diff --git a/data.tf b/data.tf index 48c32a7..661d4aa 100644 --- a/data.tf +++ b/data.tf @@ -3,7 +3,6 @@ data "vault_generic_secret" "dns" { path = "secret/dns" } -# Optional: Get Ansible EDA secrets from Vault (uncomment if needed) -#data "vault_generic_secret" "ansible_eda" { -# path = "secret/ansible-eda" -#} +data "vault_generic_secret" "renovate" { + path = "secret/renovate" +} diff --git a/main.tf b/main.tf index 3554aad..46fc300 100644 --- a/main.tf +++ b/main.tf @@ -32,9 +32,9 @@ resource "docker_container" "renovate" { # Environment variables for Renovate env = concat( [ - "RENOVATE_PLATFORM=${var.renovate_platform}", - "RENOVATE_ENDPOINT=${var.renovate_endpoint}", - "RENOVATE_TOKEN=${var.renovate_token}", + "RENOVATE_PLATFORM=${data.vault_generic_secret.renovate.data["renovate_platform"]}", + "RENOVATE_ENDPOINT=${data.vault_generic_secret.renovate.data["renovate_endpoint"]}", + "RENOVATE_TOKEN=${data.vault_generic_secret.renovate.data["renovate_token"]}", "RENOVATE_GIT_AUTHOR=${var.renovate_git_author}", "RENOVATE_AUTODISCOVER=${var.renovate_autodiscover}", "LOG_LEVEL=${var.log_level}" diff --git a/variables.tf b/variables.tf index 0ef704e..e215c9c 100644 --- a/variables.tf +++ b/variables.tf @@ -52,34 +52,6 @@ variable "create_cname_record" { } # Renovate Platform Configuration -variable "renovate_platform" { - description = "Git platform to use (gitea, github, gitlab, etc.)" - type = string - default = "gitea" -} - -variable "renovate_endpoint" { - description = "API endpoint for the git platform (e.g., https://gitea.example.com/api/v1/)" - type = string -} - -variable "renovate_token" { - description = "Personal access token for Renovate bot authentication" - type = string - sensitive = true -} - -variable "renovate_git_author" { - description = "Git author for Renovate commits (e.g., 'Renovate Bot ')" - type = string - default = "Renovate Bot " -} - -variable "renovate_username" { - description = "Username of the Renovate bot account" - type = string - default = "renovate-bot" -} variable "renovate_autodiscover" { description = "Enable autodiscovery of repositories"