Skip to content

Commit

Permalink
feat: add support for symfony secrets (#22)
Browse files Browse the repository at this point in the history
  • Loading branch information
@aegypius
aegypius authored Jun 3, 2022
1 parent aafd5a6 commit 6c7014d
Show file tree
Hide file tree
Showing 4 changed files with 25 additions and 0 deletions.
2 changes: 2 additions & 0 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,8 @@ Common deploy tasks for projects made at Le Phare.
* [Workflow overview](docs/workflow.md)
* Composer:
* [Private registry](docs/composer/private-registry.md)
* Symfony:
* [Secrets](docs/symfony/secrets.md)

## Role Variables

Expand Down
7 changes: 7 additions & 0 deletions config/before_composer.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,3 +11,10 @@
login_password: "{{ app_database_password }}"
state: dump
target: "{{ ansistrano_deploy_to }}/{{ ansistrano_current_dir }}/{{ db_pull_remote_database_name }}.sql.gz"

- name: Setup {{ symfony_env }} secrets decrypt key
template:
src: symfony/secrets_private.php.j2
dest: "{{ ansistrano_release_path.stdout }}/config/secrets/{{ symfony_env }}/{{ symfony_env }}.decrypt.private.php"
mode: 0644
when: symfony_secret_private_key is defined
13 changes: 13 additions & 0 deletions docs/symfony/secrets.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
# Symfony secrets

## Conditions

`symfony_secret_private_key` must be set (in the vault).

## When

During `lephare_symfony_before_composer_tasks_file`

## Description

Creates a `decrypt.private.php` file in the `config/secret` directory allowing to use symfony secrets seamlessly.
3 changes: 3 additions & 0 deletions templates/symfony/secrets_private.php.j2
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
<?php // {{ symfony_env }}.decrypt.private on {{ now(False, '%a, %d %b %Y %H:%M:%S %z') }}

return "{{ symfony_secret_private_key }}";

0 comments on commit 6c7014d

Please sign in to comment.