diff options
| -rw-r--r-- | TODOs.org | 5 | ||||
| -rwxr-xr-x | scripts/ci/mail.sh | 4 | ||||
| -rw-r--r-- | secrets/envrc.sh | bin | 2738 -> 2769 bytes |
3 files changed, 6 insertions, 3 deletions
@@ -143,11 +143,12 @@ Right now, secrets are scattered between the two repositories. By moving I can c ** TODO Run backup on Terraform destroy action instead of manually in =provision.sh= ** DONE Explicitly destroy Droplets before running Terraform apply CLOSED: [2019-06-05 Wed 19:48] -** TODO Store updated =.tfstate= even in case of deployment failure +** NEXT Store updated =.tfstate= even in case of deployment failure Right now the script fails on Terraform commands before reaching git commands. I should trap the error, store on git and only then fail. ** DONE Fix alias in =bash-profile.sh= CLOSED: [2019-06-10 Mon 09:01] -** TODO Email verbose (Ansible) log files in case of error +** DONE Email verbose (Ansible) log files in case of error +CLOSED: [2019-06-10 Mon 16:59] builds.sr.ht only emails the link. Should it be extended to support encrypted log attachments? ** TODO Use environment variables for SSH key paths and volume mounts ** DONE Don't allow backups to fail diff --git a/scripts/ci/mail.sh b/scripts/ci/mail.sh index 420c35f..8585cf1 100755 --- a/scripts/ci/mail.sh +++ b/scripts/ci/mail.sh @@ -35,6 +35,8 @@ EOF ) cat ./logs/*.txt > "${ATTACHMENT_PATH}" +gpg -r "${GPG_TO}" \ + -e "${ATTACHMENT_PATH}" curl "${MAILGUN_URL}" \ -s \ @@ -43,4 +45,4 @@ curl "${MAILGUN_URL}" \ -F to="${MAILGUN_TO}" \ -F subject="${SUBJECT}" \ -F text="${BODY}" \ - -F attachment="@${ATTACHMENT_PATH}" + -F attachment="@${ATTACHMENT_PATH}.gpg" diff --git a/secrets/envrc.sh b/secrets/envrc.sh Binary files differindex 62b27c6..10efe8e 100644 --- a/secrets/envrc.sh +++ b/secrets/envrc.sh |