Skip to content
Switch branches/tags

Latest commit


Git stats


Failed to load latest commit information.
Latest commit message
Commit time

Travis CI

Bob renders config hierarchies

Bob helps you to render directory trees of configurations using golangs templating engine. He renders recursively over an arbitrary number of directory hierarchies executing all files as templates.

The result will be written into one target directory.

Motivation / why config Bob

We needed a simple tool to populate our app configurations with data and secrets to run in docker environments.


config-bob build path/to/data.json path/to/src/dir/a path/to/src/dir/b path/to/target/dir

Bobs template helpers

Apart from standard template functions we have added a few extra ones, which should come in handy, when writing configurations:

// secrets helpers
{{ secret "secret/path/to/secret.prop" }}

// combining secrets with escaping might come in handy
{{ json (secret "secret/path/to/secret.prop") }}

Data in this example

data := map[string]interface{}{
    "hello": "test",
    "nested": map[string]string{
        "foo": "bar",
// template dump some yaml into a file
{{ yaml . }}
// output
hello: test
  foo: bar

// template indent sth - yaml in this case
{{ indent (yaml .) "  " }}
// output
  hello: test
    foo: bar

// template json
{{ json . }}

// output

// json indented parameters are prefix and indent
{{ jsonindent . "////" "+++|" }}

// output - note that there is no prefix in the first line also see
////"hello": "test",
////+++|"nested": {
////+++|+++|"foo": "bar"

// template substr, which is essentially string slice access
{{ substr .hello ":2"}}`
// output

{{ substr .hello "1:"}}`
// output

{{ substr .hello "1:2"}}`
// output

We expect this list of helpers to grow.

Updating htpasswd files

config-bob vault-htpasswd path/to/htpasswd.yml

Config bob knows how to sync vault with htpasswd files.

Example config file contents:

# example htpasswd.yml
  - secret/foo
  - secret/bar
  - secret/baz


  • creates all necessary folder and files
  • updates existing files with passwords from vault
  • fails, if passwords can not be updated
  • fails, if existing files can not be parsed

How to add a compatible vault entry:

vault write secret/foo user=foo password=secret

Intergration with vault

When using the secret templating syntax metioned above Bob will be looking up those secrets in a vault server using vault http interface v1.

Bob expects the environment variables VAULT_ADDR and VAULT_TOKEN to be set to know to which vault server to talk to.

Running a local vault with Bobs help

If you want to keep your secrets under version control and you do not want to run a vault server permanently config-bob has a little helper for you.

config-bob vault-local path/to/vault-folder

Integration with 1Password

We have added a template helper to get fields from 1Password

secret-from-1password: {{ op "name-uuid-or-url-of-entry" "field-name" }}

In order to make this work follow this document


So far Bob has been running on OSX and Linux.

  • vault tested with Vault v0.3.1, but as long as REST API v1 is there I do not expect


build configs. mixin secrets.




No packages published

Contributors 4