controller_credentials.yml.j2 template

This template just ensures the correct variable header is placed in the file, including its content.
The content is read from the file "other_vars.yml" Normally, there would be no secrets in this file, so no encryption is needed.

---
{% set curr_env=curr_file.split(',')[0] %}
{% if code_environment_vars[curr_env]['credentials'] | length > 0  %}
controller_credentials_{{ curr_env }}:
  {% for item in code_environment_vars[curr_env]['credentials'] %}
  - name: {{ item.name }}
    description: {{ item.description }}
    organization: {{ organization_long_name | upper }}
    credential_type: {{ item.credential_type }}
    {% if item.inputs is defined %}
    inputs:
      url: {{ vault_url }}
      token: "{{ '{{' }} vault_token {{ '}}' }}"
      namespace: {{ curr_env }}
      api_version: v1
      default_auth_path: token
    {% endif %}

  {% endfor %}
...
{% else %}
controller_credentials_{{ curr_env }}: []
{% endif %}

Back