Add generate_secrets functionality
All checks were successful
continuous-integration/drone/push Build is passing
All checks were successful
continuous-integration/drone/push Build is passing
This commit is contained in:
3wc
15
plugin.sh
15
plugin.sh
@ -7,6 +7,16 @@ PLUGIN_HOST=${PLUGIN_HOST:-swarm.autonomic.zone}
|
||||
PLUGIN_PORT=${PLUGIN_PORT:-222}
|
||||
PLUGIN_USER=${PLUGIN_USER:-drone}
|
||||
|
||||
generate_secrets() {
|
||||
echo "--- start secrets ---"
|
||||
for SECRET in $(docker run --rm -v "${PWD}":/workdir mikefarah/yq yq r "$PLUGIN_COMPOSE" 'secrets.*.name'); do
|
||||
eval "echo \"generating $SECRET\""
|
||||
PW=$(</dev/urandom tr -dc 'A-Za-z0-9' | head -c 40; echo)
|
||||
eval "echo \"$PW\" | docker secret create \"$SECRET\" -";
|
||||
done
|
||||
echo "--- end secrets ---"
|
||||
}
|
||||
|
||||
load_deploy_key() {
|
||||
mkdir -p "$HOME/.ssh/"
|
||||
ssh-keyscan -p "$PLUGIN_PORT" "$PLUGIN_HOST" > "$HOME/.ssh/known_hosts"
|
||||
@ -34,6 +44,11 @@ run_stack_wait() {
|
||||
run_plugin() {
|
||||
echo "--- start deployment ---"
|
||||
load_deploy_key
|
||||
|
||||
if [ -n "$PLUGIN_GENERATE_SECRETS" ]; then
|
||||
generate_secrets
|
||||
fi
|
||||
|
||||
run_stack_deploy
|
||||
run_stack_wait
|
||||
echo "--- end deployment ---"
|
||||
|
||||
Reference in New Issue
Block a user