Last active
February 27, 2021 06:30
-
-
Save socketbox/7cf5da2b9543fd810a750a57b94115ef to your computer and use it in GitHub Desktop.
Script to automate importing of existing secrets in a GCP project
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| set -euo pipefail | |
| filename='secmgr.tf' | |
| proj_id=$1 | |
| sec_list=$(gcloud secrets list --format="table[no-heading](name.basename())") | |
| for s in ${sec_list[*]}; | |
| do | |
| #needs bash>=4.0 | |
| slc="${s,,}" | |
| #write skeleton resources to file such that state can be imported from remote environment | |
| sec_res_string="resource \"google_secret_manager_secret\" \"${slc}\" { }" | |
| echo $sec_res_string >> ${filename} | |
| sec_ver_res_string="resource \"google_secret_manager_secret_version\" \"${slc}-latest\" { }" | |
| echo $sec_ver_res_string >> ${filename} | |
| done | |
| for s in ${sec_list[*]}; | |
| do | |
| #needs bash>=4.0 | |
| slc="${s,,}" | |
| #do import using resource declaration we just wrote | |
| terraform import google_secret_manager_secret.${slc} projects/${proj_id}/secrets/${s} | |
| terraform import google_secret_manager_secret_version.${slc}-latest projects/${proj_id}/secrets/${s}/versions/latest | |
| done | |
| exit 0 | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment