Spacelift.io

Published: May 2, 2023 by Isaac Johnson

A colleague pointed out spacelift.io as a potential solution for Ansible and Terraform. It has an always-free tier. Today we’ll set up an account, do a demo and try out context, worker pools, and the spacectl command line client.

Signup

We can signup for Spacelift.io from the website clicking “Get Started”

They’ll mention that it’s a 14-day trial, but there is a 2 user free tier that things will fall back to when its done.

/content/images/2023/04/spacelift-01.png

Next, we’ll get a subdomain

/content/images/2023/04/spacelift-02.png

We’re now on the Landing page

/content/images/2023/04/spacelift-03.png

I’ll first try their Demo stack

/content/images/2023/04/spacelift-04.png

If we look at what the Demo deploys, we can see its terraform to setup a context in Spacelift: https://github.com/spacelift-io/onboarding/blob/showcase/stack.tf

data "spacelift_current_stack" "this" {}

# This is an environment variable defined on the stack level. Stack-level
# environment variables take precedence over those attached via contexts.
# This environment variable has its write_only bit explicitly set to false, which
# means that you'll be able to read back its value from both the GUI and the API.
#
# You can read more about environment variables here:
#
# https://docs.spacelift.io/concepts/environment#environment-variables
resource "spacelift_environment_variable" "stack-plaintext" {
  stack_id   = data.spacelift_current_stack.this.id
  name       = "STACK_PUBLIC"
  value      = "This should be visible!"
  write_only = false
}

# For another (secret) variable, let's create programmatically create a super
# secret password.
resource "random_password" "stack-password" {
  length  = 32
  special = true
}

# This is a secret environment variable. Note how we didn't set the write_only
# bit at all here. This setting always defaults to "true" to protect you against
# an accidental leak of secrets. There will be no way to retrieve the value of
# this variable programmatically, but it will be available to your Spacelift
# runs.
#
# If you accidentally print it out to the logs, no worries: we will obfuscate
# every secret thing we know of.
resource "spacelift_environment_variable" "stack-writeonly" {
  stack_id = data.spacelift_current_stack.this.id
  name     = "STACK_SECRET"
  value    = random_password.stack-password.result
}

# Apart from setting environment variables on your Stacks, you can mount files
# directly in Spacelift's workspace. Let's retrieve the list of Spacelift's
# outgoing addresses and store it as a JSON file.
data "spacelift_ips" "ips" {}

# This mounted file contains a JSON-encoded list of Spacelift's outgoing IPs.
# Note how we explicitly set the "write_only" bit for this file to "false".
# Thanks to that, you can download the file from the Spacelift GUI.
#
# You can read more about mounted files here: 
#
# https://docs.spacelift.io/concepts/environment#mounted-files
resource "spacelift_mounted_file" "stack-plaintext-file" {
  stack_id      = data.spacelift_current_stack.this.id
  relative_path = "stack-plaintext-ips.json"
  content       = base64encode(jsonencode(data.spacelift_ips.ips))
  write_only    = false
}

# Mounted-files can be write-only, too, and they are by default. The content of
# write-only mounted files cannot be accessed neither from the GUI nor from the
# GraphQL API.
resource "spacelift_mounted_file" "stack-secret-file" {
  stack_id      = data.spacelift_current_stack.this.id
  relative_path = "stack-secret-password.json"
  content       = base64encode(jsonencode({ password = random_password.stack-password.result }))
}

Which I can see was created

/content/images/2023/04/spacelift-05.png

Between the Icon and the mention of Rego, it’s clear Spacelift supports OPA policies

/content/images/2023/04/spacelift-06.png

In the Resources view, I can checkout the output of my stack. This reminds me a bit of Argo or AzDO Release Deployments

/content/images/2023/04/spacelift-07.png

The Runs view shows us runs by branch and time

/content/images/2023/04/spacelift-08.png

Setting up a Github Integration

Let’s go to Settings to add Github

/content/images/2023/04/spacelift-09.png

I’ll use the wizard which prompts me to create the App. I had to be careful because initially it picked up I was signed into Github as a corporate identity and I didn’t want to use that, so I needed to sign out of Github and sign back in with my personal Github creds.

/content/images/2023/04/spacelift-10.png

Once created, you need to install it into your repo

/content/images/2023/04/spacelift-11.png

You can choose all repos or just select ones. You are also able to see the permissions requested

/content/images/2023/04/spacelift-12.png

Should you need to configure or remove it, you can find Spacelift under your Integrations/settings for your account

/content/images/2023/04/spacelift-13.png

Adding a Stack

I’ll first go to new/stack and Create a new stack

/content/images/2023/04/spacelift-14.png

I’ll pick my Ansible Playbooks repo first since Spacelift said it could do ansible

My backend choices are Terraform, Pulumi, CFN and Kubernetes

/content/images/2023/04/spacelift-16.png

I’ll try k8s to see what that might do. I had hoped to deploy on a VM, but we’ll see

/content/images/2023/04/spacelift-17.png

And we’ll use the Shared Pool

/content/images/2023/04/spacelift-18.png

Nowhere did I see a place to configure Kubernetes access. When I went to run, I just got a kubectl error (which does not surprise me)

/content/images/2023/04/spacelift-19.png

I think I might need to create a “Context” which would define Kubernetes connectivity

Contexts

I’ll add a context

/content/images/2023/04/spacelift-20.png

Creation really just lets me give a name and pick a space

/content/images/2023/04/spacelift-21.png

I’ll next want to pick a file to upload

/content/images/2023/04/spacelift-22.png

I tried several times to set a file. I even created a new context and set the file there

/content/images/2023/04/spacelift-23.png

When i view and come back, it’s empty

/content/images/2023/04/spacelift-24.png

I tried using Firefox - maybe an alternate browser might work

/content/images/2023/04/spacelift-25.png

But that failed too.

I know from the sample, we can create a stack with terraform but then i would be checking in a kubecontext - I really don’t want to do that.

CLI

We can install with brew

$ brew install spacelift-io/spacelift/spacectl
Running `brew update --auto-update`...
==> Downloading https://ghcr.io/v2/homebrew/portable-ruby/portable-ruby/blobs/sha256:68923daf3e139482b977c3deba63a3b54ea37bb5f716482948878819ef911bad
######################################################################## 100.0%
==> Pouring portable-ruby-2.6.10_1.x86_64_linux.bottle.tar.gz
==> Auto-updated Homebrew!
Updated 5 taps (codefresh-io/cli, knative/client, knative-sandbox/kn-plugins, homebrew/core and homebrew/cask).
==> New Formulae
aarch64-elf-gdb                                               hck                                                           ntfy
access                                                        hz                                                            opal
ada-url                                                       imessage-exporter                                             openssl@3.0
aftman                                                        kitex                                                         poke
aliyunpan                                                     knative-sandbox/kn-plugins/admin@1.9                          renovate
amber                                                         knative-sandbox/kn-plugins/event@1.9                          resvg
ares                                                          knative-sandbox/kn-plugins/func@1.9                           sad
arjun                                                         knative-sandbox/kn-plugins/quickstart@1.9                     scip
ata                                                           knative-sandbox/kn-plugins/source-kafka@1.9                   streamvbyte
blocky                                                        knative-sandbox/kn-plugins/source-kamelet@1.9                 thriftgo
chatblade                                                     knative/client/kn@1.9                                         trurl
cloudpan189-go                                                ksops                                                         trust-dns
devcontainer                                                  libansilove                                                   tt
dexter                                                        libgedit-gtksourceview                                        typst
dtools                                                        liblxi                                                        vulkan-extensionlayer
elfx86exts                                                    libvisual                                                     vulkan-tools
enchive                                                       libvisual-plugins                                             vulkan-validationlayers
ffmpeg@5                                                      libvisual-projectm                                            vvdec
flavours                                                      llvm@15                                                       vvenc
form                                                          mdt                                                           wazero
gat                                                           meta-package-manager                                          wxlua
gcc@12                                                        millet                                                        zpaqfranz
git-big-picture                                               musikcube
go-feature-flag-relay-proxy                                   notify
==> New Casks
active-trader-pro                    displaylink                          gutenprint                           piclist                              tachidesk-sorayomi
alipay-key-tool                      droidcam-obs                         hummingbird                          prolific-pl2303                      toshiba-color-mfp
archaeology                          dymo-label                           karafun                              qmk-toolbox                          tuist
beardie                              edrawmind                            konica-minolta-bizhub-c750i-driver   red-canary-mac-monitor               ubiquiti-unifi-controller
bloop                                elgato-camera-hub                    logi-options-plus                    reminders-menubar                    usmart-trade
bluos-controller                     elgato-control-center                logitech-camera-settings             rewind                               vbrokers
bookletcreator                       elgato-game-capture-hd               logitech-g-hub                       ricoh-theta                          wch-ch34x-usb-serial-driver
cameracontroller                     elgato-stream-deck                   logitech-options                     segger-jlink                         xtool-creative-space
canon-eos-utility                    elgato-video-capture                 macwhisper                           silicon-labs-vcp-driver              yubico-authenticator
capacities                           elgato-wave-link                     mullvad-browser                      sonos                                yubico-yubikey-manager
carbide-create                       focusrite-saffire-mixcontrol         nozbe                                sony-ps-remote-play                  zed
corsair-icue                         ftdi-vcp-driver                      openbb-terminal                      stack
cursor                               fujitsu-scansnap-home                openrocket                           steelseries-engine
ddpm                                 garmin-express                       orbstack                             steelseries-gg
dehelper                             gitkraken-cli                        orcaslicer                           synology-drive

You have 11 outdated formulae installed.

==> Tapping spacelift-io/spacelift
Cloning into '/home/linuxbrew/.linuxbrew/Homebrew/Library/Taps/spacelift-io/homebrew-spacelift'...
remote: Enumerating objects: 66, done.
remote: Counting objects: 100% (66/66), done.
remote: Compressing objects: 100% (44/44), done.
remote: Total 66 (delta 21), reused 0 (delta 0), pack-reused 0
Unpacking objects: 100% (66/66), 11.31 KiB | 373.00 KiB/s, done.
Tapped 1 formula (76 files, 304.4KB).
==> Fetching dependencies for spacelift-io/spacelift/spacectl: linux-headers@5.15, isl, mpfr, zstd and gcc
==> Fetching linux-headers@5.15
==> Downloading https://ghcr.io/v2/homebrew/core/linux-headers/5.15/manifests/5.15.110
################################################################################################################################################################################## 100.0%
==> Downloading https://ghcr.io/v2/homebrew/core/linux-headers/5.15/blobs/sha256:41bc8342d481bb3af8b780aa27fa3264d217d55466c8b6cb708ff79613a5f848
==> Downloading from https://pkg-containers.githubusercontent.com/ghcr1/blobs/sha256:41bc8342d481bb3af8b780aa27fa3264d217d55466c8b6cb708ff79613a5f848?se=2023-05-02T21%3A50%3A00Z&sig=UmG
################################################################################################################################################################################## 100.0%
==> Fetching isl
==> Downloading https://ghcr.io/v2/homebrew/core/isl/manifests/0.26
################################################################################################################################################################################## 100.0%
==> Downloading https://ghcr.io/v2/homebrew/core/isl/blobs/sha256:db14ba1e4ea23ab41e06930dcf25ae9023c5e395c88602da2a9b6a98d54c92d3
==> Downloading from https://pkg-containers.githubusercontent.com/ghcr1/blobs/sha256:db14ba1e4ea23ab41e06930dcf25ae9023c5e395c88602da2a9b6a98d54c92d3?se=2023-05-02T21%3A50%3A00Z&sig=wg%
################################################################################################################################################################################## 100.0%
==> Fetching mpfr
==> Downloading https://ghcr.io/v2/homebrew/core/mpfr/manifests/4.2.0-p4
################################################################################################################################################################################## 100.0%
==> Downloading https://ghcr.io/v2/homebrew/core/mpfr/blobs/sha256:e606ea839f1440962abb109764179e3f56e5de538214878ed5d23fd1cc9d04a1
==> Downloading from https://pkg-containers.githubusercontent.com/ghcr1/blobs/sha256:e606ea839f1440962abb109764179e3f56e5de538214878ed5d23fd1cc9d04a1?se=2023-05-02T21%3A50%3A00Z&sig=Ufr
################################################################################################################################################################################## 100.0%
==> Fetching zstd
==> Downloading https://ghcr.io/v2/homebrew/core/zstd/manifests/1.5.5
################################################################################################################################################################################## 100.0%
==> Downloading https://ghcr.io/v2/homebrew/core/zstd/blobs/sha256:68c8655224f058316c16462507b6cdd061bd546e161bf8419c68ca526d3a9a48
==> Downloading from https://pkg-containers.githubusercontent.com/ghcr1/blobs/sha256:68c8655224f058316c16462507b6cdd061bd546e161bf8419c68ca526d3a9a48?se=2023-05-02T21%3A50%3A00Z&sig=p22
################################################################################################################################################################################## 100.0%
==> Fetching gcc
==> Downloading https://ghcr.io/v2/homebrew/core/gcc/manifests/13.1.0
################################################################################################################################################################################## 100.0%
==> Downloading https://ghcr.io/v2/homebrew/core/gcc/blobs/sha256:cca77a5d6625d3bb711ce40551751974d4cb5c74306329fc2fc8cdcade2ef564
==> Downloading from https://pkg-containers.githubusercontent.com/ghcr1/blobs/sha256:cca77a5d6625d3bb711ce40551751974d4cb5c74306329fc2fc8cdcade2ef564?se=2023-05-02T21%3A50%3A00Z&sig=2Kp
################################################################################################################################################################################## 100.0%
==> Fetching spacelift-io/spacelift/spacectl
==> Downloading https://github.com/spacelift-io/spacectl/releases/download/v0.19.0/spacectl_0.19.0_linux_amd64.zip
==> Downloading from https://objects.githubusercontent.com/github-production-release-asset-2e65be/354647574/99863464-a060-4d4d-aae5-f9548fed93fc?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-C
################################################################################################################################################################################## 100.0%
==> Installing spacectl from spacelift-io/spacelift
==> Installing dependencies for spacelift-io/spacelift/spacectl: linux-headers@5.15, isl, mpfr, zstd and gcc
==> Installing spacelift-io/spacelift/spacectl dependency: linux-headers@5.15
==> Pouring linux-headers@5.15--5.15.110.x86_64_linux.bottle.tar.gz
🍺  /home/linuxbrew/.linuxbrew/Cellar/linux-headers@5.15/5.15.110: 963 files, 5.7MB
==> Installing spacelift-io/spacelift/spacectl dependency: isl
==> Pouring isl--0.26.x86_64_linux.bottle.tar.gz
🍺  /home/linuxbrew/.linuxbrew/Cellar/isl/0.26: 74 files, 9.8MB
==> Installing spacelift-io/spacelift/spacectl dependency: mpfr
==> Pouring mpfr--4.2.0-p4.x86_64_linux.bottle.tar.gz
🍺  /home/linuxbrew/.linuxbrew/Cellar/mpfr/4.2.0-p4: 31 files, 3.9MB
==> Installing spacelift-io/spacelift/spacectl dependency: zstd
==> Pouring zstd--1.5.5.x86_64_linux.bottle.tar.gz
🍺  /home/linuxbrew/.linuxbrew/Cellar/zstd/1.5.5: 31 files, 3.2MB
==> Installing spacelift-io/spacelift/spacectl dependency: gcc
==> Pouring gcc--13.1.0.x86_64_linux.bottle.tar.gz
==> Creating the GCC specs file: /home/linuxbrew/.linuxbrew/Cellar/gcc/13.1.0/bin/../lib/gcc/current/gcc/x86_64-pc-linux-gnu/13/specs
🍺  /home/linuxbrew/.linuxbrew/Cellar/gcc/13.1.0: 1,668 files, 320.2MB
==> Installing spacelift-io/spacelift/spacectl
🍺  /home/linuxbrew/.linuxbrew/Cellar/spacectl/0.19.0: 5 files, 11.3MB, built in 6 seconds
==> Running `brew cleanup spacectl`...
Disable this behaviour by setting HOMEBREW_NO_INSTALL_CLEANUP.
Hide these hints with HOMEBREW_NO_ENV_HINTS (see `man brew`).
Warning: The following dependents of upgraded formulae are outdated but will not
be upgraded because they are not bottled:
  cf2
  kn
  quickstart
==> Upgrading 3 dependents of upgraded formulae:
Disable this behaviour by setting HOMEBREW_NO_INSTALLED_DEPENDENTS_CHECK.
Hide these hints with HOMEBREW_NO_ENV_HINTS (see `man brew`).
gh 2.25.1 -> 2.28.0, go 1.20.2 -> 1.20.3, kubernetes-cli 1.26.3 -> 1.27.1
==> Fetching gh
==> Downloading https://ghcr.io/v2/homebrew/core/gh/manifests/2.28.0
################################################################################################################################################################################## 100.0%
==> Downloading https://ghcr.io/v2/homebrew/core/gh/blobs/sha256:480fab8be1a4dd65c449ed8727aa82d220cca250e9c51d23e64b89b28296ee21
==> Downloading from https://pkg-containers.githubusercontent.com/ghcr1/blobs/sha256:480fab8be1a4dd65c449ed8727aa82d220cca250e9c51d23e64b89b28296ee21?se=2023-05-02T21%3A50%3A00Z&sig=8Jr
################################################################################################################################################################################## 100.0%
==> Fetching go
==> Downloading https://ghcr.io/v2/homebrew/core/go/manifests/1.20.3
################################################################################################################################################################################## 100.0%
==> Downloading https://ghcr.io/v2/homebrew/core/go/blobs/sha256:a58a644000147352a8f0d745a4505aa4098af6328d905b18bbf06ad78212dbd5
==> Downloading from https://pkg-containers.githubusercontent.com/ghcr1/blobs/sha256:a58a644000147352a8f0d745a4505aa4098af6328d905b18bbf06ad78212dbd5?se=2023-05-02T21%3A50%3A00Z&sig=9%2
################################################################################################################################################################################## 100.0%
==> Fetching kubernetes-cli
==> Downloading https://ghcr.io/v2/homebrew/core/kubernetes-cli/manifests/1.27.1
################################################################################################################################################################################## 100.0%
==> Downloading https://ghcr.io/v2/homebrew/core/kubernetes-cli/blobs/sha256:5979fb23c99abf925ea01f6ff94f086b1929225fdfa346d25a4a32cd8bac4ae3
==> Downloading from https://pkg-containers.githubusercontent.com/ghcr1/blobs/sha256:5979fb23c99abf925ea01f6ff94f086b1929225fdfa346d25a4a32cd8bac4ae3?se=2023-05-02T21%3A50%3A00Z&sig=C%2
################################################################################################################################################################################## 100.0%
==> Upgrading gh
  2.25.1 -> 2.28.0

==> Pouring gh--2.28.0.x86_64_linux.bottle.tar.gz
==> Caveats
Bash completion has been installed to:
  /home/linuxbrew/.linuxbrew/etc/bash_completion.d
==> Summary
🍺  /home/linuxbrew/.linuxbrew/Cellar/gh/2.28.0: 162 files, 39.3MB
==> Running `brew cleanup gh`...
Removing: /home/linuxbrew/.linuxbrew/Cellar/gh/2.25.1... (158 files, 39.1MB)
Removing: /home/builder/.cache/Homebrew/gh--2.25.1... (9.6MB)
==> Upgrading go
  1.20.2 -> 1.20.3

==> Pouring go--1.20.3.x86_64_linux.bottle.tar.gz
🍺  /home/linuxbrew/.linuxbrew/Cellar/go/1.20.3: 11,978 files, 240.6MB
==> Running `brew cleanup go`...
Removing: /home/linuxbrew/.linuxbrew/Cellar/go/1.20.2... (11,975 files, 240.6MB)
Removing: /home/builder/.cache/Homebrew/go--1.20.2... (95.3MB)
==> Upgrading kubernetes-cli
  1.26.3 -> 1.27.1

==> Pouring kubernetes-cli--1.27.1.x86_64_linux.bottle.tar.gz
🍺  /home/linuxbrew/.linuxbrew/Cellar/kubernetes-cli/1.27.1: 230 files, 47.9MB
==> Running `brew cleanup kubernetes-cli`...
Removing: /home/linuxbrew/.linuxbrew/Cellar/kubernetes-cli/1.26.3... (231 files, 46.8MB)
Removing: /home/builder/.cache/Homebrew/kubernetes-cli--1.26.3... (14.4MB)
==> Checking for dependents of upgraded formulae...
==> No broken dependents found!
==> `brew cleanup` has not been run in the last 30 days, running now...
Disable this behaviour by setting HOMEBREW_NO_INSTALL_CLEANUP.
Hide these hints with HOMEBREW_NO_ENV_HINTS (see `man brew`).
Removing: /home/linuxbrew/.linuxbrew/Cellar/gcc/12.2.0... (1,633 files, 306.4MB)
Removing: /home/linuxbrew/.linuxbrew/Cellar/isl/0.25... (74 files, 9.2MB)
Removing: /home/linuxbrew/.linuxbrew/Cellar/linux-headers@5.15/5.15.104... (963 files, 5.7MB)
Removing: /home/builder/.cache/Homebrew/linux-headers@5.15--5.15.104... (1.5MB)
Removing: /home/linuxbrew/.linuxbrew/Cellar/mpfr/4.2.0... (31 files, 3.9MB)
Removing: /home/builder/.cache/Homebrew/mpfr--4.2.0... (1.2MB)
Removing: /home/linuxbrew/.linuxbrew/Cellar/zstd/1.5.4... (31 files, 3.2MB)
Removing: /home/builder/.cache/Homebrew/zstd--1.5.4... (1.2MB)
==> Caveats
==> gh
Bash completion has been installed to:
  /home/linuxbrew/.linuxbrew/etc/bash_completion.d

We can then login to our instance

g$ spacectl profile login my-account
Enter Spacelift endpoint (eg. https://unicorn.app.spacelift.io/): https://freshbrewed.app.spacelift.io/
Select authentication flow:
  1) for API key,
  2) for GitHub access token,
  3) for login with a web browser
Option: 3
Waiting for login responses at 127.0.0.1:34551

Opening browser to 
...

Done!

/content/images/2023/04/spacelift-26.png

We can also see we succeeded by using the whoami command

$ spacectl whoami
{
    "id": "isaac.johnson@gmail.com",
    "name": "Isaac Johnson",
    "endpoint": "https://freshbrewed.app.spacelift.io/"
}

While I can see my stacks

/content/images/2023/04/spacelift-27.png

And pull details of a stack

$ spacectl stack show --id demo-stack

# Demo stack

## VCS Settings

Provider   | Showcase
Repository | onboarding
Branch     | showcase


## Backend

Vendor        | Terraform
Version       | 1.0.0
Managed state | true


## VCS Settings

Administrative        | true
Worker pool           | Using shared public worker pool
Autodeploy            | false
Autoretry             | false
Local preview enabled | false
Project root          |
Runner image          | default


## Attached contexts

Priority | Name            | ID
0        | Managed context | managed-context


## Attached policies

Name                                    | Type
All of Engineering gets read access     | Access
Ignore commits outside the project root | Git push
Enforce password strength               | Plan

Nowhere in the options did a see a way to manage contexts

$ spacectl
NAME:
   spacectl - Programmatic access to Spacelift GraphQL API.

USAGE:
   spacectl [global options] command [command options] [arguments...]

VERSION:
   0.19.0

COMMANDS:
   module      Manage a Spacelift module
   profile     Manage Spacelift profiles
   provider    Manage a Terraform provider
   stack       Manage a Spacelift stack
   whoami      Print out logged-in user's information
   version     Print out CLI version
   workerpool  Manages workerpools and their workers.
   help, h     Shows a list of commands or help for one command

GLOBAL OPTIONS:
   --help, -h     show help
   --version, -v  print the version

Worker Pools

Let’s try and add a worker pool

/content/images/2023/04/spacelift-28.png

Using the CLI, we can see at present we don’t have any

$ spacectl workerpool list
ID | Name | Description | Pending Runs | Busy Workers | Registered Workers

I’ll give it a name

/content/images/2023/04/spacelift-29.png

It won’t let me create without a cert. I’ll try a pub key. again, no idea what’s going on here

$ cp ~/.ssh/id_rsa.pub /mnt/c/Users/isaac/Downloads/id_rsa.pub
Seems it wants a CSR. That isn’t a “cert” :

/content/images/2023/04/spacelift-30.png

But to make a Certificate Signing Request, I would need to know the Domain name.

I put in some junk and sent it on

$ openssl req -new -newkey rsa:4096 -nodes -keyout spacelift.key -out spacelift.csr
Generating a RSA private key
..............................................................................................................................................++++
...........................++++
writing new private key to 'spacelift.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:US
State or Province Name (full name) [Some-State]:MN
Locality Name (eg, city) []:St. Paul
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Fake
Organizational Unit Name (eg, section) []:Fake
Common Name (e.g. server FQDN or YOUR name) []:Freshbrewed
Email Address []:isaac.johnson@gmail.com

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:

/content/images/2023/04/spacelift-31.png

We can see the docs tell us to download the binary;

$ wget https://downloads.spacelift.io/spacelift-launcher-x86_64
--2023-05-02 18:47:05--  https://downloads.spacelift.io/spacelift-launcher-x86_64
Resolving downloads.spacelift.io (downloads.spacelift.io)... 54.230.202.40, 54.230.202.92, 54.230.202.43, ...
Connecting to downloads.spacelift.io (downloads.spacelift.io)|54.230.202.40|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 43200512 (41M) [binary/octet-stream]
Saving to: ‘spacelift-launcher-x86_64’

spacelift-launcher-x86_64     100%[=================================================>]  41.20M  29.6MB/s    in 1.4s

2023-05-02 18:47:07 (29.6 MB/s) - ‘spacelift-launcher-x86_64’ saved [43200512/43200512]
$ chmod u+x ./spacelift-launcher-x86_64

To install I need a “TOKEN”

But there is no Token option in Spacectl

builder@DESKTOP-72D2D9T:~/Workspaces/jekyll-blog$ spacectl workerpool
NAME:
   spacectl workerpool - Manages workerpools and their workers.

USAGE:
   spacectl workerpool command [command options] [arguments...]

COMMANDS:
   list     Lists all worker pools.
   worker   Contains commands for managing workers within a pool.
   help, h  Shows a list of commands or help for one command

OPTIONS:
   --help, -h  show help
builder@DESKTOP-72D2D9T:~/Workspaces/jekyll-blog$ spacectl workerpool worker
NAME:
   spacectl workerpool worker - Contains commands for managing workers within a pool.

USAGE:
   spacectl workerpool worker command [command options] [arguments...]

COMMANDS:
   list     Lists all workers of a workerpool.
   drain    Drains a worker.
   undrain  Undrains a worker.
   help, h  Shows a list of commands or help for one command

OPTIONS:
   --help, -h  show help

Nothing in the UI either

/content/images/2023/04/spacelift-32.png

I tried Worker ID, maybe that is the token?

builder@builder-T100:~$ export SPACELIFT_TOKEN=01GZF7TQBQ8JHAPK0J9CNYXJTS
builder@builder-T100:~$ export SPACELIFT_POOL_PRIVATE_KEY=`cat ./mykey`
builder@builder-T100:~$ ./spacelift-launcher-x86_64
{"caller":"main.go:267","level":"info","msg":"Tracing enabled","ts":"2023-05-02T18:51:45.630448679-05:00"}
{"caller":"main.go:322","launcher.ulid":"01GZFE256YMZD8H9D4BRM0D3RA","level":"info","msg":"Unique identifier generated.","ts":"2023-05-02T18:51:45.630773568-05:00"}
2023/05/02 18:51:45 couldn't load launcher config: could not decode base64 iot config: "01GZF7TQBQ8JHAPK0J9CNYXJTS": illegal base64 data at input byte 24

I’ll next try an API key for the Token

/content/images/2023/04/spacelift-33.png

But that did not work either

builder@builder-T100:~$ export SPACELIFT_TOKEN=0********************************D69
builder@builder-T100:~$ ./spacelift-launcher-x86_64
{"caller":"main.go:267","level":"info","msg":"Tracing enabled","ts":"2023-05-02T19:02:34.918903695-05:00"}
{"caller":"main.go:322","launcher.ulid":"01GZFENZ97FVK783AWC8M983F8","level":"info","msg":"Unique identifier generated.","ts":"2023-05-02T19:02:34.919085374-05:00"}
2023/05/02 19:02:34 couldn't load launcher config: could not decode base64 iot config: "0********************************D69": illegal base64 data at input byte 24

So I cannot seem to add a worker.

Summary

So Spacelift seems very promising, however, functionally I was not really able to use it beyond their own baked demo. The docs failed to explain how to get a worker token so I could not add workers. The context failed to work to let me set files or variables. Thus I really couldn’t provision to a local Kubernetes.

There is a possibility of setting up Terraform to remote clouds, but I really cannot see why I would use Spacelift over Terraform Cloud. The end result is I probably will wait for some of the issues around private worker pools and context creation to get resolved before I circle back.

Spacelift Terraform

Have something to add? Feedback? You can use the feedback form

Isaac Johnson

Isaac Johnson

Cloud Solutions Architect

Isaac is a CSA and DevOps engineer who focuses on cloud migrations and devops processes. He also is a dad to three wonderful daughters (hence the references to Princess King sprinkled throughout the blog).

Theme built by C.S. Rhymes