From 234e3011a8c2d5ecfdf0d705a69676e12e2d6c81 Mon Sep 17 00:00:00 2001
From: Sonam Kindy <sonam.kindy@delphix.com>
Date: Wed, 26 Oct 2022 11:46:33 -0500
Subject: [PATCH] GHM-824 Build masking and containerized masking packages with
 secrets

PR URL: https://www.github.com/delphix/linux-pkg/pull/258
---
 packages/containerized-masking/config.sh | 26 ++++++++++++++++++++++++
 packages/masking/config.sh               | 26 ++++++++++++++++++++++++
 2 files changed, 52 insertions(+)

diff --git a/packages/containerized-masking/config.sh b/packages/containerized-masking/config.sh
index a610a3c8..c7615574 100644
--- a/packages/containerized-masking/config.sh
+++ b/packages/containerized-masking/config.sh
@@ -40,6 +40,32 @@ function build() {
 
 	logmust cd "$WORKDIR/repo"
 
+	if [[ "$SECRET_DB_AWS_ENDPOINT" ]]; then
+		export SECRET_DB_AWS_ENDPOINT="$SECRET_DB_AWS_ENDPOINT"
+	fi
+
+	# Using secrets proxy
+	if [[ "$SECRET_DB_USE_JUMPBOX" ]]; then
+		export SECRET_DB_USE_JUMPBOX="$SECRET_DB_USE_JUMPBOX"
+	fi
+	if [[ "$SECRET_DB_JUMP_BOX_HOST" ]]; then
+		export SECRET_DB_JUMP_BOX_HOST="$SECRET_DB_JUMP_BOX_HOST"
+	fi
+	if [[ "$SECRET_DB_JUMP_BOX_USER" ]]; then
+		export SECRET_DB_JUMP_BOX_USER="$SECRET_DB_JUMP_BOX_USER"
+	fi
+	if [[ "$SECRET_DB_JUMP_BOX_PRIVATE_KEY" ]]; then
+		export SECRET_DB_JUMP_BOX_PRIVATE_KEY="$SECRET_DB_JUMP_BOX_PRIVATE_KEY"
+	fi
+
+	# Using master/eng-secret-user
+	if [[ "$SECRET_DB_AWS_PROFILE" ]]; then
+		export SECRET_DB_AWS_PROFILE="$SECRET_DB_AWS_PROFILE"
+	fi
+	if [[ "$SECRET_DB_AWS_REGION" ]]; then
+		export SECRET_DB_AWS_REGION="$SECRET_DB_AWS_REGION"
+	fi
+
 	logmust ./gradlew --no-daemon --stacktrace \
 		-Porg.gradle.configureondemand=false \
 		-PenvironmentName=linuxappliance \
diff --git a/packages/masking/config.sh b/packages/masking/config.sh
index c3ea4a2f..4cf5fa14 100644
--- a/packages/masking/config.sh
+++ b/packages/masking/config.sh
@@ -43,6 +43,32 @@ function build() {
 		'{ "dms-core-gate" : { "git-hash" : $h, "date": $d }}' \
 		>"$WORKDIR/artifacts/metadata.json"
 
+	if [[ "$SECRET_DB_AWS_ENDPOINT" ]]; then
+		export SECRET_DB_AWS_ENDPOINT="$SECRET_DB_AWS_ENDPOINT"
+	fi
+
+	# Using secrets proxy
+	if [[ "$SECRET_DB_USE_JUMPBOX" ]]; then
+		export SECRET_DB_USE_JUMPBOX="$SECRET_DB_USE_JUMPBOX"
+	fi
+	if [[ "$SECRET_DB_JUMP_BOX_HOST" ]]; then
+		export SECRET_DB_JUMP_BOX_HOST="$SECRET_DB_JUMP_BOX_HOST"
+	fi
+	if [[ "$SECRET_DB_JUMP_BOX_USER" ]]; then
+		export SECRET_DB_JUMP_BOX_USER="$SECRET_DB_JUMP_BOX_USER"
+	fi
+	if [[ "$SECRET_DB_JUMP_BOX_PRIVATE_KEY" ]]; then
+		export SECRET_DB_JUMP_BOX_PRIVATE_KEY="$SECRET_DB_JUMP_BOX_PRIVATE_KEY"
+	fi
+
+	# Using master/eng-secret-user
+	if [[ "$SECRET_DB_AWS_PROFILE" ]]; then
+		export SECRET_DB_AWS_PROFILE="$SECRET_DB_AWS_PROFILE"
+	fi
+	if [[ "$SECRET_DB_AWS_REGION" ]]; then
+		export SECRET_DB_AWS_REGION="$SECRET_DB_AWS_REGION"
+	fi
+
 	logmust ./gradlew --no-daemon --stacktrace \
 		-Porg.gradle.configureondemand=false \
 		-PenvironmentName=linuxappliance \