tym-xqo/entry.sh

## entry.sh
#!/bin/bash

# Use this in Dockerfile ENTRYPOINT directive to source variables from /secret/env and export to the P1 environment

if [ -f /secret/env ]; then
    set -a
    . /secret/env
# Below keeps this idempotent if deployed to non-k8s environment (assuming the same env file is passed via --env-file at runtime)
else
    mkdir -p /secret
    printenv > /secret/env
fi

exec "$@"

## gsecret_maker.py
#!/usr/bin/env python
#coding: utf-8

from base64 import b64encode
import yaml
import os
from argparse import ArgumentParser

'''
Given a file with a list of KEY=value pairs (one per line),
writes a YAML file '<app>-secret.yml' that can be used to create
a secret in Kubernetes.

Defaults to current working directory name as app (and secret resource) name,
and expects pairs in local file named '.env'. Or these can be passed as
--app and --file arguments, respectively.
'''

def arguments():
    app_dir_name = os.path.split(os.getcwd())[1]
    parser = ArgumentParser()
    parser.add_argument('-a', '--app', action='store', default = app_dir_name,
                help='The name of application to create secret for')
    parser.add_argument('-f', '--file', action='store', default='.env',
                help='Environment file name')
    args = parser.parse_args()
    app_name = args.app
    fileh = args.file
    return (app_name, fileh)

app_name = arguments()[0]
env_file = arguments()[1]

def google_secret():
    boilerplate = {'apiVersion': 'v1',
                   'kind': 'Secret'}
    metadata = {'name': app_name}
    boilerplate.update({'metadata': metadata})

    data = {}
    with open(env_file, 'rt') as env:
        source = env.read()
        val = b64encode(source.strip().encode('utf-8'))
        n = {'env': val}
        data.update(n)
    boilerplate.update({'data': data})
    return boilerplate

def main():
    payload = google_secret()
    secretfile = '%s-secret.yml' % app_name
    with open(secretfile, 'wt') as s:
        yaml.dump(payload, s)
    with open('.gitignore', 'at') as exclude:
        exclude.write(secretfile)


if __name__ == '__main__':
    main()
	#!/bin/bash

	# Use this in Dockerfile ENTRYPOINT directive to source variables from /secret/env and export to the P1 environment

	if [ -f /secret/env ]; then
	set -a
	. /secret/env
	# Below keeps this idempotent if deployed to non-k8s environment (assuming the same env file is passed via --env-file at runtime)
	else
	mkdir -p /secret
	printenv > /secret/env
	fi

	exec "$@"
	#!/usr/bin/env python
	#coding: utf-8

	from base64 import b64encode
	import yaml
	import os
	from argparse import ArgumentParser

	'''
	Given a file with a list of KEY=value pairs (one per line),
	writes a YAML file '<app>-secret.yml' that can be used to create
	a secret in Kubernetes.

	Defaults to current working directory name as app (and secret resource) name,
	and expects pairs in local file named '.env'. Or these can be passed as
	--app and --file arguments, respectively.
	'''

	def arguments():
	app_dir_name = os.path.split(os.getcwd())[1]
	parser = ArgumentParser()
	parser.add_argument('-a', '--app', action='store', default = app_dir_name,
	help='The name of application to create secret for')
	parser.add_argument('-f', '--file', action='store', default='.env',
	help='Environment file name')
	args = parser.parse_args()
	app_name = args.app
	fileh = args.file
	return (app_name, fileh)

	app_name = arguments()[0]
	env_file = arguments()[1]

	def google_secret():
	boilerplate = {'apiVersion': 'v1',
	'kind': 'Secret'}
	metadata = {'name': app_name}
	boilerplate.update({'metadata': metadata})

	data = {}
	with open(env_file, 'rt') as env:
	source = env.read()
	val = b64encode(source.strip().encode('utf-8'))
	n = {'env': val}
	data.update(n)
	boilerplate.update({'data': data})
	return boilerplate

	def main():
	payload = google_secret()
	secretfile = '%s-secret.yml' % app_name
	with open(secretfile, 'wt') as s:
	yaml.dump(payload, s)
	with open('.gitignore', 'at') as exclude:
	exclude.write(secretfile)


	if __name__ == '__main__':
	main()