You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
154 lines
4.4 KiB
Bash
154 lines
4.4 KiB
Bash
3 years ago
|
#!/usr/bin/env bash
|
||
|
# vim:ts=4:sts=4:sw=4:et
|
||
3 years ago
|
# args: :workspace haritest=myvalue
|
||
3 years ago
|
#
|
||
|
# Author: Hari Sekhon
|
||
|
# Date: 2021-12-21 13:30:39 +0000 (Tue, 21 Dec 2021)
|
||
|
#
|
||
2 years ago
|
# https://github.com/HariSekhon/DevOps-Bash-tools
|
||
3 years ago
|
#
|
||
|
# License: see accompanying Hari Sekhon LICENSE file
|
||
|
#
|
||
|
# If you're using my code you're welcome to connect with me on LinkedIn and optionally send me feedback to help steer this or other code I publish
|
||
|
#
|
||
|
# https://www.linkedin.com/in/HariSekhon
|
||
|
#
|
||
|
|
||
3 years ago
|
# https://www.terraform.io/cloud-docs/api-docs/workspace-variables
|
||
|
|
||
3 years ago
|
set -euo pipefail
|
||
|
[ -n "${DEBUG:-}" ] && set -x
|
||
3 years ago
|
srcdir="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
|
||
3 years ago
|
|
||
1 year ago
|
# shellcheck disable=SC1090,SC1091
|
||
3 years ago
|
. "$srcdir/lib/utils.sh"
|
||
|
|
||
|
# shellcheck disable=SC2034,SC2154
|
||
|
usage_description="
|
||
|
Adds / updates Terraform Cloud workspace variables for a given workspace id from args or stdin
|
||
|
|
||
3 years ago
|
By default, creates variables as Environment Variables and marks them as Sensitive for safety as the primary use case for this code was easy uploading AWS access key credentials from things like aws_csv_creds.sh
|
||
3 years ago
|
|
||
|
If you want to create Terraform variables instead:
|
||
|
|
||
|
export TERRAFORM_VARIABLES=1
|
||
|
export TERRAFORM_VARIABLES_HCL=1 # mark the variables as HCL code (implies TERRAFORM_VARIABLES=1)
|
||
|
|
||
|
If you want to mark the variables as non-sensitive:
|
||
|
|
||
|
export TERRAFORM_VARIABLES_SENSITIVE=false
|
||
|
|
||
3 years ago
|
|
||
3 years ago
|
See terraform_cloud_organizations.sh to get a list of organization IDs
|
||
|
See terraform_cloud_varsets.sh to get a list of workspaces and their IDs
|
||
3 years ago
|
|
||
3 years ago
|
|
||
3 years ago
|
Examples:
|
||
|
|
||
|
${0##*/} {workspace_id} AWS_ACCESS_KEY_ID=AKIA...
|
||
|
|
||
|
echo AWS_ACCESS_KEY_ID=AKIA... | ${0##*/} {workspace_id}
|
||
|
|
||
|
|
||
|
Loads both AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY via stdin:
|
||
|
|
||
|
aws_csv_creds.sh credentials_exported.csv | ${0##*/} {workspace_id}
|
||
|
"
|
||
|
|
||
|
# used by usage() in lib/utils.sh
|
||
|
# shellcheck disable=SC2034
|
||
3 years ago
|
usage_args="<workspace_id> [<key>=<value> <key2>=<value2> ...]"
|
||
3 years ago
|
|
||
|
help_usage "$@"
|
||
|
|
||
|
min_args 1 "$@"
|
||
|
|
||
|
workspace_id="$1"
|
||
|
shift || :
|
||
|
|
||
|
if [ -z "$workspace_id" ]; then
|
||
|
usage "no terraform workspace id given"
|
||
|
fi
|
||
|
|
||
3 years ago
|
if [ -n "${TERRAFORM_VARIABLES_HCL:-}" ]; then
|
||
|
TERRAFORM_VARIABLES=1
|
||
|
hcl=true
|
||
|
else
|
||
|
hcl=false
|
||
|
fi
|
||
|
|
||
|
if [ -n "${TERRAFORM_VARIABLES:-}" ]; then
|
||
|
category="terraform"
|
||
|
else
|
||
|
category="env"
|
||
|
fi
|
||
|
|
||
|
if [ "${TERRAFORM_VARIABLES_SENSITIVE:-}" = false ]; then
|
||
|
sensitive=false
|
||
|
else
|
||
|
sensitive=true
|
||
|
fi
|
||
|
|
||
3 years ago
|
env_vars="$("$srcdir/terraform_cloud_workspace_vars.sh" "$workspace_id")"
|
||
3 years ago
|
|
||
|
add_env_var(){
|
||
|
local env_var="$1"
|
||
3 years ago
|
parse_export_key_value "$env_var"
|
||
3 years ago
|
local id
|
||
3 years ago
|
# shellcheck disable=SC2154
|
||
3 years ago
|
id="$(awk "\$4 == \"$key\" {print \$1}" <<< "$env_vars")"
|
||
3 years ago
|
if [ -n "$id" ]; then
|
||
3 years ago
|
timestamp "updating Terraform environment variable '$key' (id: '$id') in workspace '$workspace_id'"
|
||
3 years ago
|
# shellcheck disable=SC2154
|
||
3 years ago
|
"$srcdir/terraform_cloud_api.sh" "/workspaces/$workspace_id/vars/$id" \
|
||
|
-X PATCH \
|
||
|
-H "Content-Type: application/vnd.api+json" \
|
||
|
-d "{
|
||
|
\"data\": {
|
||
|
\"id\": \"$id\",
|
||
|
\"attributes\": {
|
||
3 years ago
|
\"key\": \"$key\",
|
||
3 years ago
|
\"value\": \"$value\",
|
||
3 years ago
|
\"category\": \"$category\",
|
||
|
\"hcl\": $hcl,
|
||
|
\"sensitive\": $sensitive
|
||
3 years ago
|
},
|
||
|
\"type\":\"vars\"
|
||
|
}
|
||
3 years ago
|
}" |
|
||
|
jq_debug_pipe_dump >/dev/null
|
||
3 years ago
|
#echo # JSON output doesn't end in a newline
|
||
|
else
|
||
3 years ago
|
timestamp "adding Terraform environment variable '$key' in workspace '$workspace_id'"
|
||
3 years ago
|
"$srcdir/terraform_cloud_api.sh" "/workspaces/$workspace_id/vars" \
|
||
|
-X POST \
|
||
|
-H "Content-Type: application/vnd.api+json" \
|
||
|
-d "{
|
||
|
\"data\": {
|
||
|
\"attributes\": {
|
||
3 years ago
|
\"key\": \"$key\",
|
||
3 years ago
|
\"value\": \"$value\",
|
||
3 years ago
|
\"category\": \"$category\",
|
||
|
\"hcl\": $hcl,
|
||
|
\"sensitive\": $sensitive
|
||
3 years ago
|
},
|
||
|
\"type\":\"vars\"
|
||
|
}
|
||
3 years ago
|
}" |
|
||
|
jq_debug_pipe_dump >/dev/null
|
||
3 years ago
|
#echo # JSON output doesn't end in a newline
|
||
|
fi
|
||
|
echo
|
||
|
}
|
||
|
|
||
|
|
||
|
if [ $# -gt 0 ]; then
|
||
|
for arg in "$@"; do
|
||
|
add_env_var "$arg"
|
||
|
done
|
||
|
else
|
||
|
while read -r line; do
|
||
|
add_env_var "$line"
|
||
|
done
|
||
|
fi
|