sneal · January 27, 2020 21:41
diff --git a/tf-2-credhub.sh b/tf-2-credhub.sh
 #!/bin/bash

 # Script to populate all of the current environment's Concourse Credhub values
 # based off the Terraform output

 set -e

 credhub_client_secret="$1"
 [[ -z "$credhub_client_secret" ]] && { echo "Error: expected the client secret for credhub_admin_client"; exit 1; }

 function tf_value {
  local o
  o=$(terraform output "$1")
  [[ -z "$o" ]] && { echo "Error: expected to find $1 in terraform output"; exit 1; }
  echo "$o"
 }

 function tf_array_value {
  local o
  o=$(terraform output -json "$1" | jq -r ".value[$2]")
  [[ -z "$o" ]] && { echo "Error: expected to find $1 in terraform output"; exit 1; }
  echo "$o"
 }

 function credhub_login {
  credhub login --client-name=credhub_admin_client --client-secret="$credhub_client_secret" \
    --server=https://credhub.plane.example.com  
 }

 function credhub_set {
  credhub set -n "/concourse/$env_name/$1" -t value -v "$2"
 }


 env_name=$(tf_value 'env_name')
 credhub_login

 # Region
 credhub_set 'iaas_configuration_region' "$(tf_value 'region')"

 # AZs
 credhub_set 'az1_name' "$(tf_array_value 'azs' '0')"
 credhub_set 'az2_name' "$(tf_array_value 'azs' '1')"
 credhub_set 'az3_name' "$(tf_array_value 'azs' '2')"

 # Infrastructure/Management Network Configuration
 credhub_set 'infra_network_az1_iaas_name' "$(tf_array_value 'infrastructure_subnet_ids' '0')"
 credhub_set 'infra_network_az2_iaas_name' "$(tf_array_value 'infrastructure_subnet_ids' '1')"
 credhub_set 'infra_network_az3_iaas_name' "$(tf_array_value 'infrastructure_subnet_ids' '2')"

 credhub_set 'infra_network_az1_cidr' "$(tf_array_value 'infrastructure_subnet_cidrs' '0')"
 credhub_set 'infra_network_az2_cidr' "$(tf_array_value 'infrastructure_subnet_cidrs' '1')"
 credhub_set 'infra_network_az3_cidr' "$(tf_array_value 'infrastructure_subnet_cidrs' '2')"

 credhub_set 'infra_network_az1_reserved_ip_range' "$(tf_array_value 'infrastructure_subnet_reserved_ranges' '0')"
 credhub_set 'infra_network_az2_reserved_ip_range' "$(tf_array_value 'infrastructure_subnet_reserved_ranges' '1')"
 credhub_set 'infra_network_az3_reserved_ip_range' "$(tf_array_value 'infrastructure_subnet_reserved_ranges' '2')"

 credhub_set 'infra_network_az1_gateway' "$(tf_array_value 'infrastructure_subnet_gateways' '0')"
 credhub_set 'infra_network_az2_gateway' "$(tf_array_value 'infrastructure_subnet_gateways' '1')"
 credhub_set 'infra_network_az3_gateway' "$(tf_array_value 'infrastructure_subnet_gateways' '2')"

 # Deployment/PAS Network Configuration
 credhub_set 'deployment_network_az1_iaas_name' "$(tf_array_value 'pas_subnet_ids' '0')"
 credhub_set 'deployment_network_az2_iaas_name' "$(tf_array_value 'pas_subnet_ids' '1')"
 credhub_set 'deployment_network_az3_iaas_name' "$(tf_array_value 'pas_subnet_ids' '2')"

 credhub_set 'deployment_network_az1_cidr' "$(tf_array_value 'pas_subnet_cidrs' '0')"
 credhub_set 'deployment_network_az2_cidr' "$(tf_array_value 'pas_subnet_cidrs' '1')"
 credhub_set 'deployment_network_az3_cidr' "$(tf_array_value 'pas_subnet_cidrs' '2')"

 credhub_set 'deployment_network_az1_reserved_ip_range' "$(tf_array_value 'pas_subnet_reserved_ranges' '0')"
 credhub_set 'deployment_network_az2_reserved_ip_range' "$(tf_array_value 'pas_subnet_reserved_ranges' '1')"
 credhub_set 'deployment_network_az3_reserved_ip_range' "$(tf_array_value 'pas_subnet_reserved_ranges' '2')"

 credhub_set 'deployment_network_az1_gateway' "$(tf_array_value 'pas_subnet_gateways' '0')"
 credhub_set 'deployment_network_az2_gateway' "$(tf_array_value 'pas_subnet_gateways' '1')"
 credhub_set 'deployment_network_az3_gateway' "$(tf_array_value 'pas_subnet_gateways' '2')"

 # Services Network Configuration
 credhub_set 'service_network_az1_iaas_name' "$(tf_array_value 'services_subnet_ids' '0')"
 credhub_set 'service_network_az2_iaas_name' "$(tf_array_value 'services_subnet_ids' '1')"
 credhub_set 'service_network_az3_iaas_name' "$(tf_array_value 'services_subnet_ids' '2')"

 credhub_set 'service_network_az1_cidr' "$(tf_array_value 'services_subnet_cidrs' '0')"
 credhub_set 'service_network_az2_cidr' "$(tf_array_value 'services_subnet_cidrs' '1')"
 credhub_set 'service_network_az3_cidr' "$(tf_array_value 'services_subnet_cidrs' '2')"

 credhub_set 'service_network_az1_reserved_ip_range' "$(tf_array_value 'services_subnet_reserved_ranges' '0')"
 credhub_set 'service_network_az2_reserved_ip_range' "$(tf_array_value 'services_subnet_reserved_ranges' '1')"
 credhub_set 'service_network_az3_reserved_ip_range' "$(tf_array_value 'services_subnet_reserved_ranges' '2')"

 credhub_set 'service_network_az1_gateway' "$(tf_array_value 'services_subnet_gateways' '0')"
 credhub_set 'service_network_az2_gateway' "$(tf_array_value 'services_subnet_gateways' '1')"
 credhub_set 'service_network_az3_gateway' "$(tf_array_value 'services_subnet_gateways' '2')"

 # Opsman
 credhub_set 'opsman_host' "$(tf_value 'ops_manager_dns')"
 credhub_set 'opsman_region' "$(tf_value 'region')"
 credhub_set 'opsman_subnet_id' "$(tf_array_value 'public_subnet_ids' '0')"
 credhub_set 'opsman_security_group_ids' "$(tf_value 'ops_manager_security_group_id')"
 credhub_set 'opsman_key_pair_name' "$(tf_value 'ops_manager_ssh_public_key_name')"
 credhub_set 'opsman_iam_instance_profile' "$(tf_value 'ops_manager_iam_instance_profile_name')"
 credhub_set 'opsman_access_key' "$(tf_value 'ops_manager_iam_user_access_key')"
 credhub_set 'opsman_secret_key' "$(tf_value 'ops_manager_iam_user_secret_key')"
 credhub_set 'opsman_ssh_key_public_key' "$(tf_value 'ops_manager_ssh_public_key')"
 credhub_set 'opsman_ssh_key_private_key' "$(tf_value 'ops_manager_ssh_private_key')"
 credhub_set 'opsman_public_ip' "$(tf_value 'ops_manager_public_ip')"
 credhub_set 'opsman_private_ip' "$(tf_value 'ops_manager_private_ip')"
 credhub_set 'opsman_s3_bucket' "$(tf_value 'ops_manager_bucket')"

 # Security Group for all BOSH deployed VMs
 credhub_set 'vms_security_group_id' "$(tf_value 'vms_security_group_id')"

 # PAS Domains/Certs
 credhub_set 'pas_apps_domain' "$(tf_value 'apps_domain')"
 credhub_set 'pas_sys_domain' "$(tf_value 'sys_domain')"
 credhub_set 'pas_tcp_domain' "$(tf_value 'tcp_domain')"
 credhub_set 'pas_ssl_cert' "$(tf_value 'ssl_cert')"
 credhub_set 'pas_ssl_private_key' "$(tf_value 'ssl_private_key')"

 # PAS Load Balancers
 credhub_set 'pas_web_lb_name' "$(tf_value 'web_lb_name')"
 credhub_set 'pas_ssh_lb_name' "$(tf_value 'ssh_lb_name')"
 credhub_set 'pas_tcp_lb_name' "$(tf_value 'tcp_lb_name')"

 # PAS S3 Buckets
 credhub_set 'pas_bucket_iam_instance_profile_name' "$(tf_value 'pas_bucket_iam_instance_profile_name')"
 credhub_set 'pas_s3_kms_key_id' "$(tf_value 'blobstore_kms_key_id')"
 credhub_set 'pas_buildpacks_bucket' "$(tf_value 'pas_buildpacks_bucket')"
 credhub_set 'pas_droplets_bucket' "$(tf_value 'pas_droplets_bucket')"
 credhub_set 'pas_packages_bucket' "$(tf_value 'pas_packages_bucket')"
 credhub_set 'pas_resources_bucket' "$(tf_value 'pas_resources_bucket')"

 # MySQL Tile
 credhub_set 'mysql_bucket' "$(tf_value 'mysql_bucket')"
 credhub_set 'mysql_s3_iam_user_name' "$(tf_value 'mysql_s3_iam_user_name')"
 credhub_set 'mysql_s3_iam_user_access_key' "$(tf_value 'mysql_s3_iam_user_access_key')"
 credhub_set 'mysql_s3_iam_user_secret_key' "$(tf_value 'mysql_s3_iam_user_secret_key')"
	#!/bin/bash

	# Script to populate all of the current environment's Concourse Credhub values
	# based off the Terraform output

	set -e

	credhub_client_secret="$1"
	[[ -z "$credhub_client_secret" ]] && { echo "Error: expected the client secret for credhub_admin_client"; exit 1; }

	function tf_value {
	local o
	o=$(terraform output "$1")
	[[ -z "$o" ]] && { echo "Error: expected to find $1 in terraform output"; exit 1; }
	echo "$o"
	}

	function tf_array_value {
	local o
	o=$(terraform output -json "$1" \| jq -r ".value[$2]")
	[[ -z "$o" ]] && { echo "Error: expected to find $1 in terraform output"; exit 1; }
	echo "$o"
	}

	function credhub_login {
	credhub login --client-name=credhub_admin_client --client-secret="$credhub_client_secret" \
	--server=https://credhub.plane.example.com
	}

	function credhub_set {
	credhub set -n "/concourse/$env_name/$1" -t value -v "$2"
	}


	env_name=$(tf_value 'env_name')
	credhub_login

	# Region
	credhub_set 'iaas_configuration_region' "$(tf_value 'region')"

	# AZs
	credhub_set 'az1_name' "$(tf_array_value 'azs' '0')"
	credhub_set 'az2_name' "$(tf_array_value 'azs' '1')"
	credhub_set 'az3_name' "$(tf_array_value 'azs' '2')"

	# Infrastructure/Management Network Configuration
	credhub_set 'infra_network_az1_iaas_name' "$(tf_array_value 'infrastructure_subnet_ids' '0')"
	credhub_set 'infra_network_az2_iaas_name' "$(tf_array_value 'infrastructure_subnet_ids' '1')"
	credhub_set 'infra_network_az3_iaas_name' "$(tf_array_value 'infrastructure_subnet_ids' '2')"

	credhub_set 'infra_network_az1_cidr' "$(tf_array_value 'infrastructure_subnet_cidrs' '0')"
	credhub_set 'infra_network_az2_cidr' "$(tf_array_value 'infrastructure_subnet_cidrs' '1')"
	credhub_set 'infra_network_az3_cidr' "$(tf_array_value 'infrastructure_subnet_cidrs' '2')"

	credhub_set 'infra_network_az1_reserved_ip_range' "$(tf_array_value 'infrastructure_subnet_reserved_ranges' '0')"
	credhub_set 'infra_network_az2_reserved_ip_range' "$(tf_array_value 'infrastructure_subnet_reserved_ranges' '1')"
	credhub_set 'infra_network_az3_reserved_ip_range' "$(tf_array_value 'infrastructure_subnet_reserved_ranges' '2')"

	credhub_set 'infra_network_az1_gateway' "$(tf_array_value 'infrastructure_subnet_gateways' '0')"
	credhub_set 'infra_network_az2_gateway' "$(tf_array_value 'infrastructure_subnet_gateways' '1')"
	credhub_set 'infra_network_az3_gateway' "$(tf_array_value 'infrastructure_subnet_gateways' '2')"

	# Deployment/PAS Network Configuration
	credhub_set 'deployment_network_az1_iaas_name' "$(tf_array_value 'pas_subnet_ids' '0')"
	credhub_set 'deployment_network_az2_iaas_name' "$(tf_array_value 'pas_subnet_ids' '1')"
	credhub_set 'deployment_network_az3_iaas_name' "$(tf_array_value 'pas_subnet_ids' '2')"

	credhub_set 'deployment_network_az1_cidr' "$(tf_array_value 'pas_subnet_cidrs' '0')"
	credhub_set 'deployment_network_az2_cidr' "$(tf_array_value 'pas_subnet_cidrs' '1')"
	credhub_set 'deployment_network_az3_cidr' "$(tf_array_value 'pas_subnet_cidrs' '2')"

	credhub_set 'deployment_network_az1_reserved_ip_range' "$(tf_array_value 'pas_subnet_reserved_ranges' '0')"
	credhub_set 'deployment_network_az2_reserved_ip_range' "$(tf_array_value 'pas_subnet_reserved_ranges' '1')"
	credhub_set 'deployment_network_az3_reserved_ip_range' "$(tf_array_value 'pas_subnet_reserved_ranges' '2')"

	credhub_set 'deployment_network_az1_gateway' "$(tf_array_value 'pas_subnet_gateways' '0')"
	credhub_set 'deployment_network_az2_gateway' "$(tf_array_value 'pas_subnet_gateways' '1')"
	credhub_set 'deployment_network_az3_gateway' "$(tf_array_value 'pas_subnet_gateways' '2')"

	# Services Network Configuration
	credhub_set 'service_network_az1_iaas_name' "$(tf_array_value 'services_subnet_ids' '0')"
	credhub_set 'service_network_az2_iaas_name' "$(tf_array_value 'services_subnet_ids' '1')"
	credhub_set 'service_network_az3_iaas_name' "$(tf_array_value 'services_subnet_ids' '2')"

	credhub_set 'service_network_az1_cidr' "$(tf_array_value 'services_subnet_cidrs' '0')"
	credhub_set 'service_network_az2_cidr' "$(tf_array_value 'services_subnet_cidrs' '1')"
	credhub_set 'service_network_az3_cidr' "$(tf_array_value 'services_subnet_cidrs' '2')"

	credhub_set 'service_network_az1_reserved_ip_range' "$(tf_array_value 'services_subnet_reserved_ranges' '0')"
	credhub_set 'service_network_az2_reserved_ip_range' "$(tf_array_value 'services_subnet_reserved_ranges' '1')"
	credhub_set 'service_network_az3_reserved_ip_range' "$(tf_array_value 'services_subnet_reserved_ranges' '2')"

	credhub_set 'service_network_az1_gateway' "$(tf_array_value 'services_subnet_gateways' '0')"
	credhub_set 'service_network_az2_gateway' "$(tf_array_value 'services_subnet_gateways' '1')"
	credhub_set 'service_network_az3_gateway' "$(tf_array_value 'services_subnet_gateways' '2')"

	# Opsman
	credhub_set 'opsman_host' "$(tf_value 'ops_manager_dns')"
	credhub_set 'opsman_region' "$(tf_value 'region')"
	credhub_set 'opsman_subnet_id' "$(tf_array_value 'public_subnet_ids' '0')"
	credhub_set 'opsman_security_group_ids' "$(tf_value 'ops_manager_security_group_id')"
	credhub_set 'opsman_key_pair_name' "$(tf_value 'ops_manager_ssh_public_key_name')"
	credhub_set 'opsman_iam_instance_profile' "$(tf_value 'ops_manager_iam_instance_profile_name')"
	credhub_set 'opsman_access_key' "$(tf_value 'ops_manager_iam_user_access_key')"
	credhub_set 'opsman_secret_key' "$(tf_value 'ops_manager_iam_user_secret_key')"
	credhub_set 'opsman_ssh_key_public_key' "$(tf_value 'ops_manager_ssh_public_key')"
	credhub_set 'opsman_ssh_key_private_key' "$(tf_value 'ops_manager_ssh_private_key')"
	credhub_set 'opsman_public_ip' "$(tf_value 'ops_manager_public_ip')"
	credhub_set 'opsman_private_ip' "$(tf_value 'ops_manager_private_ip')"
	credhub_set 'opsman_s3_bucket' "$(tf_value 'ops_manager_bucket')"

	# Security Group for all BOSH deployed VMs
	credhub_set 'vms_security_group_id' "$(tf_value 'vms_security_group_id')"

	# PAS Domains/Certs
	credhub_set 'pas_apps_domain' "$(tf_value 'apps_domain')"
	credhub_set 'pas_sys_domain' "$(tf_value 'sys_domain')"
	credhub_set 'pas_tcp_domain' "$(tf_value 'tcp_domain')"
	credhub_set 'pas_ssl_cert' "$(tf_value 'ssl_cert')"
	credhub_set 'pas_ssl_private_key' "$(tf_value 'ssl_private_key')"

	# PAS Load Balancers
	credhub_set 'pas_web_lb_name' "$(tf_value 'web_lb_name')"
	credhub_set 'pas_ssh_lb_name' "$(tf_value 'ssh_lb_name')"
	credhub_set 'pas_tcp_lb_name' "$(tf_value 'tcp_lb_name')"

	# PAS S3 Buckets
	credhub_set 'pas_bucket_iam_instance_profile_name' "$(tf_value 'pas_bucket_iam_instance_profile_name')"
	credhub_set 'pas_s3_kms_key_id' "$(tf_value 'blobstore_kms_key_id')"
	credhub_set 'pas_buildpacks_bucket' "$(tf_value 'pas_buildpacks_bucket')"
	credhub_set 'pas_droplets_bucket' "$(tf_value 'pas_droplets_bucket')"
	credhub_set 'pas_packages_bucket' "$(tf_value 'pas_packages_bucket')"
	credhub_set 'pas_resources_bucket' "$(tf_value 'pas_resources_bucket')"

	# MySQL Tile
	credhub_set 'mysql_bucket' "$(tf_value 'mysql_bucket')"
	credhub_set 'mysql_s3_iam_user_name' "$(tf_value 'mysql_s3_iam_user_name')"
	credhub_set 'mysql_s3_iam_user_access_key' "$(tf_value 'mysql_s3_iam_user_access_key')"
	credhub_set 'mysql_s3_iam_user_secret_key' "$(tf_value 'mysql_s3_iam_user_secret_key')"