New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Creds management #53

Merged

zhenik merged 41 commits into master from issue_44_creds_management

Nov 11, 2020

Contributor

zhenik commented Nov 9, 2020 •

edited

Loading

Closes/fixes/resolves issue(s)?

closes New output variable for port #49
closes Bump dependent modules #51
closes Upgrade to 0.7.x #45
closes Improve credentials management #44

What was added/changed/fixed?

[bump] postgres and minio to 0.3.0
[refactor] now there are 2 standalone examples
[add] variables
[update] documentation

todo:

documentation

Related issue(s)? [Optional]

Others [Optional]

Checklist (after created PR)

zhenik added the type/enhancement label

zhenik added this to the 0.3.0 milestone

zhenik self-assigned this

zhenik added this to Review in progress in Team DataStack via automation

zhenik marked this pull request as ready for review

November 9, 2020 21:19

zhenik requested review from claesgill, pdmthorsrud and dangernil and removed request for claesgill and pdmthorsrud

November 9, 2020 21:19

claesgill reviewed

View reviewed changes

README.md Outdated Show resolved Hide resolved

README.md Outdated Show resolved Hide resolved

README.md Outdated Show resolved Hide resolved

dev/vagrant/conf/nomad/00-enable_vault.hcl Outdated Show resolved Hide resolved

example/README.md Outdated Show resolved Hide resolved

example/standalone-vault-provided-creds/main.tf Outdated Show resolved Hide resolved

main.tf Show resolved Hide resolved

outputs.tf Show resolved Hide resolved

variables.tf Show resolved Hide resolved

variables.tf Show resolved Hide resolved

claesgill reviewed

View reviewed changes

README.md Outdated Show resolved Hide resolved

pdmthorsrud reviewed

View reviewed changes

Makefile Outdated Show resolved Hide resolved

variables.tf Outdated Show resolved Hide resolved

variables.tf Outdated Show resolved Hide resolved

dev/ansible/20_upload_files.yml Show resolved Hide resolved

dev/vagrant/bootstrap/vault/post/01-create_vault_policy_to_read_secrets.yml Outdated Show resolved Hide resolved

dev/vagrant/conf/nomad/00-enable_vault.hcl Show resolved Hide resolved

example/standalone-user-provided-creds/main.tf Outdated

Comment on lines 22 to 23

		access_key = "minio"
		secret_key = "minio123"

Contributor

pdmthorsrud Nov 10, 2020

Make a clear separation between box's minio, and the minio module

Suggested change

      
              access_key = "minio"
          
              secret_key = "minio123"
          
              box_minio_access_key = "minio"
          
              box_minio_secret_key = "minio123"

Contributor Author

zhenik Nov 10, 2020

issue is created Skatteetaten/terraform-nomad-minio#87

Contributor Author

zhenik Nov 10, 2020 •

edited

Loading

It is not necessary, because box's minio creds are hardcoded in hive.hcl, we do not have variables for that ,

artifact {
  source = "s3::http://127.0.0.1:9000/dev/tmp/hive_local.tar"
  options {
    aws_access_key_id     = "minioadmin"
    aws_access_key_secret = "minioadmin"
  }
}

Contributor

pdmthorsrud Nov 10, 2020

oh, well, just remove it completely then!

Contributor Author

zhenik Nov 10, 2020

We need a way how to test the newly build image, without pulling from the docker registry.

This functionality uses only with box, but we still need it, if we want to test changes in docker image, before releasing docker image and pushing it to the registry.

Contributor

pdmthorsrud Nov 10, 2020

Yeah, I didn't mean remove the artifact stanza, I meant the variables set in the .tf file

Contributor Author

zhenik Nov 10, 2020

I have provided comments about it, by ur request. I hoped it could be better explained that way https://github.com/fredrikhgrelland/terraform-nomad-hive/blob/issue_44_creds_management/example/standalone-vault-provided-creds/main.tf#L15-L25

example/standalone-user-provided-creds/main.tf Outdated Show resolved Hide resolved

main.tf Show resolved Hide resolved

main.tf Show resolved Hide resolved

claesgill reviewed

View reviewed changes

README.md Outdated Show resolved Hide resolved

claesgill reviewed

View reviewed changes

README.md Outdated Show resolved Hide resolved

claesgill reviewed

View reviewed changes

README.md Outdated Show resolved Hide resolved

claesgill reviewed

View reviewed changes

README.md Outdated Show resolved Hide resolved

claesgill reviewed

View reviewed changes

README.md Outdated Show resolved Hide resolved

claesgill previously approved these changes

View reviewed changes

Contributor

claesgill left a comment

LGTM

Team DataStack automation moved this from Review in progress to Reviewer approved

pdmthorsrud previously approved these changes

View reviewed changes

Contributor

pdmthorsrud left a comment

LGTM

dangernil previously approved these changes

View reviewed changes

Contributor

dangernil left a comment

LGTM

zhenik added 6 commits

November 10, 2020 16:19


          add rm

ba27771


          bump minio ~> 0.3.0

1ed3d53


          add vault provider block

a253826


          fmt formatting

9d9f47f


          mv user provided creds example

37fffbd


          refactor ansible playbooks

b0545f1

zhenik and others added 16 commits

November 10, 2020 16:28


          Update example/standalone-user-provided-creds/README.md

8247c50

Co-authored-by: Claes Gill <claes@claesgill.com>


          update input and output

25eda9c


          Update README.md

652b534

Co-authored-by: Claes Gill <claes@claesgill.com>


          rm redundant line

0b4caf4


          rm vault_addr

18d7263


          update variable's names

221109d


          formatting with terraform fmt

510a325


          use canaries & use host volumes in all examples

41c1efc


          Update example/standalone-vault-provided-creds/README.md

8b88e0a

Co-authored-by: Claes Gill <claes@claesgill.com>


          Update README.md

Co-authored-by: Claes Gill <claes@claesgill.com>


          Update README.md

904ad9d

Co-authored-by: Claes Gill <claes@claesgill.com>


          Update README.md

b35f672

Co-authored-by: Claes Gill <claes@claesgill.com>


          Update README.md

b917006

Co-authored-by: Claes Gill <claes@claesgill.com>


          Update README.md

1d132c3

Co-authored-by: Claes Gill <claes@claesgill.com>


          add resources proxy to example

f15efa3


          update documentation example

e2e8d9d

zhenik dismissed stale reviews from dangernil, pdmthorsrud, and claesgill via

e2e8d9d

November 10, 2020 15:49

zhenik force-pushed the issue_44_creds_management branch from dc54ff5 to e2e8d9d Compare

November 10, 2020 15:49

Team DataStack automation moved this from Reviewer approved to Review in progress


          update contributors list

08f681a

pdmthorsrud approved these changes

View reviewed changes

Contributor

pdmthorsrud left a comment

LGTM

Team DataStack automation moved this from Review in progress to Reviewer approved

dangernil approved these changes

View reviewed changes

zhenik merged commit 989d774 into master

Team DataStack automation moved this from Reviewer approved to Pull Requests merged and closed

zhenik deleted the issue_44_creds_management branch

November 11, 2020 07:03

zhenik mentioned this pull request

Add support for vault-provided credentials (and example) Skatteetaten/terraform-nomad-trino#64

Closed

3 tasks

fredrikhgrelland removed this from Pull Requests merged and closed in Team DataStack

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment