From 223c952bfdbadd7c5d92ef0f01efb4716d81d728 Mon Sep 17 00:00:00 2001 From: Mikkel Jakobsen Date: Wed, 8 Jan 2025 10:59:32 +0100 Subject: [PATCH 1/2] Ensure consumer passwords and secrets in projects The new consumers for the BNF and the GO project need a secret and a password set in every project or else an exception will be thrown. IMPORTANT: This is a temporary solution. Real passwords and secret should be set in the future. --- infrastructure/Taskfile.yml | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) diff --git a/infrastructure/Taskfile.yml b/infrastructure/Taskfile.yml index f30b0e3a..fca0c238 100644 --- a/infrastructure/Taskfile.yml +++ b/infrastructure/Taskfile.yml @@ -718,6 +718,32 @@ tasks: - sh: "[ ! -z \"{{.PROJECT_NAME}}\" ]" msg: "Missing PROJECT_NAME" + lagoon:project:ensure:consumer-secrets-n-passwords: + vars: + VARIABLE_SCOPE: "RUNTIME" + # TODO: The variable values should be generated and stored in a secret manager. + VARIABLE_VALUE: "foo" + cmds: + - task: lagoon:ensure:environment-variable + vars: + VARIABLE_NAME: "BNF_GRAPHQL_CONSUMER_SECRET" + PROJECT_NAME: "{{.PROJECT_NAME}}" + - task: lagoon:ensure:environment-variable + vars: + VARIABLE_NAME: "BNF_GRAPHQL_CONSUMER_USER_PASSWORD" + PROJECT_NAME: "{{.PROJECT_NAME}}" + - task: lagoon:ensure:environment-variable + vars: + VARIABLE_NAME: "GO_GRAPHQL_CONSUMER_SECRET" + PROJECT_NAME: "{{.PROJECT_NAME}}" + - task: lagoon:ensure:environment-variable + vars: + VARIABLE_NAME: "GO_GRAPHQL_CONSUMER_USER_PASSWORD" + PROJECT_NAME: "{{.PROJECT_NAME}}" + preconditions: + - sh: "[ ! -z \"{{.PROJECT_NAME}}\" ]" + msg: "Missing PROJECT_NAME" + lagoon:add:cluster: deps: [cluster:auth] desc: Add a Kubernetes cluster (Lagoon Remote) to the Lagoon Core. @@ -801,6 +827,9 @@ tasks: - task: lagoon:project:ensure:azure-mail-connection-string vars: PROJECT_NAME: "{{.PROJECT_NAME}}" + - task: lagoon:project:ensure:consumer-secrets-n-passwords + vars: + PROJECT_NAME: "{{.PROJECT_NAME}}" preconditions: - sh: "[ ! -z {{.GIT_URL}} ]" msg: "Env variable GIT_URL is not set or empty." From 8d48715ad9d465e77bfba82131861c27c4da0019 Mon Sep 17 00:00:00 2001 From: ITViking Date: Thu, 9 Jan 2025 10:33:43 +0100 Subject: [PATCH 2/2] move variables into scope where their values are reachable --- infrastructure/Taskfile.yml | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/infrastructure/Taskfile.yml b/infrastructure/Taskfile.yml index fca0c238..b3e53843 100644 --- a/infrastructure/Taskfile.yml +++ b/infrastructure/Taskfile.yml @@ -719,27 +719,35 @@ tasks: msg: "Missing PROJECT_NAME" lagoon:project:ensure:consumer-secrets-n-passwords: - vars: - VARIABLE_SCOPE: "RUNTIME" - # TODO: The variable values should be generated and stored in a secret manager. - VARIABLE_VALUE: "foo" cmds: - task: lagoon:ensure:environment-variable vars: VARIABLE_NAME: "BNF_GRAPHQL_CONSUMER_SECRET" PROJECT_NAME: "{{.PROJECT_NAME}}" + VARIABLE_SCOPE: "RUNTIME" + # TODO: The variable values should be generated and stored in a secret manager. + VARIABLE_VALUE: "foo" - task: lagoon:ensure:environment-variable vars: VARIABLE_NAME: "BNF_GRAPHQL_CONSUMER_USER_PASSWORD" PROJECT_NAME: "{{.PROJECT_NAME}}" + VARIABLE_SCOPE: "RUNTIME" + # TODO: The variable values should be generated and stored in a secret manager. + VARIABLE_VALUE: "foo" - task: lagoon:ensure:environment-variable vars: VARIABLE_NAME: "GO_GRAPHQL_CONSUMER_SECRET" PROJECT_NAME: "{{.PROJECT_NAME}}" + VARIABLE_SCOPE: "RUNTIME" + # TODO: The variable values should be generated and stored in a secret manager. + VARIABLE_VALUE: "foo" - task: lagoon:ensure:environment-variable vars: VARIABLE_NAME: "GO_GRAPHQL_CONSUMER_USER_PASSWORD" PROJECT_NAME: "{{.PROJECT_NAME}}" + VARIABLE_SCOPE: "RUNTIME" + # TODO: The variable values should be generated and stored in a secret manager. + VARIABLE_VALUE: "foo" preconditions: - sh: "[ ! -z \"{{.PROJECT_NAME}}\" ]" msg: "Missing PROJECT_NAME"