jdormit/jdormit-infra
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Pull DO tokens from pass

Browse Source
This commit is contained in:
Jeremy Dormitzer 2020-12-04 09:23:36 -05:00
parent cabad59c81
commit 2b4e796e78
2 changed files with 8 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
README.md
View File

@ -3,14 +3,7 @@
This repository contains the configuration files and scripts to support the infrastructure I use for personal projects.
## Terraform environment variables and config
Terraform state is stored in a DigitalOcean Spaces bucket. In order to access the bucket, the Terraform backend configuration needs the `access_key` and `secret_key` variables set. These variables are the DigitalOcean Spaces access key and secret key, respectively, which are generated from the DigitalOcean Spaces UI. I'm passing them to Terraform via the `-backend-config` `terraform init` option. I create a file `backend-config.tf` in the root directory containing the necessary variables:
```terraform
access_key = "xxxxxxxxxxxxxxxxxxxx"
secret_key = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
```
Then run `terraform init -backend-config=backend-config.tf` when I need to run any Terraform commands. This operation is encapsulated in the `tf-init.sh` script.
Terraform state is stored in a DigitalOcean Spaces bucket. In order to access the bucket, the Terraform backend configuration needs the `access_key` and `secret_key` variables set. These variables are the DigitalOcean Spaces access key and secret key, respectively, which are generated from the DigitalOcean Spaces UI. I'm passing them to Terraform via the `-backend-config` `terraform init` option and pulling their values from my password manager. This operation is encapsulated in the `tf-init.sh` script.
The Terraform scripts also require some environment variables set:

14
tf-init.sh
View File

@ -1,10 +1,10 @@
#!/usr/bin/env bash
BACKEND_FILE="$(dirname $0)/backend-config.tf"
set -e
if [ -f "$BACKEND_FILE" ]; then
terraform init -backend-config="$BACKEND_FILE"
else
echo "Could not find $BACKEND_FILE"
exit 1
fi
SPACES_ACCESS_ID=$(pass jdormit-infra-spaces-access-id)
SPACES_SECRET_KEY=$(pass jdormit-infra-spaces-secret-key)
terraform init \
-backend-config="access_key=$SPACES_ACCESS_ID" \
-backend-config="secret_key=$SPACES_SECRET_KEY"