Commit 3b7f1dc6 authored by kawsark's avatar kawsark

testing without get_credentials

parent e3c2c853
Pipeline #91120532 passed with stages
in 23 seconds
......@@ -2,7 +2,7 @@ stages:
- create_workspace
- setup_workspace
# Uncomment get_credentials to fetch temporary credentials from Vault
- get_credentials
# - get_credentials
- run
before_script:
......@@ -11,25 +11,25 @@ before_script:
- echo "Workspace ID is ${workspace_id}"
# Uncomment the get_credentials job to fetch temporary credentials from Vault
get_credentials:
stage: get_credentials
script:
- echo "Checking if we can reach Vault @ ${VAULT_ADDR}"
- >
curl ${VAULT_ADDR}/v1/sys/health
- echo "Looking up token"
- >
curl --header "X-Vault-Token: ${VAULT_TOKEN}" ${VAULT_ADDR}/v1/auth/token/lookup-self
- echo "Getting new GCP credentials @ ${VAULT_ADDR}/v1/${SECRETS_PATH}"
- >
curl --header "X-Vault-Token: ${VAULT_TOKEN}" ${VAULT_ADDR}/v1/${SECRETS_PATH} | jq -r .data.private_key_data | base64 --decode > temp_creds
- export GOOGLE_CREDENTIALS=$(tr '\n' ' ' < temp_creds | sed -e 's/\"/\\\\"/g' -e 's/\//\\\//g' -e 's/\\n/\\\\\\\\n/g')
- rm -f temp_creds
- sed -e "s/my-key/GOOGLE_CREDENTIALS/" -e "s/my-hcl/false/" -e "s/my-value/${GOOGLE_CREDENTIALS}/" -e "s/my-category/env/" -e "s/my-sensitive/true/" -e "s/my-workspace-id/${workspace_id}/" < api_templates/variable.json.template > variable.json
- >
curl --header "Authorization: Bearer ${TFC_TOKEN}" --header "Content-Type: application/vnd.api+json" --data @variable.json "https://${TFC_ADDR}/api/v2/vars"
tags:
- curl
# get_credentials:
# stage: get_credentials
# script:
# - echo "Checking if we can reach Vault @ ${VAULT_ADDR}"
# - >
# curl ${VAULT_ADDR}/v1/sys/health
# - echo "Looking up token"
# - >
# curl --header "X-Vault-Token: ${VAULT_TOKEN}" ${VAULT_ADDR}/v1/auth/token/lookup-self
# - echo "Getting new GCP credentials @ ${VAULT_ADDR}/v1/${SECRETS_PATH}"
# - >
# curl --header "X-Vault-Token: ${VAULT_TOKEN}" ${VAULT_ADDR}/v1/${SECRETS_PATH} | jq -r .data.private_key_data | base64 --decode > temp_creds
# - export GOOGLE_CREDENTIALS=$(tr '\n' ' ' < temp_creds | sed -e 's/\"/\\\\"/g' -e 's/\//\\\//g' -e 's/\\n/\\\\\\\\n/g')
# - rm -f temp_creds
# - sed -e "s/my-key/GOOGLE_CREDENTIALS/" -e "s/my-hcl/false/" -e "s/my-value/${GOOGLE_CREDENTIALS}/" -e "s/my-category/env/" -e "s/my-sensitive/true/" -e "s/my-workspace-id/${workspace_id}/" < api_templates/variable.json.template > variable.json
# - >
# curl --header "Authorization: Bearer ${TFC_TOKEN}" --header "Content-Type: application/vnd.api+json" --data @variable.json "https://${TFC_ADDR}/api/v2/vars"
# tags:
# - curl
create_workspace:
stage: create_workspace
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment