Skip to content

Commit

Permalink
Conjur use environment file of type certificate
Browse files Browse the repository at this point in the history 
Signed-off-by: AndrewCopeland <[email protected]>
  • Loading branch information
@AndrewCopeland
AndrewCopeland committed Jun 11, 2020
1 parent ec4aa67 commit 624cd44
Show file tree
Hide file tree
Showing 3 changed files with 11 additions and 15 deletions.
11 changes: 4 additions & 7 deletions jobs/web/spec
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1245,14 +1245,11 @@ properties:
env: CONCOURSE_CONJUR_ACCOUNT
description: |
Conjur account name.
conjur.cert_file:
env: CONCOURSE_CONJUR_CERT_FILE
description: |
Path to cert file used if conjur instance is using a self-signed cert.
conjur.ssl_certificate:
env: CONCOURSE_CONJUR_SSL_CERTIFICATE
conjur.tls.ca_cert:
type: certificate
env_fields: {certificate: {env_file: CONCOURSE_CONJUR_CERT_FILE}}
description: |
Content of the SSL cert used if conjur instance is using a self-signed cert.
A PEM-encoded CA cert to use to verify the Conjur server SSL cert.
conjur.auth.login:
env: CONCOURSE_CONJUR_AUTHN_LOGIN
description: |
Expand Down
12 changes: 4 additions & 8 deletions jobs/web/templates/bpm.yml.erb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -303,10 +303,6 @@ processes:
CONCOURSE_CONJUR_AUTHN_TOKEN_FILE: <%= env_flag(v).to_json %>
<% end -%>

<% if_p("conjur.cert_file") do |v| -%>
CONCOURSE_CONJUR_CERT_FILE: <%= env_flag(v).to_json %>
<% end -%>

<% if_p("conjur.pipeline_secret_template") do |v| -%>
CONCOURSE_CONJUR_PIPELINE_SECRET_TEMPLATE: <%= env_flag(v).to_json %>
<% end -%>
Expand All @@ -315,14 +311,14 @@ processes:
CONCOURSE_CONJUR_SECRET_TEMPLATE: <%= env_flag(v).to_json %>
<% end -%>

<% if_p("conjur.ssl_certificate") do |v| -%>
CONCOURSE_CONJUR_SSL_CERTIFICATE: <%= env_flag(v).to_json %>
<% end -%>

<% if_p("conjur.team_secret_template") do |v| -%>
CONCOURSE_CONJUR_TEAM_SECRET_TEMPLATE: <%= env_flag(v).to_json %>
<% end -%>

<% if_p("conjur.tls.ca_cert.certificate") do |v| -%>
CONCOURSE_CONJUR_CERT_FILE: <%= env_file_flag(v, "CONCOURSE_CONJUR_CERT_FILE").to_json %>
<% end -%>

<% if_p("container_placement_strategy") do |v| -%>
CONCOURSE_CONTAINER_PLACEMENT_STRATEGY: <%= env_flag(v).to_json %>
<% end -%>
Expand Down
3 changes: 3 additions & 0 deletions jobs/web/templates/pre_start.erb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -51,6 +51,9 @@ mkdir -p /var/vcap/jobs/web/config/env
<% if_p("config_rbac") do |v| -%>
<%= env_file_writer(v, "CONCOURSE_CONFIG_RBAC") %>
<% end -%>
<% if_p("conjur.tls.ca_cert.certificate") do |v| -%>
<%= env_file_writer(v, "CONCOURSE_CONJUR_CERT_FILE") %>
<% end -%>
<% if_p("credhub.tls.ca_cert.certificate") do |v| -%>
<%= env_file_writer(v, "CONCOURSE_CREDHUB_CA_CERT") %>
<% end -%>
Expand Down

0 comments on commit 624cd44

Please sign in to comment.