Merge pull request #106 from AndrewCopeland/conjur-appliance-url-config

Conjur appliance url config

jobs/web/spec

@@ -1241,18 +1241,19 @@ properties:
     description: |
       The maximum time between retries when logging in or re-authing a secret.
 
-  conjur.appliance_interval:
+  conjur.appliance_url:
     env: CONCOURSE_CONJUR_APPLIANCE_URL
     description: |
       URL of the Conjur instance.
   conjur.account:
     env: CONCOURSE_CONJUR_ACCOUNT
     description: |
       Conjur account name.
-  conjur.cert_file:
-    env: CONCOURSE_CONJUR_CERT_FILE
+  conjur.tls.ca_cert:
+    type: certificate
+    env_fields: {certificate: {env_file: CONCOURSE_CONJUR_CERT_FILE}}
     description: |
-      Path to cert file used if conjur instance is using a self-signed cert.
+      A PEM-encoded CA cert to use to verify the Conjur server SSL cert. 
   conjur.auth.login:
     env: CONCOURSE_CONJUR_AUTHN_LOGIN
     description: |

jobs/web/templates/bpm.yml.erb

@@ -287,7 +287,7 @@ processes:
     CONCOURSE_CONJUR_ACCOUNT: <%= env_flag(v).to_json %>
 <% end -%>
 
-<% if_p("conjur.appliance_interval") do |v| -%>
+<% if_p("conjur.appliance_url") do |v| -%>
     CONCOURSE_CONJUR_APPLIANCE_URL: <%= env_flag(v).to_json %>
 <% end -%>
 
@@ -303,10 +303,6 @@ processes:
     CONCOURSE_CONJUR_AUTHN_TOKEN_FILE: <%= env_flag(v).to_json %>
 <% end -%>
 
-<% if_p("conjur.cert_file") do |v| -%>
-    CONCOURSE_CONJUR_CERT_FILE: <%= env_flag(v).to_json %>
-<% end -%>
-
 <% if_p("conjur.pipeline_secret_template") do |v| -%>
     CONCOURSE_CONJUR_PIPELINE_SECRET_TEMPLATE: <%= env_flag(v).to_json %>
 <% end -%>
@@ -319,6 +315,10 @@ processes:
     CONCOURSE_CONJUR_TEAM_SECRET_TEMPLATE: <%= env_flag(v).to_json %>
 <% end -%>
 
+<% if_p("conjur.tls.ca_cert.certificate") do |v| -%>
+    CONCOURSE_CONJUR_CERT_FILE: <%= env_file_flag(v, "CONCOURSE_CONJUR_CERT_FILE").to_json %>
+<% end -%>
+
 <% if_p("container_placement_strategy") do |v| -%>
     CONCOURSE_CONTAINER_PLACEMENT_STRATEGY: <%= env_flag(v).to_json %>
 <% end -%>
@@ -855,10 +855,6 @@ processes:
     CONCOURSE_NEWRELIC_API_KEY: <%= env_flag(v).to_json %>
 <% end -%>
 
-<% if_p("newrelic.url") do |v| -%>
-    CONCOURSE_NEWRELIC_INSIGHTS_API_URL: <%= env_flag(v).to_json %>
-<% end -%>
-
 <% if_p("newrelic.batch_duration") do |v| -%>
     CONCOURSE_NEWRELIC_BATCH_DURATION: <%= env_flag(v).to_json %>
 <% end -%>
@@ -875,6 +871,10 @@ processes:
     CONCOURSE_NEWRELIC_SERVICE_PREFIX: <%= env_flag(v).to_json %>
 <% end -%>
 
+<% if_p("newrelic.url") do |v| -%>
+    CONCOURSE_NEWRELIC_INSIGHTS_API_URL: <%= env_flag(v).to_json %>
+<% end -%>
+
 <% if_p("old_encryption_key") do |v| -%>
     CONCOURSE_OLD_ENCRYPTION_KEY: <%= env_flag(v).to_json %>
 <% end -%>

jobs/web/templates/pre_start.erb

@@ -51,6 +51,9 @@ mkdir -p /var/vcap/jobs/web/config/env
 <% if_p("config_rbac") do |v| -%>
 <%= env_file_writer(v, "CONCOURSE_CONFIG_RBAC") %>
 <% end -%>
+<% if_p("conjur.tls.ca_cert.certificate") do |v| -%>
+<%= env_file_writer(v, "CONCOURSE_CONJUR_CERT_FILE") %>
+<% end -%>
 <% if_p("credhub.tls.ca_cert.certificate") do |v| -%>
 <%= env_file_writer(v, "CONCOURSE_CREDHUB_CA_CERT") %>
 <% end -%>