summaryrefslogtreecommitdiffstats
path: root/playbooks/adhoc
diff options
context:
space:
mode:
authorJoel Diaz <jdiaz@redhat.com>2015-10-15 14:16:38 -0400
committerJoel Diaz <jdiaz@redhat.com>2015-10-15 14:16:38 -0400
commitef1fef97dee3ae291344478d987108836e9a664d (patch)
tree47d2de55bb0e8d07d37de9ca11ce5f90b2c79aab /playbooks/adhoc
parentd26d1705de300dcbbfb0e69f84d57beefc1a1968 (diff)
downloadopenshift-ef1fef97dee3ae291344478d987108836e9a664d.tar.gz
openshift-ef1fef97dee3ae291344478d987108836e9a664d.tar.bz2
openshift-ef1fef97dee3ae291344478d987108836e9a664d.tar.xz
openshift-ef1fef97dee3ae291344478d987108836e9a664d.zip
Removed AWS keys from command line, and substituted with environment variable lookup.
Diffstat (limited to 'playbooks/adhoc')
-rw-r--r--playbooks/adhoc/s3_registry/s3_registry.j24
-rw-r--r--playbooks/adhoc/s3_registry/s3_registry.yml13
2 files changed, 14 insertions, 3 deletions
diff --git a/playbooks/adhoc/s3_registry/s3_registry.j2 b/playbooks/adhoc/s3_registry/s3_registry.j2
index 026b24456..acfa89515 100644
--- a/playbooks/adhoc/s3_registry/s3_registry.j2
+++ b/playbooks/adhoc/s3_registry/s3_registry.j2
@@ -7,8 +7,8 @@ storage:
cache:
layerinfo: inmemory
s3:
- accesskey: {{ accesskey }}
- secretkey: {{ secretkey }}
+ accesskey: {{ aws_access_key }}
+ secretkey: {{ aws_secret_key }}
region: us-east-1
bucket: {{ clusterid }}-docker
encrypt: true
diff --git a/playbooks/adhoc/s3_registry/s3_registry.yml b/playbooks/adhoc/s3_registry/s3_registry.yml
index 30b873db3..92be64e17 100644
--- a/playbooks/adhoc/s3_registry/s3_registry.yml
+++ b/playbooks/adhoc/s3_registry/s3_registry.yml
@@ -10,11 +10,22 @@
remote_user: root
gather_facts: False
+ vars:
+ aws_access_key: "{{ lookup('env', 'AWS_SECRET_ACCESS_KEY') }}"
+ aws_secret_key: "{{ lookup('env', 'AWS_ACCESS_KEY_ID') }}"
tasks:
+ - name: Check for AWS creds
+ fail:
+ msg: "Couldn't find {{ item }} creds in ENV"
+ when: "{{ item }} == ''"
+ with_items:
+ - aws_access_key
+ - aws_secret_key
+
- name: Create S3 bucket
local_action:
- module: s3 bucket="{{ clusterid }}-docker" mode=create aws_access_key={{ accesskey|quote }} aws_secret_key={{ secretkey|quote }}
+ module: s3 bucket="{{ clusterid }}-docker" mode=create
- name: Generate docker registry config
template: src="s3_registry.j2" dest="/root/config.yml" owner=root mode=0600