a command line utility to do replacements on any file talking to Aegis Safe
v0lkan opened this issue · 0 comments
v0lkan commented
Well, this is a twisted setup since only a workload can fetch variables from Aegis safe.
So for this PoC to work, we’ll need a workload that has access to a set of secrets.
Let’s say we have this template file
grafana:
replicaCount: 2
image:
pullSecrets:
- registrycredentials
config:
grafanaIniConfigMap: grafana-ini
useGrafanaIniFile: true
extraEnvVars:
env:
- name: GF_SECURITY_ADMIN_PASSWORD
value: "{{GF_SECURITY_ADMIN_PASSWORD}}"
- name: GF_PATHS_PLUGINS
value: "{{GF_PATH_PLUGINS}}"
then the variable values will be read from what Aegis Safe provides and will be replaced accordingly.
A command would be
tplsub -t ./grafana-tpl.yaml -o ./grafana-prod.yaml
or somewhere along those lines.