├── .github
└── workflows
│ ├── build.yml
│ ├── issues.yml
│ └── release.yml
├── .gitignore
├── .goreleaser.yml
├── Dockerfile
├── LICENSE
├── Makefile
├── README.md
├── cmd
└── main.go
├── config.sample.toml
├── examples
├── plugins
│ ├── README.md
│ └── slack
│ │ └── plugin.go
└── templates
│ └── postgresql-backup
│ ├── acl.hcl
│ └── job.hcl
├── go.mod
├── go.sum
├── internal
├── config
│ └── config.go
├── core
│ └── core.go
├── interfaces
│ ├── cache_adapter.go
│ ├── interfaces.go
│ └── service.go
├── stream
│ └── stream.go
└── utils
│ └── utils.go
└── provider
├── dns
├── README.md
└── dns.go
├── nomad
├── README.md
├── job.go
└── nomad.go
├── provider.go
└── registry.go
/.github/workflows/build.yml:
--------------------------------------------------------------------------------
1 | name: Build Check
2 |
3 | on:
4 | pull_request:
5 | types:
6 | - opened
7 |
8 | jobs:
9 | build:
10 | runs-on: ubuntu-latest
11 |
12 | steps:
13 | - name: Checkout Code
14 | uses: actions/checkout@v4
15 |
16 | - name: Set up Go
17 | uses: actions/setup-go@v5
18 | with:
19 | go-version: "1.24.1"
20 |
21 | - name: Prepare Dependencies and Build
22 | run: make build
23 |
--------------------------------------------------------------------------------
/.github/workflows/issues.yml:
--------------------------------------------------------------------------------
1 | name: "close-stale-issues-and-prs"
2 | on:
3 | schedule:
4 | - cron: "30 1 * * *"
5 | workflow_dispatch:
6 |
7 | jobs:
8 | stale:
9 | runs-on: ubuntu-latest
10 | steps:
11 | - uses: actions/stale@v9
12 | with:
13 | days-before-stale: 90
14 | stale-issue-label: "stale"
15 | stale-pr-label: "stale"
16 | debug-only: false
17 | exempt-all-assignees: true
18 | operations-per-run: 1000
19 | stale-issue-message: "This issue has been marked 'stale' after 90 days of inactivity. If there is no further activity, it will be closed in 7 days."
20 | stale-pr-message: "This PR has been marked 'stale' after 90 days of inactivity. If there is no further activity, it will be closed in 7 days."
21 |
--------------------------------------------------------------------------------
/.github/workflows/release.yml:
--------------------------------------------------------------------------------
1 | name: Release Go Build
2 |
3 | on:
4 | push:
5 | tags:
6 | - "v*" # Will trigger only if tag is pushed matching pattern `v*` (Eg: `v0.1.0`)
7 |
8 | permissions: write-all
9 |
10 | jobs:
11 | goreleaser:
12 | runs-on: ubuntu-latest
13 | steps:
14 | - name: Checkout
15 | uses: actions/checkout@v3
16 | with:
17 | fetch-depth: 0
18 |
19 | - name: Set up QEMU
20 | uses: docker/setup-qemu-action@v2
21 |
22 | - name: Set up Go
23 | uses: actions/setup-go@v5
24 | with:
25 | go-version: "1.24.1"
26 |
27 | - name: Login to Docker Registry
28 | uses: docker/login-action@v2
29 | with:
30 | username: ${{ secrets.DOCKERHUB_USERNAME }}
31 | password: ${{ secrets.DOCKERHUB_TOKEN }}
32 |
33 | - name: Login to GitHub Docker Registry
34 | uses: docker/login-action@v2
35 | with:
36 | registry: ghcr.io
37 | username: thunderbottom
38 | password: ${{ secrets.GITHUB_TOKEN }}
39 |
40 | - name: Prepare Dependencies
41 | run: |
42 | make build
43 |
44 | - name: Check Docker Version
45 | run: |
46 | docker version
47 |
48 | - name: Run GoReleaser
49 | uses: goreleaser/goreleaser-action@v5
50 | with:
51 | version: latest
52 | args: release --parallelism 1 --clean
53 | env:
54 | GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
55 |
--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
1 | # If you prefer the allow list template instead of the deny list, see community template:
2 | # https://github.com/github/gitignore/blob/main/community/Golang/Go.AllowList.gitignore
3 | #
4 | # Binaries for programs and plugins
5 | *.exe
6 | *.exe~
7 | *.dll
8 | *.so
9 | *.dylib
10 | *.bin
11 | damon
12 |
13 | # Test binary, built with `go test -c`
14 | *.test
15 |
16 | # Output of the go coverage tool, specifically when used with LiteIDE
17 | *.out
18 |
19 | # Dependency directories (remove the comment below to include it)
20 | # vendor/
21 |
22 | # Go workspace file
23 | go.work
24 | go.work.sum
25 |
26 |
27 | # Event index
28 | event-index.json
29 | config.toml
30 |
--------------------------------------------------------------------------------
/.goreleaser.yml:
--------------------------------------------------------------------------------
1 | env:
2 | - GO111MODULE=on
3 | - CGO_ENABLED=0
4 | - GITHUB_ORG=thunderbottom
5 | - DOCKER_ORG=thunderbottom
6 |
7 | builds:
8 | - binary: damon
9 | main: ./cmd
10 | goos:
11 | - linux
12 | - windows
13 | - darwin
14 | - freebsd
15 | - openbsd
16 | - netbsd
17 | goarch:
18 | - amd64
19 | - arm64
20 | - arm
21 | goarm:
22 | - 6
23 | - 7
24 | ldflags:
25 | - -s -w -X "main.buildString={{ .Tag }} ({{ .ShortCommit }} {{ .Date }}, {{ .Os }}/{{ .Arch }})" -X "main.versionString={{ .Tag }}"
26 |
27 | archives:
28 | - format: tar.gz
29 | files:
30 | - README.md
31 | - LICENSE
32 | - config.sample.toml
33 |
34 | dockers:
35 | - use: buildx
36 | goos: linux
37 | goarch: amd64
38 | ids:
39 | - damon
40 | image_templates:
41 | - "{{ .Env.DOCKER_ORG }}/{{ .ProjectName }}:latest-amd64"
42 | - "{{ .Env.DOCKER_ORG }}/{{ .ProjectName }}:{{ .Tag }}-amd64"
43 | - "ghcr.io/{{ .Env.GITHUB_ORG }}/{{ .ProjectName }}:latest-amd64"
44 | - "ghcr.io/{{ .Env.GITHUB_ORG }}/{{ .ProjectName }}:{{ .Tag }}-amd64"
45 | build_flag_templates:
46 | - --platform=linux/amd64
47 | - --label=org.opencontainers.image.title={{ .ProjectName }}
48 | - --label=org.opencontainers.image.description={{ .ProjectName }}
49 | - --label=org.opencontainers.image.url=https://github.com/{{ .Env.GITHUB_ORG }}/{{ .ProjectName }}
50 | - --label=org.opencontainers.image.source=https://github.com/{{ .Env.GITHUB_ORG }}/{{ .ProjectName }}
51 | - --label=org.opencontainers.image.version={{ .Version }}
52 | - --label=org.opencontainers.image.created={{ time "2006-01-02T15:04:05Z07:00" }}
53 | - --label=org.opencontainers.image.revision={{ .FullCommit }}
54 | - --label=org.opencontainers.image.licenses=AGPL-3.0
55 | dockerfile: Dockerfile
56 | extra_files:
57 | - config.sample.toml
58 | - use: buildx
59 | goos: linux
60 | goarch: arm64
61 | ids:
62 | - damon
63 | image_templates:
64 | - "{{ .Env.DOCKER_ORG }}/{{ .ProjectName }}:latest-arm64v8"
65 | - "{{ .Env.DOCKER_ORG }}/{{ .ProjectName }}:{{ .Tag }}-arm64v8"
66 | - "ghcr.io/{{ .Env.GITHUB_ORG }}/{{ .ProjectName }}:latest-arm64v8"
67 | - "ghcr.io/{{ .Env.GITHUB_ORG }}/{{ .ProjectName }}:{{ .Tag }}-arm64v8"
68 | build_flag_templates:
69 | - --platform=linux/arm64/v8
70 | - --label=org.opencontainers.image.title={{ .ProjectName }}
71 | - --label=org.opencontainers.image.description={{ .ProjectName }}
72 | - --label=org.opencontainers.image.url=https://github.com/{{ .Env.GITHUB_ORG }}/{{ .ProjectName }}
73 | - --label=org.opencontainers.image.source=https://github.com/{{ .Env.GITHUB_ORG }}/{{ .ProjectName }}
74 | - --label=org.opencontainers.image.version={{ .Version }}
75 | - --label=org.opencontainers.image.created={{ time "2006-01-02T15:04:05Z07:00" }}
76 | - --label=org.opencontainers.image.revision={{ .FullCommit }}
77 | - --label=org.opencontainers.image.licenses=AGPL-3.0
78 | dockerfile: Dockerfile
79 | extra_files:
80 | - config.sample.toml
81 | - use: buildx
82 | goos: linux
83 | goarch: arm
84 | goarm: 6
85 | ids:
86 | - damon
87 | image_templates:
88 | - "{{ .Env.DOCKER_ORG }}/{{ .ProjectName }}:latest-armv6"
89 | - "{{ .Env.DOCKER_ORG }}/{{ .ProjectName }}:{{ .Tag }}-armv6"
90 | - "ghcr.io/{{ .Env.GITHUB_ORG }}/{{ .ProjectName }}:latest-armv6"
91 | - "ghcr.io/{{ .Env.GITHUB_ORG }}/{{ .ProjectName }}:{{ .Tag }}-armv6"
92 | build_flag_templates:
93 | - --platform=linux/arm/v6
94 | - --label=org.opencontainers.image.title={{ .ProjectName }}
95 | - --label=org.opencontainers.image.description={{ .ProjectName }}
96 | - --label=org.opencontainers.image.url=https://github.com/{{ .Env.GITHUB_ORG }}/{{ .ProjectName }}
97 | - --label=org.opencontainers.image.source=https://github.com/{{ .Env.GITHUB_ORG }}/{{ .ProjectName }}
98 | - --label=org.opencontainers.image.version={{ .Version }}
99 | - --label=org.opencontainers.image.created={{ time "2006-01-02T15:04:05Z07:00" }}
100 | - --label=org.opencontainers.image.revision={{ .FullCommit }}
101 | - --label=org.opencontainers.image.licenses=AGPL-3.0
102 | dockerfile: Dockerfile
103 | extra_files:
104 | - config.sample.toml
105 | - use: buildx
106 | goos: linux
107 | goarch: arm
108 | goarm: 7
109 | ids:
110 | - damon
111 | image_templates:
112 | - "{{ .Env.DOCKER_ORG }}/{{ .ProjectName }}:latest-armv7"
113 | - "{{ .Env.DOCKER_ORG }}/{{ .ProjectName }}:{{ .Tag }}-armv7"
114 | - "ghcr.io/{{ .Env.GITHUB_ORG }}/{{ .ProjectName }}:latest-armv7"
115 | - "ghcr.io/{{ .Env.GITHUB_ORG }}/{{ .ProjectName }}:{{ .Tag }}-armv7"
116 | build_flag_templates:
117 | - --platform=linux/arm/v7
118 | - --label=org.opencontainers.image.title={{ .ProjectName }}
119 | - --label=org.opencontainers.image.description={{ .ProjectName }}
120 | - --label=org.opencontainers.image.url=https://github.com/{{ .Env.GITHUB_ORG }}/{{ .ProjectName }}
121 | - --label=org.opencontainers.image.source=https://github.com/{{ .Env.GITHUB_ORG }}/{{ .ProjectName }}
122 | - --label=org.opencontainers.image.version={{ .Version }}
123 | - --label=org.opencontainers.image.created={{ time "2006-01-02T15:04:05Z07:00" }}
124 | - --label=org.opencontainers.image.revision={{ .FullCommit }}
125 | - --label=org.opencontainers.image.licenses=AGPL-3.0
126 | dockerfile: Dockerfile
127 | extra_files:
128 | - config.sample.toml
129 |
130 | docker_manifests:
131 | - name_template: "{{ .Env.DOCKER_ORG }}/{{ .ProjectName }}:latest"
132 | image_templates:
133 | - "{{ .Env.DOCKER_ORG }}/{{ .ProjectName }}:latest-amd64"
134 | - "{{ .Env.DOCKER_ORG }}/{{ .ProjectName }}:latest-arm64v8"
135 | - "{{ .Env.DOCKER_ORG }}/{{ .ProjectName }}:latest-armv6"
136 | - "{{ .Env.DOCKER_ORG }}/{{ .ProjectName }}:latest-armv7"
137 | - name_template: "{{ .Env.DOCKER_ORG }}/{{ .ProjectName }}:{{ .Tag }}"
138 | image_templates:
139 | - "{{ .Env.DOCKER_ORG }}/{{ .ProjectName }}:{{ .Tag }}-amd64"
140 | - "{{ .Env.DOCKER_ORG }}/{{ .ProjectName }}:{{ .Tag }}-arm64v8"
141 | - "{{ .Env.DOCKER_ORG }}/{{ .ProjectName }}:{{ .Tag }}-armv6"
142 | - "{{ .Env.DOCKER_ORG }}/{{ .ProjectName }}:{{ .Tag }}-armv7"
143 | - name_template: ghcr.io/{{ .Env.GITHUB_ORG }}/{{ .ProjectName }}:latest
144 | image_templates:
145 | - ghcr.io/{{ .Env.GITHUB_ORG }}/{{ .ProjectName }}:latest-amd64
146 | - ghcr.io/{{ .Env.GITHUB_ORG }}/{{ .ProjectName }}:latest-arm64v8
147 | - ghcr.io/{{ .Env.GITHUB_ORG }}/{{ .ProjectName }}:latest-armv6
148 | - ghcr.io/{{ .Env.GITHUB_ORG }}/{{ .ProjectName }}:latest-armv7
149 | - name_template: ghcr.io/{{ .Env.GITHUB_ORG }}/{{ .ProjectName }}:{{ .Tag }}
150 | image_templates:
151 | - ghcr.io/{{ .Env.GITHUB_ORG }}/{{ .ProjectName }}:{{ .Tag }}-amd64
152 | - ghcr.io/{{ .Env.GITHUB_ORG }}/{{ .ProjectName }}:{{ .Tag }}-arm64v8
153 | - ghcr.io/{{ .Env.GITHUB_ORG }}/{{ .ProjectName }}:{{ .Tag }}-armv6
154 | - ghcr.io/{{ .Env.GITHUB_ORG }}/{{ .ProjectName }}:{{ .Tag }}-armv7
155 |
--------------------------------------------------------------------------------
/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM alpine:3.18
2 |
3 | # Add certificates and timezone data
4 | RUN apk add --no-cache ca-certificates tzdata
5 |
6 | # Create non-root user
7 | RUN addgroup -g 1000 damon && \
8 | adduser -u 1000 -G damon -s /bin/sh -D damon
9 |
10 | # Create necessary directories
11 | RUN mkdir -p /app/templates && \
12 | chown -R damon:damon /app
13 |
14 | # Set working directory
15 | WORKDIR /app
16 |
17 | # Copy binary and sample configuration
18 | COPY damon /app/
19 | COPY config.sample.toml /app/config.toml
20 |
21 | # Switch to non-root user
22 | USER damon
23 |
24 | # Command to run
25 | ENTRYPOINT ["/app/damon"]
26 |
--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
1 | GNU AFFERO GENERAL PUBLIC LICENSE
2 | Version 3, 19 November 2007
3 |
4 | Copyright (C) 2007 Free Software Foundation, Inc.
5 | Everyone is permitted to copy and distribute verbatim copies
6 | of this license document, but changing it is not allowed.
7 |
8 | Preamble
9 |
10 | The GNU Affero General Public License is a free, copyleft license for
11 | software and other kinds of works, specifically designed to ensure
12 | cooperation with the community in the case of network server software.
13 |
14 | The licenses for most software and other practical works are designed
15 | to take away your freedom to share and change the works. By contrast,
16 | our General Public Licenses are intended to guarantee your freedom to
17 | share and change all versions of a program--to make sure it remains free
18 | software for all its users.
19 |
20 | When we speak of free software, we are referring to freedom, not
21 | price. Our General Public Licenses are designed to make sure that you
22 | have the freedom to distribute copies of free software (and charge for
23 | them if you wish), that you receive source code or can get it if you
24 | want it, that you can change the software or use pieces of it in new
25 | free programs, and that you know you can do these things.
26 |
27 | Developers that use our General Public Licenses protect your rights
28 | with two steps: (1) assert copyright on the software, and (2) offer
29 | you this License which gives you legal permission to copy, distribute
30 | and/or modify the software.
31 |
32 | A secondary benefit of defending all users' freedom is that
33 | improvements made in alternate versions of the program, if they
34 | receive widespread use, become available for other developers to
35 | incorporate. Many developers of free software are heartened and
36 | encouraged by the resulting cooperation. However, in the case of
37 | software used on network servers, this result may fail to come about.
38 | The GNU General Public License permits making a modified version and
39 | letting the public access it on a server without ever releasing its
40 | source code to the public.
41 |
42 | The GNU Affero General Public License is designed specifically to
43 | ensure that, in such cases, the modified source code becomes available
44 | to the community. It requires the operator of a network server to
45 | provide the source code of the modified version running there to the
46 | users of that server. Therefore, public use of a modified version, on
47 | a publicly accessible server, gives the public access to the source
48 | code of the modified version.
49 |
50 | An older license, called the Affero General Public License and
51 | published by Affero, was designed to accomplish similar goals. This is
52 | a different license, not a version of the Affero GPL, but Affero has
53 | released a new version of the Affero GPL which permits relicensing under
54 | this license.
55 |
56 | The precise terms and conditions for copying, distribution and
57 | modification follow.
58 |
59 | TERMS AND CONDITIONS
60 |
61 | 0. Definitions.
62 |
63 | "This License" refers to version 3 of the GNU Affero General Public License.
64 |
65 | "Copyright" also means copyright-like laws that apply to other kinds of
66 | works, such as semiconductor masks.
67 |
68 | "The Program" refers to any copyrightable work licensed under this
69 | License. Each licensee is addressed as "you". "Licensees" and
70 | "recipients" may be individuals or organizations.
71 |
72 | To "modify" a work means to copy from or adapt all or part of the work
73 | in a fashion requiring copyright permission, other than the making of an
74 | exact copy. The resulting work is called a "modified version" of the
75 | earlier work or a work "based on" the earlier work.
76 |
77 | A "covered work" means either the unmodified Program or a work based
78 | on the Program.
79 |
80 | To "propagate" a work means to do anything with it that, without
81 | permission, would make you directly or secondarily liable for
82 | infringement under applicable copyright law, except executing it on a
83 | computer or modifying a private copy. Propagation includes copying,
84 | distribution (with or without modification), making available to the
85 | public, and in some countries other activities as well.
86 |
87 | To "convey" a work means any kind of propagation that enables other
88 | parties to make or receive copies. Mere interaction with a user through
89 | a computer network, with no transfer of a copy, is not conveying.
90 |
91 | An interactive user interface displays "Appropriate Legal Notices"
92 | to the extent that it includes a convenient and prominently visible
93 | feature that (1) displays an appropriate copyright notice, and (2)
94 | tells the user that there is no warranty for the work (except to the
95 | extent that warranties are provided), that licensees may convey the
96 | work under this License, and how to view a copy of this License. If
97 | the interface presents a list of user commands or options, such as a
98 | menu, a prominent item in the list meets this criterion.
99 |
100 | 1. Source Code.
101 |
102 | The "source code" for a work means the preferred form of the work
103 | for making modifications to it. "Object code" means any non-source
104 | form of a work.
105 |
106 | A "Standard Interface" means an interface that either is an official
107 | standard defined by a recognized standards body, or, in the case of
108 | interfaces specified for a particular programming language, one that
109 | is widely used among developers working in that language.
110 |
111 | The "System Libraries" of an executable work include anything, other
112 | than the work as a whole, that (a) is included in the normal form of
113 | packaging a Major Component, but which is not part of that Major
114 | Component, and (b) serves only to enable use of the work with that
115 | Major Component, or to implement a Standard Interface for which an
116 | implementation is available to the public in source code form. A
117 | "Major Component", in this context, means a major essential component
118 | (kernel, window system, and so on) of the specific operating system
119 | (if any) on which the executable work runs, or a compiler used to
120 | produce the work, or an object code interpreter used to run it.
121 |
122 | The "Corresponding Source" for a work in object code form means all
123 | the source code needed to generate, install, and (for an executable
124 | work) run the object code and to modify the work, including scripts to
125 | control those activities. However, it does not include the work's
126 | System Libraries, or general-purpose tools or generally available free
127 | programs which are used unmodified in performing those activities but
128 | which are not part of the work. For example, Corresponding Source
129 | includes interface definition files associated with source files for
130 | the work, and the source code for shared libraries and dynamically
131 | linked subprograms that the work is specifically designed to require,
132 | such as by intimate data communication or control flow between those
133 | subprograms and other parts of the work.
134 |
135 | The Corresponding Source need not include anything that users
136 | can regenerate automatically from other parts of the Corresponding
137 | Source.
138 |
139 | The Corresponding Source for a work in source code form is that
140 | same work.
141 |
142 | 2. Basic Permissions.
143 |
144 | All rights granted under this License are granted for the term of
145 | copyright on the Program, and are irrevocable provided the stated
146 | conditions are met. This License explicitly affirms your unlimited
147 | permission to run the unmodified Program. The output from running a
148 | covered work is covered by this License only if the output, given its
149 | content, constitutes a covered work. This License acknowledges your
150 | rights of fair use or other equivalent, as provided by copyright law.
151 |
152 | You may make, run and propagate covered works that you do not
153 | convey, without conditions so long as your license otherwise remains
154 | in force. You may convey covered works to others for the sole purpose
155 | of having them make modifications exclusively for you, or provide you
156 | with facilities for running those works, provided that you comply with
157 | the terms of this License in conveying all material for which you do
158 | not control copyright. Those thus making or running the covered works
159 | for you must do so exclusively on your behalf, under your direction
160 | and control, on terms that prohibit them from making any copies of
161 | your copyrighted material outside their relationship with you.
162 |
163 | Conveying under any other circumstances is permitted solely under
164 | the conditions stated below. Sublicensing is not allowed; section 10
165 | makes it unnecessary.
166 |
167 | 3. Protecting Users' Legal Rights From Anti-Circumvention Law.
168 |
169 | No covered work shall be deemed part of an effective technological
170 | measure under any applicable law fulfilling obligations under article
171 | 11 of the WIPO copyright treaty adopted on 20 December 1996, or
172 | similar laws prohibiting or restricting circumvention of such
173 | measures.
174 |
175 | When you convey a covered work, you waive any legal power to forbid
176 | circumvention of technological measures to the extent such circumvention
177 | is effected by exercising rights under this License with respect to
178 | the covered work, and you disclaim any intention to limit operation or
179 | modification of the work as a means of enforcing, against the work's
180 | users, your or third parties' legal rights to forbid circumvention of
181 | technological measures.
182 |
183 | 4. Conveying Verbatim Copies.
184 |
185 | You may convey verbatim copies of the Program's source code as you
186 | receive it, in any medium, provided that you conspicuously and
187 | appropriately publish on each copy an appropriate copyright notice;
188 | keep intact all notices stating that this License and any
189 | non-permissive terms added in accord with section 7 apply to the code;
190 | keep intact all notices of the absence of any warranty; and give all
191 | recipients a copy of this License along with the Program.
192 |
193 | You may charge any price or no price for each copy that you convey,
194 | and you may offer support or warranty protection for a fee.
195 |
196 | 5. Conveying Modified Source Versions.
197 |
198 | You may convey a work based on the Program, or the modifications to
199 | produce it from the Program, in the form of source code under the
200 | terms of section 4, provided that you also meet all of these conditions:
201 |
202 | a) The work must carry prominent notices stating that you modified
203 | it, and giving a relevant date.
204 |
205 | b) The work must carry prominent notices stating that it is
206 | released under this License and any conditions added under section
207 | 7. This requirement modifies the requirement in section 4 to
208 | "keep intact all notices".
209 |
210 | c) You must license the entire work, as a whole, under this
211 | License to anyone who comes into possession of a copy. This
212 | License will therefore apply, along with any applicable section 7
213 | additional terms, to the whole of the work, and all its parts,
214 | regardless of how they are packaged. This License gives no
215 | permission to license the work in any other way, but it does not
216 | invalidate such permission if you have separately received it.
217 |
218 | d) If the work has interactive user interfaces, each must display
219 | Appropriate Legal Notices; however, if the Program has interactive
220 | interfaces that do not display Appropriate Legal Notices, your
221 | work need not make them do so.
222 |
223 | A compilation of a covered work with other separate and independent
224 | works, which are not by their nature extensions of the covered work,
225 | and which are not combined with it such as to form a larger program,
226 | in or on a volume of a storage or distribution medium, is called an
227 | "aggregate" if the compilation and its resulting copyright are not
228 | used to limit the access or legal rights of the compilation's users
229 | beyond what the individual works permit. Inclusion of a covered work
230 | in an aggregate does not cause this License to apply to the other
231 | parts of the aggregate.
232 |
233 | 6. Conveying Non-Source Forms.
234 |
235 | You may convey a covered work in object code form under the terms
236 | of sections 4 and 5, provided that you also convey the
237 | machine-readable Corresponding Source under the terms of this License,
238 | in one of these ways:
239 |
240 | a) Convey the object code in, or embodied in, a physical product
241 | (including a physical distribution medium), accompanied by the
242 | Corresponding Source fixed on a durable physical medium
243 | customarily used for software interchange.
244 |
245 | b) Convey the object code in, or embodied in, a physical product
246 | (including a physical distribution medium), accompanied by a
247 | written offer, valid for at least three years and valid for as
248 | long as you offer spare parts or customer support for that product
249 | model, to give anyone who possesses the object code either (1) a
250 | copy of the Corresponding Source for all the software in the
251 | product that is covered by this License, on a durable physical
252 | medium customarily used for software interchange, for a price no
253 | more than your reasonable cost of physically performing this
254 | conveying of source, or (2) access to copy the
255 | Corresponding Source from a network server at no charge.
256 |
257 | c) Convey individual copies of the object code with a copy of the
258 | written offer to provide the Corresponding Source. This
259 | alternative is allowed only occasionally and noncommercially, and
260 | only if you received the object code with such an offer, in accord
261 | with subsection 6b.
262 |
263 | d) Convey the object code by offering access from a designated
264 | place (gratis or for a charge), and offer equivalent access to the
265 | Corresponding Source in the same way through the same place at no
266 | further charge. You need not require recipients to copy the
267 | Corresponding Source along with the object code. If the place to
268 | copy the object code is a network server, the Corresponding Source
269 | may be on a different server (operated by you or a third party)
270 | that supports equivalent copying facilities, provided you maintain
271 | clear directions next to the object code saying where to find the
272 | Corresponding Source. Regardless of what server hosts the
273 | Corresponding Source, you remain obligated to ensure that it is
274 | available for as long as needed to satisfy these requirements.
275 |
276 | e) Convey the object code using peer-to-peer transmission, provided
277 | you inform other peers where the object code and Corresponding
278 | Source of the work are being offered to the general public at no
279 | charge under subsection 6d.
280 |
281 | A separable portion of the object code, whose source code is excluded
282 | from the Corresponding Source as a System Library, need not be
283 | included in conveying the object code work.
284 |
285 | A "User Product" is either (1) a "consumer product", which means any
286 | tangible personal property which is normally used for personal, family,
287 | or household purposes, or (2) anything designed or sold for incorporation
288 | into a dwelling. In determining whether a product is a consumer product,
289 | doubtful cases shall be resolved in favor of coverage. For a particular
290 | product received by a particular user, "normally used" refers to a
291 | typical or common use of that class of product, regardless of the status
292 | of the particular user or of the way in which the particular user
293 | actually uses, or expects or is expected to use, the product. A product
294 | is a consumer product regardless of whether the product has substantial
295 | commercial, industrial or non-consumer uses, unless such uses represent
296 | the only significant mode of use of the product.
297 |
298 | "Installation Information" for a User Product means any methods,
299 | procedures, authorization keys, or other information required to install
300 | and execute modified versions of a covered work in that User Product from
301 | a modified version of its Corresponding Source. The information must
302 | suffice to ensure that the continued functioning of the modified object
303 | code is in no case prevented or interfered with solely because
304 | modification has been made.
305 |
306 | If you convey an object code work under this section in, or with, or
307 | specifically for use in, a User Product, and the conveying occurs as
308 | part of a transaction in which the right of possession and use of the
309 | User Product is transferred to the recipient in perpetuity or for a
310 | fixed term (regardless of how the transaction is characterized), the
311 | Corresponding Source conveyed under this section must be accompanied
312 | by the Installation Information. But this requirement does not apply
313 | if neither you nor any third party retains the ability to install
314 | modified object code on the User Product (for example, the work has
315 | been installed in ROM).
316 |
317 | The requirement to provide Installation Information does not include a
318 | requirement to continue to provide support service, warranty, or updates
319 | for a work that has been modified or installed by the recipient, or for
320 | the User Product in which it has been modified or installed. Access to a
321 | network may be denied when the modification itself materially and
322 | adversely affects the operation of the network or violates the rules and
323 | protocols for communication across the network.
324 |
325 | Corresponding Source conveyed, and Installation Information provided,
326 | in accord with this section must be in a format that is publicly
327 | documented (and with an implementation available to the public in
328 | source code form), and must require no special password or key for
329 | unpacking, reading or copying.
330 |
331 | 7. Additional Terms.
332 |
333 | "Additional permissions" are terms that supplement the terms of this
334 | License by making exceptions from one or more of its conditions.
335 | Additional permissions that are applicable to the entire Program shall
336 | be treated as though they were included in this License, to the extent
337 | that they are valid under applicable law. If additional permissions
338 | apply only to part of the Program, that part may be used separately
339 | under those permissions, but the entire Program remains governed by
340 | this License without regard to the additional permissions.
341 |
342 | When you convey a copy of a covered work, you may at your option
343 | remove any additional permissions from that copy, or from any part of
344 | it. (Additional permissions may be written to require their own
345 | removal in certain cases when you modify the work.) You may place
346 | additional permissions on material, added by you to a covered work,
347 | for which you have or can give appropriate copyright permission.
348 |
349 | Notwithstanding any other provision of this License, for material you
350 | add to a covered work, you may (if authorized by the copyright holders of
351 | that material) supplement the terms of this License with terms:
352 |
353 | a) Disclaiming warranty or limiting liability differently from the
354 | terms of sections 15 and 16 of this License; or
355 |
356 | b) Requiring preservation of specified reasonable legal notices or
357 | author attributions in that material or in the Appropriate Legal
358 | Notices displayed by works containing it; or
359 |
360 | c) Prohibiting misrepresentation of the origin of that material, or
361 | requiring that modified versions of such material be marked in
362 | reasonable ways as different from the original version; or
363 |
364 | d) Limiting the use for publicity purposes of names of licensors or
365 | authors of the material; or
366 |
367 | e) Declining to grant rights under trademark law for use of some
368 | trade names, trademarks, or service marks; or
369 |
370 | f) Requiring indemnification of licensors and authors of that
371 | material by anyone who conveys the material (or modified versions of
372 | it) with contractual assumptions of liability to the recipient, for
373 | any liability that these contractual assumptions directly impose on
374 | those licensors and authors.
375 |
376 | All other non-permissive additional terms are considered "further
377 | restrictions" within the meaning of section 10. If the Program as you
378 | received it, or any part of it, contains a notice stating that it is
379 | governed by this License along with a term that is a further
380 | restriction, you may remove that term. If a license document contains
381 | a further restriction but permits relicensing or conveying under this
382 | License, you may add to a covered work material governed by the terms
383 | of that license document, provided that the further restriction does
384 | not survive such relicensing or conveying.
385 |
386 | If you add terms to a covered work in accord with this section, you
387 | must place, in the relevant source files, a statement of the
388 | additional terms that apply to those files, or a notice indicating
389 | where to find the applicable terms.
390 |
391 | Additional terms, permissive or non-permissive, may be stated in the
392 | form of a separately written license, or stated as exceptions;
393 | the above requirements apply either way.
394 |
395 | 8. Termination.
396 |
397 | You may not propagate or modify a covered work except as expressly
398 | provided under this License. Any attempt otherwise to propagate or
399 | modify it is void, and will automatically terminate your rights under
400 | this License (including any patent licenses granted under the third
401 | paragraph of section 11).
402 |
403 | However, if you cease all violation of this License, then your
404 | license from a particular copyright holder is reinstated (a)
405 | provisionally, unless and until the copyright holder explicitly and
406 | finally terminates your license, and (b) permanently, if the copyright
407 | holder fails to notify you of the violation by some reasonable means
408 | prior to 60 days after the cessation.
409 |
410 | Moreover, your license from a particular copyright holder is
411 | reinstated permanently if the copyright holder notifies you of the
412 | violation by some reasonable means, this is the first time you have
413 | received notice of violation of this License (for any work) from that
414 | copyright holder, and you cure the violation prior to 30 days after
415 | your receipt of the notice.
416 |
417 | Termination of your rights under this section does not terminate the
418 | licenses of parties who have received copies or rights from you under
419 | this License. If your rights have been terminated and not permanently
420 | reinstated, you do not qualify to receive new licenses for the same
421 | material under section 10.
422 |
423 | 9. Acceptance Not Required for Having Copies.
424 |
425 | You are not required to accept this License in order to receive or
426 | run a copy of the Program. Ancillary propagation of a covered work
427 | occurring solely as a consequence of using peer-to-peer transmission
428 | to receive a copy likewise does not require acceptance. However,
429 | nothing other than this License grants you permission to propagate or
430 | modify any covered work. These actions infringe copyright if you do
431 | not accept this License. Therefore, by modifying or propagating a
432 | covered work, you indicate your acceptance of this License to do so.
433 |
434 | 10. Automatic Licensing of Downstream Recipients.
435 |
436 | Each time you convey a covered work, the recipient automatically
437 | receives a license from the original licensors, to run, modify and
438 | propagate that work, subject to this License. You are not responsible
439 | for enforcing compliance by third parties with this License.
440 |
441 | An "entity transaction" is a transaction transferring control of an
442 | organization, or substantially all assets of one, or subdividing an
443 | organization, or merging organizations. If propagation of a covered
444 | work results from an entity transaction, each party to that
445 | transaction who receives a copy of the work also receives whatever
446 | licenses to the work the party's predecessor in interest had or could
447 | give under the previous paragraph, plus a right to possession of the
448 | Corresponding Source of the work from the predecessor in interest, if
449 | the predecessor has it or can get it with reasonable efforts.
450 |
451 | You may not impose any further restrictions on the exercise of the
452 | rights granted or affirmed under this License. For example, you may
453 | not impose a license fee, royalty, or other charge for exercise of
454 | rights granted under this License, and you may not initiate litigation
455 | (including a cross-claim or counterclaim in a lawsuit) alleging that
456 | any patent claim is infringed by making, using, selling, offering for
457 | sale, or importing the Program or any portion of it.
458 |
459 | 11. Patents.
460 |
461 | A "contributor" is a copyright holder who authorizes use under this
462 | License of the Program or a work on which the Program is based. The
463 | work thus licensed is called the contributor's "contributor version".
464 |
465 | A contributor's "essential patent claims" are all patent claims
466 | owned or controlled by the contributor, whether already acquired or
467 | hereafter acquired, that would be infringed by some manner, permitted
468 | by this License, of making, using, or selling its contributor version,
469 | but do not include claims that would be infringed only as a
470 | consequence of further modification of the contributor version. For
471 | purposes of this definition, "control" includes the right to grant
472 | patent sublicenses in a manner consistent with the requirements of
473 | this License.
474 |
475 | Each contributor grants you a non-exclusive, worldwide, royalty-free
476 | patent license under the contributor's essential patent claims, to
477 | make, use, sell, offer for sale, import and otherwise run, modify and
478 | propagate the contents of its contributor version.
479 |
480 | In the following three paragraphs, a "patent license" is any express
481 | agreement or commitment, however denominated, not to enforce a patent
482 | (such as an express permission to practice a patent or covenant not to
483 | sue for patent infringement). To "grant" such a patent license to a
484 | party means to make such an agreement or commitment not to enforce a
485 | patent against the party.
486 |
487 | If you convey a covered work, knowingly relying on a patent license,
488 | and the Corresponding Source of the work is not available for anyone
489 | to copy, free of charge and under the terms of this License, through a
490 | publicly available network server or other readily accessible means,
491 | then you must either (1) cause the Corresponding Source to be so
492 | available, or (2) arrange to deprive yourself of the benefit of the
493 | patent license for this particular work, or (3) arrange, in a manner
494 | consistent with the requirements of this License, to extend the patent
495 | license to downstream recipients. "Knowingly relying" means you have
496 | actual knowledge that, but for the patent license, your conveying the
497 | covered work in a country, or your recipient's use of the covered work
498 | in a country, would infringe one or more identifiable patents in that
499 | country that you have reason to believe are valid.
500 |
501 | If, pursuant to or in connection with a single transaction or
502 | arrangement, you convey, or propagate by procuring conveyance of, a
503 | covered work, and grant a patent license to some of the parties
504 | receiving the covered work authorizing them to use, propagate, modify
505 | or convey a specific copy of the covered work, then the patent license
506 | you grant is automatically extended to all recipients of the covered
507 | work and works based on it.
508 |
509 | A patent license is "discriminatory" if it does not include within
510 | the scope of its coverage, prohibits the exercise of, or is
511 | conditioned on the non-exercise of one or more of the rights that are
512 | specifically granted under this License. You may not convey a covered
513 | work if you are a party to an arrangement with a third party that is
514 | in the business of distributing software, under which you make payment
515 | to the third party based on the extent of your activity of conveying
516 | the work, and under which the third party grants, to any of the
517 | parties who would receive the covered work from you, a discriminatory
518 | patent license (a) in connection with copies of the covered work
519 | conveyed by you (or copies made from those copies), or (b) primarily
520 | for and in connection with specific products or compilations that
521 | contain the covered work, unless you entered into that arrangement,
522 | or that patent license was granted, prior to 28 March 2007.
523 |
524 | Nothing in this License shall be construed as excluding or limiting
525 | any implied license or other defenses to infringement that may
526 | otherwise be available to you under applicable patent law.
527 |
528 | 12. No Surrender of Others' Freedom.
529 |
530 | If conditions are imposed on you (whether by court order, agreement or
531 | otherwise) that contradict the conditions of this License, they do not
532 | excuse you from the conditions of this License. If you cannot convey a
533 | covered work so as to satisfy simultaneously your obligations under this
534 | License and any other pertinent obligations, then as a consequence you may
535 | not convey it at all. For example, if you agree to terms that obligate you
536 | to collect a royalty for further conveying from those to whom you convey
537 | the Program, the only way you could satisfy both those terms and this
538 | License would be to refrain entirely from conveying the Program.
539 |
540 | 13. Remote Network Interaction; Use with the GNU General Public License.
541 |
542 | Notwithstanding any other provision of this License, if you modify the
543 | Program, your modified version must prominently offer all users
544 | interacting with it remotely through a computer network (if your version
545 | supports such interaction) an opportunity to receive the Corresponding
546 | Source of your version by providing access to the Corresponding Source
547 | from a network server at no charge, through some standard or customary
548 | means of facilitating copying of software. This Corresponding Source
549 | shall include the Corresponding Source for any work covered by version 3
550 | of the GNU General Public License that is incorporated pursuant to the
551 | following paragraph.
552 |
553 | Notwithstanding any other provision of this License, you have
554 | permission to link or combine any covered work with a work licensed
555 | under version 3 of the GNU General Public License into a single
556 | combined work, and to convey the resulting work. The terms of this
557 | License will continue to apply to the part which is the covered work,
558 | but the work with which it is combined will remain governed by version
559 | 3 of the GNU General Public License.
560 |
561 | 14. Revised Versions of this License.
562 |
563 | The Free Software Foundation may publish revised and/or new versions of
564 | the GNU Affero General Public License from time to time. Such new versions
565 | will be similar in spirit to the present version, but may differ in detail to
566 | address new problems or concerns.
567 |
568 | Each version is given a distinguishing version number. If the
569 | Program specifies that a certain numbered version of the GNU Affero General
570 | Public License "or any later version" applies to it, you have the
571 | option of following the terms and conditions either of that numbered
572 | version or of any later version published by the Free Software
573 | Foundation. If the Program does not specify a version number of the
574 | GNU Affero General Public License, you may choose any version ever published
575 | by the Free Software Foundation.
576 |
577 | If the Program specifies that a proxy can decide which future
578 | versions of the GNU Affero General Public License can be used, that proxy's
579 | public statement of acceptance of a version permanently authorizes you
580 | to choose that version for the Program.
581 |
582 | Later license versions may give you additional or different
583 | permissions. However, no additional obligations are imposed on any
584 | author or copyright holder as a result of your choosing to follow a
585 | later version.
586 |
587 | 15. Disclaimer of Warranty.
588 |
589 | THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY
590 | APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT
591 | HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY
592 | OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO,
593 | THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
594 | PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM
595 | IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF
596 | ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
597 |
598 | 16. Limitation of Liability.
599 |
600 | IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
601 | WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS
602 | THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY
603 | GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE
604 | USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF
605 | DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD
606 | PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS),
607 | EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF
608 | SUCH DAMAGES.
609 |
610 | 17. Interpretation of Sections 15 and 16.
611 |
612 | If the disclaimer of warranty and limitation of liability provided
613 | above cannot be given local legal effect according to their terms,
614 | reviewing courts shall apply local law that most closely approximates
615 | an absolute waiver of all civil liability in connection with the
616 | Program, unless a warranty or assumption of liability accompanies a
617 | copy of the Program in return for a fee.
618 |
619 | END OF TERMS AND CONDITIONS
620 |
621 | How to Apply These Terms to Your New Programs
622 |
623 | If you develop a new program, and you want it to be of the greatest
624 | possible use to the public, the best way to achieve this is to make it
625 | free software which everyone can redistribute and change under these terms.
626 |
627 | To do so, attach the following notices to the program. It is safest
628 | to attach them to the start of each source file to most effectively
629 | state the exclusion of warranty; and each file should have at least
630 | the "copyright" line and a pointer to where the full notice is found.
631 |
632 |
633 | Copyright (C)
634 |
635 | This program is free software: you can redistribute it and/or modify
636 | it under the terms of the GNU Affero General Public License as published
637 | by the Free Software Foundation, either version 3 of the License, or
638 | (at your option) any later version.
639 |
640 | This program is distributed in the hope that it will be useful,
641 | but WITHOUT ANY WARRANTY; without even the implied warranty of
642 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
643 | GNU Affero General Public License for more details.
644 |
645 | You should have received a copy of the GNU Affero General Public License
646 | along with this program. If not, see .
647 |
648 | Also add information on how to contact you by electronic and paper mail.
649 |
650 | If your software can interact with users remotely through a computer
651 | network, you should also make sure that it provides a way for users to
652 | get its source. For example, if your program is a web application, its
653 | interface could display a "Source" link that leads users to an archive
654 | of the code. There are many ways you could offer source, and different
655 | solutions will be better for different programs; see section 13 for the
656 | specific requirements.
657 |
658 | You should also get your employer (if you work as a programmer) or school,
659 | if any, to sign a "copyright disclaimer" for the program, if necessary.
660 | For more information on this, and how to apply and follow the GNU AGPL, see
661 | .
662 |
--------------------------------------------------------------------------------
/Makefile:
--------------------------------------------------------------------------------
1 | .PHONY: build clean test lint run docker docker-run help
2 |
3 | # Build variables
4 | BINARY_NAME=damon
5 | VERSION=$(shell git describe --tags --always --dirty 2>/dev/null || echo "dev")
6 | BUILD_TIME=$(shell date -u +"%Y-%m-%dT%H:%M:%SZ")
7 | LDFLAGS=-ldflags "-X main.buildString=${VERSION} -s -w"
8 |
9 | # Go parameters
10 | GOCMD=go
11 | GOBUILD=$(GOCMD) build
12 | GOCLEAN=$(GOCMD) clean
13 | GOTEST=$(GOCMD) test
14 | GOMOD=$(GOCMD) mod
15 | GOLINT=golangci-lint
16 |
17 | # Default target
18 | .DEFAULT_GOAL := help
19 |
20 | # Help target for documentation
21 | help:
22 | @echo "Damon - Nomad Event Operator"
23 | @echo ""
24 | @echo "Usage:"
25 | @echo " make build Build the binary"
26 | @echo " make clean Clean build artifacts"
27 | @echo " make test Run unit tests"
28 | @echo " make lint Run linter"
29 | @echo " make run Run the application locally"
30 | @echo " make docker Build Docker image"
31 | @echo " make docker-run Run Docker container"
32 | @echo " make tidy Tidy and verify dependencies"
33 | @echo " make integration Run integration tests"
34 | @echo " make help Show this help message"
35 |
36 | # Build the application
37 | build:
38 | $(GOBUILD) $(LDFLAGS) -o $(BINARY_NAME) ./cmd
39 |
40 | # Clean build artifacts
41 | clean:
42 | $(GOCLEAN)
43 | rm -f $(BINARY_NAME)
44 |
45 | # Run tests with coverage
46 | test:
47 | $(GOTEST) -v -race -coverprofile=coverage.out ./...
48 | $(GOCMD) tool cover -html=coverage.out -o coverage.html
49 |
50 | # Run integration tests
51 | integration:
52 | DAMON_INTEGRATION_TEST=true $(GOTEST) -v -tags=integration ./test/integration
53 |
54 | # Run linter
55 | lint:
56 | $(GOLINT) run
57 |
58 | # Run the application locally
59 | run:
60 | $(GOBUILD) $(LDFLAGS) -o $(BINARY_NAME) ./cmd
61 | ./$(BINARY_NAME)
62 |
63 | # Tidy and verify go modules
64 | tidy:
65 | $(GOMOD) tidy
66 | $(GOMOD) verify
67 |
68 | # Build Docker image
69 | docker:
70 | docker build -t $(BINARY_NAME):$(VERSION) -f Dockerfile .
71 |
72 | # Run Docker container
73 | docker-run:
74 | docker run --rm -it \
75 | -v $(PWD)/config.toml:/app/config.toml \
76 | -e NOMAD_ADDR=http://host.docker.internal:4646 \
77 | -e NOMAD_TOKEN \
78 | $(BINARY_NAME):$(VERSION)
79 |
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | # Damon - Nomad Automation Helper
2 |
3 | > Automate routine Nomad tasks by responding to cluster events - simplify backups, enable service discovery, and manage job lifecycles
4 |
5 | Damon is a tool that listens for events in your HashiCorp Nomad cluster and performs useful automated actions in response. It's like having a helpful assistant that watches your Nomad cluster and reacts to changes.
6 |
7 | ## Key Features
8 |
9 | - **Automated Backups**: Create scheduled backups of databases when they're registered
10 | - **Service Discovery**: Make your Nomad services discoverable through DNS
11 | - **Event Notifications**: Get Slack alerts for important cluster events
12 | - **Extensible**: Add custom automation through plugins
13 |
14 | ## How It Works
15 |
16 | Damon connects to your Nomad cluster's event stream and watches for specific events (like job registrations, service changes, etc.). When it detects relevant events, it triggers actions through "providers" that handle different types of automation.
17 |
18 | For example, when a PostgreSQL database is registered in Nomad, Damon can automatically create a backup job for it.
19 |
20 | ## Providers
21 |
22 | Damon comes with the following built-in providers:
23 |
24 | - [DNS Provider](./provider/dns/README.md) - Creates a DNS server for service discovery
25 | - [Nomad Provider](./provider/nomad/README.md) - Automatically creates secondary jobs based on primary job metadata
26 |
27 | ### Extending Damon
28 |
29 | Damon supports loading custom providers as go plugins. Although go plugins are not really recommended for production usage, you may load your own plugins into Damon at runtime. For more details, check the [example plugin](./examples/plugins). I am open to accepting new providers as a contribution to Damon instead of using go plugins. Feel free to submit a Pull Request!
30 |
31 | ## Installation
32 |
33 | ### Binary Installation
34 |
35 | Download the latest release from the [GitHub Releases](https://github.com/thunderbottom/damon/releases) page.
36 |
37 | ```bash
38 | # Download the binary (replace with the latest version under releases)
39 | $ curl -L -o damon https://github.com/thunderbottom/damon/releases/download/v0.1.0/damon_0.1.0_linux_amd64
40 |
41 | # Make it executable
42 | $ chmod +x damon
43 |
44 | # Move to a directory in your PATH
45 | $ mv damon /usr/local/bin/
46 | ```
47 |
48 | ### Docker Installation
49 |
50 | You can also run Damon using Docker:
51 |
52 | ```yaml
53 | # docker-compose.yml
54 | version: '3'
55 |
56 | services:
57 | damon:
58 | image: thunderbottom/damon:latest
59 | volumes:
60 | - ./config.toml:/app/config.toml
61 | environment:
62 | - NOMAD_ADDR=http://host.docker.internal:4646
63 | - NOMAD_TOKEN=${NOMAD_TOKEN}
64 | restart: unless-stopped
65 | depends_on:
66 | - valkey
67 |
68 | valkey:
69 | image: valkey/valkey:latest
70 | ports:
71 | - "6379:6379"
72 | volumes:
73 | - valkey-data:/data
74 | restart: unless-stopped
75 |
76 | volumes:
77 | valkey-data:
78 | ```
79 |
80 | Start with:
81 |
82 | ```bash
83 | docker-compose up -d
84 | ```
85 |
86 | ## Configuration
87 |
88 | Damon uses a TOML configuration file. Create a `config.toml` file with the following structure:
89 |
90 | ```toml
91 | [app]
92 | log_level = "INFO" # Can be DEBUG, INFO, ERROR
93 |
94 | [cache]
95 | address = ["localhost:6379"]
96 | username = ""
97 | password = ""
98 | client_name = ""
99 | commit_interval = "10s"
100 |
101 | # Provider configurations
102 | [provider.backup]
103 | type = "nomad"
104 | tags = ["backup-cron", "backup-db-service", "backup-variables"]
105 | job_template = "templates/postgresql-backup/job.hcl"
106 | acl_template = "templates/postgresql-backup/acl.hcl"
107 | namespace = "*"
108 | deregister_job = true
109 |
110 | # DNS provider configuration
111 | [provider.dns]
112 | type = "dns"
113 | namespace = "*"
114 | tags = []
115 | listen_addr = ":5353"
116 | ```
117 |
118 | A sample configuration file is available at [config.sample.toml](./config.sample.toml).
119 |
120 | ## Environment Variables
121 |
122 | All configuration options can also be provided via environment variables with the `DAMON_` prefix:
123 |
124 | ```bash
125 | DAMON_APP__LOG_LEVEL=DEBUG
126 | DAMON_CACHE__ADDRESS=valkey:6379
127 | DAMON_CACHE__PASSWORD=secret
128 | ```
129 |
130 | Double underscores `__` are used to separate configuration sections.
131 |
132 | ## Common Usage Patterns
133 |
134 | ### Setting Up Database Backups
135 |
136 | 1. Create a template for your backup job (e.g., `templates/postgresql-backup/job.hcl`)
137 |
138 | 2. Configure the Nomad provider:
139 | ```toml
140 | [provider.pg_backup]
141 | type = "nomad"
142 | tags = ["pg-backup-cron", "pg-backup-service", "pg-backup-vars"]
143 | job_template = "templates/postgresql-backup/job.hcl"
144 | acl_template = "templates/postgresql-backup/acl.hcl"
145 | namespace = "*"
146 | deregister_job = true
147 | ```
148 |
149 | 3. Add required metadata to your PostgreSQL job:
150 | ```hcl
151 | meta {
152 | damon-enable = "true"
153 | pg-backup-cron = "0 3 * * *" # Daily at 3am
154 | pg-backup-service = "postgres-db"
155 | pg-backup-vars = "postgres-backup-vars"
156 | }
157 | ```
158 |
159 | 4. Store backup credentials in Nomad variables:
160 | ```bash
161 | nomad var put postgres-backup-vars \
162 | POSTGRES_USER=app \
163 | POSTGRES_PASSWORD=secret \
164 | POSTGRES_DB=mydatabase \
165 | S3_BUCKET=my-backups
166 | ```
167 |
168 | 5. Deploy your PostgreSQL job, and Damon will automatically create the backup job
169 |
170 | ### Setting Up DNS Service Discovery
171 |
172 | 1. Configure the DNS provider:
173 | ```toml
174 | [provider.dns]
175 | type = "dns"
176 | namespace = "*"
177 | listen_addr = ":5353"
178 | ```
179 |
180 | 2. Configure your application to use Damon for DNS resolution:
181 | ```hcl
182 | template {
183 | data = <]
43 |
44 | # ------------------------------------------------------------------------------
45 | # DNS Provider Configuration
46 | # ------------------------------------------------------------------------------
47 | [provider.dns]
48 | # Type must be "dns" for the DNS provider
49 | type = "dns"
50 |
51 | # Namespace to filter events from (use "*" for all namespaces)
52 | namespace = "*"
53 |
54 | # Tags to filter services by (only services with ALL these tags will be registered)
55 | # Leave empty to register all services
56 | tags = []
57 |
58 | # Address for the DNS server to listen on
59 | listen_addr = ":5353"
60 |
61 | # TTL for DNS records in seconds
62 | ttl = 30
63 |
64 | # ------------------------------------------------------------------------------
65 | # Nomad Provider Configuration
66 | # ------------------------------------------------------------------------------
67 | [provider.backup]
68 | # Type must be "nomad" for the Nomad provider
69 | type = "nomad"
70 |
71 | # Tags required in the job meta block
72 | # These tags will be accessible in the templates as key-value pairs
73 | # Can be empty if no tags are required
74 | tags = ["backup-cron", "backup-service", "backup-vars"]
75 |
76 | # Templates to use for job and ACL creation
77 | job_template = "templates/postgresql-backup/job.hcl"
78 | acl_template = "templates/postgresql-backup/acl.hcl"
79 |
80 | # Namespace to filter events from (use "*" for all namespaces)
81 | namespace = "*"
82 |
83 | # Whether to deregister jobs when the source job is deregistered
84 | deregister_job = true
85 |
86 | # Whether to include the full job payload in template data
87 | add_payload = true
88 |
89 | # ------------------------------------------------------------------------------
90 | # Multiple Provider Instances Example
91 | # ------------------------------------------------------------------------------
92 | # You can define multiple providers of the same type with different configurations
93 |
94 | # Example: Another DNS provider for internal services
95 | [provider.internal_dns]
96 | type = "dns"
97 | namespace = "default"
98 | tags = ["internal"]
99 | listen_addr = ":5354"
100 |
101 | # Example: A provider specifically for Redis backup jobs
102 | [provider.redis_backup]
103 | type = "nomad"
104 | tags = ["redis-backup-cron", "redis-backup-service"]
105 | job_template = "templates/redis-backup/job.hcl"
106 | acl_template = "templates/redis-backup/acl.hcl"
107 | namespace = "default"
108 | deregister_job = true
109 |
--------------------------------------------------------------------------------
/examples/plugins/README.md:
--------------------------------------------------------------------------------
1 | # Damon Go Plugin Examples
2 |
3 | This directory contains examples of plugins for Damon that extend its functionality.
4 |
5 | ## What is a Plugin?
6 |
7 | Plugins in Damon are Go shared libraries (`.so` files) that implement the provider interface. They allow you to extend Damon's functionality without modifying the core codebase.
8 |
9 | > [!WARNING]
10 | > Using Go plugins has limitations for production environments due to version compatibility issues. For production use, consider submitting a pull request to include your provider directly in the Damon codebase. The plugin feature is provided for development and testing when you don't want to modify the main repository.
11 |
12 | ## Plugin Compatibility Requirements
13 |
14 | For plugins to work properly with Damon:
15 |
16 | 1. The Go version used to build the plugin MUST match the Go version used to build Damon
17 | 2. The plugin must be built on the same operating system as where Damon will run
18 | 3. The import paths in your plugin must match the import paths in Damon
19 |
20 | If these requirements aren't met, you'll receive errors when Damon tries to load the plugin.
21 |
22 | ## Example Plugin: Slack Notifier
23 |
24 | This example plugin sends Slack notifications whenever specific Nomad events occur.
25 |
26 | ### Building the Plugin
27 |
28 | To build the plugin:
29 |
30 | ```bash
31 | # Ensure you use the exact same Go version used to build Damon
32 | go build -buildmode=plugin -o slack.so ./slack/plugin.go
33 | ```
34 |
35 | ### Using the Plugin
36 |
37 | 1. Place the compiled `.so` file in a directory
38 | 2. Configure Damon to look for plugins in that directory:
39 |
40 | ```toml
41 | [plugins]
42 | directory = "/path/to/plugins"
43 | ```
44 |
45 | 3. Start Damon, and it will automatically load and register your plugin
46 |
47 | ### Plugin Configuration
48 |
49 | Once loaded, configure the plugin like any other provider:
50 |
51 | ```toml
52 | [provider.slack]
53 | type = "slack" # This must match what your plugin registers as
54 | webhook_url = "https://hooks.slack.com/services/T00000000/B00000000/XXXXXXXXXXXXXXXXXXXXXXXX"
55 | channel = "#nomad-events"
56 | username = "Damon Bot"
57 | topics = { "Job" = "*", "Deployment" = "*" }
58 | event_types = ["JobRegistered", "DeploymentFailed"] # Optional filter
59 | ```
60 |
61 | ## Creating Your Own Plugin
62 |
63 | A Damon plugin must implement the following:
64 |
65 | 1. Export a `Register` function that registers your provider with Damon's registry
66 | 2. Implement the Provider interface
67 |
68 | ### Provider Interface
69 |
70 | All providers must implement this interface:
71 |
72 | ```go
73 | type Provider interface {
74 | // Name returns the name of the provider
75 | Name() string
76 |
77 | // OnEvent executes the provider logic on an event stream event
78 | OnEvent(event *api.Event)
79 |
80 | // Topics returns the topics required by the event stream provider
81 | Topics() map[api.Topic][]string
82 |
83 | // Close performs any cleanup needed when shutting down
84 | Close() error
85 | }
86 | ```
87 |
88 | ### Basic Plugin Template
89 |
90 | Here's a simple template to get you started:
91 |
92 | ```go
93 | package main
94 |
95 | import (
96 | "context"
97 | "log/slog"
98 |
99 | "github.com/hashicorp/nomad/api"
100 | "github.com/knadh/koanf/v2"
101 | "github.com/thunderbottom/damon/internal/interfaces"
102 | "github.com/thunderbottom/damon/provider"
103 | )
104 |
105 | // Register is the entry point for the plugin
106 | func Register(registry *provider.Registry) error {
107 | return registry.Register("yourprovider", New)
108 | }
109 |
110 | // YourProvider implements the Provider interface
111 | type YourProvider struct {
112 | // Your provider fields here
113 | logger *slog.Logger
114 | name string
115 | }
116 |
117 | // New creates a new instance of your provider
118 | func New(
119 | ctx context.Context,
120 | logger *slog.Logger,
121 | client interfaces.NomadClient,
122 | cache interfaces.CacheClient,
123 | config *koanf.Koanf,
124 | ) (interfaces.Provider, error) {
125 | // Initialize your provider
126 | return &YourProvider{
127 | logger: logger,
128 | name: config.String("name"),
129 | }, nil
130 | }
131 |
132 | // Name returns the provider name
133 | func (p *YourProvider) Name() string {
134 | return p.name
135 | }
136 |
137 | // OnEvent handles Nomad events
138 | func (p *YourProvider) OnEvent(event *api.Event) {
139 | // Handle the event
140 | }
141 |
142 | // Topics returns what event topics to subscribe to
143 | func (p *YourProvider) Topics() map[api.Topic][]string {
144 | return map[api.Topic][]string{
145 | api.TopicJob: {"*"},
146 | }
147 | }
148 |
149 | // Close performs cleanup
150 | func (p *YourProvider) Close() error {
151 | return nil
152 | }
153 | ```
154 |
155 | ## Example Plugin Implementation: Slack Provider
156 |
157 | The included Slack provider is a real-world example that sends Nomad event notifications to Slack channels.
158 |
159 | ### Key Features
160 |
161 | The Slack provider demonstrates several important plugin concepts:
162 |
163 | - Reading configuration values from TOML
164 | - Processing different Nomad event types
165 | - Formatting structured messages for an external API
166 | - Error handling and logging
167 |
168 | ### Code Structure
169 |
170 | A well-organized provider typically has:
171 |
172 | 1. **Configuration Structure**: For provider-specific settings
173 | 2. **Event Handlers**: Methods to process different types of events
174 | 3. **External API Integration**: Code to call external services
175 | 4. **Helper Methods**: Utility functions for common tasks
176 |
177 | ### Implementing External Integrations
178 |
179 | When creating plugins that integrate with external systems:
180 |
181 | 1. Use appropriate error handling for network operations
182 | 2. Consider retry logic for transient failures
183 | 3. Implement proper authentication with API keys or tokens
184 | 4. Format messages appropriately for the target system
185 |
186 | ## Other Plugin Ideas
187 |
188 | Here are some ideas for custom plugins you could build:
189 |
190 | ### Email Notification Provider
191 |
192 | Send email alerts for important Nomad events:
193 |
194 | ```go
195 | // EmailProvider sends email notifications for Nomad events
196 | type EmailProvider struct {
197 | logger *slog.Logger
198 | name string
199 | smtpConfig *SMTPConfig
200 | topics map[api.Topic][]string
201 | }
202 | ```
203 |
204 | ### Metrics Provider
205 |
206 | Send Nomad event metrics to monitoring systems:
207 |
208 | ```go
209 | // MetricsProvider sends event metrics to Prometheus, StatsD, etc.
210 | type MetricsProvider struct {
211 | logger *slog.Logger
212 | name string
213 | client MetricsClient
214 | }
215 | ```
216 |
217 | ### Webhook Provider
218 |
219 | Forward Nomad events to arbitrary HTTP endpoints:
220 |
221 | ```go
222 | // WebhookProvider forwards events to configured HTTP endpoints
223 | type WebhookProvider struct {
224 | logger *slog.Logger
225 | name string
226 | endpoints []string
227 | client *http.Client
228 | }
229 | ```
230 |
231 | ## Best Practices
232 |
233 | When developing plugins for Damon:
234 |
235 | 1. **Validate Configuration**: Check all required configuration values at startup
236 | 2. **Handle Errors Gracefully**: Log errors but try to continue operating
237 | 3. **Clean Up Resources**: Properly close connections in the `Close()` method
238 | 4. **Maintain Compatibility**: Follow Damon's versioning for interface changes
239 | 5. **Efficient Event Processing**: Only process events your plugin cares about
240 | 6. **Proper Logging**: Use structured logging with appropriate log levels
241 | 7. **Security**: Handle credentials securely, never log sensitive information
242 |
243 | ## Debugging Plugins
244 |
245 | If you're having trouble with a plugin:
246 |
247 | 1. Build with debug information: `go build -buildmode=plugin -gcflags="all=-N -l" -o myplugin.so`
248 | 2. Run Damon with higher log level: `DAMON_APP__LOG_LEVEL=DEBUG ./damon`
249 | 3. Check for version mismatches between Go used to build Damon and the plugin
250 | 4. Verify the plugin is in the correct directory as specified in config
251 | 5. Test your plugin's logic separately before integration with Damon
252 |
253 | ## Contributing Plugins
254 |
255 | If you've developed a useful plugin, consider contributing it to the main Damon repository:
256 |
257 | 1. Create a new provider directory in `provider/yourprovider/`
258 | 2. Implement the provider interface fully
259 | 3. Add tests in `provider/yourprovider/yourprovider_test.go`
260 | 4. Add documentation in `provider/yourprovider/README.md`
261 | 5. Submit a pull request to the Damon repository
262 |
--------------------------------------------------------------------------------
/examples/plugins/slack/plugin.go:
--------------------------------------------------------------------------------
1 | package main
2 |
3 | import (
4 | "bytes"
5 | "context"
6 | "encoding/json"
7 | "fmt"
8 | "log/slog"
9 | "net/http"
10 | "strings"
11 | "time"
12 |
13 | "github.com/hashicorp/nomad/api"
14 | "github.com/knadh/koanf/v2"
15 | "github.com/thunderbottom/damon/internal/interfaces"
16 | "github.com/thunderbottom/damon/provider"
17 | )
18 |
19 | // Register is the entry point for the plugin
20 | func Register(registry *provider.Registry) error {
21 | return registry.Register("slack", New)
22 | }
23 |
24 | // SlackProvider sends notifications to Slack for Nomad events
25 | type SlackProvider struct {
26 | logger *slog.Logger
27 | name string
28 | webhookURL string
29 | channel string
30 | username string
31 | topics map[api.Topic][]string
32 | eventTypes []string
33 | }
34 |
35 | // SlackMessage represents a Slack message payload
36 | type SlackMessage struct {
37 | Channel string `json:"channel,omitempty"`
38 | Username string `json:"username,omitempty"`
39 | Text string `json:"text,omitempty"`
40 | IconEmoji string `json:"icon_emoji,omitempty"`
41 | Attachments []SlackAttachment `json:"attachments,omitempty"`
42 | }
43 |
44 | // SlackAttachment represents a Slack message attachment
45 | type SlackAttachment struct {
46 | Fallback string `json:"fallback,omitempty"`
47 | Color string `json:"color,omitempty"`
48 | Pretext string `json:"pretext,omitempty"`
49 | Title string `json:"title,omitempty"`
50 | TitleLink string `json:"title_link,omitempty"`
51 | Text string `json:"text,omitempty"`
52 | Fields []SlackField `json:"fields,omitempty"`
53 | MarkdownIn []string `json:"mrkdwn_in,omitempty"`
54 | Footer string `json:"footer,omitempty"`
55 | FooterIcon string `json:"footer_icon,omitempty"`
56 | Timestamp int64 `json:"ts,omitempty"`
57 | }
58 |
59 | // SlackField represents a field in a Slack attachment
60 | type SlackField struct {
61 | Title string `json:"title,omitempty"`
62 | Value string `json:"value,omitempty"`
63 | Short bool `json:"short,omitempty"`
64 | }
65 |
66 | // New creates a new Slack provider
67 | func New(
68 | ctx context.Context,
69 | logger *slog.Logger,
70 | client interfaces.NomadClient,
71 | cache interfaces.CacheClient,
72 | config *koanf.Koanf,
73 | ) (interfaces.Provider, error) {
74 | name := config.String("name")
75 | if name == "" {
76 | name = "slack"
77 | }
78 |
79 | // Get configuration
80 | webhookURL := config.String("webhook_url")
81 | if webhookURL == "" {
82 | return nil, fmt.Errorf("webhook_url is required")
83 | }
84 |
85 | channel := config.String("channel")
86 | username := config.String("username")
87 | if username == "" {
88 | username = "Damon Nomad Events"
89 | }
90 |
91 | // Parse topics
92 | topics := make(map[api.Topic][]string)
93 | topicsMap := config.StringMap("topics")
94 |
95 | // If no topics specified, default to all job events
96 | if len(topicsMap) == 0 {
97 | topics[api.TopicJob] = []string{"*"}
98 | } else {
99 | for topic, filters := range topicsMap {
100 | topicEnum := api.Topic(topic)
101 | filterSlice := strings.Split(filters, ",")
102 | for i, f := range filterSlice {
103 | filterSlice[i] = strings.TrimSpace(f)
104 | }
105 | topics[topicEnum] = filterSlice
106 | }
107 | }
108 |
109 | // Get event types to filter (optional)
110 | eventTypes := config.Strings("event_types")
111 |
112 | return &SlackProvider{
113 | logger: logger.With("provider", name),
114 | name: name,
115 | webhookURL: webhookURL,
116 | channel: channel,
117 | username: username,
118 | topics: topics,
119 | eventTypes: eventTypes,
120 | }, nil
121 | }
122 |
123 | // Name returns the provider name
124 | func (p *SlackProvider) Name() string {
125 | return p.name
126 | }
127 |
128 | // OnEvent processes Nomad events and sends Slack notifications
129 | func (p *SlackProvider) OnEvent(event *api.Event) {
130 | // Skip if we're filtering by event type and this isn't one we care about
131 | if len(p.eventTypes) > 0 {
132 | found := false
133 | for _, t := range p.eventTypes {
134 | if t == event.Type {
135 | found = true
136 | break
137 | }
138 | }
139 | if !found {
140 | return
141 | }
142 | }
143 |
144 | // Create a message based on the event
145 | message := p.createMessage(event)
146 | if message == nil {
147 | return
148 | }
149 |
150 | // Send the message to Slack
151 | if err := p.sendMessage(message); err != nil {
152 | p.logger.Error("failed to send slack message", "error", err)
153 | }
154 | }
155 |
156 | // Topics returns the topics this provider subscribes to
157 | func (p *SlackProvider) Topics() map[api.Topic][]string {
158 | return p.topics
159 | }
160 |
161 | // Close handles cleanup
162 | func (p *SlackProvider) Close() error {
163 | p.logger.Info("closing slack provider")
164 | return nil
165 | }
166 |
167 | // createMessage builds a Slack message from a Nomad event
168 | func (p *SlackProvider) createMessage(event *api.Event) *SlackMessage {
169 | var title, text string
170 | var color string
171 | var fields []SlackField
172 |
173 | // Set color based on event type
174 | switch {
175 | case strings.Contains(event.Type, "Registered"):
176 | color = "good" // green
177 | case strings.Contains(event.Type, "Deregistered"):
178 | color = "danger" // red
179 | default:
180 | color = "warning" // yellow
181 | }
182 |
183 | // Build message content based on event topic
184 | switch event.Topic {
185 | case api.TopicJob:
186 | job, err := event.Job()
187 | if err != nil || job == nil {
188 | p.logger.Error("failed to extract job from event", "error", err)
189 | return nil
190 | }
191 |
192 | title = fmt.Sprintf("Job %s", event.Type)
193 | text = fmt.Sprintf("Job: *%s*", *job.ID)
194 |
195 | fields = []SlackField{
196 | {Title: "Namespace", Value: *job.Namespace, Short: true},
197 | {Title: "Type", Value: *job.Type, Short: true},
198 | }
199 |
200 | if job.Status != nil {
201 | fields = append(fields, SlackField{Title: "Status", Value: *job.Status, Short: true})
202 | }
203 |
204 | case api.TopicDeployment:
205 | deployment, err := event.Deployment()
206 | if err != nil || deployment == nil {
207 | p.logger.Error("failed to extract deployment from event", "error", err)
208 | return nil
209 | }
210 |
211 | title = fmt.Sprintf("Deployment %s", event.Type)
212 | text = fmt.Sprintf("Deployment: *%s*", deployment.ID)
213 |
214 | fields = []SlackField{
215 | {Title: "Job", Value: deployment.JobID, Short: true},
216 | {Title: "Status", Value: deployment.Status, Short: true},
217 | }
218 |
219 | case api.TopicEvaluation:
220 | eval, err := event.Evaluation()
221 | if err != nil || eval == nil {
222 | p.logger.Error("failed to extract evaluation from event", "error", err)
223 | return nil
224 | }
225 |
226 | title = fmt.Sprintf("Evaluation %s", event.Type)
227 | text = fmt.Sprintf("Evaluation: *%s*", eval.ID)
228 |
229 | fields = []SlackField{
230 | {Title: "Job", Value: eval.JobID, Short: true},
231 | {Title: "Status", Value: eval.Status, Short: true},
232 | }
233 |
234 | default:
235 | title = fmt.Sprintf("%s %s", event.Topic, event.Type)
236 | text = fmt.Sprintf("Event Index: %d", event.Index)
237 | }
238 |
239 | // Create the message
240 | message := &SlackMessage{
241 | Channel: p.channel,
242 | Username: p.username,
243 | Attachments: []SlackAttachment{
244 | {
245 | Fallback: fmt.Sprintf("%s: %s", title, text),
246 | Color: color,
247 | Title: title,
248 | Text: text,
249 | Fields: fields,
250 | MarkdownIn: []string{"text", "fields"},
251 | Footer: "Damon Nomad Event Operator",
252 | Timestamp: time.Now().Unix(),
253 | },
254 | },
255 | }
256 |
257 | return message
258 | }
259 |
260 | // sendMessage posts a message to the Slack webhook
261 | func (p *SlackProvider) sendMessage(message *SlackMessage) error {
262 | payload, err := json.Marshal(message)
263 | if err != nil {
264 | return fmt.Errorf("failed to marshal slack message: %w", err)
265 | }
266 |
267 | resp, err := http.Post(p.webhookURL, "application/json", bytes.NewBuffer(payload))
268 | if err != nil {
269 | return fmt.Errorf("failed to post to slack: %w", err)
270 | }
271 | defer resp.Body.Close()
272 |
273 | if resp.StatusCode != http.StatusOK {
274 | return fmt.Errorf("slack returned non-200 status: %d", resp.StatusCode)
275 | }
276 |
277 | p.logger.Info("sent slack notification",
278 | "topic", string(message.Attachments[0].Title),
279 | "status", resp.Status)
280 | return nil
281 | }
282 |
--------------------------------------------------------------------------------
/examples/templates/postgresql-backup/acl.hcl:
--------------------------------------------------------------------------------
1 | # ACL Policy for PostgreSQL backup jobs
2 | # Provides read-only access to required services and variables
3 |
4 | # Namespace-specific permissions
5 | namespace "[[ .Namespace ]]" {
6 | # Read-only access to jobs in this namespace
7 | policy = "read"
8 |
9 | # Read-only access to variables referenced in backup-vars meta tag
10 | variables {
11 | # Use a simple space-separated list of variable paths
12 | path "[[index .Tags "backup-vars"]]" {
13 | capabilities = ["read"]
14 | }
15 | }
16 | }
17 |
18 | # Allow read access to services for service discovery
19 | service {
20 | policy = "read"
21 | }
22 |
23 | # Allow read access to nodes for service discovery
24 | node {
25 | policy = "read"
26 | }
27 |
28 | # Read-only access to agent information
29 | agent {
30 | policy = "read"
31 | }
32 |
33 | # Basic operator read access
34 | operator {
35 | policy = "read"
36 | }
37 |
--------------------------------------------------------------------------------
/examples/templates/postgresql-backup/job.hcl:
--------------------------------------------------------------------------------
1 | job "[[ .JobID ]]" {
2 | datacenters = [ [[range $idx, $dc := .Datacenters]][[if $idx]], [[end]]"[[$dc]]"[[end]] ]
3 | namespace = "[[ .Namespace ]]"
4 | type = "batch"
5 |
6 | periodic {
7 | cron = "[[ index .Tags "backup-cron" ]]"
8 | prohibit_overlap = true
9 | }
10 |
11 | [[if and .Payload .Payload.job]]
12 | # Utilizing data from the job payload
13 | [[if .Payload.job.Priority]]
14 | priority = [[ .Payload.job.Priority ]]
15 | [[end]]
16 |
17 | # Add additional constraints if they exist in the source job
18 | [[if .Payload.job.Constraints]]
19 | [[range $idx, $constraint := .Payload.job.Constraints]]
20 | constraint {
21 | attribute = "[[ $constraint.LTarget ]]"
22 | operator = "[[ $constraint.Operand ]]"
23 | value = "[[ $constraint.RTarget ]]"
24 | }
25 | [[end]]
26 | [[end]]
27 | [[end]]
28 |
29 | group "backup" {
30 | count = 1
31 |
32 | [[if and .Payload .Payload.job]]
33 | # Copy resources/restart policy from the source job if available
34 | [[if .Payload.job.TaskGroups]]
35 | [[if index .Payload.job.TaskGroups 0]]
36 | [[if (index .Payload.job.TaskGroups 0).RestartPolicy]]
37 | restart {
38 | attempts = [[ (index .Payload.job.TaskGroups 0).RestartPolicy.Attempts ]]
39 | interval = "[[ (index .Payload.job.TaskGroups 0).RestartPolicy.Interval ]]"
40 | delay = "[[ (index .Payload.job.TaskGroups 0).RestartPolicy.Delay ]]"
41 | mode = "[[ (index .Payload.job.TaskGroups 0).RestartPolicy.Mode ]]"
42 | }
43 | [[end]]
44 | [[end]]
45 | [[end]]
46 | [[end]]
47 |
48 | task "backup" {
49 | driver = "docker"
50 |
51 | config {
52 | image = "postgres:latest"
53 | command = "sh"
54 | args = ["/local/backup-script.sh"]
55 |
56 | # Mount the necessary AWS credentials for S3 access
57 | mount {
58 | type = "bind"
59 | source = "local/backup-script.sh"
60 | target = "/local/backup-script.sh"
61 | readonly = true
62 | }
63 | }
64 |
65 | # Resource allocation
66 | resources {
67 | cpu = 500
68 | memory = 512
69 | }
70 |
71 | # Template for S3 backup configuration
72 | template {
73 | data = < /tmp/$BACKUP_FILE
134 |
135 | # Upload to S3
136 | echo "Uploading backup to s3://$S3_BUCKET/$S3_PATH/$BACKUP_FILE"
137 | aws s3 cp /tmp/$BACKUP_FILE s3://$S3_BUCKET/$S3_PATH/$BACKUP_FILE
138 |
139 | # Delete the local file
140 | rm /tmp/$BACKUP_FILE
141 |
142 | echo "Backup completed successfully at $(date)"
143 | EOH
144 | destination = "local/backup-script.sh"
145 | perms = "0755"
146 | }
147 | }
148 | }
149 | }
150 |
--------------------------------------------------------------------------------
/go.mod:
--------------------------------------------------------------------------------
1 | module github.com/thunderbottom/damon
2 |
3 | go 1.22.2
4 |
5 | require (
6 | github.com/hashicorp/nomad v1.7.7
7 | github.com/hashicorp/nomad/api v0.0.0-20240509095522-7e42ad869aef
8 | github.com/knadh/koanf/parsers/toml v0.1.0
9 | github.com/knadh/koanf/providers/env v0.1.0
10 | github.com/knadh/koanf/providers/file v0.1.0
11 | github.com/knadh/koanf/providers/posflag v0.1.0
12 | github.com/knadh/koanf/v2 v2.1.1
13 | github.com/miekg/dns v1.1.50
14 | github.com/spf13/pflag v1.0.5
15 | github.com/valkey-io/valkey-go v1.0.37
16 | )
17 |
18 | require (
19 | github.com/fsnotify/fsnotify v1.6.0 // indirect
20 | github.com/go-viper/mapstructure/v2 v2.0.0-alpha.1 // indirect
21 | github.com/gorilla/websocket v1.5.0 // indirect
22 | github.com/hashicorp/cronexpr v1.1.2 // indirect
23 | github.com/hashicorp/errwrap v1.1.0 // indirect
24 | github.com/hashicorp/go-cleanhttp v0.5.2 // indirect
25 | github.com/hashicorp/go-multierror v1.1.1 // indirect
26 | github.com/hashicorp/go-rootcerts v1.0.2 // indirect
27 | github.com/hashicorp/hcl v1.0.1-vault-3 // indirect
28 | github.com/knadh/koanf/maps v0.1.1 // indirect
29 | github.com/mitchellh/copystructure v1.2.0 // indirect
30 | github.com/mitchellh/go-homedir v1.1.0 // indirect
31 | github.com/mitchellh/mapstructure v1.5.0 // indirect
32 | github.com/mitchellh/reflectwalk v1.0.2 // indirect
33 | github.com/pelletier/go-toml v1.9.5 // indirect
34 | golang.org/x/exp v0.0.0-20231006140011-7918f672742d // indirect
35 | golang.org/x/mod v0.13.0 // indirect
36 | golang.org/x/net v0.24.0 // indirect
37 | golang.org/x/sys v0.19.0 // indirect
38 | golang.org/x/tools v0.14.0 // indirect
39 | )
40 |
--------------------------------------------------------------------------------
/go.sum:
--------------------------------------------------------------------------------
1 | github.com/armon/go-metrics v0.4.1 h1:hR91U9KYmb6bLBYLQjyM+3j+rcd/UhE+G78SFnF8gJA=
2 | github.com/armon/go-metrics v0.4.1/go.mod h1:E6amYzXo6aW1tqzoZGT755KkbgrJsSdpwZ+3JqfkOG4=
3 | github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
4 | github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM=
5 | github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
6 | github.com/docker/go-units v0.5.0 h1:69rxXcBk27SvSaaxTtLh/8llcHD8vYHT7WSdRZ/jvr4=
7 | github.com/docker/go-units v0.5.0/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDDbaIK4Dk=
8 | github.com/fatih/color v1.15.0 h1:kOqh6YHBtK8aywxGerMG2Eq3H6Qgoqeo13Bk2Mv/nBs=
9 | github.com/fatih/color v1.15.0/go.mod h1:0h5ZqXfHYED7Bhv2ZJamyIOUej9KtShiJESRwBDUSsw=
10 | github.com/felixge/httpsnoop v1.0.3 h1:s/nj+GCswXYzN5v2DpNMuMQYe+0DDwt5WVCU6CWBdXk=
11 | github.com/felixge/httpsnoop v1.0.3/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U=
12 | github.com/fsnotify/fsnotify v1.6.0 h1:n+5WquG0fcWoWp6xPWfHdbskMCQaFnG6PfBrh1Ky4HY=
13 | github.com/fsnotify/fsnotify v1.6.0/go.mod h1:sl3t1tCWJFWoRz9R8WJCbQihKKwmorjAbSClcnxKAGw=
14 | github.com/go-viper/mapstructure/v2 v2.0.0-alpha.1 h1:TQcrn6Wq+sKGkpyPvppOz99zsMBaUOKXq6HSv655U1c=
15 | github.com/go-viper/mapstructure/v2 v2.0.0-alpha.1/go.mod h1:oJDH3BJKyqBA2TXFhDsKDGDTlndYOZ6rGS0BRZIxGhM=
16 | github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
17 | github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
18 | github.com/gorilla/websocket v1.5.0 h1:PPwGk2jz7EePpoHN/+ClbZu8SPxiqlu12wZP/3sWmnc=
19 | github.com/gorilla/websocket v1.5.0/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE=
20 | github.com/hashicorp/consul/api v1.26.1 h1:5oSXOO5fboPZeW5SN+TdGFP/BILDgBm19OrPZ/pICIM=
21 | github.com/hashicorp/consul/api v1.26.1/go.mod h1:B4sQTeaSO16NtynqrAdwOlahJ7IUDZM9cj2420xYL8A=
22 | github.com/hashicorp/cronexpr v1.1.2 h1:wG/ZYIKT+RT3QkOdgYc+xsKWVRgnxJ1OJtjjy84fJ9A=
23 | github.com/hashicorp/cronexpr v1.1.2/go.mod h1:P4wA0KBl9C5q2hABiMO7cp6jcIg96CDh1Efb3g1PWA4=
24 | github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4=
25 | github.com/hashicorp/errwrap v1.1.0 h1:OxrOeh75EUXMY8TBjag2fzXGZ40LB6IKw45YeGUDY2I=
26 | github.com/hashicorp/errwrap v1.1.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4=
27 | github.com/hashicorp/go-cleanhttp v0.5.2 h1:035FKYIWjmULyFRBKPs8TBQoi0x6d9G4xc9neXJWAZQ=
28 | github.com/hashicorp/go-cleanhttp v0.5.2/go.mod h1:kO/YDlP8L1346E6Sodw+PrpBSV4/SoxCXGY6BqNFT48=
29 | github.com/hashicorp/go-hclog v1.6.2 h1:NOtoftovWkDheyUM/8JW3QMiXyxJK3uHRK7wV04nD2I=
30 | github.com/hashicorp/go-hclog v1.6.2/go.mod h1:W4Qnvbt70Wk/zYJryRzDRU/4r0kIg0PVHBcfoyhpF5M=
31 | github.com/hashicorp/go-immutable-radix v1.3.1 h1:DKHmCUm2hRBK510BaiZlwvpD40f8bJFeZnpfm2KLowc=
32 | github.com/hashicorp/go-immutable-radix v1.3.1/go.mod h1:0y9vanUI8NX6FsYoO3zeMjhV/C5i9g4Q3DwcSNZ4P60=
33 | github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo=
34 | github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM=
35 | github.com/hashicorp/go-rootcerts v1.0.2 h1:jzhAVGtqPKbwpyCPELlgNWhE1znq+qwJtW5Oi2viEzc=
36 | github.com/hashicorp/go-rootcerts v1.0.2/go.mod h1:pqUvnprVnM5bf7AOirdbb01K4ccR319Vf4pU3K5EGc8=
37 | github.com/hashicorp/golang-lru v0.5.4 h1:YDjusn29QI/Das2iO9M0BHnIbxPeyuCHsjMW+lJfyTc=
38 | github.com/hashicorp/golang-lru v0.5.4/go.mod h1:iADmTwqILo4mZ8BN3D2Q6+9jd8WM5uGBxy+E8yxSoD4=
39 | github.com/hashicorp/hcl v1.0.1-vault-3 h1:V95v5KSTu6DB5huDSKiq4uAfILEuNigK/+qPET6H/Mg=
40 | github.com/hashicorp/hcl v1.0.1-vault-3/go.mod h1:XYhtn6ijBSAj6n4YqAaf7RBPS4I06AItNorpy+MoQNM=
41 | github.com/hashicorp/nomad v1.7.7 h1:waeoP30YfFxE6mDob9V1GjlkUQBHzgY4MGvFsNIx1FY=
42 | github.com/hashicorp/nomad v1.7.7/go.mod h1:peQyTQw1DAwRc4a2MXB7eDNULtTfRKyQSpB/osUEc6I=
43 | github.com/hashicorp/nomad/api v0.0.0-20240509095522-7e42ad869aef h1:zJGfnOr5wKuu3KGjeNXv54/4lNkZDxSsduHHIB4XZQ4=
44 | github.com/hashicorp/nomad/api v0.0.0-20240509095522-7e42ad869aef/go.mod h1:svtxn6QnrQ69P23VvIWMR34tg3vmwLz4UdUzm1dSCgE=
45 | github.com/hashicorp/serf v0.10.1 h1:Z1H2J60yRKvfDYAOZLd2MU0ND4AH/WDz7xYHDWQsIPY=
46 | github.com/hashicorp/serf v0.10.1/go.mod h1:yL2t6BqATOLGc5HF7qbFkTfXoPIY0WZdWHfEvMqbG+4=
47 | github.com/knadh/koanf/maps v0.1.1 h1:G5TjmUh2D7G2YWf5SQQqSiHRJEjaicvU0KpypqB3NIs=
48 | github.com/knadh/koanf/maps v0.1.1/go.mod h1:npD/QZY3V6ghQDdcQzl1W4ICNVTkohC8E73eI2xW4yI=
49 | github.com/knadh/koanf/parsers/toml v0.1.0 h1:S2hLqS4TgWZYj4/7mI5m1CQQcWurxUz6ODgOub/6LCI=
50 | github.com/knadh/koanf/parsers/toml v0.1.0/go.mod h1:yUprhq6eo3GbyVXFFMdbfZSo928ksS+uo0FFqNMnO18=
51 | github.com/knadh/koanf/providers/env v0.1.0 h1:LqKteXqfOWyx5Ab9VfGHmjY9BvRXi+clwyZozgVRiKg=
52 | github.com/knadh/koanf/providers/env v0.1.0/go.mod h1:RE8K9GbACJkeEnkl8L/Qcj8p4ZyPXZIQ191HJi44ZaQ=
53 | github.com/knadh/koanf/providers/file v0.1.0 h1:fs6U7nrV58d3CFAFh8VTde8TM262ObYf3ODrc//Lp+c=
54 | github.com/knadh/koanf/providers/file v0.1.0/go.mod h1:rjJ/nHQl64iYCtAW2QQnF0eSmDEX/YZ/eNFj5yR6BvA=
55 | github.com/knadh/koanf/providers/posflag v0.1.0 h1:mKJlLrKPcAP7Ootf4pBZWJ6J+4wHYujwipe7Ie3qW6U=
56 | github.com/knadh/koanf/providers/posflag v0.1.0/go.mod h1:SYg03v/t8ISBNrMBRMlojH8OsKowbkXV7giIbBVgbz0=
57 | github.com/knadh/koanf/v2 v2.1.1 h1:/R8eXqasSTsmDCsAyYj+81Wteg8AqrV9CP6gvsTsOmM=
58 | github.com/knadh/koanf/v2 v2.1.1/go.mod h1:4mnTRbZCK+ALuBXHZMjDfG9y714L7TykVnZkXbMU3Es=
59 | github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA=
60 | github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg=
61 | github.com/mattn/go-isatty v0.0.17 h1:BTarxUcIeDqL27Mc+vyvdWYSL28zpIhv3RoTdsLMPng=
62 | github.com/mattn/go-isatty v0.0.17/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM=
63 | github.com/miekg/dns v1.1.50 h1:DQUfb9uc6smULcREF09Uc+/Gd46YWqJd5DbpPE9xkcA=
64 | github.com/miekg/dns v1.1.50/go.mod h1:e3IlAVfNqAllflbibAZEWOXOQ+Ynzk/dDozDxY7XnME=
65 | github.com/mitchellh/copystructure v1.2.0 h1:vpKXTN4ewci03Vljg/q9QvCGUDttBOGBIa15WveJJGw=
66 | github.com/mitchellh/copystructure v1.2.0/go.mod h1:qLl+cE2AmVv+CoeAwDPye/v+N2HKCj9FbZEVFJRxO9s=
67 | github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y=
68 | github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0=
69 | github.com/mitchellh/go-testing-interface v1.14.2-0.20210821155943-2d9075ca8770 h1:drhDO54gdT/a15GBcMRmunZiNcLgPiFIJa23KzmcvcU=
70 | github.com/mitchellh/go-testing-interface v1.14.2-0.20210821155943-2d9075ca8770/go.mod h1:SO/iHr6q2EzbqRApt+8/E9wqebTwQn5y+UlB04bxzo0=
71 | github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY=
72 | github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo=
73 | github.com/mitchellh/reflectwalk v1.0.2 h1:G2LzWKi524PWgd3mLHV8Y5k7s6XUvT0Gef6zxSIeXaQ=
74 | github.com/mitchellh/reflectwalk v1.0.2/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw=
75 | github.com/onsi/gomega v1.31.1 h1:KYppCUK+bUgAZwHOu7EXVBKyQA6ILvOESHkn/tgoqvo=
76 | github.com/onsi/gomega v1.31.1/go.mod h1:y40C95dwAD1Nz36SsEnxvfFe8FFfNxzI5eJ0EYGyAy0=
77 | github.com/pelletier/go-toml v1.9.5 h1:4yBQzkHv+7BHq2PQUZF3Mx0IYxG7LsP222s7Agd3ve8=
78 | github.com/pelletier/go-toml v1.9.5/go.mod h1:u1nR/EPcESfeI/szUZKdtJ0xRNbUoANCkoOuaOx1Y+c=
79 | github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U=
80 | github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
81 | github.com/shoenig/test v1.7.1 h1:UJcjSAI3aUKx52kfcfhblgyhZceouhvvs3OYdWgn+PY=
82 | github.com/shoenig/test v1.7.1/go.mod h1:UxJ6u/x2v/TNs/LoLxBNJRV9DiwBBKYxXSyczsBHFoI=
83 | github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA=
84 | github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg=
85 | github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk=
86 | github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
87 | github.com/valkey-io/valkey-go v1.0.37 h1:yJjYX5o8hhfMPQisIa02Ewue3KQHWSh+39KMa3EKzMo=
88 | github.com/valkey-io/valkey-go v1.0.37/go.mod h1:LXqAbjygRuA1YRocojTslAGx2dQB4p8feaseGviWka4=
89 | github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k=
90 | golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
91 | golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
92 | golang.org/x/exp v0.0.0-20231006140011-7918f672742d h1:jtJma62tbqLibJ5sFQz8bKtEM8rJBtfilJ2qTU199MI=
93 | golang.org/x/exp v0.0.0-20231006140011-7918f672742d/go.mod h1:ldy0pHrwJyGW56pPQzzkH36rKxoZW1tw7ZJpeKx+hdo=
94 | golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
95 | golang.org/x/mod v0.13.0 h1:I/DsJXRlw/8l/0c24sM9yb0T4z9liZTduXvdAWYiysY=
96 | golang.org/x/mod v0.13.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
97 | golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
98 | golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
99 | golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM=
100 | golang.org/x/net v0.0.0-20210726213435-c6fcb2dbf985/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
101 | golang.org/x/net v0.24.0 h1:1PcaxkF854Fu3+lvBIx5SYn9wRlBzzcnHZSiaFFAb0w=
102 | golang.org/x/net v0.24.0/go.mod h1:2Q7sJY5mzlzWjKtYUEXSlBWCdyaioyXzRB2RtU8KVE8=
103 | golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
104 | golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
105 | golang.org/x/sync v0.6.0 h1:5BMeUDZ7vkXGfEr1x9B4bRcTH4lpkTkpdh0T/J+qjbQ=
106 | golang.org/x/sync v0.6.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
107 | golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
108 | golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
109 | golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
110 | golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
111 | golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
112 | golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
113 | golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
114 | golang.org/x/sys v0.0.0-20220908164124-27713097b956/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
115 | golang.org/x/sys v0.19.0 h1:q5f1RH2jigJ1MoAWp2KTp3gm5zAGFUTarQZ5U386+4o=
116 | golang.org/x/sys v0.19.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
117 | golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
118 | golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
119 | golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
120 | golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
121 | golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ=
122 | golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
123 | golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
124 | golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
125 | golang.org/x/tools v0.1.6-0.20210726203631-07bc1bf47fb2/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
126 | golang.org/x/tools v0.14.0 h1:jvNa2pY0M4r62jkRQ6RwEZZyPcymeL9XZMLBbV7U2nc=
127 | golang.org/x/tools v0.14.0/go.mod h1:uYBEerGOWcJyEORxN+Ek8+TT266gXkNlHdJBwexUsBg=
128 | golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
129 | golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
130 | golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
131 | gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
132 | gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
133 |
--------------------------------------------------------------------------------
/internal/config/config.go:
--------------------------------------------------------------------------------
1 | package config
2 |
3 | import (
4 | "fmt"
5 | "log/slog"
6 | "os"
7 | "strings"
8 | "time"
9 |
10 | "github.com/knadh/koanf/parsers/toml"
11 | "github.com/knadh/koanf/providers/env"
12 | "github.com/knadh/koanf/providers/file"
13 | "github.com/knadh/koanf/providers/posflag"
14 | "github.com/knadh/koanf/v2"
15 | flag "github.com/spf13/pflag"
16 | )
17 |
18 | // Config holds the application configuration
19 | type Config struct {
20 | Koanf *koanf.Koanf
21 | }
22 |
23 | var defaultValues = map[string]any{
24 | "app.log_level": "INFO",
25 | "cache.commit_interval": "10s",
26 | "provider.*.namespace": "*",
27 | }
28 |
29 | // Load loads configuration from file and environment
30 | func Load() (*Config, error) {
31 | ko := koanf.New(".")
32 | f := flag.NewFlagSet("config", flag.ContinueOnError)
33 |
34 | // Configure command line flags
35 | f.String("config", "config.toml", "path to the configuration file")
36 | if err := f.Parse(os.Args[1:]); err != nil {
37 | return nil, fmt.Errorf("error parsing flags: %w", err)
38 | }
39 |
40 | // Load command line flags
41 | if err := ko.Load(posflag.Provider(f, ".", ko), nil); err != nil {
42 | return nil, fmt.Errorf("error loading flags: %w", err)
43 | }
44 |
45 | // Load configuration file
46 | configPath := ko.String("config")
47 | if err := ko.Load(file.Provider(configPath), toml.Parser()); err != nil {
48 | return nil, fmt.Errorf("config file error: %w", err)
49 | }
50 |
51 | // Simplified env var loading
52 | envPrefix := "DAMON_"
53 | if err := ko.Load(env.Provider(envPrefix, ".", func(s string) string {
54 | return strings.ToLower(strings.Replace(
55 | strings.TrimPrefix(s, envPrefix),
56 | "__",
57 | ".",
58 | -1))
59 | }), nil); err != nil {
60 | return nil, fmt.Errorf("env config error: %w", err)
61 | }
62 |
63 | return validateConfig(ko)
64 | }
65 |
66 | // applyDefaults sets default values for configuration options
67 | func applyDefaults(ko *koanf.Koanf) {
68 | for key, value := range defaultValues {
69 | if strings.Contains(key, "*") {
70 | // Handle wildcard defaults for providers
71 | for _, provider := range ko.MapKeys("provider") {
72 | specificKey := strings.Replace(key, "*", provider, 1)
73 | if !ko.Exists(specificKey) {
74 | ko.Set(specificKey, value)
75 | }
76 | }
77 | } else if !ko.Exists(key) {
78 | ko.Set(key, value)
79 | }
80 | }
81 | }
82 |
83 | // validateConfig checks if the configuration is valid
84 | func validateConfig(ko *koanf.Koanf) (*Config, error) {
85 | applyDefaults(ko)
86 |
87 | cfg := &Config{Koanf: ko}
88 |
89 | var violations []string
90 | // Required field checks
91 | if len(ko.MapKeys("provider")) == 0 {
92 | violations = append(violations, "no providers configured")
93 | }
94 |
95 | if len(violations) > 0 {
96 | return nil, fmt.Errorf("config validation failed: %s", strings.Join(violations, "; "))
97 | }
98 |
99 | return cfg, nil
100 | }
101 |
102 | // NewLogger creates a configured logger
103 | func (c *Config) NewLogger() *slog.Logger {
104 | level := c.Koanf.MustString("app.log_level")
105 | opts := &slog.HandlerOptions{}
106 |
107 | switch level {
108 | case "DEBUG":
109 | opts.Level = slog.LevelDebug
110 | case "INFO":
111 | opts.Level = slog.LevelInfo
112 | case "ERROR":
113 | opts.Level = slog.LevelError
114 | default:
115 | fmt.Fprintf(os.Stderr, "undefined log level: %s\n", level)
116 | os.Exit(1)
117 | }
118 |
119 | return slog.New(slog.NewTextHandler(os.Stdout, opts))
120 | }
121 |
122 | // Validate ensures the configuration has all required values
123 | func (c *Config) Validate() error {
124 | var errors []string
125 |
126 | // Check for required fields
127 | if len(c.Koanf.MapKeys("provider")) == 0 {
128 | errors = append(errors, "no providers configured")
129 | }
130 |
131 | if len(c.CacheAddress()) == 0 {
132 | errors = append(errors, "cache address not configured")
133 | }
134 |
135 | if c.GetCommitInterval() == 0 {
136 | errors = append(errors, "commit interval not configured or invalid")
137 | }
138 |
139 | // Validate each provider
140 | for _, provider := range c.Koanf.MapKeys("provider") {
141 | pType := c.Koanf.String(fmt.Sprintf("provider.%s.type", provider))
142 | if pType == "" {
143 | errors = append(errors, fmt.Sprintf("provider %s has no type", provider))
144 | }
145 | }
146 |
147 | if len(errors) > 0 {
148 | return fmt.Errorf("configuration validation failed: %s", strings.Join(errors, "; "))
149 | }
150 |
151 | return nil
152 | }
153 |
154 | // GetCommitInterval returns the commit interval duration
155 | func (c *Config) GetCommitInterval() time.Duration {
156 | return c.Koanf.Duration("cache.commit_interval")
157 | }
158 |
159 | // CacheAddress returns the cache address
160 | func (c *Config) CacheAddress() []string {
161 | return c.Koanf.Strings("cache.address")
162 | }
163 |
164 | // CacheUsername returns the cache username
165 | func (c *Config) CacheUsername() string {
166 | return c.Koanf.String("cache.username")
167 | }
168 |
169 | // CachePassword returns the cache password
170 | func (c *Config) CachePassword() string {
171 | return c.Koanf.String("cache.password")
172 | }
173 |
174 | // CacheClientName returns the cache client name
175 | func (c *Config) CacheClientName() string {
176 | return c.Koanf.String("cache.client_name")
177 | }
178 |
--------------------------------------------------------------------------------
/internal/core/core.go:
--------------------------------------------------------------------------------
1 | package core
2 |
3 | import (
4 | "context"
5 | "fmt"
6 | "log/slog"
7 | "strconv"
8 | "sync"
9 | "time"
10 |
11 | "github.com/hashicorp/nomad/api"
12 | "github.com/thunderbottom/damon/internal/config"
13 | "github.com/thunderbottom/damon/internal/interfaces"
14 | "github.com/thunderbottom/damon/internal/stream"
15 | "github.com/thunderbottom/damon/provider"
16 | "github.com/valkey-io/valkey-go"
17 | )
18 |
19 | // Core represents the main application engine
20 | type Core struct {
21 | cache interfaces.CacheClient
22 | client interfaces.NomadClient
23 | commitTicker *time.Ticker
24 | config *config.Config
25 | doneOnce sync.Once
26 | lastCommittedIndices map[string]uint64
27 | logger *slog.Logger
28 | rawCache valkey.Client
29 | streamMgr interfaces.StreamManager
30 | }
31 |
32 | // nomadClientAdapter adapts api.Client to interfaces.NomadClient
33 | type nomadClientAdapter struct {
34 | client *api.Client
35 | }
36 |
37 | // NewNomadClientAdapter returns a new Nomad client adapter
38 | func NewNomadClientAdapter(client *api.Client) interfaces.NomadClient {
39 | return &nomadClientAdapter{client: client}
40 | }
41 |
42 | // Address returns the Nomad client address
43 | func (a *nomadClientAdapter) Address() string {
44 | return a.client.Address()
45 | }
46 |
47 | // Jobs returns a new Nomad client job adapter
48 | func (a *nomadClientAdapter) Jobs() interfaces.JobsAPI {
49 | return &jobsAPIAdapter{a.client.Jobs()}
50 | }
51 |
52 | // EventStream returns a new Nomad client Events Stream adapter
53 | func (a *nomadClientAdapter) EventStream() interfaces.EventStreamAPI {
54 | return &eventStreamAPIAdapter{a.client.EventStream()}
55 | }
56 |
57 | // ACLPolicies returns a new Nomad ACL policies adapter
58 | func (a *nomadClientAdapter) ACLPolicies() interfaces.ACLPoliciesAPI {
59 | return &aclPoliciesAPIAdapter{a.client.ACLPolicies()}
60 | }
61 |
62 | // Services returns a new Nomad Services adapter
63 | func (a *nomadClientAdapter) Services() interfaces.ServicesAPI {
64 | return &servicesAPIAdapter{a.client.Services()}
65 | }
66 |
67 | // Individual API adapters
68 | type jobsAPIAdapter struct {
69 | jobs *api.Jobs
70 | }
71 |
72 | // List retrieves a list of jobs from the Nomad API
73 | func (a *jobsAPIAdapter) List(q *api.QueryOptions) ([]*api.JobListStub, *api.QueryMeta, error) {
74 | return a.jobs.List(q)
75 | }
76 |
77 | // Register registers a job with the Nomad API
78 | func (a *jobsAPIAdapter) Register(job *api.Job, q *api.WriteOptions) (*api.JobRegisterResponse, *api.WriteMeta, error) {
79 | return a.jobs.Register(job, q)
80 | }
81 |
82 | // Deregister removes a job from the Nomad API
83 | func (a *jobsAPIAdapter) Deregister(jobID string, purge bool, q *api.WriteOptions) (string, *api.WriteMeta, error) {
84 | return a.jobs.Deregister(jobID, purge, q)
85 | }
86 |
87 | type eventStreamAPIAdapter struct {
88 | es *api.EventStream
89 | }
90 |
91 | // Stream sets up a Nomad event stream
92 | func (a *eventStreamAPIAdapter) Stream(ctx context.Context, topics map[api.Topic][]string, index uint64, q *api.QueryOptions) (<-chan *api.Events, error) {
93 | return a.es.Stream(ctx, topics, index, q)
94 | }
95 |
96 | type aclPoliciesAPIAdapter struct {
97 | acl *api.ACLPolicies
98 | }
99 |
100 | // Upsert creates or updates an ACL policy
101 | func (a *aclPoliciesAPIAdapter) Upsert(policy *api.ACLPolicy, q *api.WriteOptions) (*api.ACLPolicy, error) {
102 | _, err := a.acl.Upsert(policy, q)
103 | if err != nil {
104 | return nil, err
105 | }
106 | return policy, nil
107 | }
108 |
109 | // Delete removes an ACL policy
110 | func (a *aclPoliciesAPIAdapter) Delete(policyName string, q *api.WriteOptions) error {
111 | _, err := a.acl.Delete(policyName, q)
112 | return err
113 | }
114 |
115 | type servicesAPIAdapter struct {
116 | services *api.Services
117 | }
118 |
119 | // List retrieves a list of services from Nomad
120 | func (a *servicesAPIAdapter) List(q *api.QueryOptions) ([]*api.ServiceRegistrationListStub, *api.QueryMeta, error) {
121 | return a.services.List(q)
122 | }
123 |
124 | // Get retrieves details for a specific service
125 | func (a *servicesAPIAdapter) Get(serviceID string, q *api.QueryOptions) ([]*api.ServiceRegistration, *api.QueryMeta, error) {
126 | return a.services.Get(serviceID, q)
127 | }
128 |
129 | // New creates a new Core instance with all initialized components
130 | func New(ctx context.Context, cfg *config.Config, logger *slog.Logger) (*Core, error) {
131 | // Initialize Nomad client
132 | apiClient, err := api.NewClient(api.DefaultConfig())
133 | if err != nil {
134 | return nil, fmt.Errorf("failed to initialize nomad client: %w", err)
135 | }
136 |
137 | // Wrap with adapter
138 | client := NewNomadClientAdapter(apiClient)
139 | logger.Info("initialized nomad client", "cluster", client.Address())
140 |
141 | // Initialize stream manager
142 | streamMgr := stream.NewManager(logger)
143 |
144 | core := &Core{
145 | logger: logger,
146 | client: client,
147 | config: cfg,
148 | streamMgr: streamMgr,
149 | }
150 |
151 | // Initialize cache
152 | if err := core.initCache(ctx); err != nil {
153 | return nil, err
154 | }
155 |
156 | // Initialize providers and streams
157 | if err := core.initProviders(ctx); err != nil {
158 | return nil, err
159 | }
160 |
161 | return core, nil
162 | }
163 |
164 | // initCache initializes the Redis cache client
165 | func (c *Core) initCache(ctx context.Context) error {
166 | cache, err := valkey.NewClient(valkey.ClientOption{
167 | InitAddress: c.config.CacheAddress(),
168 | Username: c.config.CacheUsername(),
169 | Password: c.config.CachePassword(),
170 | ClientName: c.config.CacheClientName(),
171 | })
172 | if err != nil {
173 | return fmt.Errorf("failed to initialize cache: %w", err)
174 | }
175 |
176 | // Test cache connection
177 | _, err = cache.Do(ctx, cache.B().Ping().Build()).ToString()
178 | if err != nil {
179 | return fmt.Errorf("failed to connect to cache: %w", err)
180 | }
181 |
182 | // Store both the adapted interface and the raw client
183 | c.cache = interfaces.NewValkeyClientAdapter(cache)
184 | c.rawCache = cache
185 | c.logger.Info("initialized cache connection")
186 | return nil
187 | }
188 |
189 | // Run starts all providers and handles graceful shutdown
190 | func (c *Core) Run(ctx context.Context) error {
191 | // Start the commit ticker
192 | commitInterval := c.config.GetCommitInterval()
193 | c.startCommitTicker(ctx, commitInterval)
194 |
195 | // Run all streams
196 | err := c.streamMgr.Consume(ctx)
197 | if err != nil && err != context.Canceled {
198 | return fmt.Errorf("error consuming streams: %w", err)
199 | }
200 |
201 | return nil
202 | }
203 |
204 | // Close performs cleanup actions
205 | func (c *Core) Close() error {
206 | var err error
207 | c.doneOnce.Do(func() {
208 | if c.commitTicker != nil {
209 | c.commitTicker.Stop()
210 | }
211 |
212 | if c.rawCache != nil {
213 | c.rawCache.Close()
214 | }
215 | })
216 | return err
217 | }
218 |
219 | // startCommitTicker starts a ticker to commit indices periodically
220 | func (c *Core) startCommitTicker(ctx context.Context, interval time.Duration) {
221 | if interval <= 0 {
222 | c.logger.Error("invalid commit interval", "interval", interval)
223 | return
224 | }
225 |
226 | c.commitTicker = time.NewTicker(interval)
227 | c.logger.Debug("starting index commit in background", "interval", interval)
228 |
229 | go func() {
230 | for {
231 | select {
232 | case <-c.commitTicker.C:
233 | c.commitIndices(ctx)
234 | case <-ctx.Done():
235 | c.logger.Info("stopping commit ticker")
236 | return
237 | }
238 | }
239 | }()
240 | }
241 |
242 | // commitIndices commits provider indices to the cache
243 | func (c *Core) commitIndices(ctx context.Context) {
244 | indices := c.streamMgr.GetProviderIndices()
245 |
246 | for provider, idx := range indices {
247 | // Skip if index hasn't changed since last commit
248 | if lastIdx, exists := c.lastCommittedIndices[provider]; exists && lastIdx == idx {
249 | c.logger.Debug("skipping commit, no index changes detected")
250 | continue
251 | }
252 |
253 | // Index has changed, commit it
254 | err := c.rawCache.Do(ctx, c.rawCache.B().
255 | Hset().Key("provider:"+provider).FieldValue().
256 | FieldValue("event-index", fmt.Sprint(idx)).
257 | Build()).Error()
258 |
259 | if err != nil {
260 | c.logger.Error("failed to commit index", "provider", provider, "error", err)
261 | } else {
262 | c.logger.Debug("committed index", "provider", provider, "index", idx)
263 | c.lastCommittedIndices[provider] = idx
264 | }
265 | }
266 | }
267 |
268 | // initProviders initializes all configured providers
269 | func (c *Core) initProviders(ctx context.Context) error {
270 | provider.Initialize(c.logger)
271 |
272 | // Get list of providers from config
273 | providers := c.config.Koanf.MapKeys("provider")
274 | if len(providers) == 0 {
275 | return fmt.Errorf("no providers enabled in configuration")
276 | }
277 |
278 | // Try to load plugins if configured
279 | pluginDir := c.config.Koanf.String("plugins.directory")
280 | if pluginDir != "" {
281 | if err := provider.GetRegistry().LoadPlugins(pluginDir); err != nil {
282 | c.logger.Warn("error loading provider plugins", "error", err)
283 | // Continue even if plugin loading fails
284 | }
285 | }
286 |
287 | c.logger.Info("available provider types",
288 | "types", provider.GetRegistry().Types())
289 |
290 | for _, providerName := range providers {
291 | // Extract provider configuration
292 | providerConfig := c.config.Koanf.Cut("provider." + providerName)
293 | providerType := providerConfig.String("type")
294 |
295 | if providerType == "" {
296 | return fmt.Errorf("provider '%s' has no type specified", providerName)
297 | }
298 |
299 | // Create provider using factory
300 | p, err := provider.Create(
301 | ctx,
302 | providerType,
303 | providerName,
304 | c.logger.With("provider", providerName),
305 | c.client,
306 | c.cache,
307 | providerConfig,
308 | )
309 | if err != nil {
310 | return fmt.Errorf("failed to initialize provider %s: %w", providerName, err)
311 | }
312 |
313 | // Get last index from cache
314 | key := "provider:" + p.Name()
315 | var idx uint64 = 0
316 |
317 | result := c.rawCache.Do(ctx, c.rawCache.B().
318 | Hget().Key(key).Field("event-index").
319 | Build())
320 |
321 | if result.Error() == nil {
322 | idxStr, err := result.ToString()
323 | if err == nil {
324 | // Parse the string value to uint64
325 | parsedIdx, parseErr := strconv.ParseUint(idxStr, 10, 64)
326 | if parseErr == nil {
327 | idx = parsedIdx
328 | c.logger.Info("loaded existing event index",
329 | "provider", p.Name(),
330 | "index", idx)
331 | }
332 | }
333 | }
334 |
335 | namespace := providerConfig.String("namespace")
336 | if namespace == "" {
337 | c.logger.Warn("namespace not defined, using '*'", "provider", p.Name())
338 | namespace = "*"
339 | }
340 |
341 | // Add stream for this provider
342 | if err := c.streamMgr.AddStream(p, namespace, idx, c.client); err != nil {
343 | return fmt.Errorf("failed to add stream for provider %s: %w", p.Name(), err)
344 | }
345 |
346 | c.logger.Info("initialized provider", "provider", p.Name(), "type", providerType)
347 | }
348 |
349 | return nil
350 | }
351 |
--------------------------------------------------------------------------------
/internal/interfaces/cache_adapter.go:
--------------------------------------------------------------------------------
1 | package interfaces
2 |
3 | import (
4 | "context"
5 | "github.com/valkey-io/valkey-go"
6 | )
7 |
8 | // ValkeyClientAdapter adapts valkey.Client to interfaces.CacheClient
9 | type ValkeyClientAdapter struct {
10 | client valkey.Client
11 | }
12 |
13 | // NewValkeyClientAdapter creates a new adapter for the valkey client
14 | func NewValkeyClientAdapter(client valkey.Client) CacheClient {
15 | return &ValkeyClientAdapter{client: client}
16 | }
17 |
18 | // Close closes the underlying Valkey client connection
19 | func (a *ValkeyClientAdapter) Close() {
20 | a.client.Close()
21 | }
22 |
23 | // Do executes a Valkey command
24 | func (a *ValkeyClientAdapter) Do(ctx context.Context, cmd any) any {
25 | if completed, ok := cmd.(valkey.Completed); ok {
26 | return a.client.Do(ctx, completed)
27 | }
28 | return nil
29 | }
30 |
31 | // RawClient returns the underlying Valkey client
32 | func (a *ValkeyClientAdapter) RawClient() valkey.Client {
33 | return a.client
34 | }
35 |
--------------------------------------------------------------------------------
/internal/interfaces/interfaces.go:
--------------------------------------------------------------------------------
1 | package interfaces
2 |
3 | import (
4 | "context"
5 | "log/slog"
6 |
7 | "github.com/hashicorp/nomad/api"
8 | "github.com/knadh/koanf/v2"
9 | "github.com/valkey-io/valkey-go"
10 | )
11 |
12 | // CacheClient defines the interface for cache operations
13 | type CacheClient interface {
14 | Close()
15 | Do(ctx context.Context, cmd any) any
16 | RawClient() valkey.Client
17 | }
18 |
19 | // NomadClient defines the interface for Nomad API operations
20 | type NomadClient interface {
21 | Address() string
22 | Jobs() JobsAPI
23 | EventStream() EventStreamAPI
24 | ACLPolicies() ACLPoliciesAPI
25 | Services() ServicesAPI
26 | }
27 |
28 | // JobsAPI defines the Nomad Jobs API interface
29 | type JobsAPI interface {
30 | List(q *api.QueryOptions) ([]*api.JobListStub, *api.QueryMeta, error)
31 | Register(job *api.Job, q *api.WriteOptions) (*api.JobRegisterResponse, *api.WriteMeta, error)
32 | Deregister(jobID string, purge bool, q *api.WriteOptions) (string, *api.WriteMeta, error)
33 | }
34 |
35 | // EventStreamAPI defines the Nomad Event Stream API interface
36 | type EventStreamAPI interface {
37 | Stream(ctx context.Context, topics map[api.Topic][]string, index uint64, q *api.QueryOptions) (<-chan *api.Events, error)
38 | }
39 |
40 | // ACLPoliciesAPI defines the Nomad ACL Policies API interface
41 | type ACLPoliciesAPI interface {
42 | Upsert(policy *api.ACLPolicy, q *api.WriteOptions) (*api.ACLPolicy, error)
43 | Delete(policyName string, q *api.WriteOptions) error
44 | }
45 |
46 | // Provider encapsulates the event stream provider interface
47 | type Provider interface {
48 | // Name returns the name of the provider
49 | Name() string
50 |
51 | // OnEvent executes the provider logic on an event stream event
52 | OnEvent(event *api.Event)
53 |
54 | // Topics returns the topics required by the event stream provider
55 | Topics() map[api.Topic][]string
56 |
57 | // Close performs any cleanup needed when shutting down
58 | Close() error
59 | }
60 |
61 | // ProviderFactory is a function type that creates a provider
62 | type ProviderFactory func(context.Context, *slog.Logger, NomadClient, CacheClient, *koanf.Koanf) (Provider, error)
63 |
64 | // StreamManager defines the interface for managing event streams
65 | type StreamManager interface {
66 | AddStream(p Provider, namespace string, index uint64, client NomadClient) error
67 | Consume(ctx context.Context) error
68 | GetProviderIndices() map[string]uint64
69 | }
70 |
--------------------------------------------------------------------------------
/internal/interfaces/service.go:
--------------------------------------------------------------------------------
1 | package interfaces
2 |
3 | import (
4 | "github.com/hashicorp/nomad/api"
5 | )
6 |
7 | // ServicesAPI defines the Nomad Services API interface
8 | type ServicesAPI interface {
9 | List(q *api.QueryOptions) ([]*api.ServiceRegistrationListStub, *api.QueryMeta, error)
10 | Get(serviceID string, q *api.QueryOptions) ([]*api.ServiceRegistration, *api.QueryMeta, error)
11 | }
12 |
--------------------------------------------------------------------------------
/internal/stream/stream.go:
--------------------------------------------------------------------------------
1 | package stream
2 |
3 | import (
4 | "context"
5 | "errors"
6 | "fmt"
7 | "log/slog"
8 | "math"
9 | "strings"
10 | "sync"
11 | "time"
12 |
13 | "github.com/hashicorp/nomad/api"
14 | "github.com/thunderbottom/damon/internal/interfaces"
15 | )
16 |
17 | // Stream represents a Nomad event stream
18 | type Stream struct {
19 | namespace string
20 | provider interfaces.Provider
21 | client interfaces.NomadClient
22 | logger *slog.Logger
23 | eventIdx uint64
24 | mu sync.RWMutex
25 | }
26 |
27 | // Manager is responsible for managing multiple streams
28 | type Manager struct {
29 | streams []*Stream
30 | logger *slog.Logger
31 | }
32 |
33 | // NewManager creates a new stream manager
34 | func NewManager(logger *slog.Logger) interfaces.StreamManager {
35 | return &Manager{
36 | streams: []*Stream{},
37 | logger: logger,
38 | }
39 | }
40 |
41 | // AddStream adds a new stream to the manager
42 | func (m *Manager) AddStream(p interfaces.Provider, ns string, idx uint64, cl interfaces.NomadClient) error {
43 | stream := &Stream{
44 | namespace: ns,
45 | client: cl,
46 | logger: m.logger.With("provider", p.Name()),
47 | provider: p,
48 | eventIdx: idx,
49 | }
50 | m.streams = append(m.streams, stream)
51 | return nil
52 | }
53 |
54 | // Consume starts all streams in the manager
55 | func (m *Manager) Consume(ctx context.Context) error {
56 | if len(m.streams) == 0 {
57 | return fmt.Errorf("no streams configured")
58 | }
59 |
60 | var wg sync.WaitGroup
61 | errChan := make(chan error, len(m.streams))
62 |
63 | for _, s := range m.streams {
64 | wg.Add(1)
65 | go func(s *Stream) {
66 | defer wg.Done()
67 | if err := s.Consume(ctx); err != nil && err != context.Canceled {
68 | errChan <- fmt.Errorf("stream for provider %s failed: %w", s.provider.Name(), err)
69 | }
70 | }(s)
71 | }
72 |
73 | // Wait for all streams to complete or for context cancellation
74 | go func() {
75 | wg.Wait()
76 | close(errChan)
77 | }()
78 |
79 | for {
80 | select {
81 | case err, ok := <-errChan:
82 | if !ok {
83 | // Channel closed, all streams finished without error
84 | return nil
85 | }
86 | return err
87 | case <-ctx.Done():
88 | return ctx.Err()
89 | }
90 | }
91 | }
92 |
93 | // GetProviderIndices returns a map of provider names to their event indices
94 | func (m *Manager) GetProviderIndices() map[string]uint64 {
95 | indices := make(map[string]uint64)
96 | for _, s := range m.streams {
97 | s.mu.RLock()
98 | indices[s.provider.Name()] = s.eventIdx
99 | s.mu.RUnlock()
100 | }
101 | return indices
102 | }
103 |
104 | // Consume starts the event stream and processes events
105 | func (s *Stream) Consume(ctx context.Context) error {
106 | s.logger.Info("starting provider")
107 |
108 | // Fetch last event meta index if we're starting from zero
109 | if s.eventIdx == 0 {
110 | s.logger.Info("event index is 0, fetching latest event index")
111 | _, meta, err := s.client.Jobs().List(&api.QueryOptions{Namespace: s.namespace})
112 | if err != nil {
113 | return fmt.Errorf("failed to fetch job meta for provider %s: %w", s.provider.Name(), err)
114 | }
115 | s.eventIdx = meta.LastIndex
116 | }
117 |
118 | // Get provider-specific topics
119 | topics := s.provider.Topics()
120 | s.logger.Debug("starting event stream", "index", s.eventIdx, "namespace", s.namespace)
121 |
122 | // Initialize stream with backoff retry
123 | stream, err := s.setupStreamWithRetry(ctx, topics)
124 | if err != nil {
125 | return fmt.Errorf("stream setup failed for provider %s: %w", s.provider.Name(), err)
126 | }
127 |
128 | // Process events
129 | return s.processEvents(ctx, stream)
130 | }
131 |
132 | // setupStreamWithRetry initializes the event stream with exponential backoff
133 | func (s *Stream) setupStreamWithRetry(ctx context.Context, topics map[api.Topic][]string) (<-chan *api.Events, error) {
134 | const maxRetries = 5
135 | var stream <-chan *api.Events
136 | var err error
137 |
138 | for retries := range maxRetries {
139 | select {
140 | case <-ctx.Done():
141 | return nil, ctx.Err()
142 | default:
143 | }
144 |
145 | es := s.client.EventStream()
146 | stream, err = es.Stream(ctx, topics, s.eventIdx, &api.QueryOptions{Namespace: s.namespace})
147 | if err == nil {
148 | return stream, nil
149 | }
150 |
151 | s.logger.Error("failed to set up event stream", "error", err, "retry", retries+1)
152 | if retries < maxRetries-1 {
153 | // Exponential backoff (1s, 2s, 4s, 8s)
154 | delay := time.Duration(1< 1 {
189 | delay := time.Duration(math.Min(
190 | float64(time.Minute),
191 | float64(backoffDuration*time.Duration(1<<(consecutiveErrorCount-1))),
192 | ))
193 | s.logger.Info("backing off before retry", "delay", delay)
194 | time.Sleep(delay)
195 | }
196 |
197 | // If too many consecutive errors, attempt to restart the stream
198 | if consecutiveErrorCount >= maxConsecutiveErrors {
199 | s.logger.Error("too many consecutive errors, attempting to restart stream")
200 |
201 | // Attempt to set up a new stream
202 | newTopics := s.provider.Topics()
203 | newStream, err := s.setupStreamWithRetry(ctx, newTopics)
204 | if err != nil {
205 | return fmt.Errorf("failed to restart stream after multiple errors: %w", err)
206 | }
207 | stream = newStream
208 | consecutiveErrorCount = 0
209 | }
210 |
211 | continue
212 | }
213 |
214 | // Non-recoverable error
215 | return fmt.Errorf("fatal event stream error for provider %s: %w",
216 | s.provider.Name(), event.Err)
217 | }
218 |
219 | // Reset consecutive error count on successful event
220 | consecutiveErrorCount = 0
221 |
222 | // Ignore heartbeat events and empty events
223 | if event.IsHeartbeat() || len(event.Events) == 0 {
224 | continue
225 | }
226 |
227 | // Process each event
228 | for _, e := range event.Events {
229 | s.logger.Debug("received event",
230 | "type", e.Type,
231 | "topic", e.Topic,
232 | "index", e.Index)
233 |
234 | // Handle the event via provider safely
235 | func() {
236 | defer func() {
237 | if r := recover(); r != nil {
238 | s.logger.Error("provider panicked during event handling",
239 | "panic", r)
240 | }
241 | }()
242 | s.provider.OnEvent(&e)
243 | }()
244 | }
245 |
246 | // Update the last index
247 | s.mu.Lock()
248 | s.eventIdx = event.Events[len(event.Events)-1].Index
249 | s.mu.Unlock()
250 | }
251 | }
252 | }
253 |
254 | // isRecoverableError categorizes errors into recoverable and fatal types
255 | func isRecoverableError(err error) bool {
256 | // Categorize common recoverable errors
257 | if err == nil {
258 | return true
259 | }
260 |
261 | errStr := err.Error()
262 |
263 | // Network-related temporary errors are recoverable
264 | if strings.Contains(errStr, "connection refused") ||
265 | strings.Contains(errStr, "deadline exceeded") ||
266 | strings.Contains(errStr, "temporary network error") ||
267 | strings.Contains(errStr, "timeout") ||
268 | strings.Contains(errStr, "EOF") {
269 | return true
270 | }
271 |
272 | // Handle specific Nomad API errors that are considered recoverable
273 | if strings.Contains(errStr, "429") || // Rate limiting
274 | strings.Contains(errStr, "500") || // Server error
275 | strings.Contains(errStr, "503") { // Service unavailable
276 | return true
277 | }
278 |
279 | // Consider context cancellation as recoverable for graceful shutdown
280 | if errors.Is(err, context.Canceled) ||
281 | errors.Is(err, context.DeadlineExceeded) {
282 | return true
283 | }
284 |
285 | // Default to treating unknown errors as non-recoverable
286 | return false
287 | }
288 |
289 | // GetIndex returns the provider name and the last event index
290 | func (s *Stream) GetIndex() (string, uint64) {
291 | s.mu.RLock()
292 | defer s.mu.RUnlock()
293 | return s.provider.Name(), s.eventIdx
294 | }
295 |
--------------------------------------------------------------------------------
/internal/utils/utils.go:
--------------------------------------------------------------------------------
1 | package utils
2 |
3 | import (
4 | "fmt"
5 | "os"
6 | )
7 |
8 | // IsExists checks whether a path exists
9 | func IsExists(path string) (bool, error) {
10 | _, err := os.Stat(path)
11 | if os.IsNotExist(err) {
12 | return false, nil
13 | }
14 | if err != nil {
15 | return false, fmt.Errorf("error checking path: %w", err)
16 | }
17 | return true, nil
18 | }
19 |
20 | // ReadFile reads a file and returns its contents
21 | func ReadFile(path string) ([]byte, error) {
22 | exists, err := IsExists(path)
23 | if err != nil {
24 | return nil, err
25 | }
26 | if !exists {
27 | return nil, fmt.Errorf("file does not exist: %s", path)
28 | }
29 |
30 | data, err := os.ReadFile(path)
31 | if err != nil {
32 | return nil, fmt.Errorf("error reading file: %w", err)
33 | }
34 | return data, nil
35 | }
36 |
--------------------------------------------------------------------------------
/provider/dns/README.md:
--------------------------------------------------------------------------------
1 | # DNS Provider
2 |
3 | The DNS Provider creates a lightweight DNS server that automatically registers Nomad services and makes them discoverable through DNS queries. This enables service discovery across your Nomad cluster without requiring additional infrastructure.
4 |
5 | ## Features
6 |
7 | - **Automatic Service Registration**: Monitors Nomad service registration events and creates DNS records
8 | - **DNS Query Support**: Responds to A, SRV, and NS queries for registered services
9 | - **Service Filtering**: Ability to filter services by tags
10 | - **Namespace and Datacenter Awareness**: Query services across namespaces and datacenters
11 | - **Periodic Refresh**: Automatically syncs with Nomad services to maintain consistency
12 |
13 | ## How It Works
14 |
15 | The DNS Provider works by:
16 |
17 | 1. Listening for Nomad service registration and deregistration events
18 | 2. Storing service information in the cache with the service name as key
19 | 3. Running a DNS server that responds to queries for registered services
20 | 4. Periodically refreshing the service catalog to maintain consistency
21 |
22 | ## Configuration
23 |
24 | Here's a sample configuration for the DNS provider:
25 |
26 | ```toml
27 | # Basic configuration
28 | [provider.dns]
29 | type = "dns"
30 | namespace = "*" # Namespace to watch for services, "*" for all namespaces
31 | listen_addr = ":5353" # Address for the DNS server to listen on
32 | ttl = 30 # TTL for DNS records in seconds (optional, default: 30)
33 | tags = ["production", "public"] # Only register services with these tags (optional)
34 | ```
35 |
36 | You can register multiple DNS providers with different configurations:
37 |
38 | ```toml
39 | # Listen on different addresses for different service filters
40 | [provider.internal_dns]
41 | type = "dns"
42 | namespace = "*"
43 | listen_addr = ":5353"
44 | tags = ["internal"]
45 |
46 | [provider.external_dns]
47 | type = "dns"
48 | namespace = "production"
49 | listen_addr = ":5354"
50 | tags = ["external"]
51 | ```
52 |
53 | ## DNS Query Formats
54 |
55 | The DNS provider supports multiple query formats for different use cases:
56 |
57 | | Query Format | Example | Description |
58 | |--------------|---------|-------------|
59 | | `servicename` | `postgres-db` | Basic A record lookup, returns IP address |
60 | | `servicename.namespace` | `postgres-db.production` | Service in specific namespace |
61 | | `servicename.namespace.datacenter.service` | `postgres-db.production.dc1.service` | Fully qualified service name |
62 | | `_servicename._tcp.service` | `_postgres-db._tcp.service` | SRV record with port information |
63 |
64 | All query formats are case-insensitive.
65 |
66 | ## Usage
67 |
68 | ### Service Registration in Nomad
69 |
70 | Services are automatically registered when they appear in Nomad. To ensure a service is included in DNS, make sure it has the right tags if you've configured tag filtering:
71 |
72 | ```hcl
73 | job "web-app" {
74 | group "app" {
75 | network {
76 | port "http" {
77 | to = 8080
78 | }
79 | }
80 |
81 | service {
82 | name = "webapp"
83 | port = "http"
84 | tags = ["production", "public"] # Tags for filtering by the DNS provider
85 | }
86 | }
87 | }
88 | ```
89 |
90 | ### Example DNS Queries
91 |
92 | #### A Record Query
93 |
94 | For direct IP address lookups:
95 |
96 | ```bash
97 | # Basic service lookup
98 | dig @localhost -p 5353 webapp
99 |
100 | # Service in specific namespace
101 | dig @localhost -p 5353 webapp.default
102 | ```
103 |
104 | Response:
105 | ```
106 | ;; ANSWER SECTION:
107 | webapp. 30 IN A 10.0.0.123
108 | ```
109 |
110 | #### SRV Record Query
111 |
112 | For service discovery with port information:
113 |
114 | ```bash
115 | dig @localhost -p 5353 _webapp._tcp.service SRV
116 | ```
117 |
118 | Response:
119 | ```
120 | ;; ANSWER SECTION:
121 | _webapp._tcp.service. 30 IN SRV 10 10 8080 webapp.default.dc1.service.
122 |
123 | ;; ADDITIONAL SECTION:
124 | webapp.default.dc1.service. 30 IN A 10.0.0.123
125 | ```
126 |
127 | The SRV record includes:
128 | - Target hostname: `..svc..`
129 | - Port information from the Nomad service registration
130 | - Priority and weight values (useful for load balancing)
131 |
132 | ### Using with Applications
133 |
134 | To use this DNS server for service discovery in your applications, you need to configure them to use the Damon DNS server for resolution.
135 |
136 | #### Configuring Nginx
137 |
138 | Here's an example of using the DNS server with Nginx for service discovery:
139 |
140 | ```hcl
141 | template {
142 | data = < 0 && !hasRequiredTags(srv.Tags, d.config.Tags) {
172 | d.logger.Debug("service missing required tags, attempting to deregister",
173 | "service", srv.ServiceName,
174 | "tags", srv.Tags)
175 | d.deregisterService(srv)
176 | return
177 | }
178 |
179 | switch event.Type {
180 | case "ServiceRegistration":
181 | d.registerService(srv)
182 | case "ServiceDeregistration":
183 | d.deregisterService(srv)
184 | }
185 | }
186 |
187 | // registerService adds or updates a service in the DNS registry
188 | func (d *DNS) registerService(srv *api.ServiceRegistration) {
189 | record := &ServiceRecord{
190 | ID: srv.ID,
191 | Name: srv.ServiceName,
192 | Address: srv.Address,
193 | Port: srv.Port,
194 | Namespace: srv.Namespace,
195 | Datacenter: srv.Datacenter,
196 | Updated: time.Now().Unix(),
197 | }
198 |
199 | // Store in cache
200 | if err := d.storeServiceRecord(record); err != nil {
201 | d.logger.Error("failed to store service record",
202 | "service", srv.ServiceName,
203 | "error", err)
204 | return
205 | }
206 |
207 | d.logger.Info("registered service",
208 | "service", srv.ServiceName,
209 | "namespace", srv.Namespace,
210 | "address", srv.Address,
211 | "port", srv.Port)
212 | }
213 |
214 | // deregisterService removes a service from the DNS registry
215 | func (d *DNS) deregisterService(srv *api.ServiceRegistration) {
216 | // Remove from cache
217 | key := d.serviceCacheKey(srv.ServiceName)
218 |
219 | rawClient := d.cache.RawClient()
220 | cmd := rawClient.B().Del().Key(key).Build()
221 |
222 | if err := rawClient.Do(d.ctx, cmd).Error(); err != nil {
223 | d.logger.Error("failed to remove service from cache",
224 | "service", srv.ServiceName,
225 | "error", err)
226 | return
227 | }
228 |
229 | d.logger.Info("deregistered service",
230 | "service", srv.ServiceName,
231 | "namespace", srv.Namespace)
232 | }
233 |
234 | // storeServiceRecord saves a service record to the cache
235 | func (d *DNS) storeServiceRecord(record *ServiceRecord) error {
236 | // Serialize the record
237 | recordJSON, err := json.Marshal(record)
238 | if err != nil {
239 | return fmt.Errorf("failed to marshal service record: %w", err)
240 | }
241 |
242 | // Store in cache with service name as key
243 | key := d.serviceCacheKey(record.Name)
244 |
245 | rawClient := d.cache.RawClient()
246 |
247 | // Use a basic string command instead of the builder pattern
248 | cmd := rawClient.B().
249 | Hset().
250 | Key(key).
251 | FieldValue().
252 | FieldValue(record.ID, string(recordJSON)).
253 | Build()
254 |
255 | if err := rawClient.Do(d.ctx, cmd).Error(); err != nil {
256 | return fmt.Errorf("failed to store service record: %w", err)
257 | }
258 |
259 | return nil
260 | }
261 |
262 | // startServer starts the DNS server to respond to queries
263 | func (d *DNS) startServer() error {
264 | // Set up the DNS server
265 | dns.HandleFunc(".", d.handleDNSRequest)
266 |
267 | server := &dns.Server{
268 | Addr: d.config.ListenAddr,
269 | Net: "udp",
270 | Handler: dns.DefaultServeMux,
271 | }
272 |
273 | d.server = server
274 |
275 | // Start the server in a goroutine with context awareness
276 | go func() {
277 | d.logger.Info("starting DNS server", "address", d.config.ListenAddr)
278 | serverErrCh := make(chan error, 1)
279 |
280 | go func() {
281 | if err := server.ListenAndServe(); err != nil {
282 | d.logger.Error("DNS server error", "error", err)
283 | serverErrCh <- err
284 | }
285 | }()
286 |
287 | select {
288 | case <-d.ctx.Done():
289 | d.logger.Info("shutting down DNS server due to context cancellation")
290 | server.Shutdown()
291 | case err := <-serverErrCh:
292 | d.logger.Error("DNS server stopped unexpectedly", "error", err)
293 | }
294 | }()
295 |
296 | // Wait a moment to ensure server starts
297 | time.Sleep(100 * time.Millisecond)
298 | return nil
299 | }
300 |
301 | // handleDNSRequest processes incoming DNS requests
302 | func (d *DNS) handleDNSRequest(w dns.ResponseWriter, r *dns.Msg) {
303 | m := new(dns.Msg)
304 | m.SetReply(r)
305 | m.Authoritative = true
306 |
307 | // Cache common query responses for the duration of this request
308 | // to avoid duplicate lookups for the same service
309 | serviceCache := make(map[string][]*ServiceRecord)
310 |
311 | // Process each question
312 | for _, q := range r.Question {
313 | d.logger.Debug("received DNS query",
314 | "name", q.Name,
315 | "type", dns.TypeToString[q.Qtype])
316 |
317 | switch q.Qtype {
318 | case dns.TypeA:
319 | d.handleAQuery(q, m, serviceCache)
320 | case dns.TypeSRV:
321 | d.handleSRVQuery(q, m, serviceCache)
322 | case dns.TypeNS:
323 | // Return NS records for the server itself
324 | d.handleNSQuery(q, m)
325 | }
326 | }
327 |
328 | w.WriteMsg(m)
329 | }
330 |
331 | // handleAQuery processes A record queries (IP addresses)
332 | func (d *DNS) handleAQuery(q dns.Question, m *dns.Msg, serviceCache map[string][]*ServiceRecord) {
333 | serviceName := strings.TrimSuffix(q.Name, ".")
334 |
335 | // Check cache first
336 | records, ok := serviceCache[serviceName]
337 | if !ok {
338 | var err error
339 | records, err = d.lookupServicesByName(serviceName)
340 | if err != nil || len(records) == 0 {
341 | return // No records found
342 | }
343 | // Cache the result
344 | serviceCache[serviceName] = records
345 | }
346 |
347 | // Add A records for all matching services
348 | for _, record := range records {
349 | if record.Address != "" {
350 | rr := &dns.A{
351 | Hdr: dns.RR_Header{
352 | Name: q.Name,
353 | Rrtype: dns.TypeA,
354 | Class: dns.ClassINET,
355 | Ttl: uint32(d.config.TTL),
356 | },
357 | A: net.ParseIP(record.Address),
358 | }
359 | m.Answer = append(m.Answer, rr)
360 | }
361 | }
362 | }
363 |
364 | // handleSRVQuery processes SRV record queries (service discovery)
365 | func (d *DNS) handleSRVQuery(q dns.Question, m *dns.Msg, serviceCache map[string][]*ServiceRecord) {
366 | // SRV query format: _service._proto.name.
367 | parts := strings.Split(q.Name, ".")
368 | if len(parts) < 3 {
369 | return
370 | }
371 |
372 | // Extract service name from the query
373 | serviceName := strings.TrimPrefix(parts[0], "_")
374 |
375 | // Check cache first
376 | records, ok := serviceCache[serviceName]
377 | if !ok {
378 | var err error
379 | records, err = d.lookupServicesByName(serviceName)
380 | if err != nil || len(records) == 0 {
381 | return // No records found
382 | }
383 | // Cache the result
384 | serviceCache[serviceName] = records
385 | }
386 |
387 | // Prepare map for deduplication of A records
388 | aRecords := make(map[string]net.IP)
389 |
390 | // Add SRV records
391 | for _, record := range records {
392 | target := fmt.Sprintf("%s.%s.svc.%s.",
393 | record.Name,
394 | record.Namespace,
395 | record.Datacenter)
396 |
397 | rr := &dns.SRV{
398 | Hdr: dns.RR_Header{
399 | Name: q.Name,
400 | Rrtype: dns.TypeSRV,
401 | Class: dns.ClassINET,
402 | Ttl: uint32(d.config.TTL),
403 | },
404 | Priority: 10,
405 | Weight: 10,
406 | Port: uint16(record.Port),
407 | Target: target,
408 | }
409 | m.Answer = append(m.Answer, rr)
410 |
411 | // Store IP for A record (deduplicated)
412 | if record.Address != "" {
413 | aRecords[target] = net.ParseIP(record.Address)
414 | }
415 | }
416 |
417 | // Add corresponding A records (deduplicated)
418 | for target, ip := range aRecords {
419 | a := &dns.A{
420 | Hdr: dns.RR_Header{
421 | Name: target,
422 | Rrtype: dns.TypeA,
423 | Class: dns.ClassINET,
424 | Ttl: uint32(d.config.TTL),
425 | },
426 | A: ip,
427 | }
428 | m.Extra = append(m.Extra, a)
429 | }
430 | }
431 |
432 | // handleNSQuery returns nameserver information
433 | func (d *DNS) handleNSQuery(q dns.Question, m *dns.Msg) {
434 | ns := &dns.NS{
435 | Hdr: dns.RR_Header{
436 | Name: q.Name,
437 | Rrtype: dns.TypeNS,
438 | Class: dns.ClassINET,
439 | Ttl: uint32(d.config.TTL),
440 | },
441 | Ns: "ns1." + q.Name,
442 | }
443 | m.Answer = append(m.Answer, ns)
444 | }
445 |
446 | // lookupServicesByName retrieves all service records with the given name
447 | func (d *DNS) lookupServicesByName(name string) ([]*ServiceRecord, error) {
448 | key := d.serviceCacheKey(name)
449 |
450 | rawClient := d.cache.RawClient()
451 | cmd := rawClient.B().Hgetall().Key(key).Build()
452 | result := rawClient.Do(d.ctx, cmd)
453 |
454 | if err := result.Error(); err != nil {
455 | if err == valkey.Nil {
456 | return nil, nil // Key doesn't exist, no services
457 | }
458 | return nil, fmt.Errorf("failed to lookup service: %w", err)
459 | }
460 |
461 | // Parse results
462 | values, err := result.AsStrMap()
463 | if err != nil {
464 | return nil, fmt.Errorf("failed to parse service records: %w", err)
465 | }
466 |
467 | if len(values) == 0 {
468 | return nil, nil // Service exists but has no records
469 | }
470 |
471 | var records []*ServiceRecord
472 | for _, data := range values {
473 | var record ServiceRecord
474 | if err := json.Unmarshal([]byte(data), &record); err != nil {
475 | d.logger.Error("failed to unmarshal service record",
476 | "data", data,
477 | "error", err)
478 | continue
479 | }
480 | records = append(records, &record)
481 | }
482 |
483 | return records, nil
484 | }
485 |
486 | // syncServices performs a full synchronization with Nomad services
487 | func (d *DNS) syncServices() {
488 | d.logger.Info("starting full service sync")
489 |
490 | // Get all services from Nomad
491 | services, err := d.getServices()
492 | if err != nil {
493 | d.logger.Error("failed to get services from Nomad", "error", err)
494 | return
495 | }
496 |
497 | // Filter services that match our tag requirements
498 | var filteredServices []*api.ServiceRegistration
499 | for _, srv := range services {
500 | if len(d.config.Tags) == 0 || hasRequiredTags(srv.Tags, d.config.Tags) {
501 | filteredServices = append(filteredServices, srv)
502 | }
503 | }
504 |
505 | // Process services in batches
506 | batchSize := 50
507 | var records []*ServiceRecord
508 |
509 | for i := 0; i < len(filteredServices); i += batchSize {
510 | // Use math.Min to calculate the end of the batch
511 | end := int(math.Min(float64(i+batchSize), float64(len(filteredServices))))
512 | batch := filteredServices[i:end]
513 | batchRecords := make([]*ServiceRecord, 0, len(batch))
514 |
515 | for _, srv := range batch {
516 | record := &ServiceRecord{
517 | ID: srv.ID,
518 | Name: srv.ServiceName,
519 | Address: srv.Address,
520 | Port: srv.Port,
521 | Namespace: srv.Namespace,
522 | Datacenter: srv.Datacenter,
523 | Updated: time.Now().Unix(),
524 | }
525 |
526 | batchRecords = append(batchRecords, record)
527 | }
528 |
529 | if err := d.batchStoreServiceRecords(batchRecords); err != nil {
530 | d.logger.Error("failed to store batch of service records", "error", err, "batch_start", i)
531 | }
532 |
533 | // Append to overall records for logging
534 | records = append(records, batchRecords...)
535 | }
536 |
537 | d.logger.Info("service sync completed", "count", len(records))
538 | }
539 |
540 | // getServices retrieves all services from Nomad
541 | func (d *DNS) getServices() ([]*api.ServiceRegistration, error) {
542 | q := &api.QueryOptions{
543 | Namespace: d.config.Namespace,
544 | }
545 |
546 | // First get the list of service names
547 | serviceStubs, _, err := d.client.Services().List(q)
548 | if err != nil {
549 | return nil, fmt.Errorf("failed to list services: %w", err)
550 | }
551 |
552 | // We need to convert stubs to full registrations by calling Get for each service
553 | var services []*api.ServiceRegistration
554 |
555 | // According to the API docs, the List() endpoint returns namespaces with services,
556 | // and each service has a ServiceName field
557 | for _, nsServices := range serviceStubs {
558 | for _, svc := range nsServices.Services {
559 | // Get the service details using the ServiceName
560 | serviceRegs, _, err := d.client.Services().Get(svc.ServiceName, q)
561 | if err != nil {
562 | d.logger.Error("failed to get service details",
563 | "service", svc.ServiceName,
564 | "error", err)
565 | continue
566 | }
567 |
568 | // Add all returned service registrations to our slice
569 | services = append(services, serviceRegs...)
570 | }
571 | }
572 |
573 | return services, nil
574 | }
575 |
576 | // startRefreshTimer starts a timer to periodically refresh the service catalog
577 | func (d *DNS) startRefreshTimer() {
578 | d.refreshTimer = time.NewTimer(refreshInterval)
579 |
580 | go func() {
581 | for {
582 | select {
583 | case <-d.refreshTimer.C:
584 | d.syncServices()
585 | d.refreshTimer.Reset(refreshInterval)
586 | case <-d.ctx.Done():
587 | return
588 | }
589 | }
590 | }()
591 | }
592 |
593 | // handleDeploymentEvent processes deployment events to catch service changes
594 | func (d *DNS) handleDeploymentEvent(event *api.Event) {
595 | // For deployment events, we'll do a targeted sync of affected services
596 | // to ensure we catch any services that might have been updated
597 | if event.Type == "DeploymentStatusUpdate" {
598 | // Schedule a sync after a short delay to allow services to stabilize
599 | time.AfterFunc(5*time.Second, d.syncServices)
600 | }
601 | }
602 |
603 | // Close handles cleanup when shutting down
604 | func (d *DNS) Close() error {
605 | d.logger.Info("closing DNS provider")
606 |
607 | // Cancel the provider context
608 | d.cancel()
609 |
610 | // Stop the refresh timer
611 | if d.refreshTimer != nil {
612 | d.refreshTimer.Stop()
613 | }
614 |
615 | // Shutdown the DNS server
616 | if d.server != nil {
617 | return d.server.Shutdown()
618 | }
619 |
620 | return nil
621 | }
622 |
623 | func (d *DNS) batchStoreServiceRecords(records []*ServiceRecord) error {
624 | if len(records) == 0 {
625 | return nil
626 | }
627 |
628 | rawClient := d.cache.RawClient()
629 |
630 | // Group records by service name to avoid multiple operations on the same key
631 | recordsByName := make(map[string][]*ServiceRecord)
632 | for _, record := range records {
633 | recordsByName[record.Name] = append(recordsByName[record.Name], record)
634 | }
635 |
636 | // Process each service in batches
637 | for serviceName, serviceRecords := range recordsByName {
638 | key := d.serviceCacheKey(serviceName)
639 |
640 | // Build a multi-field HSET command
641 | hsetBuilder := rawClient.B().Hset().Key(key).FieldValue()
642 |
643 | for _, record := range serviceRecords {
644 | // Serialize the record
645 | recordJSON, err := json.Marshal(record)
646 | if err != nil {
647 | d.logger.Error("failed to marshal service record",
648 | "service", record.Name,
649 | "error", err)
650 | continue
651 | }
652 |
653 | hsetBuilder = hsetBuilder.FieldValue(record.ID, string(recordJSON))
654 | }
655 |
656 | // Execute the batch command
657 | if err := rawClient.Do(d.ctx, hsetBuilder.Build()).Error(); err != nil {
658 | return fmt.Errorf("failed to batch store service records for %s: %w", serviceName, err)
659 | }
660 | }
661 |
662 | return nil
663 | }
664 |
665 | // hasRequiredTags checks if a service has all required tags
666 | func hasRequiredTags(serviceTags, requiredTags []string) bool {
667 | // If no tags are required, all services pass
668 | if len(requiredTags) == 0 {
669 | return true
670 | }
671 |
672 | // Fast path: if the service has fewer tags than required, it can't match
673 | if len(serviceTags) < len(requiredTags) {
674 | return false
675 | }
676 |
677 | // Build tag set once
678 | tagSet := make(map[string]struct{}, len(serviceTags))
679 | for _, tag := range serviceTags {
680 | tagSet[tag] = struct{}{}
681 | }
682 |
683 | // Check all required tags in one pass
684 | for _, required := range requiredTags {
685 | if _, ok := tagSet[required]; !ok {
686 | return false
687 | }
688 | }
689 |
690 | return true
691 | }
692 |
693 | func (d *DNS) serviceCacheKey(serviceName string) string {
694 | return cacheKeyPrefix + serviceName
695 | }
696 |
--------------------------------------------------------------------------------
/provider/nomad/README.md:
--------------------------------------------------------------------------------
1 | # Nomad Provider
2 |
3 | The Nomad provider watches for job-related events in Nomad and creates secondary jobs based on the primary job's metadata. This is perfect for automating operational tasks like backups, monitoring, or creating auxiliary services for your main applications.
4 |
5 | ## Features
6 |
7 | - **Event-Driven Job Creation**: Automatically create secondary jobs when primary jobs are registered
8 | - **Template-Based**: Uses HCL templates to define secondary jobs
9 | - **ACL Integration**: Automatically creates appropriate ACL policies for secondary jobs
10 | - **Metadata Filtering**: Filter jobs based on metadata tags
11 | - **Cleanup Support**: Automatically deregister secondary jobs when primary jobs are removed
12 | - **Full Job Context**: Option to include the entire job payload in template data
13 |
14 | ## How It Works
15 |
16 | The Nomad provider operates by:
17 |
18 | 1. Listening for `JobRegistered` and `JobDeregistered` events
19 | 2. Checking if jobs have the `damon-enable = "true"` meta tag
20 | 3. Filtering jobs based on specified metadata tags
21 | 4. Rendering job and ACL templates using the job's metadata
22 | 5. Registering the resulting job and ACL policy with Nomad
23 | 6. Cleaning up the secondary job when the primary job is deregistered (if enabled)
24 |
25 | ## Configuration
26 |
27 | Here's a sample configuration for the Nomad provider:
28 |
29 | ```toml
30 | [provider.backup]
31 | type = "nomad"
32 | # Tags that must be present in the job's meta block
33 | tags = ["backup-cron", "backup-service", "backup-vars"]
34 | # Templates for job and ACL
35 | job_template = "templates/postgresql-backup/job.hcl"
36 | acl_template = "templates/postgresql-backup/acl.hcl"
37 | # Namespace to watch for events, "*" for all namespaces
38 | namespace = "*"
39 | # Whether to deregister the secondary job when the primary is deregistered
40 | deregister_job = true
41 | # Whether to include the full job payload in template data
42 | add_payload = true
43 | ```
44 |
45 | You can register multiple Nomad providers with different configurations:
46 |
47 | ```toml
48 | # PostgreSQL backup provider
49 | [provider.pg_backup]
50 | type = "nomad"
51 | tags = ["pg-backup-cron", "pg-backup-service", "pg-backup-vars"]
52 | job_template = "templates/postgresql-backup/job.hcl"
53 | acl_template = "templates/postgresql-backup/acl.hcl"
54 | namespace = "default"
55 | deregister_job = true
56 |
57 | # Redis backup provider
58 | [provider.redis_backup]
59 | type = "nomad"
60 | tags = ["redis-backup-cron", "redis-backup-service"]
61 | job_template = "templates/redis-backup/job.hcl"
62 | acl_template = "templates/redis-backup/acl.hcl"
63 | namespace = "default"
64 | deregister_job = true
65 | ```
66 |
67 | ## Configuration Options
68 |
69 | | Option | Description | Default | Required |
70 | |--------|-------------|---------|----------|
71 | | `type` | Must be "nomad" | | Yes |
72 | | `tags` | Tags required in the job meta block | `[]` | No |
73 | | `job_template` | Path to job template file | | Yes |
74 | | `acl_template` | Path to ACL policy template file | | Yes |
75 | | `namespace` | Namespace to monitor for jobs | `*` | No |
76 | | `deregister_job` | Remove secondary jobs when primary is removed | `false` | No |
77 | | `add_payload` | Include full job payload in template data | `false` | No |
78 |
79 | ## Usage
80 |
81 | ### Primary Job Configuration
82 |
83 | For a primary job to trigger secondary job creation, it needs:
84 |
85 | 1. The `damon-enable = true` meta tag
86 | 2. All the tags specified in the provider configuration
87 |
88 | Here's an example of a PostgreSQL service job that will trigger a backup job:
89 |
90 | ```hcl
91 | job "postgres" {
92 | datacenters = ["dc1"]
93 | type = "service"
94 |
95 | meta {
96 | damon-enable = "true"
97 | backup-cron = "0 0 * * *" # Daily backup at midnight
98 | backup-service = "postgres-db"
99 | backup-vars = "postgres-backup-vars" # Reference to Nomad variables
100 | }
101 |
102 | group "db" {
103 | count = 1
104 |
105 | network {
106 | port "db" {
107 | to = 5432
108 | }
109 | }
110 |
111 | service {
112 | name = "postgres-db"
113 | port = "db"
114 | tags = ["db", "postgres"]
115 |
116 | check {
117 | type = "tcp"
118 | interval = "10s"
119 | timeout = "2s"
120 | }
121 | }
122 |
123 | task "postgres" {
124 | driver = "docker"
125 |
126 | config {
127 | image = "postgres:14"
128 | ports = ["db"]
129 | }
130 |
131 | env {
132 | POSTGRES_USER = "app"
133 | POSTGRES_PASSWORD = "password"
134 | POSTGRES_DB = "myapp"
135 | }
136 | }
137 | }
138 | }
139 | ```
140 |
141 | ### Template System
142 |
143 | The Nomad provider uses a template system with the `[[` and `]]` delimiters. Available template variables include:
144 |
145 | - `.JobID`: The ID of the secondary job (automatically prefixed with "damon-")
146 | - `.Namespace`: The namespace of the primary job
147 | - `.Datacenters`: The datacenters of the primary job
148 | - `.Tags`: Map of all tags defined in the primary job's meta block
149 | - `.Payload`: Full job payload if `add_payload = true` is set
150 |
151 | #### Job Template Example
152 |
153 | Here's a simplified backup job template:
154 |
155 | ```hcl
156 | job "[[ .JobID ]]" {
157 | datacenters = [ [[range $idx, $dc := .Datacenters]][[if $idx]], [[end]]"[[$dc]]"[[end]] ]
158 | namespace = "[[ .Namespace ]]"
159 | type = "batch"
160 |
161 | periodic {
162 | cron = "[[ index .Tags "backup-cron" ]]"
163 | prohibit_overlap = true
164 | }
165 |
166 | group "backup" {
167 | count = 1
168 |
169 | task "backup" {
170 | driver = "docker"
171 |
172 | config {
173 | image = "postgres:14"
174 | command = "sh"
175 | args = ["/local/backup-script.sh"]
176 | }
177 |
178 | # Template for database credentials
179 | template {
180 | data = < /backup/backup-$(date +%Y%m%d-%H%M%S).sql.gz
203 | EOH
204 | destination = "local/backup-script.sh"
205 | perms = "0755"
206 | }
207 | }
208 | }
209 | }
210 | ```
211 |
212 | #### ACL Template Example
213 |
214 | The ACL template defines the permissions for the secondary job:
215 |
216 | ```hcl
217 | namespace "[[ .Namespace ]]" {
218 | policy = "read"
219 |
220 | # Access to variables
221 | variables {
222 | path "[[ index .Tags "backup-vars" ]]" {
223 | capabilities = ["read"]
224 | }
225 | }
226 | }
227 |
228 | # Read access to services for service discovery
229 | service {
230 | policy = "read"
231 | }
232 | ```
233 |
234 | ### Advanced Template Features
235 |
236 | The template system supports more advanced features like:
237 |
238 | - Conditionals: `[[if condition]]...[[end]]`
239 | - Loops: `[[range items]]...[[end]]`
240 | - Variable access: `index .Tags "key-name"`
241 | - Using primary job properties with `add_payload = true`:
242 |
243 | ```hcl
244 | [[if and .Payload .Payload.job]]
245 | # Use job priority from original job if available
246 | [[if .Payload.job.Priority]]
247 | priority = [[ .Payload.job.Priority ]]
248 | [[end]]
249 |
250 | # Copy constraints from original job
251 | [[if .Payload.job.Constraints]]
252 | [[range $idx, $constraint := .Payload.job.Constraints]]
253 | constraint {
254 | attribute = "[[ $constraint.LTarget ]]"
255 | operator = "[[ $constraint.Operand ]]"
256 | value = "[[ $constraint.RTarget ]]"
257 | }
258 | [[end]]
259 | [[end]]
260 | [[end]]
261 | ```
262 |
263 | ## Practical Examples
264 |
265 | ### Database Backup System
266 |
267 | Here's a complete example of a PostgreSQL deployment with automated backups:
268 |
269 | #### 1. Configure the Nomad provider
270 |
271 | ```toml
272 | [provider.pg_backup]
273 | type = "nomad"
274 | tags = ["backup-cron", "backup-service", "backup-vars"]
275 | job_template = "templates/postgresql-backup/job.hcl"
276 | acl_template = "templates/postgresql-backup/acl.hcl"
277 | namespace = "*"
278 | deregister_job = true
279 | ```
280 |
281 | #### 2. Create Nomad variables for backup credentials
282 |
283 | ```bash
284 | nomad var put postgres-backup-vars \
285 | POSTGRES_USER=app \
286 | POSTGRES_PASSWORD=secret \
287 | POSTGRES_DB=myapp \
288 | S3_BUCKET=my-backups
289 | ```
290 |
291 | #### 3. Deploy a PostgreSQL job with the appropriate meta tags
292 |
293 | ```hcl
294 | job "postgres" {
295 | datacenters = ["dc1"]
296 | type = "service"
297 |
298 | meta {
299 | damon-enable = "true"
300 | backup-cron = "0 3 * * *" # Daily backup at 3 AM
301 | backup-service = "postgres-db"
302 | backup-vars = "postgres-backup-vars"
303 | }
304 |
305 | # Rest of the PostgreSQL job definition...
306 | }
307 | ```
308 |
309 | #### 4. Damon automatically creates a backup job
310 |
311 | The provider will:
312 | 1. Detect the PostgreSQL job registration
313 | 2. Render the backup job template with the provided meta tags
314 | 3. Create an appropriate ACL policy for the backup job
315 | 4. Register the backup job in Nomad
316 |
317 | #### 5. Automatic cleanup when the database is removed
318 |
319 | If `deregister_job = true` is set and the PostgreSQL job is deregistered, Damon will automatically:
320 | 1. Detect the deregistration event
321 | 2. Delete the backup job from Nomad
322 | 3. Remove the associated ACL policy
323 |
324 | ### Monitoring Job Example
325 |
326 | You could also create a provider that automatically deploys monitoring jobs:
327 |
328 | ```toml
329 | [provider.monitoring]
330 | type = "nomad"
331 | tags = ["monitoring-scrape-interval", "monitoring-port", "monitoring-path"]
332 | job_template = "templates/prometheus-exporter/job.hcl"
333 | acl_template = "templates/prometheus-exporter/acl.hcl"
334 | namespace = "*"
335 | deregister_job = true
336 | ```
337 |
338 | Then add monitoring meta tags to your applications:
339 |
340 | ```hcl
341 | meta {
342 | damon-enable = "true"
343 | monitoring-scrape-interval = "15s"
344 | monitoring-port = "8080"
345 | monitoring-path = "/metrics"
346 | }
347 | ```
348 |
349 | ## ACL Policy Best Practices
350 |
351 | When creating ACL templates for secondary jobs, follow these principles:
352 |
353 | - Grant only the permissions needed for the specific job
354 | - Use namespace restrictions to isolate jobs
355 | - Limit variable access to only what's required
356 |
357 | Example of a secure ACL template:
358 |
359 | ```hcl
360 | namespace "[[ .Namespace ]]" {
361 | policy = "read"
362 |
363 | # Restrict to specific job only
364 | job "[[ .JobID ]]" {
365 | policy = "write"
366 | }
367 |
368 | # Limit variable access
369 | variables {
370 | path "[[ index .Tags "backup-vars" ]]" {
371 | capabilities = ["read"]
372 | }
373 | }
374 | }
375 |
376 | # Minimal service access for discovery
377 | service {
378 | policy = "read"
379 | }
380 | ```
381 |
382 | ## Troubleshooting
383 |
384 | ### Secondary Job Not Being Created
385 |
386 | 1. Verify that the primary job has `damon-enable = true` in its meta block
387 | 2. Check that all required tags are present in the meta block
388 | 3. Inspect the Damon logs for template rendering errors
389 | 4. Verify that the job and ACL templates exist at the specified paths
390 |
391 | ### Secondary Job Creation Fails
392 |
393 | 1. Check template syntax for errors
394 | 2. Verify that variables referenced in templates are available
395 | 3. Ensure Damon has the necessary permissions to create jobs and ACL policies
396 | 4. Inspect the Damon logs for detailed error messages
397 |
398 | ### Secondary Job Not Cleaning Up
399 |
400 | 1. Verify that `deregister_job = true` is set in the provider configuration
401 | 2. Check that the job was properly registered in the cache
402 | 3. Ensure Damon has permissions to deregister jobs
403 | 4. Inspect the Damon logs for deregistration errors
404 |
--------------------------------------------------------------------------------
/provider/nomad/job.go:
--------------------------------------------------------------------------------
1 | package nomad
2 |
3 | import (
4 | "bytes"
5 | "fmt"
6 | "text/template"
7 |
8 | "github.com/hashicorp/nomad/api"
9 | "github.com/hashicorp/nomad/jobspec"
10 | "github.com/valkey-io/valkey-go"
11 | )
12 |
13 | // renderTemplate renders the template with the provided data
14 | func renderTemplate(tmpl string, data any) (*bytes.Buffer, error) {
15 | tpl, err := template.New("").
16 | Delims("[[", "]]").
17 | Option("missingkey=error"). // Fails if a template tries to access a nonexistent key
18 | Parse(tmpl)
19 | if err != nil {
20 | return nil, fmt.Errorf("failed to parse template: %w", err)
21 | }
22 |
23 | var buf bytes.Buffer
24 | if err := tpl.Execute(&buf, &data); err != nil {
25 | return nil, fmt.Errorf("failed to execute template: %w", err)
26 | }
27 |
28 | return &buf, nil
29 | }
30 |
31 | // registerJob renders and registers both the ACL and job on Nomad
32 | func (n *Nomad) registerJob(jobID string, data *tplData) error {
33 | // Render job template
34 | jobBuf, err := renderTemplate(n.config.JobTemplate, data)
35 | if err != nil {
36 | return fmt.Errorf("failed to render job template: %w", err)
37 | }
38 |
39 | // Parse the job specification
40 | job, err := jobspec.Parse(jobBuf)
41 | if err != nil {
42 | return fmt.Errorf("failed to parse job spec: %w", err)
43 | }
44 |
45 | job.ID = &data.JobID
46 | job.Namespace = &data.Namespace
47 |
48 | // Register ACL policy for the job
49 | policyName, err := n.upsertACL(*job.ID, *job.Namespace, data)
50 | if err != nil {
51 | return fmt.Errorf("failed to upsert ACL: %w", err)
52 | }
53 |
54 | // Register the job on Nomad
55 | _, _, err = n.client.Jobs().Register(job, nil)
56 | if err != nil {
57 | // Try to clean up the ACL if job registration fails
58 | if cleanErr := n.deleteACL(policyName, *job.Namespace); cleanErr != nil {
59 | n.logger.Warn("failed to clean up ACL after job registration failure",
60 | "job", *job.ID, "policy", policyName, "error", cleanErr)
61 | }
62 | return fmt.Errorf("failed to register job: %w", err)
63 | }
64 |
65 | // Store job details in cache for later deregistration
66 | cacheKey := fmt.Sprintf(cacheKeyFormat, n.config.Name, jobID, data.Namespace)
67 |
68 | // Get the raw valkey client
69 | rawClient := n.cache.RawClient()
70 |
71 | cmd := rawClient.B().
72 | Hset().Key(cacheKey).FieldValue().
73 | FieldValue("jobID", *job.ID).
74 | FieldValue("namespace", *job.Namespace).
75 | FieldValue("acl", policyName).
76 | Build()
77 |
78 | result := rawClient.Do(n.ctx, cmd)
79 | if err := result.Error(); err != nil {
80 | n.logger.Error("failed to add job to cache", "job", *job.ID, "namespace", *job.Namespace, "error", err)
81 | // Continue execution even if cache update fails - the job is already registered
82 | }
83 |
84 | n.logger.Info("registered job", "job", *job.ID, "namespace", *job.Namespace)
85 | return nil
86 | }
87 |
88 | // deregisterJob removes a job from Nomad
89 | func (n *Nomad) deregisterJob(jobID string, namespace string) error {
90 | // Skip if deregistration is disabled
91 | if !n.config.Deregister {
92 | return nil
93 | }
94 |
95 | // Fetch job details from cache
96 | cacheKey := fmt.Sprintf(cacheKeyFormat, n.config.Name, jobID, namespace)
97 | rawClient := n.cache.RawClient()
98 |
99 | cmd := rawClient.B().
100 | Hmget().Key(cacheKey).
101 | Field("jobID").
102 | Field("namespace").
103 | Field("acl").
104 | Build()
105 |
106 | result := rawClient.Do(n.ctx, cmd)
107 | val, err := result.AsStrSlice()
108 |
109 | if err != nil {
110 | if err == valkey.Nil {
111 | n.logger.Info("no such job in cache", "job", jobID, "namespace", namespace)
112 | return nil // Not an error, job wasn't in cache
113 | }
114 | n.logger.Error("failed to fetch job from cache",
115 | "job", jobID,
116 | "namespace", namespace,
117 | "error", err)
118 | // Continue with deregistration attempt even if cache fails
119 | // This allows cleanup of Nomad jobs even if cache is having issues
120 | _, _, err = n.client.Jobs().Deregister(jobID, false, &api.WriteOptions{Namespace: namespace})
121 | if err != nil {
122 | return fmt.Errorf("failed to deregister job %s in namespace %s: %w", jobID, namespace, err)
123 | }
124 | return nil
125 | }
126 |
127 | // Check if we got valid data back (key exists and has values)
128 | if len(val) < 3 || val[0] == "" || val[1] == "" {
129 | n.logger.Info("no such job in cache", "job", jobID, "namespace", namespace)
130 | return nil // Not an error, job wasn't in cache or had incomplete data
131 | }
132 |
133 | // Extract job details
134 | id, ns, acl := val[0], val[1], val[2]
135 |
136 | // Deregister job
137 | _, _, err = n.client.Jobs().Deregister(id, false, &api.WriteOptions{Namespace: ns})
138 | if err != nil {
139 | return fmt.Errorf("failed to deregister job %s in namespace %s: %w", id, ns, err)
140 | }
141 |
142 | // Attempt to clean up ACL (don't fail if we can't)
143 | if acl != "" {
144 | if err := n.deleteACL(acl, ns); err != nil {
145 | n.logger.Warn("failed to delete ACL policy, continuing",
146 | "job", id, "namespace", ns, "policy", acl, "error", err)
147 | }
148 | }
149 |
150 | // Remove job from cache
151 | delCmd := rawClient.B().
152 | Hdel().Key(cacheKey).
153 | Field("jobID").
154 | Field("namespace").
155 | Field("acl").
156 | Build()
157 |
158 | if err := rawClient.Do(n.ctx, delCmd).Error(); err != nil {
159 | n.logger.Warn("failed to remove job from cache, continuing",
160 | "job", id, "namespace", ns, "error", err)
161 | }
162 |
163 | n.logger.Info("successfully deregistered job", "job", id, "namespace", ns)
164 | return nil
165 | }
166 |
167 | // upsertACL creates or updates the ACL policy for a job
168 | func (n *Nomad) upsertACL(id string, ns string, data *tplData) (string, error) {
169 | // Render ACL template
170 | rulesBuf, err := renderTemplate(n.config.AclTemplate, data)
171 | if err != nil {
172 | return "", fmt.Errorf("failed to render ACL template: %w", err)
173 | }
174 |
175 | // Create policy name with a consistent pattern
176 | policyName := id + "-access"
177 |
178 | // Create ACL policy
179 | policy := &api.ACLPolicy{
180 | Name: policyName,
181 | Description: fmt.Sprintf("ACL policy for %s. Generated by damon for job %s.", id, data.JobID),
182 | Rules: rulesBuf.String(),
183 | JobACL: &api.JobACL{
184 | Namespace: ns,
185 | JobID: id,
186 | },
187 | }
188 |
189 | n.logger.Info("creating ACL policy", "job", id, "namespace", ns, "policy", policyName)
190 | _, err = n.client.ACLPolicies().Upsert(policy, &api.WriteOptions{Namespace: ns})
191 | if err != nil {
192 | return "", fmt.Errorf("failed to upsert ACL policy: %w", err)
193 | }
194 |
195 | return policyName, nil
196 | }
197 |
198 | // deleteACL removes an ACL policy
199 | func (n *Nomad) deleteACL(policy string, ns string) error {
200 | if policy == "" {
201 | return nil // Nothing to delete
202 | }
203 |
204 | n.logger.Info("deleting ACL policy", "policy", policy, "namespace", ns)
205 | err := n.client.ACLPolicies().Delete(policy, &api.WriteOptions{Namespace: ns})
206 | if err != nil {
207 | return fmt.Errorf("failed to delete ACL policy %s: %w", policy, err)
208 | }
209 | return nil
210 | }
211 |
--------------------------------------------------------------------------------
/provider/nomad/nomad.go:
--------------------------------------------------------------------------------
1 | package nomad
2 |
3 | import (
4 | "context"
5 | "fmt"
6 | "log/slog"
7 | "strconv"
8 |
9 | "github.com/hashicorp/nomad/api"
10 | "github.com/knadh/koanf/v2"
11 | "github.com/thunderbottom/damon/internal/interfaces"
12 | "github.com/thunderbottom/damon/internal/utils"
13 | "github.com/thunderbottom/damon/provider"
14 | )
15 |
16 | const (
17 | cacheKeyFormat = "nomad:%s:%s-%s"
18 | )
19 |
20 | // Register the provider factory
21 | func init() {
22 | err := provider.RegisterProvider("nomad", New)
23 | if err != nil {
24 | slog.Error("failed to register nomad provider", "error", err)
25 | }
26 | }
27 |
28 | // Nomad represents the nomad provider
29 | type Nomad struct {
30 | logger *slog.Logger
31 | client interfaces.NomadClient
32 | config *config
33 | cache interfaces.CacheClient
34 | ctx context.Context
35 | }
36 |
37 | // config holds provider-specific configuration
38 | type config struct {
39 | Name string
40 | Tags []string
41 | JobTemplate string
42 | AclTemplate string
43 | Deregister bool
44 | AddPayload bool
45 | }
46 |
47 | // tplData holds data passed to job templates
48 | type tplData struct {
49 | JobID string
50 | Namespace string
51 | Datacenters []string
52 | Tags map[string]string
53 | Payload map[string]any
54 | }
55 |
56 | type templates struct {
57 | job string
58 | acl string
59 | }
60 |
61 | // Load and validate both templates
62 | func loadTemplates(jobPath, aclPath string) (*templates, error) {
63 | // Check job template
64 | if jobPath == "" {
65 | return nil, fmt.Errorf("job template path is empty")
66 | }
67 |
68 | jobTemp, err := utils.ReadFile(jobPath)
69 | if err != nil {
70 | return nil, fmt.Errorf("failed to read job template: %w", err)
71 | }
72 |
73 | // Check ACL template
74 | if aclPath == "" {
75 | return nil, fmt.Errorf("ACL template path is empty")
76 | }
77 |
78 | aclTemp, err := utils.ReadFile(aclPath)
79 | if err != nil {
80 | return nil, fmt.Errorf("failed to read ACL template: %w", err)
81 | }
82 |
83 | return &templates{
84 | job: string(jobTemp),
85 | acl: string(aclTemp),
86 | }, nil
87 | }
88 |
89 | // New creates a new Nomad provider instance
90 | func New(ctx context.Context, logger *slog.Logger, client interfaces.NomadClient,
91 | cache interfaces.CacheClient, k *koanf.Koanf) (interfaces.Provider, error) {
92 |
93 | // Extract configuration with defaults
94 | name := k.String("name")
95 | if name == "" {
96 | name = "nomad" // Default name
97 | }
98 |
99 | // Load templates first since they're critical
100 | jobTemplatePath := k.String("job_template")
101 | aclTemplatePath := k.String("acl_template")
102 |
103 | if jobTemplatePath == "" || aclTemplatePath == "" {
104 | return nil, fmt.Errorf("both job_template and acl_template must be specified")
105 | }
106 |
107 | templates, err := loadTemplates(jobTemplatePath, aclTemplatePath)
108 | if err != nil {
109 | return nil, err
110 | }
111 |
112 | // Configure provider
113 | cfg := &config{
114 | Name: name,
115 | Deregister: k.Bool("deregister_job"),
116 | Tags: k.Strings("tags"),
117 | AddPayload: k.Bool("add_payload"),
118 | JobTemplate: templates.job,
119 | AclTemplate: templates.acl,
120 | }
121 |
122 | // Create new provider
123 | provider := &Nomad{
124 | logger: logger.With("provider", name),
125 | cache: cache,
126 | config: cfg,
127 | client: client,
128 | ctx: ctx,
129 | }
130 |
131 | logger.Info("initialized nomad provider",
132 | "name", name,
133 | "deregister_enabled", cfg.Deregister,
134 | "tags", cfg.Tags)
135 |
136 | return provider, nil
137 | }
138 |
139 | // Name returns the provider name
140 | func (n *Nomad) Name() string {
141 | return n.config.Name
142 | }
143 |
144 | // Topics returns the topics required by this provider
145 | func (n *Nomad) Topics() map[api.Topic][]string {
146 | // Subscribe to all job event topics
147 | return map[api.Topic][]string{
148 | api.TopicJob: {"*"},
149 | }
150 | }
151 |
152 | // Close performs any cleanup needed
153 | func (n *Nomad) Close() error {
154 | n.logger.Info("closing nomad provider", "name", n.config.Name)
155 | return nil
156 | }
157 |
158 | // OnEvent processes job events
159 | func (n *Nomad) OnEvent(event *api.Event) {
160 | // Extract job from event
161 | job, err := event.Job()
162 | if err != nil {
163 | n.logger.Error("failed to fetch job from event",
164 | "provider", n.Name(),
165 | "error", err,
166 | "event_type", event.Type)
167 | return
168 | }
169 | if job == nil {
170 | n.logger.Debug("job not found in event, skipping", "provider", n.Name())
171 | return
172 | }
173 |
174 | // Skip periodic jobs, batch jobs, or unhandled event types
175 | if job.IsPeriodic() || *job.Type == "batch" ||
176 | (event.Type != "JobRegistered" && event.Type != "JobDeregistered") {
177 | return
178 | }
179 |
180 | // Skip dead jobs that are registered
181 | if event.Type == "JobRegistered" && *job.Status == "dead" {
182 | return
183 | }
184 |
185 | // Check if damon is enabled for this job
186 | val, ok := job.Meta["damon-enable"]
187 | if !ok {
188 | n.logger.Info("damon-enable tag not found on job", "job", *job.ID)
189 | if err := n.deregisterJob(*job.ID, *job.Namespace); err != nil {
190 | n.logger.Error("failed to deregister job without damon-enable tag",
191 | "job", *job.ID,
192 | "namespace", *job.Namespace,
193 | "error", err)
194 | }
195 | return
196 | }
197 |
198 | enabled, err := strconv.ParseBool(val)
199 | if err != nil {
200 | n.logger.Error("failed to parse damon-enable meta", "job", *job.ID, "meta", val, "error", err)
201 | return
202 | }
203 |
204 | if !enabled {
205 | n.logger.Info("damon disabled on job, attempting to remove", "job", *job.ID)
206 | if err := n.deregisterJob(*job.ID, *job.Namespace); err != nil {
207 | n.logger.Error("failed to deregister disabled job",
208 | "job", *job.ID,
209 | "namespace", *job.Namespace,
210 | "error", err)
211 | }
212 | return
213 | }
214 |
215 | // Process job based on event type
216 | switch event.Type {
217 | case "JobRegistered":
218 | data, ok := n.prepareTemplateData(job)
219 | if !ok {
220 | return
221 | }
222 |
223 | if err := n.registerJob(*job.ID, &data); err != nil {
224 | n.logger.Error("failed to register job",
225 | "job", *job.ID,
226 | "error", err)
227 | // Cleanup after failed registration
228 | if deregErr := n.deregisterJob(*job.ID, *job.Namespace); deregErr != nil {
229 | n.logger.Error("cleanup after failed registration also failed",
230 | "job", *job.ID,
231 | "error", deregErr)
232 | }
233 | }
234 |
235 | case "JobDeregistered":
236 | if err := n.deregisterJob(*job.ID, *job.Namespace); err != nil {
237 | n.logger.Error("failed to deregister job on JobDeregistered event",
238 | "job", *job.ID,
239 | "namespace", *job.Namespace,
240 | "error", err)
241 | }
242 | }
243 | }
244 |
245 | // prepareTemplateData extracts metadata from job for template rendering
246 | func (n *Nomad) prepareTemplateData(job *api.Job) (tplData, bool) {
247 | var data tplData
248 | data.Tags = make(map[string]string, len(n.config.Tags))
249 |
250 | for _, tag := range n.config.Tags {
251 | tagValue, ok := job.Meta[tag]
252 | if !ok {
253 | n.logger.Error("required tag not found in job meta", "job", *job.ID, "tag", tag)
254 | return data, false
255 | }
256 | data.Tags[tag] = tagValue
257 | }
258 |
259 | // Pass the entire job as payload if enabled
260 | if n.config.AddPayload {
261 | // Create a payload map with the job
262 | data.Payload = make(map[string]any)
263 | data.Payload["job"] = job
264 | }
265 |
266 | data.Datacenters = job.Datacenters
267 | data.JobID = "damon-" + *job.ID
268 | data.Namespace = *job.Namespace
269 |
270 | return data, true
271 | }
272 |
--------------------------------------------------------------------------------
/provider/provider.go:
--------------------------------------------------------------------------------
1 | package provider
2 |
3 | import (
4 | "context"
5 | "log/slog"
6 |
7 | "github.com/knadh/koanf/v2"
8 | "github.com/thunderbottom/damon/internal/interfaces"
9 | )
10 |
11 | // Config holds the configuration for creating a provider instance
12 | type Config struct {
13 | // Name is the unique identifier for this provider
14 | Name string
15 |
16 | // Logger for provider-specific logging
17 | Logger *slog.Logger
18 |
19 | // Client is the Nomad API client
20 | Client interfaces.NomadClient
21 |
22 | // Koanf contains provider-specific configuration
23 | Koanf *koanf.Koanf
24 |
25 | // Cache client for persistent storage
26 | Cache interfaces.CacheClient
27 |
28 | // Context for provider operations
29 | Context context.Context
30 | }
31 |
32 | // UnknownProviderError is returned when attempting to create an unknown provider
33 | type UnknownProviderError struct {
34 | ProviderType string
35 | }
36 |
37 | func (e *UnknownProviderError) Error() string {
38 | return "unknown provider type: " + e.ProviderType
39 | }
40 |
--------------------------------------------------------------------------------
/provider/registry.go:
--------------------------------------------------------------------------------
1 | package provider
2 |
3 | import (
4 | "context"
5 | "fmt"
6 | "log/slog"
7 | "os"
8 | "path/filepath"
9 | "plugin"
10 | "strings"
11 | "sync"
12 |
13 | "github.com/knadh/koanf/v2"
14 | "github.com/thunderbottom/damon/internal/interfaces"
15 | )
16 |
17 | // Registry manages provider registration and creation
18 | type Registry struct {
19 | mu sync.RWMutex
20 | factories map[string]interfaces.ProviderFactory
21 | logger *slog.Logger
22 | }
23 |
24 | // NewRegistry creates a new provider registry
25 | func NewRegistry(logger *slog.Logger) *Registry {
26 | if logger == nil {
27 | logger = slog.Default()
28 | }
29 |
30 | return &Registry{
31 | factories: make(map[string]interfaces.ProviderFactory),
32 | logger: logger,
33 | }
34 | }
35 |
36 | // Register adds a provider factory to the registry
37 | func (r *Registry) Register(name string, factory interfaces.ProviderFactory) error {
38 | switch {
39 | case name == "":
40 | return fmt.Errorf("provider name cannot be empty")
41 | case factory == nil:
42 | return fmt.Errorf("factory function for provider '%s' cannot be nil", name)
43 | }
44 |
45 | r.mu.Lock()
46 | defer r.mu.Unlock()
47 |
48 | // Check if provider already exists
49 | if _, exists := r.factories[name]; exists {
50 | return fmt.Errorf("provider type '%s' is already registered", name)
51 | }
52 |
53 | r.factories[name] = factory
54 | r.logger.Debug("registered provider type", "provider", name)
55 | return nil
56 | }
57 |
58 | // Create instantiates a provider by type
59 | func (r *Registry) Create(
60 | ctx context.Context,
61 | providerType string,
62 | name string,
63 | logger *slog.Logger,
64 | client interfaces.NomadClient,
65 | cache interfaces.CacheClient,
66 | config *koanf.Koanf,
67 | ) (interfaces.Provider, error) {
68 | r.mu.RLock()
69 | factory, exists := r.factories[providerType]
70 | r.mu.RUnlock()
71 |
72 | if !exists {
73 | // List available providers for better error message
74 | availableTypes := r.Types()
75 | return nil, fmt.Errorf("unknown provider type: '%s'. Available types: %s",
76 | providerType, strings.Join(availableTypes, ", "))
77 | }
78 |
79 | provider, err := factory(ctx, logger, client, cache, config)
80 | if err != nil {
81 | return nil, fmt.Errorf("failed to create provider '%s' of type '%s': %w",
82 | name, providerType, err)
83 | }
84 |
85 | return provider, nil
86 | }
87 |
88 | // Types returns a list of all registered provider types
89 | func (r *Registry) Types() []string {
90 | r.mu.RLock()
91 | defer r.mu.RUnlock()
92 |
93 | types := make([]string, 0, len(r.factories))
94 | for t := range r.factories {
95 | types = append(types, t)
96 | }
97 | return types
98 | }
99 |
100 | // LoadPlugins searches for and loads provider plugins from the given directory
101 | func (r *Registry) LoadPlugins(pluginDir string) error {
102 | _, err := os.Stat(pluginDir)
103 | if os.IsNotExist(err) {
104 | r.logger.Info("plugin directory does not exist, skipping plugin loading",
105 | "directory", pluginDir)
106 | return nil
107 | }
108 | if err != nil {
109 | return fmt.Errorf("error accessing plugin directory: %w", err)
110 | }
111 |
112 | files, err := os.ReadDir(pluginDir)
113 | if err != nil {
114 | return fmt.Errorf("error reading plugin directory: %w", err)
115 | }
116 |
117 | for _, file := range files {
118 | if file.IsDir() || !strings.HasSuffix(file.Name(), ".so") {
119 | continue
120 | }
121 |
122 | pluginPath := filepath.Join(pluginDir, file.Name())
123 | r.logger.Debug("loading plugin", "path", pluginPath)
124 |
125 | // Load plugin
126 | p, err := plugin.Open(pluginPath)
127 | if err != nil {
128 | r.logger.Error("failed to load plugin",
129 | "path", pluginPath,
130 | "error", err)
131 | continue
132 | }
133 |
134 | // Look for Register symbol
135 | registerSym, err := p.Lookup("Register")
136 | if err != nil {
137 | r.logger.Error("plugin does not export Register function",
138 | "path", pluginPath,
139 | "error", err)
140 | continue
141 | }
142 |
143 | // Call Register function
144 | register, ok := registerSym.(func(*Registry) error)
145 | if !ok {
146 | r.logger.Error("plugin Register symbol has wrong type",
147 | "path", pluginPath)
148 | continue
149 | }
150 |
151 | if err := register(r); err != nil {
152 | r.logger.Error("plugin registration failed",
153 | "path", pluginPath,
154 | "error", err)
155 | continue
156 | }
157 |
158 | r.logger.Info("successfully loaded plugin", "path", pluginPath)
159 | }
160 |
161 | return nil
162 | }
163 |
164 | // Global registry instance
165 | var (
166 | defaultRegistry *Registry
167 | once sync.Once
168 | )
169 |
170 | // GetRegistry returns the default registry, creating it if necessary
171 | func GetRegistry() *Registry {
172 | once.Do(func() {
173 | defaultRegistry = NewRegistry(slog.Default())
174 | })
175 | return defaultRegistry
176 | }
177 |
178 | // RegisterProvider adds a provider factory to the default registry
179 | func RegisterProvider(name string, factory interfaces.ProviderFactory) error {
180 | return GetRegistry().Register(name, factory)
181 | }
182 |
183 | // Create is a convenience function that uses the default registry
184 | func Create(
185 | ctx context.Context,
186 | providerType string,
187 | name string,
188 | logger *slog.Logger,
189 | client interfaces.NomadClient,
190 | cache interfaces.CacheClient,
191 | config *koanf.Koanf,
192 | ) (interfaces.Provider, error) {
193 | return GetRegistry().Create(ctx, providerType, name, logger, client, cache, config)
194 | }
195 |
196 | // Initialize is a convenience function to initialize all common providers
197 | func Initialize(logger *slog.Logger) {
198 | registry := GetRegistry()
199 | if logger != nil {
200 | registry.logger = logger
201 | }
202 |
203 | // The init functions of imported packages will register their providers
204 | // This function can also explicitly register built-in providers if needed
205 | logger.Debug("provider registry initialized", "count", len(registry.Types()))
206 | }
207 |
--------------------------------------------------------------------------------