Last active
October 9, 2015 19:53
-
-
Save tym-xqo/25f4b3a05532fa6def8e to your computer and use it in GitHub Desktop.
env file to kubernetes conversion functions
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# Use this in Dockerfile ENTRYPOINT directive to source variables from /secret/env and export to the P1 environment | |
if [ -f /secret/env ]; then | |
set -a | |
. /secret/env | |
# Below keeps this idempotent if deployed to non-k8s environment (assuming the same env file is passed via --env-file at runtime) | |
else | |
mkdir -p /secret | |
printenv > /secret/env | |
fi | |
exec "$@" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python | |
#coding: utf-8 | |
from base64 import b64encode | |
import yaml | |
import os | |
from argparse import ArgumentParser | |
''' | |
Given a file with a list of KEY=value pairs (one per line), | |
writes a YAML file '<app>-secret.yml' that can be used to create | |
a secret in Kubernetes. | |
Defaults to current working directory name as app (and secret resource) name, | |
and expects pairs in local file named '.env'. Or these can be passed as | |
--app and --file arguments, respectively. | |
''' | |
def arguments(): | |
app_dir_name = os.path.split(os.getcwd())[1] | |
parser = ArgumentParser() | |
parser.add_argument('-a', '--app', action='store', default = app_dir_name, | |
help='The name of application to create secret for') | |
parser.add_argument('-f', '--file', action='store', default='.env', | |
help='Environment file name') | |
args = parser.parse_args() | |
app_name = args.app | |
fileh = args.file | |
return (app_name, fileh) | |
app_name = arguments()[0] | |
env_file = arguments()[1] | |
def google_secret(): | |
boilerplate = {'apiVersion': 'v1', | |
'kind': 'Secret'} | |
metadata = {'name': app_name} | |
boilerplate.update({'metadata': metadata}) | |
data = {} | |
with open(env_file, 'rt') as env: | |
source = env.read() | |
val = b64encode(source.strip().encode('utf-8')) | |
n = {'env': val} | |
data.update(n) | |
boilerplate.update({'data': data}) | |
return boilerplate | |
def main(): | |
payload = google_secret() | |
secretfile = '%s-secret.yml' % app_name | |
with open(secretfile, 'wt') as s: | |
yaml.dump(payload, s) | |
with open('.gitignore', 'at') as exclude: | |
exclude.write(secretfile) | |
if __name__ == '__main__': | |
main() |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment