From c354085dfcd15ce46e8cb9b50e5941e34795662e Mon Sep 17 00:00:00 2001 From: Jake Howard Date: Wed, 3 May 2023 20:40:10 +0100 Subject: [PATCH] Move split secrets into single env file Separating state secrets and others made life a pain. Just do everything in an env file instead, which makes syncing a lot simpler --- .gitignore | 3 +-- scripts/terraform/terraform.sh | 7 +++++-- scripts/terraform/update-secrets.sh | 3 +-- 3 files changed, 7 insertions(+), 6 deletions(-) diff --git a/.gitignore b/.gitignore index f017bb5..20bde91 100644 --- a/.gitignore +++ b/.gitignore @@ -150,5 +150,4 @@ override.tf.json # End of https://www.gitignore.io/api/terraform -terraform/secrets.auto.tfvars -terraform/secrets.sh +.env diff --git a/scripts/terraform/terraform.sh b/scripts/terraform/terraform.sh index d4d17b8..35e559f 100755 --- a/scripts/terraform/terraform.sh +++ b/scripts/terraform/terraform.sh @@ -1,9 +1,12 @@ #!/usr/bin/env bash -set -ex +set -e cd terraform/ -source secrets.sh || true +# Load secrets from env file (if it exists) +set -a +source ./.env || true +set +a -x terraform $@ diff --git a/scripts/terraform/update-secrets.sh b/scripts/terraform/update-secrets.sh index 585b8e5..8c61960 100755 --- a/scripts/terraform/update-secrets.sh +++ b/scripts/terraform/update-secrets.sh @@ -4,5 +4,4 @@ set -ex cd terraform/ -bw get attachment secrets.sh --itemid c4f8b44e-ae62-442d-a9e0-02d0621c2454 -bw get attachment secrets.auto.tfvars --itemid c4f8b44e-ae62-442d-a9e0-02d0621c2454 +bw get attachment .env --itemid c4f8b44e-ae62-442d-a9e0-02d0621c2454