commit | dfaa677fc445525353eae31b86c5d4283f6b14bf | [log] [tgz] |
---|---|---|
author | Joe Gregorio <jcgregorio@google.com> | Thu Jul 29 09:28:33 2021 -0400 |
committer | Joe Gregorio <jcgregorio@google.com> | Thu Jul 29 13:52:13 2021 +0000 |
tree | 938b5d35c81391411d104991ffe83ad06e1ed6ed | |
parent | a07d2ab3dead6971d55202af38ed486a89f3b311 [diff] |
Followup fixes from previous CL review. Change-Id: I02e427e2158cd87d7d56db23422008acc1d09304 Reviewed-on: https://skia-review.googlesource.com/c/buildbot/+/434458 Reviewed-by: Kevin Lubick <kjlubick@google.com>
diff --git a/skolo/ansible/switchboard/roles/load_secret_vars/README.md b/skolo/ansible/switchboard/roles/load_secret_vars/README.md index 0b99b56..d020e5e 100644 --- a/skolo/ansible/switchboard/roles/load_secret_vars/README.md +++ b/skolo/ansible/switchboard/roles/load_secret_vars/README.md
@@ -1,6 +1,9 @@ # Role Name -Loads secrets from berglas and makes them available as a variable. +Loads secrets from [berglas](https://github.com/GoogleCloudPlatform/berglas) and +makes them available as a variable. See +[//kube/secrets](https://skia.googlesource.com/buildbot/+/refs/heads/main/kube/secrets/) +for more details on berglas and Skia secrets. The secrets are stored as a single file, `secrets.yml`, in berglas secrets for the cluster `etc` and the secret name `ansible-secret-vars`.
diff --git a/skolo/ansible/switchboard/roles/load_secret_vars/tasks/main.yml b/skolo/ansible/switchboard/roles/load_secret_vars/tasks/main.yml index 349f3ed..9704a51 100644 --- a/skolo/ansible/switchboard/roles/load_secret_vars/tasks/main.yml +++ b/skolo/ansible/switchboard/roles/load_secret_vars/tasks/main.yml
@@ -10,6 +10,7 @@ delegate_to: 127.0.0.1 command: argv: + # Use role_path variable to get to the root of the buildbot repo. - '{{ role_path }}/../../../../../kube/secrets/get-secret-at-path.sh' - etc - ansible-secret-vars