verbis-admin/bridgehead
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Refactor fetchVarsFromVault

Browse Source
This commit is contained in:
Martin Lablans
2022-05-31 09:22:38 +02:00
parent b19402476b
commit 9f76b0c739
2 changed files with 22 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
bridgehead
View File

@@ -44,7 +44,7 @@ esac
case "$ACTION" in
start)
checkRequirements
fetchVarsFromVault /etc/bridgehead/$PROJECT.conf || exit 1
fetchVarsFromVaultByFile /etc/bridgehead/$PROJECT.conf || exit 1
exec docker-compose -f ./$PROJECT/docker-compose.yml --env-file /etc/bridgehead/$PROJECT.conf up
;;
stop)

36
lib/functions.sh
View File

@@ -26,20 +26,6 @@ checkRequirements() {
}
fetchVarsFromVault() {
VARS_TO_FETCH=""
for line in $(cat $@); do
if [[ $line =~ .*=\<VAULT\>.* ]]; then
VARS_TO_FETCH+="$(echo -n $line | sed 's/=.*//') "
fi
done
if [ -z "$VARS_TO_FETCH" ]; then
return 0
fi
log "INFO" "Fetching secrets from vault ..."
[ -e /etc/bridgehead/vault.conf ] && source /etc/bridgehead/vault.conf
if [ -z "$BW_MASTERPASS" ] || [ -z "$BW_CLIENTID" ] || [ -z "$BW_CLIENTSECRET" ]; then
@@ -49,7 +35,7 @@ fetchVarsFromVault() {
set +e
PASS=$(BW_MASTERPASS="$BW_MASTERPASS" BW_CLIENTID="$BW_CLIENTID" BW_CLIENTSECRET="$BW_CLIENTSECRET" docker run --rm -e BW_MASTERPASS -e BW_CLIENTID -e BW_CLIENTSECRET -e http_proxy samply/bridgehead-vaultfetcher $VARS_TO_FETCH)
PASS=$(BW_MASTERPASS="$BW_MASTERPASS" BW_CLIENTID="$BW_CLIENTID" BW_CLIENTSECRET="$BW_CLIENTSECRET" docker run --rm -e BW_MASTERPASS -e BW_CLIENTID -e BW_CLIENTSECRET -e http_proxy samply/bridgehead-vaultfetcher $@)
RET=$?
if [ $RET -ne 0 ]; then
@@ -65,6 +51,26 @@ fetchVarsFromVault() {
return 0
}
fetchVarsFromVaultByFile() {
VARS_TO_FETCH=""
for line in $(cat $@); do
if [[ $line =~ .*=\<VAULT\>.* ]]; then
VARS_TO_FETCH+="$(echo -n $line | sed 's/=.*//') "
fi
done
if [ -z "$VARS_TO_FETCH" ]; then
return 0
fi
log INFO "Fetching $(echo $VARS_TO_FETCH | wc -w) secrets from Vault ..."
fetchVarsFromVault $VARS_TO_FETCH
return 0
}
##Setting Network properties
export HOSTIP=$(MSYS_NO_PATHCONV=1 docker run --rm --add-host=host.docker.internal:host-gateway ubuntu cat /etc/hosts | grep 'host.docker.internal' | awk '{print $1}');
export HOST=$(hostname)