refactor(external): ask to enter variables if var file does not exist

2024-12-22 20:14:32 +07:00 · 2021-12-25 02:34:49 +07:00 · 2021-12-25 02:34:49 +07:00 · 08513dcda5
commit 08513dcda5
parent c55b98186d
6 changed files with 48 additions and 14 deletions
--- a/external/Makefile
+++ b/external/Makefile
@ -1,11 +1,17 @@
 .POSIX:
+.EXPORT_ALL_VARIABLES:
+
+KUBE_CONFIG_PATH = ../metal/kubeconfig.yaml

 default: apply

 ~/.terraform.d/credentials.tfrc.json:
 	terraform login

-.terraform.lock.hcl: ~/.terraform.d/credentials.tfrc.json versions.tf
+terraform.tfvars:
+	ansible-playbook secrets.yml
+
+.terraform.lock.hcl: ~/.terraform.d/credentials.tfrc.json versions.tf terraform.tfvars
 	terraform init
 	touch .terraform.lock.hcl

--- a/external/cloudflare.tf
+++ b/external/cloudflare.tf
@ -1,7 +1,3 @@
-variable "cloudflare_account_id" {
-  type = string
-}
-
 data "cloudflare_zone" "khuedoan_com" {
  name = "khuedoan.com"
 }
--- a/external/secrets.yml
+++ b/external/secrets.yml
@ -4,14 +4,17 @@
  vars_prompt:
    - name: cloudflare_email
      prompt: Enter Cloudflare email
+      private: no
    - name: cloudflare_api_key
-      prompt: Enter Cloudflare API Key
+      prompt: Enter Cloudflare API Key (sensitive)
    - name: cloudflare_account_id
      prompt: Enter Cloudflare account ID
+      private: no
    - name: b2_application_key_id
      prompt: Enter Backblaze application key ID
+      private: no
    - name: b2_application_key
-      prompt: Enter Backblaze application key
+      prompt: Enter Backblaze application key (sensitive)
  tasks:
    - name: Ensure required namespaces exist
      kubernetes.core.k8s:
@ -24,3 +27,7 @@
        - cert-manager
        - external-dns
        - cloudflared
+    - name: Render environment file
+      template:
+        src: ./terraform.tfvars.j2
+        dest: ./terraform.tfvars
--- a/external/terraform.tfvars.j2
+++ b/external/terraform.tfvars.j2
@ -0,0 +1,5 @@
+cloudflare_email = "{{ cloudflare_email }}"
+cloudflare_api_key = "{{ cloudflare_api_key }}"
+cloudflare_account_id = "{{ cloudflare_account_id }}"
+b2_application_key_id = "{{ b2_application_key_id }}"
+b2_application_key = "{{ b2_application_key }}"
--- a/external/variables.tf
+++ b/external/variables.tf
@ -0,0 +1,21 @@
+variable "cloudflare_email" {
+  type = string
+}
+
+variable "cloudflare_api_key" {
+  type = string
+  sensitive = true
+}
+
+variable "cloudflare_account_id" {
+  type = string
+}
+
+variable "b2_application_key_id" {
+  type = string
+}
+
+variable "b2_application_key" {
+  type = string
+  sensitive = true
+}
--- a/external/versions.tf
+++ b/external/versions.tf
@ -34,17 +34,16 @@ terraform {
 }

 provider "cloudflare" {
-  # Environment variables
-  # CLOUDFLARE_API_TOKEN
+  email = var.cloudflare_email
+  api_key = var.cloudflare_api_key
 }

 provider "b2" {
-  # Environment variables
-  # B2_APPLICATION_KEY
-  # B2_APPLICATION_KEY_ID
+  application_key_id = var.b2_application_key_id
+  application_key = var.b2_application_key
 }

 provider "kubernetes" {
-  # Environment variables
-  # KUBE_CONFIG_PATH
+  # Use KUBE_CONFIG_PATH environment variables
+  # Or in cluster service account
 }