X-Git-Url: https://gerrit.akraino.org/r/gitweb?a=blobdiff_plain;f=deploy%2Fsite%2Fcommon.sh;h=47f82b7036e8c5b062e3f7821a639efb0893885c;hb=8fcb874a6e5ec52b4a6ac80cb7f34c7baccd8c17;hp=b20bae5de1004653e8a675f35e53b807cef529e9;hpb=994f7224dbd6ab85016e9aad4fb47ee39890406d;p=icn.git

diff --git a/deploy/site/common.sh b/deploy/site/common.sh
index b20bae5..47f82b7 100644
--- a/deploy/site/common.sh
+++ b/deploy/site/common.sh
@@ -24,36 +24,49 @@ function export_gpg_private_key {
     gpg --export-secret-keys --armor "$(_gpg_key_fp $1)"
 }
 
-function sops_encrypt_site {
-    local -r site_yaml=$1
+function sops_encrypt {
+    local -r yaml=$1
     local -r key_name=$2
 
-    local -r site_dir=$(dirname ${site_yaml})
+    local -r yaml_dir=$(dirname ${yaml})
     local -r key_fp=$(_gpg_key_fp ${key_name})
 
     # Commit the public key to the repository so that team members who
     # clone the repo can encrypt new files
-    echo "Creating ${site_dir}/sops.pub.asc with public key used to encrypt secrets"
-    gpg --export --armor "${key_fp}" >${site_dir}/sops.pub.asc
+    echo "Creating ${yaml_dir}/sops.pub.asc with public key used to encrypt secrets"
+    gpg --export --armor "${key_fp}" >${yaml_dir}/sops.pub.asc
 
     # Add .sops.yaml so users won't have to worry about specifying the
     # proper key for the target cluster or namespace
-    echo "Creating ${site_dir}/.sops.yaml SOPS configuration file"
-    cat <<EOF > ${site_dir}/.sops.yaml
+    echo "Creating ${yaml_dir}/.sops.yaml SOPS configuration file"
+    cat <<EOF > ${yaml_dir}/.sops.yaml
 creation_rules:
   - path_regex: .*.yaml
-    encrypted_regex: ^(bmcPassword|hashedPassword)$
+    encrypted_regex: ^(bmcPassword|decryptionSecret|hashedPassword|emcoPassword|rootPassword)$
     pgp: ${key_fp}
 EOF
 
-    sops --encrypt --in-place --config=${site_dir}/.sops.yaml ${site_yaml}
+    sops --encrypt --in-place --config=${yaml_dir}/.sops.yaml ${yaml}
 }
 
-function sops_decrypt_site {
-    local -r site_yaml=$1
+function sops_decrypt {
+    local -r yaml=$1
 
-    local -r site_dir=$(dirname ${site_yaml})
-    sops --decrypt --in-place --config=${site_dir}/.sops.yaml ${site_yaml}
+    local -r yaml_dir=$(dirname ${yaml})
+    sops --decrypt --in-place --config=${yaml_dir}/.sops.yaml ${yaml}
+}
+
+function flux_site_source_name {
+    local -r url=$1
+    local -r branch=$2
+    echo $(basename ${url})-${branch}
+}
+
+function flux_site_kustomization_name {
+    local -r url=$1
+    local -r branch=$2
+    local -r path=$3
+    echo $(flux_site_source_name ${url} ${branch})-site-$(basename ${path})
 }
 
 function flux_create_site {
@@ -62,8 +75,8 @@ function flux_create_site {
     local -r path=$3
     local -r key_name=$4
 
-    local -r source_name="$(basename ${url})-${branch}"
-    local -r kustomization_name="${source_name}-site-$(basename ${path})"
+    local -r source_name=$(flux_site_source_name ${url} ${branch})
+    local -r kustomization_name=$(flux_site_kustomization_name ${url} ${branch} ${path})
     local -r key_fp=$(gpg --with-colons --list-secret-keys ${key_name} | awk -F: '/fpr/ {print $10;exit}')
     local -r secret_name="${key_name}-sops-gpg"