Skip to content
grlx Docs

Cohorts

Cohorts let you organize sprouts into named groups for targeting with cook, cmd run, ssh, and other operations. They replace ad-hoc glob patterns with reusable, manageable groupings.

Cohort Types

Section titled “Cohort Types”

Static

Section titled “Static”

A fixed list of sprout names:

[cohorts.webservers]
type = "static"
members = ["web-01", "web-02", "web-03"]

Dynamic

Section titled “Dynamic”

Membership is determined by matching a sprout property at evaluation time:

[cohorts.linux-hosts]
type = "dynamic"
match_prop = "os"
match_value = "linux"

Dynamic cohorts automatically include any sprout whose property matches the condition. Use grlx cohorts refresh to re-evaluate membership against currently connected sprouts.

Compound

Section titled “Compound”

Combine other cohorts with boolean logic:

[cohorts.prod-linux]
type = "compound"
operator = "AND"
operands = ["production", "linux-hosts"]

Supported operators:

OperatorDescription
ANDSprouts that belong to all listed cohorts
ORSprouts that belong to any listed cohort
EXCEPTSprouts in the first cohort but not the rest

Compound cohorts can reference other compound cohorts (nesting), with a depth limit to prevent cycles.

CLI Commands

Section titled “CLI Commands”

List all cohorts

Section titled “List all cohorts”
Terminal window
grlx cohorts list

Show cohort details

Section titled “Show cohort details”
Terminal window
grlx cohorts show webservers

Displays the cohort type, configuration, and resolved member list.

Refresh dynamic membership

Section titled “Refresh dynamic membership”
Terminal window
# Refresh a specific cohort
grlx cohorts refresh webservers


# Refresh all cohorts
grlx cohorts refresh

Re-evaluates dynamic cohort membership against currently connected sprouts and their properties.

JSON output

Section titled “JSON output”

All cohort commands support --out json for machine-readable output:

Terminal window
grlx cohorts list --out json
grlx cohorts show webservers --out json

Using Cohorts

Section titled “Using Cohorts”

Cohorts can be used anywhere you target sprouts:

Terminal window
# Cook a recipe against a cohort
grlx cook nginx-setup -C webservers


# Run a command on a cohort
grlx cmd run "uptime" -C linux-hosts


# SSH with cohort picker
grlx ssh -C webservers

RBAC Integration

Section titled “RBAC Integration”

RBAC permissions are assigned per-cohort. A user might have cook and view permissions on the staging cohort but only view on production. See the RBAC documentation for details.