0
0
mirror of https://github.com/thegeeklab/wp-opentofu.git synced 2024-11-24 13:20:39 +00:00

Add ability to inject internal CA Cert

This commit is contained in:
Jacob McCann 2016-02-09 13:27:12 -06:00
parent 9bb061e280
commit 2e74fe1180
2 changed files with 18 additions and 0 deletions

View File

@ -4,6 +4,7 @@ Use the Terraform plugin to apply the infrastructure configuration contained wit
* `remote` - contains the configuration for the Terraform remote state tracking. * `remote` - contains the configuration for the Terraform remote state tracking.
* `backend` - the Terraform remote state backend to use. * `backend` - the Terraform remote state backend to use.
* `config` - a map of configuration parameters for the remote state backend. Each value is passed as a `-backend-config=<key>=<value>` option. * `config` - a map of configuration parameters for the remote state backend. Each value is passed as a `-backend-config=<key>=<value>` option.
* `ca_cert` - ca cert to add to your environment to allow terraform to use internal/private resources
* `vars` - a map of variables to pass to the Terraform `plan` and `apply` commands. Each value is passed as a `-var <key>=<value>` option. * `vars` - a map of variables to pass to the Terraform `plan` and `apply` commands. Each value is passed as a `-var <key>=<value>` option.
The following is a sample Terraform configuration in your .drone.yml file: The following is a sample Terraform configuration in your .drone.yml file:
@ -14,6 +15,11 @@ deploy:
plan: false plan: false
remote: remote:
backend: S3 backend: S3
ca_cert: |
-----BEGIN CERTIFICATE-----
asdfsadf
asdfsadf
-----END CERTIFICATE-----
config: config:
bucket: my-terraform-config-bucket bucket: my-terraform-config-bucket
key: tf-states/my-project key: tf-states/my-project

12
main.go
View File

@ -5,6 +5,7 @@ import (
"os" "os"
"os/exec" "os/exec"
"strings" "strings"
"io/ioutil"
"github.com/drone/drone-plugin-go/plugin" "github.com/drone/drone-plugin-go/plugin"
) )
@ -18,6 +19,7 @@ type terraform struct {
type remote struct { type remote struct {
Backend string `json:"backend"` Backend string `json:"backend"`
Config map[string]string `json:"config"` Config map[string]string `json:"config"`
Cacert string `json:"ca_cert"`
} }
func main() { func main() {
@ -31,6 +33,9 @@ func main() {
var commands []*exec.Cmd var commands []*exec.Cmd
remote := vargs.Remote remote := vargs.Remote
if remote.Cacert != "" {
commands = append(commands, installCaCert(remote.Cacert))
}
if remote.Backend != "" { if remote.Backend != "" {
commands = append(commands, remoteConfigCommand(remote)) commands = append(commands, remoteConfigCommand(remote))
} }
@ -57,6 +62,13 @@ func main() {
} }
func installCaCert(cacert string) *exec.Cmd {
ioutil.WriteFile("/usr/local/share/ca-certificates/ca_cert.crt", []byte(cacert), 0644)
return exec.Command(
"update-ca-certificates",
)
}
func remoteConfigCommand(config remote) *exec.Cmd { func remoteConfigCommand(config remote) *exec.Cmd {
args := []string{ args := []string{
"remote", "remote",