From a5f6e5353985cdaa0c1626e27f523db8da2931d5 Mon Sep 17 00:00:00 2001 From: Luke Murphy Date: Sat, 21 Mar 2020 01:22:21 +0100 Subject: [PATCH] Add vault support --- functions | 18 ++++++++++++++++-- post-extract | 7 ++++++- 2 files changed, 22 insertions(+), 3 deletions(-) diff --git a/functions b/functions index 9c126d6..115a901 100755 --- a/functions +++ b/functions @@ -14,6 +14,7 @@ function run_playbook() { local app="$1" local play_path="$2" local requirements="$3" + local vault_file="$DOKKU_LIB/ansible/$APP/.vault.sh" validate_dependencies @@ -31,6 +32,19 @@ function run_playbook() { mkdir -p $DOKKU_ROOT/.ansible/{roles,plugins/modules} cp -R $DOKKU_ROOT/.ansible/roles/*/library/* $DOKKU_ROOT/.ansible/plugins/modules - dokku_col_log_info1_quiet "$play_path file found" - ansible-playbook --inventory "$(hostname)", --connection local "$play_path" + if [[ -f "$vault_file" ]]; then + dokku_col_log_info1_quiet "$play_path file found" + dokku_col_log_info1_quiet "$vault_file file found" + ansible-playbook \ + --inventory "$(hostname)", \ + --connection local \ + --vault-password-file "$vault_file" + "$play_path" + else + dokku_col_log_info1_quiet "$play_path file found" + ansible-playbook \ + --inventory "$(hostname)", \ + --connection local \ + "$play_path" + fi } diff --git a/post-extract b/post-extract index 8806056..84dd803 100755 --- a/post-extract +++ b/post-extract @@ -10,7 +10,12 @@ dokku-ansible-playbook-post-extract() { dokku_col_log_info1_quiet "Checking for ansible playbooks supplied in repo" if [[ -d "$TMPDIR/ansible" ]] && [[ "$(ls -A "$TMPDIR/ansible")" ]]; then mkdir -p "$DOKKU_LIB_ROOT/data/ansible/$APP" - cp -r "$TMPDIR/ansible/." "$DOKKU_LIB_ROOT/data/ansible/$APP" + cp -r "$TMPDIR/ansible/*.yml" "$DOKKU_LIB_ROOT/data/ansible/$APP" + if [[ -f "$TMPDIR/ansible/.vault.sh" ]]; then + dokku_col_log_info1_quiet "Moving vault password file into place" + cp -r "$TMPDIR/ansible/.vault.sh" "$DOKKU_LIB_ROOT/data/ansible/$APP" + chmod 600 "$DOKKU_LIB_ROOT/data/ansible/$APP/.vault.sh" + fi fi }