Skip to content

Instantly share code, notes, and snippets.

@drnic
Last active December 20, 2017 11:09
Show Gist options
  • Save drnic/35cd05f5a5d36d43d19a8119c160c50a to your computer and use it in GitHub Desktop.
Save drnic/35cd05f5a5d36d43d19a8119c160c50a to your computer and use it in GitHub Desktop.
Convert a ci/settings.yml with `(( vault "/secret/mything" ))` into concourse cred mgmt + a credhub import file
#!/bin/bash
cd ${1:?USAGE: convert-to-credhub.sh path/to/ci}
function indent() {
c='s/^/ /'
case $(uname) in
Darwin) sed -l "$c";;
*) sed -u "$c";;
esac
}
path_prefix="/concourse/main"
credhub_import_file=${credhub_import_file:-"credhub_import_file.yml"}
new_settings=${new_settings:-"settings.yml"}
vault_paths=$(cat settings.yml | grep "(( vault" | cat | awk '{print $4}' | sed -e 's%"%%g')
echo "credentials:" > $credhub_import_file
for vault_path in $vault_paths; do
credhub_variable=$(echo $vault_path | sed -e "s%secret\/%%" | sed -e "s%[:/._]%-%g")
cat >> $credhub_import_file <<YAML
- name: ${path_prefix}/${credhub_variable}
type: value
value: |-
$(safe get $vault_path | indent)
YAML
done
updated_settings="$(cat settings.yml)"
for vault_path in $vault_paths; do
credhub_variable=$(echo $vault_path | sed -e "s%secret\/%%" | sed -e "s%[:/._]%-%g")
updated_settings=$(echo "$updated_settings" | sed -e "s%(( vault \"$vault_path\" ))%((!$credhub_variable))%g")
done
echo "$updated_settings" > $new_settings
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment