From 9f76b0c739fe87b910136a9d903cb8eff0b1bce9 Mon Sep 17 00:00:00 2001 From: Martin Lablans Date: Tue, 31 May 2022 09:22:38 +0200 Subject: [PATCH] Refactor fetchVarsFromVault --- bridgehead | 2 +- lib/functions.sh | 36 +++++++++++++++++++++--------------- 2 files changed, 22 insertions(+), 16 deletions(-) diff --git a/bridgehead b/bridgehead index c39e1ae..20616e6 100755 --- a/bridgehead +++ b/bridgehead @@ -44,7 +44,7 @@ esac case "$ACTION" in start) checkRequirements - fetchVarsFromVault /etc/bridgehead/$PROJECT.conf || exit 1 + fetchVarsFromVaultByFile /etc/bridgehead/$PROJECT.conf || exit 1 exec docker-compose -f ./$PROJECT/docker-compose.yml --env-file /etc/bridgehead/$PROJECT.conf up ;; stop) diff --git a/lib/functions.sh b/lib/functions.sh index e2db02c..a63031f 100755 --- a/lib/functions.sh +++ b/lib/functions.sh @@ -26,20 +26,6 @@ checkRequirements() { } fetchVarsFromVault() { - VARS_TO_FETCH="" - - for line in $(cat $@); do - if [[ $line =~ .*=\.* ]]; then - VARS_TO_FETCH+="$(echo -n $line | sed 's/=.*//') " - fi - done - - if [ -z "$VARS_TO_FETCH" ]; then - return 0 - fi - - log "INFO" "Fetching secrets from vault ..." - [ -e /etc/bridgehead/vault.conf ] && source /etc/bridgehead/vault.conf if [ -z "$BW_MASTERPASS" ] || [ -z "$BW_CLIENTID" ] || [ -z "$BW_CLIENTSECRET" ]; then @@ -49,7 +35,7 @@ fetchVarsFromVault() { set +e - PASS=$(BW_MASTERPASS="$BW_MASTERPASS" BW_CLIENTID="$BW_CLIENTID" BW_CLIENTSECRET="$BW_CLIENTSECRET" docker run --rm -e BW_MASTERPASS -e BW_CLIENTID -e BW_CLIENTSECRET -e http_proxy samply/bridgehead-vaultfetcher $VARS_TO_FETCH) + PASS=$(BW_MASTERPASS="$BW_MASTERPASS" BW_CLIENTID="$BW_CLIENTID" BW_CLIENTSECRET="$BW_CLIENTSECRET" docker run --rm -e BW_MASTERPASS -e BW_CLIENTID -e BW_CLIENTSECRET -e http_proxy samply/bridgehead-vaultfetcher $@) RET=$? if [ $RET -ne 0 ]; then @@ -65,6 +51,26 @@ fetchVarsFromVault() { return 0 } +fetchVarsFromVaultByFile() { + VARS_TO_FETCH="" + + for line in $(cat $@); do + if [[ $line =~ .*=\.* ]]; then + VARS_TO_FETCH+="$(echo -n $line | sed 's/=.*//') " + fi + done + + if [ -z "$VARS_TO_FETCH" ]; then + return 0 + fi + + log INFO "Fetching $(echo $VARS_TO_FETCH | wc -w) secrets from Vault ..." + + fetchVarsFromVault $VARS_TO_FETCH + + return 0 +} + ##Setting Network properties export HOSTIP=$(MSYS_NO_PATHCONV=1 docker run --rm --add-host=host.docker.internal:host-gateway ubuntu cat /etc/hosts | grep 'host.docker.internal' | awk '{print $1}'); export HOST=$(hostname)