diff --git a/deploy.tf b/deploy.tf index 0bc9a6e51d9398be610475ca3d1dd3521e222dc4..7a975e157c4646b4a591ee0f7be1cc2966099b6d 100644 --- a/deploy.tf +++ b/deploy.tf @@ -157,16 +157,16 @@ resource "openstack_compute_keypair_v2" "localkey" { name = var.domain } -resource "local_file" "localkey" { +resource "local_sensitive_file" "localkey" { filename = local.keyfile file_permission = "0600" - sensitive_content = openstack_compute_keypair_v2.localkey.private_key + content = openstack_compute_keypair_v2.localkey.private_key } -resource "local_file" "output" { +resource "local_sensitive_file" "output" { filename = "config.json" file_permission = "0600" - sensitive_content = jsonencode(local.output) + content = jsonencode(local.output) } resource "openstack_compute_instance_v2" "server" { @@ -227,7 +227,7 @@ resource "null_resource" "deployment" { command = <<EOF eval $(ssh-agent -s) trap "kill $SSH_AGENT_PID" INT TERM -ssh-add ${local_file.localkey.filename} +ssh-add ${local_sensitive_file.localkey.filename} ip=${openstack_compute_floatingip_associate_v2.server-fip-1.floating_ip} remote="ssh -o PreferredAuthentications=publickey deployadm@$ip" @@ -236,8 +236,8 @@ ssh-keygen -R $ip while ! $remote -o ConnectTimeout=15 -o StrictHostKeyChecking=no :; do sleep 15; done if [ -z "$NO_DEPLOYMENT" ]; then git archive HEAD | $remote 'rm -rf terraform; mkdir terraform; cd terraform; tar x' - scp -o PreferredAuthentications=publickey -p ${local_file.output.filename} deployadm@$ip:~/terraform/ - $remote -o ForwardAgent=yes "cd terraform; SENSITIVE=$SENSITIVE ./orchestrate.py -c ${local_file.output.filename}" + scp -o PreferredAuthentications=publickey -p ${local_sensitive_file.output.filename} deployadm@$ip:~/terraform/ + $remote -o ForwardAgent=yes "cd terraform; SENSITIVE=$SENSITIVE ./orchestrate.py -c ${local_sensitive_file.output.filename}" fi kill $SSH_AGENT_PID