fix: Various Pulumi fixes
This commit is contained in:
parent
07470a206d
commit
ea3361886b
30
.drone.yml
30
.drone.yml
@ -1,30 +0,0 @@
|
||||
kind: pipeline
|
||||
name: default
|
||||
|
||||
steps:
|
||||
- name: test
|
||||
image: python:3.7-alpine
|
||||
commands:
|
||||
- pip install -r dev-requirements.txt
|
||||
- which make || apk add make
|
||||
- make test
|
||||
- name: build
|
||||
image: python:3.7-alpine
|
||||
commands:
|
||||
- which make || apk add make
|
||||
- pip install -r dev-requirements.txt
|
||||
- make build
|
||||
- name: upload
|
||||
image: python:3.7-alpine
|
||||
environment:
|
||||
TWINE_USERNAME:
|
||||
from_secret: TWINE_USERNAME
|
||||
TWINE_PASSWORD:
|
||||
from_secret: TWINE_PASSWORD
|
||||
commands:
|
||||
- which make || apk add make
|
||||
- pip install -r dev-requirements.txt
|
||||
- make upload
|
||||
when:
|
||||
event:
|
||||
- tag
|
@ -2,7 +2,7 @@ import logging
|
||||
|
||||
__author__ = "Stefan Reimer"
|
||||
__email__ = "stefan@zero-downtimet.net"
|
||||
__version__ = "0.10.0"
|
||||
__version__ = "0.10.1"
|
||||
|
||||
|
||||
# Set up logging to ``/dev/null`` like a library is supposed to.
|
||||
|
@ -45,8 +45,12 @@ def pulumi_init(stack):
|
||||
|
||||
# Remove stacknameprefix if equals Conglomerate as Pulumi implicitly prefixes project_name
|
||||
pulumi_stackname = re.sub(r'^' + project_name + '-?', '', stack.stackname)
|
||||
try:
|
||||
pulumi_backend = '{}/{}/{}'.format(stack.pulumi['backend'], project_name, stack.region)
|
||||
|
||||
except KeyError:
|
||||
raise KeyError('Missing pulumi.backend setting !')
|
||||
|
||||
account_id = stack.connection_manager.call('sts', 'get_caller_identity', profile=stack.profile, region=stack.region)['Account']
|
||||
# Ugly hack as Pulumi currently doesnt support MFA_TOKENs during role assumptions
|
||||
# Do NOT set them via 'aws:secretKey' as they end up in the stack.json in plain text !!!
|
||||
@ -55,6 +59,7 @@ def pulumi_init(stack):
|
||||
|
||||
os.environ['AWS_ACCESS_KEY_ID'] = stack.connection_manager._sessions[(stack.profile, stack.region)].get_credentials().access_key
|
||||
os.environ['AWS_SECRET_ACCESS_KEY'] = stack.connection_manager._sessions[(stack.profile, stack.region)].get_credentials().secret_key
|
||||
os.environ['AWS_DEFAULT_REGION'] = stack.region
|
||||
|
||||
# Secrets provider
|
||||
try:
|
||||
@ -63,7 +68,8 @@ def pulumi_init(stack):
|
||||
raise ValueError('Missing PULUMI_CONFIG_PASSPHRASE environment variable!')
|
||||
|
||||
except KeyError:
|
||||
raise KeyError('Missing Pulumi securityProvider setting !')
|
||||
logger.warning('Missing pulumi.secretsProvider setting, secrets disabled !')
|
||||
secrets_provider = None
|
||||
|
||||
# Set tag for stack file name and version
|
||||
_tags = stack.tags
|
||||
|
@ -676,13 +676,13 @@ class Stack(object):
|
||||
with open(self.path, "r") as file:
|
||||
settings = yaml.safe_load(file)
|
||||
|
||||
try:
|
||||
if 'pulumi' not in settings:
|
||||
settings['pulumi'] = {}
|
||||
|
||||
if 'encryptionsalt' in pulumi_settings:
|
||||
settings['pulumi']['encryptionsalt'] = pulumi_settings['encryptionsalt']
|
||||
if 'encryptedkey' in pulumi_settings:
|
||||
settings['pulumi']['encryptedkey'] = pulumi_settings['encryptedkey']
|
||||
except KeyError:
|
||||
pass
|
||||
|
||||
if 'parameters' not in settings:
|
||||
settings['parameters'] = {}
|
||||
@ -877,4 +877,7 @@ class Stack(object):
|
||||
return kwargs
|
||||
|
||||
def _log_pulumi(self, text):
|
||||
# Remove some duplicated noise
|
||||
text = re.sub('pulumi:pulumi:Stack {}-{}( running)?'.format(self.parameters['Conglomerate'], self.stackname), '', text)
|
||||
if text:
|
||||
logger.info(" ".join([self.region, self.stackname, text]))
|
||||
|
Loading…
Reference in New Issue
Block a user