mirror of
https://github.com/thegeeklab/wp-opentofu.git
synced 2024-11-24 13:20:39 +00:00
Add ability to inject internal CA Cert
This commit is contained in:
parent
9bb061e280
commit
2e74fe1180
6
DOCS.md
6
DOCS.md
@ -4,6 +4,7 @@ Use the Terraform plugin to apply the infrastructure configuration contained wit
|
|||||||
* `remote` - contains the configuration for the Terraform remote state tracking.
|
* `remote` - contains the configuration for the Terraform remote state tracking.
|
||||||
* `backend` - the Terraform remote state backend to use.
|
* `backend` - the Terraform remote state backend to use.
|
||||||
* `config` - a map of configuration parameters for the remote state backend. Each value is passed as a `-backend-config=<key>=<value>` option.
|
* `config` - a map of configuration parameters for the remote state backend. Each value is passed as a `-backend-config=<key>=<value>` option.
|
||||||
|
* `ca_cert` - ca cert to add to your environment to allow terraform to use internal/private resources
|
||||||
* `vars` - a map of variables to pass to the Terraform `plan` and `apply` commands. Each value is passed as a `-var <key>=<value>` option.
|
* `vars` - a map of variables to pass to the Terraform `plan` and `apply` commands. Each value is passed as a `-var <key>=<value>` option.
|
||||||
|
|
||||||
The following is a sample Terraform configuration in your .drone.yml file:
|
The following is a sample Terraform configuration in your .drone.yml file:
|
||||||
@ -14,6 +15,11 @@ deploy:
|
|||||||
plan: false
|
plan: false
|
||||||
remote:
|
remote:
|
||||||
backend: S3
|
backend: S3
|
||||||
|
ca_cert: |
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
asdfsadf
|
||||||
|
asdfsadf
|
||||||
|
-----END CERTIFICATE-----
|
||||||
config:
|
config:
|
||||||
bucket: my-terraform-config-bucket
|
bucket: my-terraform-config-bucket
|
||||||
key: tf-states/my-project
|
key: tf-states/my-project
|
||||||
|
12
main.go
12
main.go
@ -5,6 +5,7 @@ import (
|
|||||||
"os"
|
"os"
|
||||||
"os/exec"
|
"os/exec"
|
||||||
"strings"
|
"strings"
|
||||||
|
"io/ioutil"
|
||||||
|
|
||||||
"github.com/drone/drone-plugin-go/plugin"
|
"github.com/drone/drone-plugin-go/plugin"
|
||||||
)
|
)
|
||||||
@ -18,6 +19,7 @@ type terraform struct {
|
|||||||
type remote struct {
|
type remote struct {
|
||||||
Backend string `json:"backend"`
|
Backend string `json:"backend"`
|
||||||
Config map[string]string `json:"config"`
|
Config map[string]string `json:"config"`
|
||||||
|
Cacert string `json:"ca_cert"`
|
||||||
}
|
}
|
||||||
|
|
||||||
func main() {
|
func main() {
|
||||||
@ -31,6 +33,9 @@ func main() {
|
|||||||
|
|
||||||
var commands []*exec.Cmd
|
var commands []*exec.Cmd
|
||||||
remote := vargs.Remote
|
remote := vargs.Remote
|
||||||
|
if remote.Cacert != "" {
|
||||||
|
commands = append(commands, installCaCert(remote.Cacert))
|
||||||
|
}
|
||||||
if remote.Backend != "" {
|
if remote.Backend != "" {
|
||||||
commands = append(commands, remoteConfigCommand(remote))
|
commands = append(commands, remoteConfigCommand(remote))
|
||||||
}
|
}
|
||||||
@ -57,6 +62,13 @@ func main() {
|
|||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func installCaCert(cacert string) *exec.Cmd {
|
||||||
|
ioutil.WriteFile("/usr/local/share/ca-certificates/ca_cert.crt", []byte(cacert), 0644)
|
||||||
|
return exec.Command(
|
||||||
|
"update-ca-certificates",
|
||||||
|
)
|
||||||
|
}
|
||||||
|
|
||||||
func remoteConfigCommand(config remote) *exec.Cmd {
|
func remoteConfigCommand(config remote) *exec.Cmd {
|
||||||
args := []string{
|
args := []string{
|
||||||
"remote",
|
"remote",
|
||||||
|
Loading…
Reference in New Issue
Block a user