Fix vault path and arg parsing

This commit is contained in:
Luke Murphy 2020-03-22 01:54:19 +01:00
parent 6e79e87d51
commit 59d17b87ab
No known key found for this signature in database
GPG Key ID: 5E2EF5A63E3718CC

View File

@ -14,7 +14,7 @@ dokku-ansible-playbook-run() {
local app="$1" local app="$1"
local play_path="$2" local play_path="$2"
local requirements="$3" local requirements="$3"
local vault_file="$DOKKU_LIB/ansible/$app/.vault.sh" local vault_file="$DOKKU_LIB/ansible/.vault-pass.sh"
dokku-ansible-playbook-validate-dependencies dokku-ansible-playbook-validate-dependencies
@ -36,7 +36,7 @@ dokku-ansible-playbook-run() {
if [[ -f "$vault_file" ]]; then if [[ -f "$vault_file" ]]; then
dokku_col_log_info1_quiet "$vault_file file found" dokku_col_log_info1_quiet "$vault_file file found"
args+=" --vault-password-file $vault_file" args="${args} --vault-password-file $vault_file"
fi fi
dokku_col_log_info1_quiet "$play_path file found" dokku_col_log_info1_quiet "$play_path file found"
@ -48,18 +48,25 @@ dokku-ansible-playbook-vault-pass-cmd() {
#shellcheck disable=SC2034 #shellcheck disable=SC2034
declare desc="insert new vault password for encrypt/decrypt of passwords" declare desc="insert new vault password for encrypt/decrypt of passwords"
if [[ -f "$DOKKU_LIB/data/ansible/.vault-pass" ]]; then if [[ -f $vault_file ]]; then
dokku_col_log_info1_quiet "Vault password already in place" dokku_col_log_info1_quiet "Vault password already in place"
exit 0 exit 0
fi fi
read -srp "Vault password: " vault_password read -srp "Vault password: " vault_password
if [[ -d "$DOKKU_LIB/data/ansible" ]]; then if [[ ! -d "$DOKKU_LIB/data/ansible" ]]; then
dokku_col_log_info1_quiet "Creating $DOKKU_LIB/data/ansible" dokku_col_log_info1_quiet "Creating $DOKKU_LIB/data/ansible"
mkdir -p "$DOKKU_LIB/data/ansible" mkdir -p "$DOKKU_LIB/data/ansible"
fi fi
dokku_col_log_info1_quiet "Generating $DOKKU_LIB/data/ansible/.vault-pass" dokku_col_log_info1_quiet "Generating $vault_file"
echo "$vault_password" > "$DOKKU_LIB/data/ansible/.vault-pass"
{ echo "#!/bin/bash";
echo "";
echo "set -eu -o pipefail";
echo "";
echo "echo \"$vault_password\""; } > "$vault_file"
chmod 600 "$vault_file"
} }