cmd

Microbus ships three command-line tools that generate artifacts from microservice source code. They sit outside the normal build flow because they read your microservices’ code and emit files (manifests, credentials, diagrams) consumed by the framework, your deployment pipeline, or human reviewers.

ToolPurposeRuns at
genmanifestGenerates manifest.yaml from each microservice’s Go source codeHousekeeping, after editing a microservice
gencredsGenerates per-microservice NATS .creds files signed by the operator’s account NKeyDeploy time, in the CD pipeline
gentopologyGenerates a Mermaid topology diagram from the bundle’s manifestsOn demand, for code review and architecture docs

genmanifest

Reads each microservice’s Go source code and emits or updates a manifest.yaml describing its endpoints, configurations, metrics, tickers, and other features.

go run github.com/microbus-io/fabric/cmd/genmanifest <service-dir>

Run this after adding or modifying any feature in a microservice. The framework’s housekeeping skill invokes the tool automatically.

The tool parses service.go, intermediate.go, and the *api/ package to determine what the microservice exposes. It does not read or modify other microservices, so changes to one microservice’s manifest do not cascade.

gencreds

Reads a microservice bundle’s source code, derives per-microservice NATS ACL rule sets via static analysis of the code, and signs them into <hostname>_nats.creds files using an operator’s account NKey.

go run github.com/microbus-io/fabric/cmd/gencreds \
  --bundle main/main.go \
  --signing-key /path/to/account.nk \
  --plane prod \
  --out ./deploy/creds/

For each microservice in the bundle, gencreds walks the source code to determine the exact NATS subjects the microservice publishes to and subscribes from, then signs one user JWT per microservice carrying the corresponding ACL allow-list. The output is one .creds file per microservice, ready to ship with the deployment binary. Operational Security covers the full deploy workflow.

Key flags:

  • --bundle <main.go> parses app.Add(...) calls to discover the microservices in the application.
  • --manifests <dir,dir,...> is an alternative to --bundle for non-standard bundle compositions.
  • --plane <name> ties the issued .creds to a specific plane and must match the deployment’s MICROBUS_PLANE. Defaults to microbus, which matches the framework’s local-development default.
  • --signing-key <path> points at the operator’s account NKey seed file.
  • --expiration <duration> sets an exp claim on each signed .creds. Default 0 (no expiration).
  • --persist-user-nkeys <dir> keeps user NKeys stable across runs instead of rotating them per deploy.

gentopology

Reads the bundle’s manifests and renders a Mermaid topology diagram showing the call graph between microservices.

go run github.com/microbus-io/fabric/cmd/gentopology \
  --bundle main/main.go \
  --out ./topology.mmd

Useful for code review, architecture documentation, and onboarding. The diagram captures who calls whom and on which port tier (safe vs danger).

Shared Schema

The cmd/schema package is a library shared by these tools. It defines the in-memory shape of manifest.yaml. It is not a CLI tool and is not invoked directly.

Backward cfg connector Forward