spacelift-io/spacelift-migration-kit.git cd spacelift-migration-kit poetry install $(poetry env activate) ``` -------------------------------- ### Example SNS Topic Access Policy for CloudWatch Alarms (JSON) Source: https://github.com/spacelift-io/user-documentation/blob/main/docs/product/administration/install.md This JSON policy snippet provides an example of an AWS SNS topic access policy. It grants the `cloudwatch.amazonaws.com` service principal permission to publish messages (`sns:Publish`) to the specified SNS topic (``). This policy is crucial for CloudWatch alarms to successfully send notifications to the SNS topic configured for Spacelift alerting. ```JSON { "Sid": "Allow_Publish_Alarms", "Effect": "Allow", "Principal": { "Service": "cloudwatch.amazonaws.com" }, "Action": "sns:Publish", "Resource": "" } ``` -------------------------------- ### Spacectl CLI Help Source: https://github.com/spacelift-io/user-documentation/blob/main/docs/concepts/spacectl.md Displays all available commands and global options for the Spacectl CLI. This is the entry point for understanding the CLI's capabilities. ```bash > spacectl help NAME: spacectl - Programmatic access to Spacelift GraphQL API. USAGE: spacectl [global options] command [command options] [arguments...] VERSION: 0.26.0 COMMANDS: module Manage a Spacelift module profile Manage Spacelift profiles provider Manage a Terraform provider run-external-dependency Manage Spacelift Run external dependencies stack Manage a Spacelift stack whoami Print out logged-in users information version Print out CLI version workerpool Manages workerpools and their workers help, h Shows a list of commands or help for one command GLOBAL OPTIONS: --help, -h show help --version, -v print the version ``` -------------------------------- ### Comprehensive Blueprint Example with All Options Source: https://github.com/spacelift-io/user-documentation/blob/main/docs/concepts/blueprint/README.md This comprehensive YAML example illustrates all available configuration options for a Spacelift Blueprint. It covers defining various input types (text, secret, select, boolean, number), configuring stack properties, managing attachments (contexts, clouds, policies), setting environment variables, and defining lifecycle hooks for different run phases. ```yaml inputs: - id: environment name: Environment to deploy to # type is not mandatory, defaults to short_text - id: app name: App name (used for naming convention) type: short_text - id: description name: Description of the stack type: long_text # long_text means you'll have a bigger text area in the UI - id: connstring name: Connection string to the database type: secret # secret means the input will be masked in the UI - id: tf_version name: Terraform version of the stack type: select options: - "1.3.0" - "1.4.6" - "1.5.0" - id: manage_state name: Should Spacelift manage the state of Terraform default: true type: boolean - id: destroy_task_epoch name: Epoch timestamp of when to destroy the resources type: number options: # If true, a tracked run will be triggered right after the stack is created trigger_run: true # If true, the stack will not be created, useful when using inputs and multiple stacks in a single template. do_not_create: false stack: name: ${{ inputs.app }}-{{ inputs.environment }}-stack space: root # The single-quote is needed to avoid YAML parsing errors since the question mark # and the colon are reserved characters in YAML. description: '${{ inputs.environment == "prod" ? "Production stack" : "Non-production stack" }}. Stack created at ${{ string(context.time) }}.' is_disabled: ${{ inputs.environment != 'prod' }} labels: - Environment/${{ inputs.environment }} - Vendor/Terraform - Owner/${{ context.user.login }} - Blueprint/${{ context.blueprint.name }} - Space/${{ context.blueprint.space }} administrative: false allow_promotion: false auto_deploy: false auto_retry: false local_preview_enabled: true secret_masking_enabled: true protect_from_deletion: false runner_image: public.ecr.aws/mycorp/spacelift-runner:latest worker_pool: 01GQ29K8SYXKZVHPZ4HG00BK2E attachments: contexts: - id: my-first-context-vnfq2 priority: 1 clouds: aws: id: 01GQ29K8SYXKZVHPZ4HG00BK2E read: true write: true azure: id: 01GQ29K8SYXKZVHPZ4HG00BK2E read: true write: true subscription_id: 12345678-1234-1234-1234-123456789012 policies: - my-push-policy-1 - my-approval-policy-1 environment: variables: - name: MY_ENV_VAR value: my-env-var-value description: This is my non-encrypted environment variable - name: TF_VAR_CONNECTION_STRING value: ${{ inputs.connstring }} description: The connection string to the database secret: true mounted_files: - path: a.json content: | { "a": "b" } description: This is the configuration of x feature secret: true hooks: apply: before: ["sh", "-c", "echo 'before apply'"] after: ["sh", "-c", "echo 'after apply'"] init: before: ["sh", "-c", "echo 'before init'"] after: ["sh", "-c", "echo 'after init'"] plan: before: ["sh", "-c", "echo 'before plan'"] after: ["sh", "-c", "echo 'after plan'"] perform: before: ["sh", "-c", "echo 'before perform'"] after: ["sh", "-c", "echo 'after perform'"] destroy: before: ["sh", "-c", "echo 'before destroy'"] after: ["sh", "-c", "echo 'after destroy'"] run: # There is no before hook for run ``` -------------------------------- ### Spacelift Backend Service Commands Source: https://github.com/spacelift-io/user-documentation/blob/main/docs/installing-spacelift/reference-architecture/reference/general-configuration.md Lists the commands used to run different Spacelift backend services. These commands are executed via the `spacelift` binary within the Spacelift container image. ```APIDOC spacelift backend server Runs the HTTP server and (optionally) built-in MQTT broker. spacelift backend drain-local Runs the asynchronous event processing service. spacelift scheduler Runs the service responsible for triggering scheduled background tasks (cron jobs). ``` -------------------------------- ### Example Self-Managed Database Connection String Format (JSON) Source: https://github.com/spacelift-io/user-documentation/blob/main/docs/product/administration/install.md This JSON snippet illustrates the required format for the `DATABASE_URL` within an SSM secret when using a self-managed PostgreSQL database with Spacelift. It specifies the protocol, username, password, RDS URL, port, database name, and an optional query parameter for statement cache capacity. This secret is referenced by `database.connection_string_ssm_arn`. ```JSON {"DATABASE_URL":"postgres://:@/?statement_cache_capacity=0"} ``` ```JSON {"DATABASE_URL":"postgres://spacelift:pw@spacelift.cluster-abc123.eu-west-3.rds.amazonaws.com:5432/spacelift?statement_cache_capacity=0"} ``` -------------------------------- ### Run Spacelift Installer Source: https://github.com/spacelift-io/user-documentation/blob/main/docs/installing-spacelift/cloudformation/install.md This command initiates the Spacelift installation process. It accepts an optional configuration file path using the -c flag, defaulting to config.json if not provided. The script checks AWS connectivity and prompts for confirmation before proceeding. ```shell ./install.sh [-c ""] ``` -------------------------------- ### Configuring Custom IoT Broker Endpoint in Spacelift (JSON) Source: https://github.com/spacelift-io/user-documentation/blob/main/docs/product/administration/install.md This JSON snippet demonstrates how to specify a custom IoT broker endpoint in the `config.json` file for Spacelift. The `iot_broker_endpoint` field allows overriding the default AWS IoT Core endpoint, enabling communication with workers via a custom domain. This requires prior setup of the custom endpoint and DNS in AWS IoT Core. ```JSON { "spacelift_hostname": "spacelift.myorg.com", "iot_broker_endpoint": "worker-iot.spacelift.myorg.com", "... other settings" } ``` -------------------------------- ### Dockerfile for SAM Integration Source: https://github.com/spacelift-io/user-documentation/blob/main/docs/vendors/cloudformation/integrating-with-sam.md This Dockerfile sets up an environment with AWS SAM CLI installed. It starts from a Spacelift runner image, installs necessary tools like curl, creates a Python virtual environment, installs awscli and aws-sam-cli, and finally verifies the SAM CLI installation. The user is switched back to 'spacelift' at the end. ```docker FROM public.ecr.aws/spacelift/runner-terraform USER root WORKDIR /home/spacelift RUN apk -v --update --no-cache add curl RUN python3 -m venv /home/spacelift/.venv && \ source /home/spacelift/.venv/bin/activate && \ python3 -m ensurepip --upgrade && \ pip3 install --upgrade pip && \ pip3 install --upgrade awscli aws-sam-cli && \ pip3 uninstall --yes pip RUN source /home/spacelift/.venv/bin/activate && sam --version USER spacelift ``` -------------------------------- ### Previewing Local Documentation Changes Source: https://github.com/spacelift-io/user-documentation/blob/main/CONTRIBUTING.md Provides shell commands to fetch the specific branch for self-hosted releases and serve the documentation locally using the 'mike serve' command. This allows developers to preview changes before merging. ```shell git fetch origin self-hosted-releases-prod ``` ```shell mike serve --branch self-hosted-releases-prod ``` ```shell docker run --pull always --rm -it -p 8000:8000 -v ${PWD}:/docs python:$(cat .python-version | tr -d '\n')-alpine sh -c "apk add git && git config --global --add safe.directory /docs && pip install mkdocs && pip install -r /docs/requirements.txt && cd /docs && mike serve --branch self-hosted-releases-prod -a '0.0.0.0:8000'" ``` -------------------------------- ### OPA Initialization Policy Example Source: https://github.com/spacelift-io/user-documentation/blob/main/docs/concepts/policy/run-initialization-policy.md A simple Open Policy Agent (OPA) policy that denies any run from proceeding. This example demonstrates how a single 'deny' rule with a string message can fail a run before it starts. ```opa package spacelift deny["you shall not pass"] { true } ``` -------------------------------- ### Curl Example for Deployed Webserver Source: https://github.com/spacelift-io/user-documentation/blob/main/docs/vendors/pulumi/c-sharp.md Demonstrates how to test the deployed webserver by curling its public DNS address. This verifies that the application is running and accessible. ```bash ~> curl ec2-18-184-92-34.eu-central-1.compute.amazonaws.com Hello, World! ``` -------------------------------- ### Install Pre-commit Hook Source: https://github.com/spacelift-io/user-documentation/blob/main/CONTRIBUTING.md Installs the git hook for pre-commit, which automatically runs validation tests on modified files during commit creation. This ensures consistency and quality of documentation changes. ```shell pre-commit install ``` -------------------------------- ### Example Task Commands Source: https://github.com/spacelift-io/user-documentation/blob/main/docs/concepts/run/task.md Illustrates common commands that can be executed as Spacelift tasks, demonstrating their flexibility for environment checks and infrastructure operations. ```bash ls -la ``` ```bash env ``` ```bash terraform state show ``` ```bash terraform taint ``` -------------------------------- ### Example Raw TLS Certificate Format Source: https://github.com/spacelift-io/user-documentation/blob/main/docs/product/administration/advanced-installations.md This snippet provides an example of a raw TLS certificate in PEM format. Before being used in Spacelift's `config.json`, such certificates must be base64-encoded and placed on a single line. ```text -----BEGIN CERTIFICATE----- MIIFsTCCA5mgAwIBAgIUDD/4VBfLx5K/tAY+SckH05TJ8i8wDQYJKoZIhvcNAQEL BQAwaDELMAkGA1UEBhMCR0IxETAPBgNVBAgMCFNjb3RsYW5kMRAwDgYDVQQHDAdH bGFzZ293MRkwFwYDVQQKDBBBZGFtIEMgUm9vdCBDQSAxMRkwFwYDVQQDDBBBZGFt IEMgUm9vdCBDQSAxMB4XDTIzMDMxMzExMzYxMVoXDTI1MTIzMTExMzYxMVowaDEL MAkGA1UEBhMCR0IxETAPBgNVBAgMCFNjb3RsYW5kMRAwDgYDVQQHDAdHbGFzZ293 MRkwFwYDVQQKDBBBZGFtIEMgUm9vdCBDQSAxMRkwFwYDVQQDDBBBZGFtIEMgUm9v dCBDQSAxMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAxjv/+sInXiQ+ 2Fb+itF8ndlpmmYUoZwYN4dx+2wrcbOVngTvy4sE+33nGBzH4vt4pOhKTWwaYXFI 0CzqoIoazi8Zl0medyrwtIUDZ1pNcVugb4KAFb9Jbq40Ik3xG6t16maxQJGTiAG2 /xVtsuYdhnBGx//61SEbEwSpR145/Qf1cba8RlRQMz4QUWNe8XXo3SYaX2kxiw2V 1Op+fQxg2jf1AyzQXX1ch1jyG5RLESPUMFkBiQwi7LOSCaavfJEUzwqeoORgd7Ti uyMV+4Gsb1XAnK7KXYwisGeP5/QNFPAByfAdPjR20rMYYHfxqEDth4Najjmu/iyF PGk4CobRhitTtJXT/QxWcvtrRu1BCVnedyESMyiya4Q9dn27rFjjg3ZARqWOZhyq OTWHo2mO2FzEJuxhvYNe2iYVp2s8wMTB02nP3wpWoYwje2yDwcjkIl8uXKzEZ9Gf FATJaCLoO8o5J2HXsgOIqXlpzU9tUtEew/xTzZqX5A34o8/+NgUtm0F7joWa5mDC QB7L8cKfACydfpekJx/gFUGSy/5vdfBzOczc6Bmh66yHPBRDcgyDFnnx34m/XVQa rBwwIDDbqu3sscdOgm9v8csCJd0YlXGb/x4oAA61IITnsNd9NCw0GJIquSEcYiCE A0YrQTKVfRAXuhSZ1VPIuxXiF2K3XTMCAwEAAaNTMFEwHQYDVROOBBYEFD55R4mt 0hNOJUgPL0JBKZB1jybSMB8GA1UdIwQYMBaAFD55R4mt0hNOJUgPL0JBKZB1jybS MA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggIBAHecVjMklTkS2Py5 XNpJ9cdzG66GuPDw8aQZIunrxqYud74CA1Y0K26kyDJkLnWzVa7nT+F0d8Qn3tov vFwI3xy5l+4upmuZ3u1jFEMiSk8C2FPohLDnDo3rwEUCGvJ6a4Gas7YyHPGL3DrJ 0dcu7wsX9cYB2YJ27QosZ5s6zmmUvBGTI30JNvPnSoC7kzqD3ArxvTEW9WaUqoJt 88lsMnn6+ps9A6exb/fK909ZWaEJWRd9cdMET0fna7EhhkO+Cqz415RgMxlK7ggT 97CvkjvvLNeFT5naHbzUANqfMVRRcUaP3PjTC9z5cDo9Ca ``` -------------------------------- ### Preview Documentation Locally Source: https://github.com/spacelift-io/user-documentation/blob/main/CONTRIBUTING.md Command to serve the documentation locally for previewing changes. It generates the documentation and hosts it at http://localhost:8000/, automatically reloading on file changes. ```shell make run ``` -------------------------------- ### Audit Trail Webhook Payload Example: Webhook Setup Source: https://github.com/spacelift-io/user-documentation/blob/main/docs/integrations/audit-trail.md An example JSON payload representing an audit event for setting up an audit trail webhook. It details the action, the actor, and the arguments used for the configuration, including the endpoint and a hashed secret. ```json { "account": "example", "action": "audit_trail_webhook.set", "actor": "github::name", "context": { "mutation": "auditTrailSetWebhook" }, "data": { "args": { "Enabled": true, "Endpoint": "https://example-audithook.com/", "SecretSHA": "xxxfffdddwww" } }, "remoteIP": "0.0.0.0", "timestamp": 1674124447947 } ``` -------------------------------- ### Spacelift Environment Variables Setup Source: https://github.com/spacelift-io/user-documentation/blob/main/docs/installing-spacelift/reference-architecture/guides/deploying-to-onprem.md Sets essential environment variables for deploying Spacelift, including the version, server domain, and Kubernetes namespace. These variables are used by subsequent deployment steps. ```shell # Extract this from your archive: self-hosted-v3.0.0.tar.gz export SPACELIFT_VERSION="v3.0.0" export SERVER_DOMAIN="your domain of self-hosted Spacelift" # The Kubernetes namespace to deploy Spacelift to export K8S_NAMESPACE="spacelift" ``` -------------------------------- ### Spacelift OIDC Configuration Source: https://github.com/spacelift-io/user-documentation/blob/main/docs/integrations/single-sign-on/microsoft-entra-id-oidc-setup-guide.md Configuration parameters required in Spacelift for OIDC SSO setup with Microsoft Entra ID. This includes the Client ID, Client Secret, and Provider URL obtained from Azure AD. ```APIDOC Spacelift OIDC Configuration: Client ID: The Client ID generated for the Azure AD application. Client Secret: The client secret generated for the Azure AD application. Provider URL: The OpenID Connect issuer URL for your Azure AD tenant. Authorized redirect URL: The URL provided by Spacelift for redirecting after authentication. ``` -------------------------------- ### Spacelift Installer Output for DR Region Source: https://github.com/spacelift-io/user-documentation/blob/main/docs/installing-spacelift/cloudformation/disaster-recovery.md Example output from the Spacelift installer script after deploying to a secondary region. It includes essential information like load balancer DNS, launcher image, and detailed S3 bucket replication details required for configuring the primary instance. ```bash Installation info: * Load balancer DNS: spacelift-server-987654321.eu-west-3.elb.amazonaws.com * Launcher container image: 012345678901.dkr.ecr.eu-west-3.amazonaws.com/spacelift-launcher:v0.0.1-preview1479 * Downloads bucket: 012345678901-spacelift-downloads-24a213 S3 bucket replication info: * KMS key ARN: arn:aws:kms:eu-west-3:012345678901:key/583756c0-8666-4676-beae-a0099f7dbd5b * States: arn:aws:s3:::012345678901-spacelift-states-24a213 * Run logs: arn:aws:s3:::012345678901-spacelift-run-logs-24a213 * Modules: arn:aws:s3:::012345678901-spacelift-modules-24a213 * Policy inputs: arn:aws:s3:::012345678901-spacelift-policy-inputs-24a213 * Workspaces: arn:aws:s3:::012345678901-spacelift-workspaces-24a213 [2024-07-12T08:00:12+0000] INFO: Spacelift version v2.0.0 has been successfully installed! ``` -------------------------------- ### VPC Endpoint Security Group Example Source: https://github.com/spacelift-io/user-documentation/blob/main/docs/installing-spacelift/cloudformation/advanced-installations.md An example AWS CloudFormation snippet defining a security group for VPC endpoints. This security group allows inbound HTTPS (port 443) access from within the VPC, which is necessary for secure communication with AWS services via VPC endpoints. ```yaml VPCEndpointSecurityGroup: Type: AWS::EC2::SecurityGroup Properties: GroupName: "vpc_endpoint_sg" GroupDescription: "The sg to use for VPC endpoints" SecurityGroupIngress: - Description: "Allow inbound HTTPS access to VPC endpoints from VPC" FromPort: 443 ToPort: 443 IpProtocol: "tcp" CidrIp: "" VpcId: {Ref: VPC} ``` -------------------------------- ### Spacelift Migration Kit Configuration Source: https://github.com/spacelift-io/user-documentation/blob/main/docs/product/migrating-to-spacelift.md Instructions for configuring the migration process by copying an example configuration file and referencing environment variables. It also details the automatic loading of environment variables from a .env file. ```YAML # Copy the config.yml.example file to config.yml and edit it as needed. # Environment variables can be referenced by their name preceded by the $ sign (e.g., $API_TOKEN). # If a .env file is present at the root of the Spacelift Migration Kit folder, it will be automatically loaded. ``` -------------------------------- ### Serving Self-Hosted Docs Locally with Mike Source: https://github.com/spacelift-io/user-documentation/blob/main/CONTRIBUTING.md This command uses Mike to serve the self-hosted documentation locally, specifically from the `self-hosted-releases-prod` branch. It allows contributors to preview changes to the self-hosted version of the documentation before submitting them. ```Shell mike serve --branch self-hosted-releases-prod ``` -------------------------------- ### Troubleshooting AWS Account ID Error (Shell) Source: https://github.com/spacelift-io/user-documentation/blob/main/docs/product/administration/install.md This error message indicates that the installer could not find the AWS account ID. It typically suggests checking AWS CLI credentials for correctness, expiration, or ensuring the specified AWS region is not a GovCloud region if your credentials are for a non-GovCloud account. ```shell ERROR: could not find AWS account ID. Cannot continue with Spacelift install. Please check that your AWS CLI credentials are correct and have not expired. ``` -------------------------------- ### Adding Global Resource Tags in Spacelift Configuration (JSON) Source: https://github.com/spacelift-io/user-documentation/blob/main/docs/product/administration/install.md This JSON array allows adding custom tags to all AWS resources created by the Spacelift installer. Each tag is an object with a `key` and `value` pair. These global tags help with resource organization, cost allocation, and access control within your AWS environment. ```JSON "global_resource_tags": [ { "key": "selfhost", "value": "spacelift" } ] ```