0
0
mirror of https://github.com/thegeeklab/wp-opentofu.git synced 2024-11-24 13:20:39 +00:00

Merge pull request #33 from edwinavalos/accessible-secrets

Implement exportSecrets
This commit is contained in:
Jacob McCann 2016-12-23 09:45:32 -06:00 committed by GitHub
commit b45f2b597f
2 changed files with 34 additions and 0 deletions

23
DOCS.md
View File

@ -187,3 +187,26 @@ pipeline:
app_version: 1.0.0 app_version: 1.0.0
parallelism: 2 parallelism: 2
``` ```
## Remote configuration
If you are configuring an s3 remote state and require S3 environment secrets you add the secrets "FOO" and "BAR" to your drone environment and reference the secrets as follows. These will not be outputted to stdout.
```yaml
pipeline:
terraform:
image: jmccann/drone-terraform:0.5
plan: false
remote:
backend: S3
config:
bucket: my-terraform-config-bucket
key: tf-states/my-project
region: us-east-1
vars:
app_name: my-project
app_version: 1.0.0
secrets:
AWS_ACCESS_KEY_ID: FOO
AWS_SECRET_ACCESS_KEY: BAR
```

View File

@ -44,6 +44,11 @@ func (p Plugin) Exec() error {
} }
var commands []*exec.Cmd var commands []*exec.Cmd
if len(p.Config.Secrets) != 0 {
exportSecrets(p.Config.Secrets)
}
remote := p.Config.Remote remote := p.Config.Remote
if p.Config.Cacert != "" { if p.Config.Cacert != "" {
commands = append(commands, installCaCert(p.Config.Cacert)) commands = append(commands, installCaCert(p.Config.Cacert))
@ -94,6 +99,12 @@ func installCaCert(cacert string) *exec.Cmd {
) )
} }
func exportSecrets(secrets map[string]string) {
for k, v := range secrets {
os.Setenv(fmt.Sprintf("%s", k), fmt.Sprintf("%s", os.Getenv(v)))
}
}
func deleteCache() *exec.Cmd { func deleteCache() *exec.Cmd {
return exec.Command( return exec.Command(
"rm", "rm",