ansible-role-k8s/files/scripts/get-secret.sh

#!/bin/bash

# env expected to be supplied via ansible task
# PLAYBOOK_PATH
# KUBECONTEXT
# SECRET

KUBECONF="$HOME/.kube/config-${KUBECONTEXT}.yaml"
SECRET_FILE="${PLAYBOOK_DIR}/files/manifests/${SECRET}"

apply_secret() {
  kubectl apply --kubeconfig="${KUBECONF}" --context="${KUBECONTEXT}" -f "$1"
}

if ansible-vault view "${SECRET_FILE}" &> /dev/null; then
  ansible-vault decrypt --output=- "${SECRET_FILE}" | apply_secret -
else
  apply_secret "${SECRET_FILE}"
fi
organize shared manifests and tasks, clean up default values, add base64 filter for template based secrets, add handling for locally stores secrets, add helm chart support, add manifest support, general fixes and updates. 2024-05-13 19:45:20 +00:00			`#!/bin/bash`

			`# env expected to be supplied via ansible task`
			`# PLAYBOOK_PATH`
			`# KUBECONTEXT`
			`# SECRET`

			`KUBECONF="$HOME/.kube/config-${KUBECONTEXT}.yaml"`
			`SECRET_FILE="${PLAYBOOK_DIR}/files/manifests/${SECRET}"`

			`apply_secret() {`
			`kubectl apply --kubeconfig="${KUBECONF}" --context="${KUBECONTEXT}" -f "$1"`
			`}`

			`if ansible-vault view "${SECRET_FILE}" &> /dev/null; then`
			`ansible-vault decrypt --output=- "${SECRET_FILE}" \| apply_secret -`
			`else`
			`apply_secret "${SECRET_FILE}"`
			`fi`