feat: find vaulted files automatically for config-diff

stackhpc · Apr 11, 2024 · 0b0e74b · 0b0e74b
1 parent 08a5753
commit 0b0e74b
Showing 1 changed file with 14 additions and 13 deletions.
diff --git a/scripts/config-diff.sh b/scripts/config-diff.sh
@@ -30,7 +30,9 @@ function pre_config_init {
 }
 
 function post_config_init {
-    # Overrides from config.sh
+    KAYOBE_CONFIG_VAULTED_FILES_PATHS=()
+    local directory="/stack/kayobe-automation-env/src/kayobe-config/etc/kayobe"
+
     KAYOBE_CONFIG_SECRET_PATHS_DEFAULT=(
         "etc/kayobe/kolla/passwords.yml"
         "etc/kayobe/secrets.yml"
@@ -39,25 +41,24 @@ function post_config_init {
         ${KAYOBE_CONFIG_SECRET_PATHS_EXTRA[@]}
     )
     KAYOBE_CONFIG_SECRET_PATHS=("${KAYOBE_CONFIG_SECRET_PATHS[@]:-${KAYOBE_CONFIG_SECRET_PATHS_DEFAULT[@]}}")
-    # TODO: could auto detect which files? e.g. "grep -irl "ANSIBLE_VAULT;1" etc/kayobe/kolla/config"
-    KAYOBE_CONFIG_VAULTED_FILES_PATHS_DEFAULT=(
-        "etc/kayobe/kolla/config/octavia/server_ca.key.pem"
-        "etc/kayobe/kolla/config/octavia/client.cert-and-key.pem"
-        "etc/kayobe/kolla/config/octavia/client_ca.key.pem"
-        "etc/kayobe/environments/$KAYOBE_ENVIRONMENT/kolla/config/octavia/client_ca.key.pem"
-        "etc/kayobe/environments/$KAYOBE_ENVIRONMENT/kolla/config/octavia/server_ca.key.pem"
-        "etc/kayobe/environments/$KAYOBE_ENVIRONMENT/kolla/config/octavia/client.cert-and-key.pem"
-        ${KAYOBE_CONFIG_VAULTED_FILES_PATHS_EXTRA[@]}
-    )
-    KAYOBE_CONFIG_VAULTED_FILES_PATHS=("${KAYOBE_CONFIG_VAULTED_FILES_PATHS[@]:-${KAYOBE_CONFIG_VAULTED_FILES_PATHS_DEFAULT[@]}}")
+
+    # Search for vaulted files recursively in the directory
+    while IFS= read -r -d '' file; do
+        if grep -q "ANSIBLE_VAULT;1" "$file"; then
+            truncated_path="${file#"$directory/"}"
+            vaulted_file="etc/kayobe/$truncated_path"
+            if ! [[ "${KAYOBE_CONFIG_SECRET_PATHS_DEFAULT[*]}" =~ "$vaulted_file" ]]; then
+                KAYOBE_CONFIG_VAULTED_FILES_PATHS+=("etc/kayobe/$truncated_path")
+            fi
+        fi
+    done < <(find "$directory" -type f -print0)
 
     # Some values are currently determined dynamically from container versions
     export KAYOBE_AUTOMATION_CONFIG_DIFF_FLUENTD_BINARY="${KAYOBE_AUTOMATION_CONFIG_DIFF_FLUENTD_BINARY:-td-agent}"
     export KAYOBE_AUTOMATION_CONFIG_DIFF_FLUENTD_VERSION="${KAYOBE_AUTOMATION_CONFIG_DIFF_FLUENTD_BINARY:-0.14}"
 
     export KAYOBE_AUTOMATION_CONFIG_DIFF_INJECT_FACTS="${KAYOBE_AUTOMATION_CONFIG_DIFF_INJECT_FACTS=-0}"
     export KAYOBE_AUTOMATION_CONFIG_DIFF_AUTO_UNSET_ENVIRONMENT="${KAYOBE_AUTOMATION_CONFIG_DIFF_AUTO_UNSET_ENVIRONMENT=-0}"
-
 }
 
 function redact_file {