Skip to content

Commit

Permalink
secrets: handle different cloud provider secrets with pass or ENV vars
Browse files Browse the repository at this point in the history
  • Loading branch information
Paul B committed Sep 9, 2017
1 parent 44db303 commit 0bcdac5
Showing 1 changed file with 29 additions and 7 deletions.
36 changes: 29 additions & 7 deletions terraform.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,14 +7,36 @@
#
#!/bin/bash -e

key="$(echo "${provider}" | tr '[:lower:]' '[:upper:]')_$(echo "${env}" | tr '[:lower:]' '[:upper:]')_KEY"
secret="$(echo "${provider}" | tr '[:lower:]' '[:upper:]')_$(echo "${env}" | tr '[:lower:]' '[:upper:]')_SECRET"

if (which pass >/dev/null 2>&1); then
provider_key="$(pass ${provider}/access_key)"
provider_token="$(pass ${provider}/token)"
declare "TF_VAR_${provider}_access_key"=$provider_key
declare "TF_VAR_${provider}_token"=$provider_token
pass_key="$(pass "terraform/${provider}/${env}/access_key")"
pass_secret="$(pass "terraform/${provider}/${env}/secret")"

declare "${key}"="${pass_key}"
declare "${secret}"="${pass_secret}"
fi

export TF_VAR_${provider}_access_key
export TF_VAR_${provider}_token
case $provider in
aws)
declare "AWS_ACCESS_KEY_ID=${!key}"
declare "AWS_SECRET_ACCESS_KEY=${!secret}"
;;
azurerm)
declare "ARM_CLIENT_ID=${!key}"
declare "ARM_CLIENT_SECRET=${!secret}"
:;;
"do")
declare "DIGITALOCEAN_TOKEN=${!secret}"
:;;
google)
declare "GOOGLE_CREDENTIALS=${!secret}"
:;;
scaleway)
declare "SCALEWAY_ORGANIZATION=${!key}"
declare "SCALEWAY_TOKEN=${!secret}"
:;;
esac

cd ${wd} && terraform $@
cd "${wd}" && terraform $@

0 comments on commit 0bcdac5

Please sign in to comment.