Google Git
Sign in
skia / buildbot / dfaa677fc445525353eae31b86c5d4283f6b14bf^! / .
commitdfaa677fc445525353eae31b86c5d4283f6b14bf[log] [tgz]
authorJoe Gregorio <jcgregorio@google.com>Thu Jul 29 09:28:33 2021 -0400
committerJoe Gregorio <jcgregorio@google.com>Thu Jul 29 13:52:13 2021 +0000
tree938b5d35c81391411d104991ffe83ad06e1ed6ed
parenta07d2ab3dead6971d55202af38ed486a89f3b311 [diff]
Followup fixes from previous CL review.

Change-Id: I02e427e2158cd87d7d56db23422008acc1d09304
Reviewed-on: https://skia-review.googlesource.com/c/buildbot/+/434458
Reviewed-by: Kevin Lubick <kjlubick@google.com>

diff --git a/skolo/ansible/switchboard/roles/load_secret_vars/README.md b/skolo/ansible/switchboard/roles/load_secret_vars/README.md
index 0b99b56..d020e5e 100644
--- a/skolo/ansible/switchboard/roles/load_secret_vars/README.md
+++ b/skolo/ansible/switchboard/roles/load_secret_vars/README.md

@@ -1,6 +1,9 @@
 # Role Name
 
-Loads secrets from berglas and makes them available as a variable.
+Loads secrets from [berglas](https://github.com/GoogleCloudPlatform/berglas) and
+makes them available as a variable. See
+[//kube/secrets](https://skia.googlesource.com/buildbot/+/refs/heads/main/kube/secrets/)
+for more details on berglas and Skia secrets.
 
 The secrets are stored as a single file, `secrets.yml`, in berglas secrets for
 the cluster `etc` and the secret name `ansible-secret-vars`.

diff --git a/skolo/ansible/switchboard/roles/load_secret_vars/tasks/main.yml b/skolo/ansible/switchboard/roles/load_secret_vars/tasks/main.yml
index 349f3ed..9704a51 100644
--- a/skolo/ansible/switchboard/roles/load_secret_vars/tasks/main.yml
+++ b/skolo/ansible/switchboard/roles/load_secret_vars/tasks/main.yml

@@ -10,6 +10,7 @@
   delegate_to: 127.0.0.1
   command:
     argv:
+      # Use role_path variable to get to the root of the buildbot repo.
       - '{{ role_path }}/../../../../../kube/secrets/get-secret-at-path.sh'
       - etc
       - ansible-secret-vars