diff options
author | Joel Diaz <jdiaz@redhat.com> | 2015-10-15 14:16:38 -0400 |
---|---|---|
committer | Joel Diaz <jdiaz@redhat.com> | 2015-10-15 14:16:38 -0400 |
commit | ef1fef97dee3ae291344478d987108836e9a664d (patch) | |
tree | 47d2de55bb0e8d07d37de9ca11ce5f90b2c79aab /playbooks/adhoc | |
parent | d26d1705de300dcbbfb0e69f84d57beefc1a1968 (diff) | |
download | openshift-ef1fef97dee3ae291344478d987108836e9a664d.tar.gz openshift-ef1fef97dee3ae291344478d987108836e9a664d.tar.bz2 openshift-ef1fef97dee3ae291344478d987108836e9a664d.tar.xz openshift-ef1fef97dee3ae291344478d987108836e9a664d.zip |
Removed AWS keys from command line, and substituted with environment variable lookup.
Diffstat (limited to 'playbooks/adhoc')
-rw-r--r-- | playbooks/adhoc/s3_registry/s3_registry.j2 | 4 | ||||
-rw-r--r-- | playbooks/adhoc/s3_registry/s3_registry.yml | 13 |
2 files changed, 14 insertions, 3 deletions
diff --git a/playbooks/adhoc/s3_registry/s3_registry.j2 b/playbooks/adhoc/s3_registry/s3_registry.j2 index 026b24456..acfa89515 100644 --- a/playbooks/adhoc/s3_registry/s3_registry.j2 +++ b/playbooks/adhoc/s3_registry/s3_registry.j2 @@ -7,8 +7,8 @@ storage: cache: layerinfo: inmemory s3: - accesskey: {{ accesskey }} - secretkey: {{ secretkey }} + accesskey: {{ aws_access_key }} + secretkey: {{ aws_secret_key }} region: us-east-1 bucket: {{ clusterid }}-docker encrypt: true diff --git a/playbooks/adhoc/s3_registry/s3_registry.yml b/playbooks/adhoc/s3_registry/s3_registry.yml index 30b873db3..92be64e17 100644 --- a/playbooks/adhoc/s3_registry/s3_registry.yml +++ b/playbooks/adhoc/s3_registry/s3_registry.yml @@ -10,11 +10,22 @@ remote_user: root gather_facts: False + vars: + aws_access_key: "{{ lookup('env', 'AWS_SECRET_ACCESS_KEY') }}" + aws_secret_key: "{{ lookup('env', 'AWS_ACCESS_KEY_ID') }}" tasks: + - name: Check for AWS creds + fail: + msg: "Couldn't find {{ item }} creds in ENV" + when: "{{ item }} == ''" + with_items: + - aws_access_key + - aws_secret_key + - name: Create S3 bucket local_action: - module: s3 bucket="{{ clusterid }}-docker" mode=create aws_access_key={{ accesskey|quote }} aws_secret_key={{ secretkey|quote }} + module: s3 bucket="{{ clusterid }}-docker" mode=create - name: Generate docker registry config template: src="s3_registry.j2" dest="/root/config.yml" owner=root mode=0600 |