GoLauncher is a server management agent I built in Go for automated application deployment, updates, and telemetry collection across distributed infrastructure. This GoLauncher agent uses a secure two-level authentication system with GitHub Fine-Grained PATs, repository_dispatch for telemetry, and provides both CLI and interactive TUI interfaces , all without requiring direct write access to managed repositories.
Why GoLauncher
Managing applications across multiple servers , each with different access levels, update schedules, and monitoring requirements , demands a lightweight agent that can securely pull updates, report telemetry, and operate without exposing write credentials. GoLauncher solves this with read-only git operations for deployments and repository_dispatch events for secure telemetry transmission.
Core Architecture
- Two-level auth , separate GitHub tokens: one for repository cloning (read-only), another for telemetry dispatch (Actions write-only). Minimal privilege principle
- Telemetry via repository_dispatch , server metrics sent as GitHub Actions events, processed into dashboard-ready JSON. No direct database access needed
- Interactive TUI , terminal UI for browsing available applications, checking versions, triggering updates, and viewing server status
- CLI mode , scriptable commands for automation and cron integration
- Access tiers , Level 1 (Admin), Level 2 (Free), Level 3 (Paid) with different repository access
Security Model
Security is the core design principle. The agent never has write access to application repositories , it only clones. Telemetry uses a separate Fine-Grained PAT with only Actions permissions on the server-inventory repository. Token configuration files use YAML with per-client access levels. This ensures each deployment sees only what it should.
Technology Stack
- Language: Go (cross-compiled for Windows and Linux)
- TUI: Interactive terminal interface with color output
- Auth: GitHub Fine-Grained PATs with minimal scopes
- Telemetry: GitHub Actions via repository_dispatch
- Distribution: GitHub Releases with versioned binaries
Practical Application
As a Fractional CTO, I manage software deployments across client servers in multiple countries. GoLauncher runs on each server, automatically pulling updates when new versions are released, reporting health telemetry, and maintaining an inventory of installed applications. The access tier system means client servers only see applications they’re licensed for.
The agent is available upon request. Contact me for deployment or infrastructure consulting.
FAQ
Does GoLauncher require root access?
No. It runs as a regular user. Administrative privileges are only needed for system-level service installation.
How does telemetry work without database access?
Telemetry is sent as GitHub repository_dispatch events, which trigger Actions workflows that commit the data as JSON files. No external database needed.
Can it manage non-GitHub repositories?
Currently designed for GitHub-hosted applications. The git-based pull model works with any git remote, but telemetry requires GitHub Actions.
What happens if the agent loses connectivity?
The agent operates independently. Applications continue running. Telemetry is queued and sent when connectivity resumes. Updates are pulled on the next successful check.
