From d20f99ff5f10559b314def06f548dcaaca80cee1 Mon Sep 17 00:00:00 2001 From: dd84ai Date: Mon, 29 Jul 2024 18:12:22 +0200 Subject: [PATCH] refactor: to pass storage --- tf/production/main.tf | 6 +++++- tf/production/providers.tf | 8 ++++---- tf/production/{pass_storage.sh => secrets_providers.sh} | 0 tf/staging/main.tf | 6 +++--- tf/staging/providers.tf | 8 ++++---- tf/staging/{pass_storage.sh => secrets_providers.sh} | 0 6 files changed, 16 insertions(+), 12 deletions(-) rename tf/production/{pass_storage.sh => secrets_providers.sh} (100%) rename tf/staging/{pass_storage.sh => secrets_providers.sh} (100%) diff --git a/tf/production/main.tf b/tf/production/main.tf index 2f6d4e4..75ec9e1 100644 --- a/tf/production/main.tf +++ b/tf/production/main.tf @@ -11,8 +11,12 @@ data "aws_ssm_parameter" "darkbot" { name = "/terraform/hetzner/darkbot/production" } +data "external" "secrets_darkbot" { + program = ["pass", "api/personal/terraform/hetzner/darkbot/production"] +} + locals { - secrets = nonsensitive(jsondecode(data.aws_ssm_parameter.darkbot.value)) + secrets = nonsensitive(data.external.secrets_darkbot.result) } provider "docker" { diff --git a/tf/production/providers.tf b/tf/production/providers.tf index bd22dac..d198344 100644 --- a/tf/production/providers.tf +++ b/tf/production/providers.tf @@ -19,16 +19,16 @@ terraform { } } -data "external" "pass_storage" { - program = ["bash", "${path.module}/pass_storage.sh"] +data "external" "secrets_providers" { + program = ["bash", "${path.module}/secrets_providers.sh"] } provider "hcloud" { - token = data.external.pass_storage.result["hetzner_token"] + token = data.external.secrets_providers.result["hetzner_token"] } provider "cloudflare" { - api_token = data.external.pass_storage.result["cloudflare_token"] + api_token = data.external.secrets_providers.result["cloudflare_token"] } provider "kubernetes" { diff --git a/tf/production/pass_storage.sh b/tf/production/secrets_providers.sh similarity index 100% rename from tf/production/pass_storage.sh rename to tf/production/secrets_providers.sh diff --git a/tf/staging/main.tf b/tf/staging/main.tf index 57453f9..518716d 100644 --- a/tf/staging/main.tf +++ b/tf/staging/main.tf @@ -3,12 +3,12 @@ module "server" { name = "node-arm" } -data "aws_ssm_parameter" "darkbot" { - name = "/terraform/hetzner/darkbot/staging" +data "external" "secrets_darkbot" { + program = ["pass", "api/personal/terraform/hetzner/darkbot/staging"] } locals { - secrets = nonsensitive(jsondecode(data.aws_ssm_parameter.darkbot.value)) + secrets = nonsensitive(data.external.secrets_darkbot.result) } provider "docker" { diff --git a/tf/staging/providers.tf b/tf/staging/providers.tf index aa3842c..f6d5824 100644 --- a/tf/staging/providers.tf +++ b/tf/staging/providers.tf @@ -22,16 +22,16 @@ terraform { } } -data "external" "pass_storage" { - program = ["bash", "${path.module}/pass_storage.sh"] +data "external" "secrets_providers" { + program = ["bash", "${path.module}/secrets_providers.sh"] } provider "hcloud" { - token = data.external.pass_storage.result["hetzner_token"] + token = data.external.secrets_providers.result["hetzner_token"] } provider "cloudflare" { - api_token = data.external.pass_storage.result["cloudflare_token"] + api_token = data.external.secrets_providers.result["cloudflare_token"] } provider "kubernetes" { diff --git a/tf/staging/pass_storage.sh b/tf/staging/secrets_providers.sh similarity index 100% rename from tf/staging/pass_storage.sh rename to tf/staging/secrets_providers.sh