CSTF/wild-cloud
1
1
Fork 0
Code Issues 12 Pull Requests Actions Packages Projects 1 Releases 1 Wiki Activity

Fix wild-app-add secret generation.

Browse Source
This commit is contained in:
Paul Payne
2025-08-03 12:24:21 -07:00
parent 800f6da0d9
commit d3260d352a
1 changed files with 10 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
bin/wild-app-add
View File

@@ -135,16 +135,11 @@ fi
if yq eval '.defaultConfig' "${DEST_APP_DIR}/manifest.yaml" | grep -q -v '^null$'; then
echo "Merging defaultConfig from manifest.yaml into .wildcloud/config.yaml"
# Check if the app config already exists
if yq eval ".apps.${APP_NAME}" "${CONFIG_FILE}" | grep -q '^null$'; then
yq eval ".apps.${APP_NAME} = {}" -i "${CONFIG_FILE}"
fi
# Merge defaultConfig into the app config, preserving nested structure
# This preserves the nested structure for objects like resources.requests.memory
# Merge defaultConfig into the app config, preserving existing values
# This preserves existing configuration values while adding missing defaults
temp_manifest=$(mktemp)
yq eval '.defaultConfig' "${DEST_APP_DIR}/manifest.yaml" > "$temp_manifest"
yq eval ".apps.${APP_NAME} = (.apps.${APP_NAME} // {}) * load(\"$temp_manifest\")" -i "${CONFIG_FILE}"
yq eval ".apps.${APP_NAME} = load(\"$temp_manifest\") * (.apps.${APP_NAME} // {})" -i "${CONFIG_FILE}"
rm "$temp_manifest"
# Process template variables in the merged config
@@ -164,6 +159,9 @@ if yq eval '.defaultConfig' "${DEST_APP_DIR}/manifest.yaml" | grep -q -v '^null$
mv "$temp_config" "${CONFIG_FILE}"
echo "Merged defaultConfig for app '${APP_NAME}'"
# Remove defaultConfig from the copied manifest since it's now in config.yaml
yq eval 'del(.defaultConfig)' -i "${DEST_APP_DIR}/manifest.yaml"
fi
# Scaffold required secrets into .wildcloud/secrets.yaml if they don't exist
@@ -188,16 +186,16 @@ if yq eval '.requiredSecrets' "${DEST_APP_DIR}/manifest.yaml" | grep -q -v '^nul
yq eval ".apps.${APP_NAME} = {}" -i "${SECRETS_FILE}"
fi
# Add dummy values for each required secret if not already present
yq eval '.requiredSecrets[]' "${DEST_APP_DIR}/manifest.yaml" | while read -r secret_path; do
# Add random values for each required secret if not already present
while read -r secret_path; do
current_value=$(yq eval ".${secret_path} // \"null\"" "${SECRETS_FILE}")
if [ "${current_value}" = "null" ]; then
echo "Adding random secret: ${secret_path}"
random_secret=$(tr -dc 'a-zA-Z0-9' < /dev/urandom | head -c 6)
random_secret=$(openssl rand -base64 32 | tr -d "=+/" | cut -c1-32)
yq eval ".${secret_path} = \"${random_secret}\"" -i "${SECRETS_FILE}"
fi
done
done < <(yq eval '.requiredSecrets[]' "${DEST_APP_DIR}/manifest.yaml")
echo "Required secrets scaffolded for app '${APP_NAME}'"
fi