Skip to content

Commit

Permalink
Merge pull request #135 from ExpediaGroup/feature/fix_dd_secret
Browse files Browse the repository at this point in the history 
Feature/fix dd secret
  • Loading branch information
@githubjianli
githubjianli authored Jan 5, 2024
2 parents 7cba3e9 + 18f653c commit 8696cd5
Show file tree
Hide file tree
Showing 3 changed files with 14 additions and 12 deletions.
14 changes: 8 additions & 6 deletions common.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -51,19 +51,21 @@ data "aws_iam_policy_document" "waggle_dance_glue_policy" {


data "aws_secretsmanager_secret" "datadog_key" {
count = length(var.datadog_key_secret_name) > 0 ? 1 : 0
name = var.datadog_key_secret_name
}

data "aws_secretsmanager_secret_version" "datadog_key" {
count = length(data.aws_secretsmanager_secret.datadog_key) > 0 ? 1 : 0
secret_id = data.aws_secretsmanager_secret.datadog_key.id
count = length(var.datadog_key_secret_name) > 0 ? 1 : 0
secret_id = data.aws_secretsmanager_secret.datadog_key[0].id
}

locals {
datadog_keys = jsondecode(data.aws_secretsmanager_secret_version.datadog_key[0].secret_string)
data "external" "datadog_key" {
count = length(var.datadog_key_secret_name) > 0 ? 1 : 0
program = ["echo", "${data.aws_secretsmanager_secret_version.datadog_key[0].secret_string}"]
}

provider "datadog" {
api_key = local.datadog_keys.api_key != null ? local.datadog_keys.api_key : ""
app_key = local.datadog_keys.app_key != null ? local.datadog_keys.app_key : ""
api_key = chomp(data.external.datadog_key[0].result["api_key"])
app_key = chomp(data.external.datadog_key[0].result["app_key"])
}
10 changes: 5 additions & 5 deletions templates.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -197,11 +197,11 @@ data "template_file" "datadog-agent" {
template = file("${path.module}/templates/datadog-agent.json")

vars = {
region = var.aws_region
loggroup = var.wd_instance_type == "ecs" ? join("", aws_cloudwatch_log_group.waggledance_ecs.*.name) : ""
datadog_secret_key = jsondecode(data.aws_secretsmanager_secret_version.datadog_key[0].secret_string).api_key
wd_instance_type = var.wd_instance_type
metrics_port = var.metrics_port
region = var.aws_region
loggroup = var.wd_instance_type == "ecs" ? join("", aws_cloudwatch_log_group.waggledance_ecs.*.name) : ""
datadog_secret_key = length(var.datadog_key_secret_name) > 0 ? chomp(data.external.datadog_key[0].result["api_key"]) : ""
wd_instance_type = var.wd_instance_type
metrics_port = var.metrics_port
datadog_agent_version = var.datadog_agent_version
}
}
2 changes: 1 addition & 1 deletion variables.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -381,7 +381,7 @@ variable "tcp_keepalive_probes" {
variable "datadog_key_secret_name" {
description = "Name of the secret containing the DataDog API key. This needs to be created manually in AWS secrets manager. This is only applicable to ECS deployments."
type = string
default = null
default = ""
}

variable "datadog_agent_version" {
Expand Down

0 comments on commit 8696cd5

Please sign in to comment.