diff options
-rw-r--r-- | data/common.yaml | 10 | ||||
-rw-r--r-- | manifests/concourse_complete.pp | 10 |
2 files changed, 16 insertions, 4 deletions
diff --git a/data/common.yaml b/data/common.yaml new file mode 100644 index 0000000..6c5bc6f --- /dev/null +++ b/data/common.yaml @@ -0,0 +1,10 @@ +# lookup_options is a special key, which change how other keys behave. +lookup_options: + # This forces the data to be converted from String to + # Sensitive[String], which hides it from our reports. + profiles::concourse_complete::session_signing_key: + convert_to: Sensitive + profiles::concourse_complete::tsa_public_key: + convert_to: Sensitive + profiles::concourse_complete::tsa_private_key: + convert_to: Sensitive diff --git a/manifests/concourse_complete.pp b/manifests/concourse_complete.pp index 69f83b5..f6f0525 100644 --- a/manifests/concourse_complete.pp +++ b/manifests/concourse_complete.pp @@ -12,17 +12,19 @@ class profiles::concourse_complete ( Sensitive[String] $tsa_public_key, Sensitive[String] $tsa_private_key, ) { + $cluster = 'default' class { '::concourse': - clusters => { - $concourse::default_cluster => { + default_cluster => $cluster, + clusters => { + $cluster => { # Database settings 'postgres_user' => 'concourse', - 'postgres_password' => Sensitive(cache_data( + 'postgres_password' => Sensitive(extlib::cache_data( 'profiles::concourse', 'postgres_password', extlib::random_password(25) )), - 'db_name' => "atc-${concourse::default_cluster}", + 'db_name' => "atc-${cluster}", # worker settings 'external_domain' => 'concourse.adrift.space', 'tsa_public_key' => $tsa_public_key, |