|
|
|
@ -121,12 +121,12 @@ function main(){
|
|
|
|
keyfiles_dir="${repo_root}"
|
|
|
|
keyfiles_dir="${repo_root}"
|
|
|
|
# assume location of secrets config file in pwd
|
|
|
|
# assume location of secrets config file in pwd
|
|
|
|
sops_config_dir="${PWD}"
|
|
|
|
sops_config_dir="${PWD}"
|
|
|
|
# path to role definitions
|
|
|
|
# path to group definitions
|
|
|
|
roles_def_dir="${repo_root}/roles"
|
|
|
|
groups_def_dir="${repo_root}/groups"
|
|
|
|
# optional:
|
|
|
|
# optional:
|
|
|
|
opt_list_roles=0
|
|
|
|
opt_list_groups=0
|
|
|
|
# optional: specify "roles"
|
|
|
|
# optional: specify "groups"
|
|
|
|
roles_list=()
|
|
|
|
groups_list=()
|
|
|
|
# optional: secrets files to be updated
|
|
|
|
# optional: secrets files to be updated
|
|
|
|
secrets_file_list=()
|
|
|
|
secrets_file_list=()
|
|
|
|
|
|
|
|
|
|
|
|
@ -139,10 +139,10 @@ function main(){
|
|
|
|
-k|--key|--keyfiles) keyfiles_dir="${2}"; shift ;;
|
|
|
|
-k|--key|--keyfiles) keyfiles_dir="${2}"; shift ;;
|
|
|
|
# ARGS: dir containing .sops.yaml (sops config file)
|
|
|
|
# ARGS: dir containing .sops.yaml (sops config file)
|
|
|
|
-c|--config_dir) sops_config_dir="${2}"; shift ;;
|
|
|
|
-c|--config_dir) sops_config_dir="${2}"; shift ;;
|
|
|
|
# ARGS: [optional] show list of roles and exit
|
|
|
|
# ARGS: [optional] show list of groups and exit
|
|
|
|
-lr|--list_roles) opt_list_roles=1 ;;
|
|
|
|
-lg|--list_groups) opt_list_groups=1 ;;
|
|
|
|
# ARGS: [optional] [list] specify "roles" which correspond to e.g. job roles, projects, etc
|
|
|
|
# ARGS: [optional] [list] specify "groups" which correspond to e.g. job groups, projects, etc
|
|
|
|
-r|--role) roles_list+=( "${2}" ); shift ;;
|
|
|
|
-g|--group) groups_list+=( "${2}" ); shift ;;
|
|
|
|
# ARGS: [optional] [list] specify files containing sops-encrypted secrets
|
|
|
|
# ARGS: [optional] [list] specify files containing sops-encrypted secrets
|
|
|
|
-s|--secrets_file|-f|--file) secrets_file_list+=( "${2}" ); shift ;;
|
|
|
|
-s|--secrets_file|-f|--file) secrets_file_list+=( "${2}" ); shift ;;
|
|
|
|
# ARGS: [optional] [list] specify files containing sops-encrypted secrets
|
|
|
|
# ARGS: [optional] [list] specify files containing sops-encrypted secrets
|
|
|
|
@ -153,11 +153,11 @@ function main(){
|
|
|
|
|
|
|
|
|
|
|
|
# Resolve Parameters
|
|
|
|
# Resolve Parameters
|
|
|
|
# ... i.e. combine,override,etc options which interact
|
|
|
|
# ... i.e. combine,override,etc options which interact
|
|
|
|
if [[ "${#roles_list[@]}" -eq 1 ]]; then
|
|
|
|
if [[ "${#groups_list[@]}" -eq 1 ]]; then
|
|
|
|
# simply change keyfiles_dir to the "roles" dir
|
|
|
|
# simply change keyfiles_dir to the "groups" dir
|
|
|
|
keyfiles_dir="${roles_def_dir}/${roles_list[0]}"
|
|
|
|
keyfiles_dir="${groups_def_dir}/${groups_list[0]}"
|
|
|
|
elif [[ "${#roles_list[@]}" -gt 1 ]]; then
|
|
|
|
elif [[ "${#groups_list[@]}" -gt 1 ]]; then
|
|
|
|
>&2 echo "# ERROR: only specify one role"
|
|
|
|
>&2 echo "# ERROR: only specify one group"
|
|
|
|
exit 1
|
|
|
|
exit 1
|
|
|
|
fi
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
|
|
@ -181,10 +181,10 @@ function main(){
|
|
|
|
# /OPTIONS: ARGPARSING and VALIDATION
|
|
|
|
# /OPTIONS: ARGPARSING and VALIDATION
|
|
|
|
|
|
|
|
|
|
|
|
# BEGIN
|
|
|
|
# BEGIN
|
|
|
|
if [[ "${opt_list_roles}" -eq 1 ]]; then
|
|
|
|
if [[ "${opt_list_groups}" -eq 1 ]]; then
|
|
|
|
# list available roles and exit
|
|
|
|
# list available groups and exit
|
|
|
|
pushd "${roles_def_dir}" > /dev/null 2>&1
|
|
|
|
pushd "${groups_def_dir}" > /dev/null 2>&1
|
|
|
|
>&2 echo "# INFO: listing roles"
|
|
|
|
>&2 echo "# INFO: listing groups"
|
|
|
|
ls -1d *
|
|
|
|
ls -1d *
|
|
|
|
exit 0
|
|
|
|
exit 0
|
|
|
|
popd > /dev/null 2>&1
|
|
|
|
popd > /dev/null 2>&1
|
|
|
|
|
LeeW
10 months ago