blsmith/dc-deployments-automation
1
0
Fork 0
mirror of https://bitbucket.org/atlassian/dc-deployments-automation.git synced 2025-12-13 00:13:09 -06:00
Code Issues Packages Projects Releases Wiki Activity

Merged in secrets-manager-confluence (pull request #197)

Browse Source 
Generate secretsmanager properties in confluence.cfg.xml

Approved-by: Dylan Rathbone
This commit is contained in:
Eugene Ivantsov
2023-07-21 02:06:59 +00:00
parent ead97d7976 ed9ab4bcf0
commit ff87e1cc63
2 changed files with 9 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
group_vars/aws_node_local.yml
View File

@@ -118,6 +118,9 @@ atl_jdbc_query_params_for_engine:
aurora_postgres: "?targetServerType=master"
atl_jdbc_url: "jdbc:postgresql://{{ atl_db_host }}:{{ atl_db_port }}/{{ atl_jdbc_db_name }}{{ atl_jdbc_query_params_for_engine[atl_db_engine] | default('') }}"
atl_secretsmanager_aws_region: "{{ lookup('env', 'ATL_SECRETSMANAGER_AWS_REGION') }}"
atl_secretsmanager_aws_secret_id: "{{ lookup('env', 'ATL_SECRETSMANAGER_AWS_SECRET_ID') }}"
atl_jvm_heap: "{{ lookup('env', 'ATL_JVM_HEAP') or '2048m' }}"
atl_jvm_opts: "{{ lookup('env', 'ATL_JVM_OPTS') or '' }}"
atl_catalina_opts: "{{ lookup('env', 'ATL_CATALINA_OPTS') or '' }}"

6
roles/confluence_config/templates/confluence.cfg.xml.j2
View File

@@ -17,7 +17,13 @@
<property name="hibernate.connection.driver_class">{{ atl_db_driver }}</property>
<property name="hibernate.connection.url">{{ atl_jdbc_url }}</property>
<property name="hibernate.connection.username">{{ atl_jdbc_user }}</property>
{% if atl_product_version.split(".")[:2] | join(".") is version('8.6', '>=') and atl_secretsmanager_aws_region is defined and atl_secretsmanager_aws_region != "" and atl_secretsmanager_aws_secret_id is defined and atl_secretsmanager_aws_secret_id != "" -%}
<property name="jdbc.password.decrypter.classname">com.atlassian.secrets.store.aws.AwsSecretsManagerStore</property>
<property name="hibernate.connection.password">{"region": "{{ atl_secretsmanager_aws_region }}", "secretId": "{{ atl_secretsmanager_aws_secret_id }}"}</property>
{% else -%}
<property name="hibernate.connection.password">{{ atl_jdbc_password | replace("&", "&amp;") }}</property>
{% endif -%}
{# Confluence versions 7.13 and newer #}
{% if (atl_product_version.split(".")[0] | int() == 7 and atl_product_version.split(".")[1] | int() <= 13) or atl_product_version.split(".")[0] | int() < 7 %}