diff options
| author | Hugo Hörnquist <hugo@lysator.liu.se> | 2023-06-20 15:38:33 +0200 |
|---|---|---|
| committer | Hugo Hörnquist <hugo@lysator.liu.se> | 2023-06-20 15:38:33 +0200 |
| commit | 0abb0cee0a6a2ac673a767de7338f9fd720aa96f (patch) | |
| tree | eba15c24c766320a8ad0d71715d8e85a86b80370 | |
| parent | Don't mark public key sensitive. (diff) | |
| download | profiles-0abb0cee0a6a2ac673a767de7338f9fd720aa96f.tar.gz profiles-0abb0cee0a6a2ac673a767de7338f9fd720aa96f.tar.xz | |
Manage postgres password through hiera.
extlib::cache togetether with sensitive doesn't seem to work.
| -rw-r--r-- | data/common.yaml | 2 | ||||
| -rw-r--r-- | manifests/concourse_complete.pp | 7 |
2 files changed, 4 insertions, 5 deletions
diff --git a/data/common.yaml b/data/common.yaml index bf01ca0..c9ca652 100644 --- a/data/common.yaml +++ b/data/common.yaml @@ -6,3 +6,5 @@ lookup_options: convert_to: Sensitive profiles::concourse_complete::tsa_private_key: convert_to: Sensitive + profiles::concourse_complete::postgres_password: + convert_to: Sensitive diff --git a/manifests/concourse_complete.pp b/manifests/concourse_complete.pp index 4059124..ed4a9f1 100644 --- a/manifests/concourse_complete.pp +++ b/manifests/concourse_complete.pp @@ -10,6 +10,7 @@ class profiles::concourse_complete ( Sensitive[String] $session_signing_key, Sensitive[String] $tsa_private_key, + Sensitive[String] $postgres_password, String $tsa_public_key, ) { $cluster = 'default' @@ -19,11 +20,7 @@ class profiles::concourse_complete ( $cluster => { # Database settings 'postgres_user' => 'concourse', - 'postgres_password' => Sensitive(extlib::cache_data( - 'profiles::concourse', - 'postgres_password', - extlib::random_password(25) - )), + 'postgres_password' => $postgres_password, 'db_name' => "atc-${cluster}", # worker settings 'external_domain' => 'concourse.adrift.space', |