diff --git a/README.md b/README.md index d34eab5..d65fd80 100644 --- a/README.md +++ b/README.md @@ -83,46 +83,72 @@ docker run -d \ --webhook-url="http://localhost:9090/-/reload" ``` -## Parameters +## Primary flags -| Environment Variable | Flag | Description | Default | -|---------------------------------|----------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-------------------------------| -| GIT_SYNC_REPO | `--repo` | the git repository to clone | "" | -| GIT_SYNC_BRANCH | `--branch` | the git branch to check out | "master" | -| GIT_SYNC_REV | `--rev` | the git revision (tag or hash) to check out | "HEAD" | -| GIT_SYNC_DEPTH | `--depth` | use a shallow clone with a history truncated to the specified number of commits | 0 | -| GIT_SYNC_SUBMODULES | `--submodules` | git submodule behavior: one of 'recursive', 'shallow', or 'off' | recursive | -| GIT_SYNC_ROOT | `--root` | the root directory for git-sync operations, under which --dest will be created | "$HOME/git" | -| GIT_SYNC_DEST | `--dest` | the name of (a symlink to) a directory in which to check-out files under --root (defaults to the leaf dir of --repo) | "" | -| GIT_SYNC_WAIT | `--wait` | the number of seconds between syncs | 1 (second) | -| GIT_SYNC_TIMEOUT | `--timeout` | the max number of seconds allowed for a complete sync | 120 | -| GIT_SYNC_ONE_TIME | `--one-time` | exit after the first sync | false | -| GIT_SYNC_MAX_SYNC_FAILURES | `--max-sync-failures` | the number of consecutive failures allowed before aborting (the first sync must succeed, -1 will retry forever after the initial sync) | 0 | -| GIT_SYNC_PERMISSIONS | `--change-permissions` | the file permissions to apply to the checked-out files (0 will not change permissions at all) | 0 | -| GIT_SYNC_SPARSE_CHECKOUT_FILE | `--sparse-checkout-file` | the location of an optional [sparse-checkout](https://git-scm.com/docs/git-sparse-checkout#_sparse_checkout) file, same syntax as a .gitignore file. | "" | -| GIT_SYNC_HOOK_COMMAND | `--sync-hook-command` | DEPRECATED: use --exechook-command instead | "" | -| GIT_SYNC_EXECHOOK_COMMAND | `--exechook-command` | the command executed with the syncing repository as its working directory after syncing a new hash of the remote repository. it is subject to the sync time out and will extend period between syncs. (doesn't support the command arguments) | "" | -| GIT_SYNC_EXECHOOK_TIMEOUT | `--exechook-timeout` | the timeout for the sync hook command | 30 (seconds) | -| GIT_SYNC_EXECHOOK_BACKOFF | `--exechook-backoff` | the time to wait before retrying a failed sync hook command -| GIT_SYNC_WEBHOOK_URL | `--webhook-url` | the URL for a webhook notification when syncs complete | "" | -| GIT_SYNC_WEBHOOK_METHOD | `--webhook-method` | the HTTP method for the webhook | "POST" | -| GIT_SYNC_WEBHOOK_SUCCESS_STATUS | `--webhook-success-status` | the HTTP status code indicating a successful webhook (-1 disables success checks to make webhooks fire-and-forget) | 200 | -| GIT_SYNC_WEBHOOK_TIMEOUT | `--webhook-timeout` | the timeout for the webhook | 1 (second) | -| GIT_SYNC_WEBHOOK_BACKOFF | `--webhook-backoff` | the time to wait before retrying a failed webhook | 3 (seconds) | -| GIT_SYNC_USERNAME | `--username` | the username to use for git auth | "" | -| GIT_SYNC_PASSWORD | `--password` | the password or [personal access token](https://docs.github.com/en/free-pro-team@latest/github/authenticating-to-github/creating-a-personal-access-token) to use for git auth. (users should prefer --password-file or env vars for passwords) | "" | -| GIT_SYNC_PASSWORD_FILE | `--password-file` | the path to password file which contains password or personal access token (see --password) | "" | -| GIT_SYNC_SSH | `--ssh` | use SSH for git operations | false | -| GIT_SSH_KEY_FILE | `--ssh-key-file` | the SSH key to use | "/etc/git-secret/ssh" | -| GIT_KNOWN_HOSTS | `--ssh-known-hosts` | enable SSH known_hosts verification | true | -| GIT_SSH_KNOWN_HOSTS_FILE | `--ssh-known-hosts-file` | the known_hosts file to use | "/etc/git-secret/known_hosts" | -| GIT_SYNC_ADD_USER | `--add-user` | add a record to /etc/passwd for the current UID/GID (needed to use SSH with a different UID) | false | -| GIT_COOKIE_FILE | `--cookie-file` | use git cookiefile | false | -| GIT_ASKPASS_URL | `--askpass-url` | the URL for GIT_ASKPASS callback | "" | -| GIT_SYNC_GIT | `--git` | the git command to run (subject to PATH search, mostly for testing | "git" | -| GIT_SYNC_HTTP_BIND | `--http-bind` | the bind address (including port) for git-sync's HTTP endpoint | "" | -| GIT_SYNC_HTTP_METRICS | `--http-metrics` | enable metrics on git-sync's HTTP endpoint | true | -| GIT_SYNC_HTTP_PPROF | `--http-pprof` | enable the pprof debug endpoints on git-sync's HTTP endpoint | false | -| GIT_SYNC_GIT_CONFIG | `--git-config` | additional git config options in 'key1:val1,key2:val2' format | "" | +| Flag | Environment Variable | Default | Description | +|----------------------------|---------------------------------|-------------------------------|-------------| +| `--repo` | GIT_SYNC_REPO | (required) | the git repository to clone | +| `--branch` | GIT_SYNC_BRANCH | "master" | the git branch to check out | +| `--rev` | GIT_SYNC_REV | "HEAD" | the git revision (tag or hash) to check out | +| `--root` | GIT_SYNC_ROOT | "$HOME/git" | the root directory for git-sync operations, under which --dest will be created | +| `--dest` | GIT_SYNC_DEST | "" | the name of (a symlink to) a directory in which to check-out files under --root (defaults to the leaf dir of --repo) | +| `--wait` | GIT_SYNC_WAIT | 1 (second) | the number of seconds between syncs | +| `--one-time` | GIT_SYNC_ONE_TIME | false | exit after the first sync | +| `--max-sync-failures` | GIT_SYNC_MAX_SYNC_FAILURES | 0 | the number of consecutive failures allowed before aborting (the first sync must succeed, -1 will retry forever after the initial sync) | +| `-v` | (none) | "" | log level for V logs | -[![Analytics](https://kubernetes-site.appspot.com/UA-36037335-10/GitHub/git-sync/README.md?pixel)]() + +## Flags which control how git runs + +| Flag | Environment Variable | Default | Description | +|----------------------------|---------------------------------|-------------------------------|-------------| +| `--depth` | GIT_SYNC_DEPTH | 0 | use a shallow clone with a history truncated to the specified number of commits | +| `--submodules` | GIT_SYNC_SUBMODULES | recursive | git submodule behavior: one of 'recursive', 'shallow', or 'off' | +| `--timeout` | GIT_SYNC_TIMEOUT | 120 | the max number of seconds allowed for a complete sync | +| `--sparse-checkout-file` | GIT_SYNC_SPARSE_CHECKOUT_FILE | "" | the location of an optional [sparse-checkout](https://git-scm.com/docs/git-sparse-checkout#_sparse_checkout) file, same syntax as a .gitignore file. | +| `--git-config` | GIT_SYNC_GIT_CONFIG | "" | additional git config options in 'key1:val1,key2:val2' format | +| `--git-gc` | GIT_SYNC_GIT_GC | "auto" | git garbage collection behavior: one of 'auto', 'always', 'aggressive', or 'off' | +| `--git` | GIT_SYNC_GIT | "git" | the git command to run (subject to PATH search, mostly for testing | + +## Flags which configure authentication + +| Flag | Environment Variable | Default | Description | +|----------------------------|---------------------------------|-------------------------------|-------------| +| `--username` | GIT_SYNC_USERNAME | "" | the username to use for git auth | +| `--password` | GIT_SYNC_PASSWORD | "" | the password or [personal access token](https://docs.github.com/en/free-pro-team@latest/github/authenticating-to-github/creating-a-personal-access-token) to use for git auth. (users should prefer --password-file or env vars for passwords) | +| `--password-file` | GIT_SYNC_PASSWORD_FILE | "" | the path to password file which contains password or personal access token (see --password) | +| `--ssh` | GIT_SYNC_SSH | false | use SSH for git operations | +| `--ssh-key-file` | GIT_SSH_KEY_FILE | "/etc/git-secret/ssh" | the SSH key to use | +| `--ssh-known-hosts` | GIT_KNOWN_HOSTS | true | enable SSH known_hosts verification | +| `--ssh-known-hosts-file` | GIT_SSH_KNOWN_HOSTS_FILE | "/etc/git-secret/known_hosts" | the known_hosts file to use | +| `--add-user` | GIT_SYNC_ADD_USER | false | add a record to /etc/passwd for the current UID/GID (needed to use SSH with a different UID) | +| `--cookie-file` | GIT_COOKIE_FILE | false | use git cookiefile | +| `--askpass-url` | GIT_ASKPASS_URL | "" | the URL for GIT_ASKPASS callback | + +## Flags which configure hooks + +| Flag | Environment Variable | Default | Description | +|----------------------------|---------------------------------|-------------------------------|-------------| +| `--exechook-command` | GIT_SYNC_EXECHOOK_COMMAND | "" | the command executed with the syncing repository as its working directory after syncing a new hash of the remote repository. it is subject to the sync time out and will extend period between syncs. (doesn't support the command arguments) | +| `--exechook-timeout` | GIT_SYNC_EXECHOOK_TIMEOUT | 30 (seconds) | the timeout for the sync hook command | +| `--exechook-backoff` | GIT_SYNC_EXECHOOK_BACKOFF | 3 (seconds) | the time to wait before retrying a failed sync hook command | +| `--webhook-url` | GIT_SYNC_WEBHOOK_URL | "" | the URL for a webhook notification when syncs complete | +| `--webhook-method` | GIT_SYNC_WEBHOOK_METHOD | "POST" | the HTTP method for the webhook | +| `--webhook-success-status` | GIT_SYNC_WEBHOOK_SUCCESS_STATUS | 200 | the HTTP status code indicating a successful webhook (-1 disables success checks to make webhooks fire-and-forget) | +| `--webhook-timeout` | GIT_SYNC_WEBHOOK_TIMEOUT | 1 (second) | the timeout for the webhook | +| `--webhook-backoff` | GIT_SYNC_WEBHOOK_BACKOFF | 3 (seconds) | the time to wait before retrying a failed webhook | + +## Flags which configure observability + +| Flag | Environment Variable | Default | Description | +|----------------------------|---------------------------------|-------------------------------|-------------| +| `--http-bind` | GIT_SYNC_HTTP_BIND | "" | the bind address (including port) for git-sync's HTTP endpoint | +| `--http-metrics` | GIT_SYNC_HTTP_METRICS | true | enable metrics on git-sync's HTTP endpoint | +| `--http-pprof` | GIT_SYNC_HTTP_PPROF | false | enable the pprof debug endpoints on git-sync's HTTP endpoint | + +## Other flags + +| Flag | Environment Variable | Default | Description | +|----------------------------|---------------------------------|-------------------------------|-------------| +| `--change-permissions` | GIT_SYNC_PERMISSIONS | 0 | the file permissions to apply to the checked-out files (0 will not change permissions at all) | +| `--error-file` | GIT_SYNC_ERROR_FILE | "" | the name of a file into which errors will be written under --root |