Skip to content

Commit

Permalink
refactor: to using pass storage
Browse files Browse the repository at this point in the history
  • Loading branch information
@dd84ai
dd84ai committed Jul 29, 2024
1 parent 0297656 commit e172891
Show file tree
Hide file tree
Showing 6 changed files with 58 additions and 16 deletions.
17 changes: 17 additions & 0 deletions tf/production/.terraform.lock.hcl
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

7 changes: 7 additions & 0 deletions tf/production/pass_storage.sh
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
jq -n \
--arg hetzner_token $(pass api/personal/terraform/hetzner/production) \
--arg cloudflare_token $(pass api/personal/terraform/cloudflare/dd84ai) \
'{
"hetzner_token": $hetzner_token,
"cloudflare_token": $cloudflare_token
}'
13 changes: 5 additions & 8 deletions tf/production/providers.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,19 +19,16 @@ terraform {
}
}

data "aws_ssm_parameter" "hetzner" {
name = "/terraform/hetzner/production"
}
provider "hcloud" {
token = data.aws_ssm_parameter.hetzner.value
data "external" "pass_storage" {
program = ["bash", "${path.module}/pass_storage.sh"]
}

data "aws_ssm_parameter" "cloudflare_key" {
name = "/terraform/cloudflare/dd84ai"
provider "hcloud" {
token = data.external.pass_storage.result["hetzner_token"]
}

provider "cloudflare" {
api_token = data.aws_ssm_parameter.cloudflare_key.value
api_token = data.external.pass_storage.result["cloudflare_token"]
}

provider "kubernetes" {
Expand Down
17 changes: 17 additions & 0 deletions tf/staging/.terraform.lock.hcl
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

7 changes: 7 additions & 0 deletions tf/staging/pass_storage.sh
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
jq -n \
--arg hetzner_token $(pass api/personal/terraform/hetzner/production) \
--arg cloudflare_token $(pass api/personal/terraform/cloudflare/dd84ai) \
'{
"hetzner_token": $hetzner_token,
"cloudflare_token": $cloudflare_token
}'
13 changes: 5 additions & 8 deletions tf/staging/providers.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,19 +22,16 @@ terraform {
}
}

data "aws_ssm_parameter" "hetzner" {
name = "/terraform/hetzner/production"
}
provider "hcloud" {
token = data.aws_ssm_parameter.hetzner.value
data "external" "pass_storage" {
program = ["bash", "${path.module}/pass_storage.sh"]
}

data "aws_ssm_parameter" "cloudflare_key" {
name = "/terraform/cloudflare/dd84ai"
provider "hcloud" {
token = data.external.pass_storage.result["hetzner_token"]
}

provider "cloudflare" {
api_token = data.aws_ssm_parameter.cloudflare_key.value
api_token = data.external.pass_storage.result["cloudflare_token"]
}

provider "kubernetes" {
Expand Down

0 comments on commit e172891

Please sign in to comment.