From f53914d3f2bdd28f382df11b13c650a01e8ad5b8 Mon Sep 17 00:00:00 2001 From: Samuel Parkinson Date: Thu, 25 May 2017 09:19:04 +0100 Subject: [PATCH] Vault patch (#181) * Vault patch. * Add warning message if vault isn't installed or logged in. --- Makefile | 22 +++++++++++++++------- 1 file changed, 15 insertions(+), 7 deletions(-) diff --git a/Makefile b/Makefile index 1d222ef..c16a19b 100644 --- a/Makefile +++ b/Makefile @@ -153,27 +153,35 @@ ENV_MSG_CANT_GET = "Error: Cannot get config vars for this service. Check you ar @if [ ! -z $(CIRCLECI) ]; then (echo $(ENV_MSG_CIRCLECI) && exit 1); fi @$(call CONFIG_VARS,development,env) > .env && perl -pi -e 's/="(.*)"/=\1/' .env && $(DONE) || (echo $(ENV_MSG_CANT_GET) && rm .env && exit 1); -# replace .env with this .env2 when you want to use the vault instead of config-vars -.env-vault: +# replace .env with this when you want to use the vault instead of config-vars +.env-vault: vault-cli @if [[ $(shell grep --count *.env* .gitignore) -eq 0 ]]; then (echo $(ENV_MSG_IGNORE_ENV) && exit 1); fi @if [ ! -e package.json ]; then (echo $(ENV_MSG_PACKAGE_JSON) && exit 1); fi @if [ ! -z $(CIRCLECI) ]; then (echo $(ENV_MSG_CIRCLECI) && exit 1); fi # get development config from the vault # - the tail command removes the first three lines (vault metadata) -# - the 1st sed command removes the last line (empty line) -# - the 2nd sed command changes remaining lines to key=value format - @vault auth --method github \ - && vault read secret/teams/next/$(APP_NAME)/development \ +# - the sed command removes the last line (empty line) +# - the perl command changes remaining lines to key=value format + @vault read secret/teams/next/$$(echo $(APP_NAME) | sed 's/^ft-//')/development \ | tail -n +4 \ | sed -e '$$ d' \ - | sed -E 's/^([^ ]*)[[:blank:]]*([^ ].*)$$/\1=\2/' \ + | perl -pe 's/^([^ \t]+)\s+(.+)$$/\1=\2/' \ > .env + @vault read secret/teams/next/next-globals/development \ + | tail -n +4 \ + | sed -e '$$ d' \ + | perl -pe 's/^([^ \t]+)\s+(.+)$$/\1=\2/' \ + >> .env @$(DONE) MSG_HEROKU_CLI = "Please make sure the Heroku CLI toolbelt is installed - see https://toolbelt.heroku.com/. And make sure you are authenticated by running ‘heroku login’. If this is not an app, delete Procfile." heroku-cli: @if [ -e Procfile ]; then heroku auth:whoami &>/dev/null || (echo $(MSG_HEROKU_CLI) && exit 1); fi +MSG_VAULT_CLI = "Please make sure the Vault CLI is installed - see https://github.com/Financial-Times/vault/wiki/Getting-Started. And make sure you are authenticated." +vault-cli: + @if [ -e Procfile ] && [[ $$(vault token-lookup 2>&1 | grep -c error) -gt 0 ]]; then (echo $(MSG_VAULT_CLI) && exit 1); fi + # VERIFY SUB-TASKS _verify_eslint: