SEIT
/
drone-terraform
5
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Browse Source

Merge pull request #4 from jmccann/ca_certs 

Add ability to inject internal CA Cert
pull/6/head
Jack Spirou 9 years ago
parent
9bb061e280 66dcad9108
commit
bd598ef988
2 changed files with 44 additions and 4 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 30
      DOCS.md
  2. 12
      main.go

30
DOCS.md
View File

@ -4,7 +4,9 @@ Use the Terraform plugin to apply the infrastructure configuration contained wit
* `remote` - contains the configuration for the Terraform remote state tracking.
* `backend` - the Terraform remote state backend to use.
* `config` - a map of configuration parameters for the remote state backend. Each value is passed as a `-backend-config=<key>=<value>` option.
* `vars` - a map of variables to pass to the Terraform `plan` and `apply` commands. Each value is passed as a `-var <key>=<value>` option.
* `vars` - a map of variables to pass to the Terraform `plan` and `apply` commands. Each value is passed as a `-var
<key>=<value>` option.
* `ca_cert` - ca cert to add to your environment to allow terraform to use internal/private resources
The following is a sample Terraform configuration in your .drone.yml file:
@ -22,3 +24,29 @@ deploy:
app_name: my-project
app_version: 1.0.0
```
# Advanced Configuration
## CA Certs
You may want to run terraform against internal resources, like an internal
OpenStack deployment. Usually these resources are signed by an internal
CA Certificate. You can inject your CA Certificate into the plugin by using
`ca_certs` key as described above. Below is an example.
```yaml
deploy:
terraform:
dry_run: false
remote:
backend: swift
config:
path: drone/terraform
vars:
app_name: my-project
app_version: 1.0.0
ca_cert: |
-----BEGIN CERTIFICATE-----
asdfsadf
asdfsadf
-----END CERTIFICATE-----
```

12
main.go
View File

@ -5,6 +5,7 @@ import (
"os"
"os/exec"
"strings"
"io/ioutil"
"github.com/drone/drone-plugin-go/plugin"
)
@ -13,6 +14,7 @@ type terraform struct {
Remote remote `json:"remote"`
Plan bool `json:"plan"`
Vars map[string]string `json:"vars"`
Cacert string `json:"ca_cert"`
}
type remote struct {
@ -31,6 +33,9 @@ func main() {
var commands []*exec.Cmd
remote := vargs.Remote
if vargs.Cacert != "" {
commands = append(commands, installCaCert(vargs.Cacert))
}
if remote.Backend != "" {
commands = append(commands, remoteConfigCommand(remote))
}
@ -57,6 +62,13 @@ func main() {
}
func installCaCert(cacert string) *exec.Cmd {
ioutil.WriteFile("/usr/local/share/ca-certificates/ca_cert.crt", []byte(cacert), 0644)
return exec.Command(
"update-ca-certificates",
)
}
func remoteConfigCommand(config remote) *exec.Cmd {
args := []string{
"remote",

Write Preview
Loading…
Cancel
Save