Adding terrarist to ahoskingIT
This commit is contained in:
parent
7d51f413cb
commit
0169c5a011
10
ahoskingit/terraform/terraform.vault
Normal file
10
ahoskingit/terraform/terraform.vault
Normal file
@ -0,0 +1,10 @@
|
|||||||
|
$ANSIBLE_VAULT;1.1;AES256
|
||||||
|
62386630666534333733353038396465343361613734333565373865316533326138366535633162
|
||||||
|
6265653138393566343833323933643431626134356237660a333730383834343539393861653061
|
||||||
|
66313437383035373864363132336331353233356436646237353261656231376637643339396131
|
||||||
|
6633613834333435330a303630363162326265363038336636663236373865613530613163393164
|
||||||
|
62346338316330626565656433383262646436613935656434393062323164393938343437663535
|
||||||
|
30626135663563343461626463646266333035386532613263613832633366343431623566613765
|
||||||
|
35313365653763663336346362346365393237386433616539303662326532363436633036323966
|
||||||
|
30393032393333396162303965343961316561643537383437306337323839333461343834353936
|
||||||
|
6463
|
||||||
39
ahoskingit/terraform/terrarist.py
Normal file
39
ahoskingit/terraform/terrarist.py
Normal file
@ -0,0 +1,39 @@
|
|||||||
|
import argparse
|
||||||
|
import os
|
||||||
|
import string
|
||||||
|
import sys
|
||||||
|
from ansible_vault import Vault
|
||||||
|
|
||||||
|
if __name__ == "__main__":
|
||||||
|
|
||||||
|
parser = argparse.ArgumentParser(description='Securely wrap terraform like a terrarist!')
|
||||||
|
parser.add_argument('action', choices=['plan', 'apply', 'import'], help='Terraform action to execute')
|
||||||
|
parser.add_argument('--vault', '--ansible-vault', dest='vault_file', required=True, help='Ansible Vault File')
|
||||||
|
parser.add_argument('--vault-password-file', dest='vault_password', required=True, help='Ansible Vault Password File')
|
||||||
|
parser.add_argument('--environment', dest='environment', required=True, help='Production, Staging, etc...')
|
||||||
|
|
||||||
|
args, options = parser.parse_known_args()
|
||||||
|
|
||||||
|
if not os.path.isfile(args.vault_file):
|
||||||
|
sys.stderr.write("Ansible vault file does not exist.\n")
|
||||||
|
sys.exit(3)
|
||||||
|
|
||||||
|
if not os.path.isfile(args.vault_password):
|
||||||
|
sys.stderr.write("Ansible vault password does not exist.\n")
|
||||||
|
sys.exit(3)
|
||||||
|
|
||||||
|
password = open(args.vault_password).read().strip()
|
||||||
|
|
||||||
|
vault = Vault(password)
|
||||||
|
data = vault.load(open(args.vault_file).read())
|
||||||
|
|
||||||
|
cmd = ["terraform", args.action, "--var", "environment=%s" %args.environment ]
|
||||||
|
|
||||||
|
for key, value in data.items():
|
||||||
|
cmd.append("--var")
|
||||||
|
cmd.append("'%s=%s'" %(key, value))
|
||||||
|
|
||||||
|
cmd += string.join(options)
|
||||||
|
|
||||||
|
x = os.system(string.join(cmd))
|
||||||
|
sys.exit(x)
|
||||||
Loading…
Reference in New Issue
Block a user