controller_credential_input_sources.yml.j2 template

This template just ensures the correct variable header is placed in the file, including the correct content.
As there are no real secrets in here, encryption is not needed.

This template renders input sources for the HashiCorp vault used in this project, for other vault implementations, you will need to adapt this.

---
{% set curr_env=curr_file.split(',')[0] %}
{% if code_environment_vars[curr_env]['credential_input_sources'] | length > 0  %}
controller_credential_input_sources_{{ curr_env }}:
  {% for item in code_environment_vars[curr_env]['credential_input_sources'] %}
  - source_credential: {{ item.source_credential }}
    target_credential: {{ item.target_credential }}
    input_field_name: {{ item.input_field_name }}
    description: {{ item.description }}
    metadata:
      secret_backend: {{ item['metadata']['secret_backend'] }}
      secret_path: {{ item['metadata']['secret_path'] }}
      secret_key: {{ item['metadata']['secret_key'] }}
  {% endfor %}
...
{% else %}
controller_credential_input_sources_{{ curr_env }}: []
{% endif %}

Back