Skip to content
Snippets Groups Projects
Commit 2039efbe authored by Evangelos Foutras's avatar Evangelos Foutras :smiley_cat:
Browse files

Merge branch 'misc-get_key-drop-chdir' into 'master'

misc/get_key.py: load vault file without chdir'ing

See merge request !448
parents 9c2ca685 faba3a3d
No related branches found
No related tags found
1 merge request!448misc/get_key.py: load vault file without chdir'ing
Pipeline #9508 passed
......@@ -65,7 +65,7 @@ but for the time being, this is what we're stuck with.
The very first time you run terraform on your system, you'll have to init it:
cd tf-stage1 # and also tf-stage2
terraform init -backend-config="conn_str=postgres://terraform:$(../misc/get_key.py group_vars/all/vault_terraform.yml vault_terraform_db_password)@state.archlinux.org"
terraform init -backend-config="conn_str=postgres://terraform:$(../misc/get_key.py ../group_vars/all/vault_terraform.yml vault_terraform_db_password)@state.archlinux.org"
After making changes to the infrastructure in `tf-stage1/archlinux.tf`, run
......
......@@ -40,10 +40,9 @@ with chdir(root):
def load_vault(path):
with chdir(root):
return yaml.load(
vault_lib.decrypt(Path(path).read_text()), Loader=yaml.SafeLoader
)
return yaml.load(
vault_lib.decrypt(Path(path).read_text()), Loader=yaml.SafeLoader
)
class OutputFormat(str, Enum):
......
......@@ -6,7 +6,7 @@ terraform {
data "external" "vault_hetzner" {
program = [
"${path.module}/../misc/get_key.py", "misc/vault_hetzner.yml",
"${path.module}/../misc/get_key.py", "${path.module}/../misc/vault_hetzner.yml",
"hetzner_cloud_api_key",
"hetzner_dns_api_key",
"--format", "json"
......
......@@ -5,7 +5,7 @@ terraform {
}
data "external" "vault_keycloak" {
program = ["${path.module}/../misc/get_key.py", "group_vars/all/vault_keycloak.yml",
program = ["${path.module}/../misc/get_key.py", "${path.module}/../group_vars/all/vault_keycloak.yml",
"vault_keycloak_admin_user",
"vault_keycloak_admin_password",
"vault_keycloak_smtp_user",
......@@ -14,33 +14,33 @@ data "external" "vault_keycloak" {
}
data "external" "vault_google" {
program = ["${path.module}/../misc/get_key.py", "group_vars/all/vault_google.yml",
program = ["${path.module}/../misc/get_key.py", "${path.module}/../group_vars/all/vault_google.yml",
"vault_google_recaptcha_site_key",
"vault_google_recaptcha_secret_key",
"--format", "json"]
}
data "external" "vault_github" {
program = ["${path.module}/../misc/get_key.py", "group_vars/all/vault_github.yml",
program = ["${path.module}/../misc/get_key.py", "${path.module}/../group_vars/all/vault_github.yml",
"vault_github_oauth_app_client_id",
"vault_github_oauth_app_client_secret",
"--format", "json"]
}
data "external" "vault_monitoring" {
program = ["${path.module}/../misc/get_key.py", "group_vars/all/vault_monitoring.yml",
program = ["${path.module}/../misc/get_key.py", "${path.module}/../group_vars/all/vault_monitoring.yml",
"vault_monitoring_grafana_client_secret",
"--format", "json"]
}
data "external" "vault_hedgedoc" {
program = ["${path.module}/../misc/get_key.py", "group_vars/all/vault_hedgedoc.yml",
program = ["${path.module}/../misc/get_key.py", "${path.module}/../group_vars/all/vault_hedgedoc.yml",
"vault_hedgedoc_client_secret",
"--format", "json"]
}
data "external" "vault_matrix" {
program = ["${path.module}/../misc/get_key.py", "group_vars/all/vault_matrix.yml",
program = ["${path.module}/../misc/get_key.py", "${path.module}/../group_vars/all/vault_matrix.yml",
"vault_matrix_openid_client_secret",
"--format", "json"]
}
......
......@@ -3,7 +3,7 @@
# https://github.com/louy/terraform-provider-uptimerobot/issues/82
data "external" "vault_uptimerobot" {
program = ["${path.module}/../misc/get_key.py", "group_vars/all/vault_uptimerobot.yml",
program = ["${path.module}/../misc/get_key.py", "${path.module}/../group_vars/all/vault_uptimerobot.yml",
"vault_uptimerobot_api_key",
"vault_uptimerobot_alert_contact",
"--format", "json"]
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment