Commit 1498ef0b authored by Jason Tevnan's avatar Jason Tevnan

changed all aspects to use gitlab_secrets

parent bdb2375d
......@@ -3,4 +3,4 @@ source 'https://api.berkshelf.com'
metadata
cookbook 'apt'
cookbook 'gitlab-vault', '~> 0.2.0'
cookbook 'gitlab_secrets', '~> 0.0.0', git: 'git@dev.gitlab.org:cookbooks/gitlab_secrets.git'
default['omnibus-gitlab']['secrets'] = {}
# this is now a hash... so we can include multiple secrets
#default['omnibus-gitlab']['secrets']['backend'] = 'chef_vault'
#default['omnibus-gitlab']['secrets']['path'] = 'omnibus-gitlab'
#default['omnibus-gitlab']['secrets']['key'] = nil
default['omnibus-gitlab']['package']['url'] = 'https://downloads-packages.s3.amazonaws.com/ubuntu-12.04/gitlab_6.9.0-omnibus-1_amd64.deb'
default['omnibus-gitlab']['package']['sha256'] = '42e8224f8aa8689ba80380d036a3b367ffb63a85b5e447670a5233d888b85924'
......
......@@ -7,15 +7,13 @@
# All rights reserved - Do Not Redistribute
#
attributes_with_secrets = node['omnibus-gitlab']
node['omnibus-gitlab']['secrets'].each do |name,secret|
Chef::Log.warn("mixing secrets from #{name} into #{attributes_with_secrets.keys}")
attributes_with_secrets = Chef::Mixin::DeepMerge.deep_merge(
get_secrets(secret['backend'],
secret['path'],
secret['key'])['omnibus-gitlab'],
attributes_with_secrets)
end
#
# merge_secrets takes the passed string (or array of strings),
# gets the secret configuration at that location,
# and merges the secrets with the node attributes
# returning a hash of normal and secret attributes.
#
attributes_with_secrets = merge_secrets('omnibus-gitlab')
pkg_url = "#{node['omnibus-gitlab']['package']['scheme_url']}://#{node['omnibus-gitlab']['package']['base_url']}"
pkg_url = "#{node['omnibus-gitlab']['package']['scheme_url']}://#{attributes_with_secrets['package']['key']}:@#{node['omnibus-gitlab']['package']['base_url']}" if node['omnibus-gitlab']['package']['use_key']
......
......@@ -26,16 +26,7 @@
# care! If you supply invalid host keys, you may loose SSH access to your
# server.
attributes_with_secrets = node['omnibus-gitlab']
node['omnibus-gitlab']['secrets'].each do |name,secret|
Chef::Log.warn("mixing secrets from #{name} into #{attributes_with_secrets.keys}")
attributes_with_secrets = Chef::Mixin::DeepMerge.deep_merge(
get_secrets(secret['backend'],
secret['path'],
secret['key'])['omnibus-gitlab'],
attributes_with_secrets)
end
attributes_with_secrets = merge_secrets('omnibus-gitlab')
ssh = attributes_with_secrets['ssh']
ssh['host_keys'].each do |filename, key_material|
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment