From 834d64ad73893997d0fad52db2e416e40329ac38 Mon Sep 17 00:00:00 2001
From: Andrea Ghensi <andrea.ghensi@gmail.com>
Date: Tue, 6 Aug 2024 19:26:53 +0200
Subject: [PATCH 1/2] docs: remote deployment and socket proxy (#14)

* refactor: lint markdown

* docs: add remote deployment and socket proxy to readme

* update docs

* docs: restore docs url link
---
 README.md | 84 ++++++++++++++++++++++++++++++++++++++++++++-----------
 1 file changed, 68 insertions(+), 16 deletions(-)

diff --git a/README.md b/README.md
index dc3cbd6..fb1522d 100644
--- a/README.md
+++ b/README.md
@@ -1,12 +1,12 @@
 # SwarmCD
 
-A declarative GitOps and Continuous Deployment tool for Docker Swarm. 
+A declarative GitOps and Continuous Deployment tool for Docker Swarm.
 
-Inspired by [ArgoCD](https://argo-cd.readthedocs.io/en/stable/). 
+Inspired by [ArgoCD](https://argo-cd.readthedocs.io/en/stable/).
 
+## Usage
 
-# Usage
-In this example, we use SwarmCD to deploy the stack in the repo 
+In this example, we use SwarmCD to deploy the stack in the repo
 [swarm-cd-example](https://github.com/m-adawi/swarm-cd-example) to a docker swarm cluster.
 
 First we add the repo to the file `repos.yaml`
@@ -27,8 +27,8 @@ nginx:
   compose_file: nginx/compose.yaml
 ```
 
-And finally, we deploy SwarmCD to the cluster 
-using the following docker-compose file: 
+And finally, we deploy SwarmCD to the cluster
+using the following docker-compose file:
 
 ```yaml
 # docker-compose.yaml
@@ -47,6 +47,7 @@ services:
 ```
 
 Run this on a swarm manager node:
+
 ```bash
 docker stack deploy --compose-file docker-compose.yaml swarm-cd
 ```
@@ -55,14 +56,15 @@ This will start SwarmCD, it will periodically check the stack repo
 for new changes, pulling them and updating the stack.
 
 
-# Manage Encrypted Secrets Using SOPS
-You can use [sops](https://github.com/getsops/sops) to encrypt secrets in git repos and 
+## Manage Encrypted Secrets Using SOPS
+
+You can use [sops](https://github.com/getsops/sops) to encrypt secrets in git repos and
 have SwarmCD decrypt them before deploying or updating your stacks.
 
-The stack `nginx-ssl` in the 
-[example repo](https://github.com/m-adawi/swarm-cd-example) 
+The stack `nginx-ssl` in the
+[example repo](https://github.com/m-adawi/swarm-cd-example)
 has two secret files under `nginx-ssl/secrets/` directory.
-You can configure SwarmCD files to decrypt them by 
+You can configure SwarmCD files to decrypt them by
 setting the property`sops_files` in a stack defenition.
 
 ```yaml
@@ -75,10 +77,11 @@ nginx-ssl:
       - nginx-ssl/secrets/www.example.com.crt
       - nginx-ssl/secrets/www.example.com.key
 ```
+
 Then you need to set the SOPS environment variables that are required
-to decrypt the files. 
-For example, if you used [age](https://github.com/FiloSottile/age) 
-to encrypt them, you have to mount the age key file to SwarmCD 
+to decrypt the files.
+For example, if you used [age](https://github.com/FiloSottile/age)
+to encrypt them, you have to mount the age key file to SwarmCD
 and set the environment variable SOPS `SOPS_AGE_KEY_FILE`
 to the path of the key file. See the following docker-compose example
 
@@ -108,7 +111,56 @@ secrets:
 This way, SwarmCD will decrypt the files each time before it updates
 the stack.
 
+## Connect SwarmCD to a remote docker socket
 
-# Documentation
-See [docs](https://github.com/m-adawi/swarm-cd/blob/main/docs).
+You can use the `DOCKER_HOST` environment variable to point SwarmCD to a remote docker socket,
+be it in the same swarm or a different host.
+
+In the following example `docker-socket-proxy` talks directly to the host socket proxy,
+and SwarmCD connects to it:
 
+```yaml
+version: '3.7'
+
+services:
+  socket_proxy:
+    image: tecnativa/docker-socket-proxy:0.2.0
+    deploy:
+      placement:
+        constraints: 
+          - node.role == manager
+    volumes: 
+      - /var/run/docker.sock:/var/run/docker.sock:ro
+    environment:
+      TZ: Europe/Rome
+      INFO: 1
+      SERVICES: 1
+      NETWORKS: 1
+      SECRETS: 1
+      CONFIGS: 1
+      POST: 1
+
+  swarm-cd:
+    image: ghcr.io/m-adawi/swarm-cd:1.1.0
+    depends_on:
+      - socket_proxy
+    environment:
+      DOCKER_HOST: tcp://socket_proxy:2375
+    configs:
+      - source: stacks
+        target: /app/stacks.yaml
+        mode: 0400
+      - source: repos
+        target: /app/repos.yaml
+        mode: 0400
+
+configs:
+  stacks:
+    file: ./stacks.yaml
+  repos:
+    file: ./repos.yaml
+```
+
+## Documentation
+
+See [docs](https://github.com/m-adawi/swarm-cd/blob/main/docs).

From 9c66c6554ed10104798e38d579ca8d37142b0486 Mon Sep 17 00:00:00 2001
From: Andrea Ghensi <aghensi@systra.com>
Date: Tue, 13 Aug 2024 20:00:37 +0200
Subject: [PATCH 2/2] fix: sops file format not detected correctly (#28)

fixes #27
---
 util/sops.go | 9 ++++-----
 1 file changed, 4 insertions(+), 5 deletions(-)

diff --git a/util/sops.go b/util/sops.go
index 05dedc8..303b719 100644
--- a/util/sops.go
+++ b/util/sops.go
@@ -26,16 +26,15 @@ func DecryptFile(filepath string) (err error) {
 	return
 }
 
-
 func getFileFormat(filename string) string {
 	extension := filepath.Ext(filename)
-	if extension == "yaml" || extension == "yml"{
+	if extension == ".yaml" || extension == ".yml" {
 		return "yaml"
-	} else if extension == "json" {
+	} else if extension == ".json" {
 		return "json"
-	} else if extension == "ini" {
+	} else if extension == ".ini" {
 		return "ini"
 	} else {
 		return "binary"
 	}
-}
\ No newline at end of file
+}