Refactor fetchVarsFromVault
This commit is contained in:
parent
b19402476b
commit
9f76b0c739
|
@ -44,7 +44,7 @@ esac
|
||||||
case "$ACTION" in
|
case "$ACTION" in
|
||||||
start)
|
start)
|
||||||
checkRequirements
|
checkRequirements
|
||||||
fetchVarsFromVault /etc/bridgehead/$PROJECT.conf || exit 1
|
fetchVarsFromVaultByFile /etc/bridgehead/$PROJECT.conf || exit 1
|
||||||
exec docker-compose -f ./$PROJECT/docker-compose.yml --env-file /etc/bridgehead/$PROJECT.conf up
|
exec docker-compose -f ./$PROJECT/docker-compose.yml --env-file /etc/bridgehead/$PROJECT.conf up
|
||||||
;;
|
;;
|
||||||
stop)
|
stop)
|
||||||
|
|
|
@ -26,20 +26,6 @@ checkRequirements() {
|
||||||
}
|
}
|
||||||
|
|
||||||
fetchVarsFromVault() {
|
fetchVarsFromVault() {
|
||||||
VARS_TO_FETCH=""
|
|
||||||
|
|
||||||
for line in $(cat $@); do
|
|
||||||
if [[ $line =~ .*=\<VAULT\>.* ]]; then
|
|
||||||
VARS_TO_FETCH+="$(echo -n $line | sed 's/=.*//') "
|
|
||||||
fi
|
|
||||||
done
|
|
||||||
|
|
||||||
if [ -z "$VARS_TO_FETCH" ]; then
|
|
||||||
return 0
|
|
||||||
fi
|
|
||||||
|
|
||||||
log "INFO" "Fetching secrets from vault ..."
|
|
||||||
|
|
||||||
[ -e /etc/bridgehead/vault.conf ] && source /etc/bridgehead/vault.conf
|
[ -e /etc/bridgehead/vault.conf ] && source /etc/bridgehead/vault.conf
|
||||||
|
|
||||||
if [ -z "$BW_MASTERPASS" ] || [ -z "$BW_CLIENTID" ] || [ -z "$BW_CLIENTSECRET" ]; then
|
if [ -z "$BW_MASTERPASS" ] || [ -z "$BW_CLIENTID" ] || [ -z "$BW_CLIENTSECRET" ]; then
|
||||||
|
@ -49,7 +35,7 @@ fetchVarsFromVault() {
|
||||||
|
|
||||||
set +e
|
set +e
|
||||||
|
|
||||||
PASS=$(BW_MASTERPASS="$BW_MASTERPASS" BW_CLIENTID="$BW_CLIENTID" BW_CLIENTSECRET="$BW_CLIENTSECRET" docker run --rm -e BW_MASTERPASS -e BW_CLIENTID -e BW_CLIENTSECRET -e http_proxy samply/bridgehead-vaultfetcher $VARS_TO_FETCH)
|
PASS=$(BW_MASTERPASS="$BW_MASTERPASS" BW_CLIENTID="$BW_CLIENTID" BW_CLIENTSECRET="$BW_CLIENTSECRET" docker run --rm -e BW_MASTERPASS -e BW_CLIENTID -e BW_CLIENTSECRET -e http_proxy samply/bridgehead-vaultfetcher $@)
|
||||||
RET=$?
|
RET=$?
|
||||||
|
|
||||||
if [ $RET -ne 0 ]; then
|
if [ $RET -ne 0 ]; then
|
||||||
|
@ -65,6 +51,26 @@ fetchVarsFromVault() {
|
||||||
return 0
|
return 0
|
||||||
}
|
}
|
||||||
|
|
||||||
|
fetchVarsFromVaultByFile() {
|
||||||
|
VARS_TO_FETCH=""
|
||||||
|
|
||||||
|
for line in $(cat $@); do
|
||||||
|
if [[ $line =~ .*=\<VAULT\>.* ]]; then
|
||||||
|
VARS_TO_FETCH+="$(echo -n $line | sed 's/=.*//') "
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
|
||||||
|
if [ -z "$VARS_TO_FETCH" ]; then
|
||||||
|
return 0
|
||||||
|
fi
|
||||||
|
|
||||||
|
log INFO "Fetching $(echo $VARS_TO_FETCH | wc -w) secrets from Vault ..."
|
||||||
|
|
||||||
|
fetchVarsFromVault $VARS_TO_FETCH
|
||||||
|
|
||||||
|
return 0
|
||||||
|
}
|
||||||
|
|
||||||
##Setting Network properties
|
##Setting Network properties
|
||||||
export HOSTIP=$(MSYS_NO_PATHCONV=1 docker run --rm --add-host=host.docker.internal:host-gateway ubuntu cat /etc/hosts | grep 'host.docker.internal' | awk '{print $1}');
|
export HOSTIP=$(MSYS_NO_PATHCONV=1 docker run --rm --add-host=host.docker.internal:host-gateway ubuntu cat /etc/hosts | grep 'host.docker.internal' | awk '{print $1}');
|
||||||
export HOST=$(hostname)
|
export HOST=$(hostname)
|
||||||
|
|
Loading…
Reference in New Issue