X-Git-Url: https://gerrit.akraino.org/r/gitweb?a=blobdiff_plain;f=deploy%2Fsite%2Fvm%2Fvm.sh;h=b35784d12a2796c034d6b0f8d77b3cbce543f192;hb=878ea0c739ece152793328a795780c734e4ac9b2;hp=13088548ac032c8803ec3b3533625062ce4f9e34;hpb=0b56dfc41bd40f0e59a4a8f65a1fdf184e74747d;p=icn.git

diff --git a/deploy/site/vm/vm.sh b/deploy/site/vm/vm.sh
index 1308854..b35784d 100755
--- a/deploy/site/vm/vm.sh
+++ b/deploy/site/vm/vm.sh
@@ -15,15 +15,16 @@ SITE_BRANCH=${SITE_BRANCH:-"master"}
 SITE_PATH=${SITE_PATH:-"deploy/site/vm"}
 
 FLUX_SOPS_KEY_NAME=${FLUX_SOPS_KEY_NAME:-"icn-site-vm"}
+FLUX_SOPS_PRIVATE_KEY="${SCRIPTDIR}/../secrets/sops.asc"
 
 # !!!NOTE!!! THE KEYS USED BELOW ARE FOR TEST PURPOSES ONLY.  DO NOT
 # USE THESE OUTSIDE OF THIS ICN VIRTUAL TEST ENVIRONMENT.
 function build_source {
     # First decrypt the existing site YAML, otherwise we'll be
     # attempting to encrypt it twice below
-    if [[ -f ${SCRIPTDIR}/sops.asc ]]; then
-	gpg --import ${SCRIPTDIR}/sops.asc
-	sops_decrypt_site ${SCRIPTDIR}/site.yaml
+    if [[ -f ${FLUX_SOPS_PRIVATE_KEY} ]]; then
+	gpg --import ${FLUX_SOPS_PRIVATE_KEY}
+	sops_decrypt ${SCRIPTDIR}/site.yaml
     fi
 
     # Generate user password and authorized key in site YAML
@@ -38,14 +39,14 @@ function build_source {
 
     # Encrypt the site YAML
     create_gpg_key ${FLUX_SOPS_KEY_NAME}
-    sops_encrypt_site ${SCRIPTDIR}/site.yaml ${FLUX_SOPS_KEY_NAME}
+    sops_encrypt ${SCRIPTDIR}/site.yaml ${FLUX_SOPS_KEY_NAME}
 
     # ONLY FOR TEST ENVIRONMENT: save the private key used
-    export_gpg_private_key ${FLUX_SOPS_KEY_NAME} >${SCRIPTDIR}/sops.asc
+    export_gpg_private_key ${FLUX_SOPS_KEY_NAME} >${FLUX_SOPS_PRIVATE_KEY}
 }
 
 function deploy {
-    gpg --import ${SCRIPTDIR}/sops.asc
+    gpg --import ${FLUX_SOPS_PRIVATE_KEY}
     flux_create_site ${SITE_REPO} ${SITE_BRANCH} ${SITE_PATH} ${FLUX_SOPS_KEY_NAME}
 }