verbis-admin
/
bridgehead
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Refactor fetchVarsFromVault

This commit is contained in:
Martin Lablans 2022-05-31 09:22:38 +02:00
parent b19402476b
commit 9f76b0c739
2 changed files with 22 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
bridgehead
View File

@ -44,7 +44,7 @@ esac
case "$ACTION" in case "$ACTION" in
start) start)
checkRequirements checkRequirements
fetchVarsFromVault /etc/bridgehead/$PROJECT.conf || exit 1 fetchVarsFromVaultByFile /etc/bridgehead/$PROJECT.conf || exit 1
exec docker-compose -f ./$PROJECT/docker-compose.yml --env-file /etc/bridgehead/$PROJECT.conf up exec docker-compose -f ./$PROJECT/docker-compose.yml --env-file /etc/bridgehead/$PROJECT.conf up
;; ;;
stop) stop)

36
lib/functions.sh
View File

@ -26,20 +26,6 @@ checkRequirements() {
} }
fetchVarsFromVault() { fetchVarsFromVault() {
VARS_TO_FETCH=""
for line in $(cat $@); do
if [[ $line =~ .*=\<VAULT\>.* ]]; then
VARS_TO_FETCH+="$(echo -n $line | sed 's/=.*//') "
fi
done
if [ -z "$VARS_TO_FETCH" ]; then
return 0
fi
log "INFO" "Fetching secrets from vault ..."
[ -e /etc/bridgehead/vault.conf ] && source /etc/bridgehead/vault.conf [ -e /etc/bridgehead/vault.conf ] && source /etc/bridgehead/vault.conf
if [ -z "$BW_MASTERPASS" ] || [ -z "$BW_CLIENTID" ] || [ -z "$BW_CLIENTSECRET" ]; then if [ -z "$BW_MASTERPASS" ] || [ -z "$BW_CLIENTID" ] || [ -z "$BW_CLIENTSECRET" ]; then
@ -49,7 +35,7 @@ fetchVarsFromVault() {
set +e set +e
PASS=$(BW_MASTERPASS="$BW_MASTERPASS" BW_CLIENTID="$BW_CLIENTID" BW_CLIENTSECRET="$BW_CLIENTSECRET" docker run --rm -e BW_MASTERPASS -e BW_CLIENTID -e BW_CLIENTSECRET -e http_proxy samply/bridgehead-vaultfetcher $VARS_TO_FETCH) PASS=$(BW_MASTERPASS="$BW_MASTERPASS" BW_CLIENTID="$BW_CLIENTID" BW_CLIENTSECRET="$BW_CLIENTSECRET" docker run --rm -e BW_MASTERPASS -e BW_CLIENTID -e BW_CLIENTSECRET -e http_proxy samply/bridgehead-vaultfetcher $@)
RET=$? RET=$?
if [ $RET -ne 0 ]; then if [ $RET -ne 0 ]; then
@ -65,6 +51,26 @@ fetchVarsFromVault() {
return 0 return 0
} }
fetchVarsFromVaultByFile() {
VARS_TO_FETCH=""
for line in $(cat $@); do
if [[ $line =~ .*=\<VAULT\>.* ]]; then
VARS_TO_FETCH+="$(echo -n $line | sed 's/=.*//') "
fi
done
if [ -z "$VARS_TO_FETCH" ]; then
return 0
fi
log INFO "Fetching $(echo $VARS_TO_FETCH | wc -w) secrets from Vault ..."
fetchVarsFromVault $VARS_TO_FETCH
return 0
}
##Setting Network properties ##Setting Network properties
export HOSTIP=$(MSYS_NO_PATHCONV=1 docker run --rm --add-host=host.docker.internal:host-gateway ubuntu cat /etc/hosts | grep 'host.docker.internal' | awk '{print $1}'); export HOSTIP=$(MSYS_NO_PATHCONV=1 docker run --rm --add-host=host.docker.internal:host-gateway ubuntu cat /etc/hosts | grep 'host.docker.internal' | awk '{print $1}');
export HOST=$(hostname) export HOST=$(hostname)