Skip to content

Commit 83fe7c4

Browse files
xnotoxnoto
committed
security: rotate AWX password, write tfplan to /tmp
1 parent 5237c2e commit 83fe7c4

File tree

2 files changed

+6
-6
lines changed

2 files changed

+6
-6
lines changed

Makefile

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -42,9 +42,9 @@ init: clean .terraform/terraform.tfstate
4242
plan: init .terraform/plan
4343

4444
.terraform/plan:
45-
@${TERRAFORM} plan -compact-warnings -no-color -out tfplan.bin
46-
@${TERRAFORM} show -no-color tfplan.bin | tee plan-output.txt
47-
@rm -f tfplan.bin
45+
@${TERRAFORM} plan -compact-warnings -no-color -out /tmp/tfplan.bin
46+
@${TERRAFORM} show -no-color /tmp/tfplan.bin | tee plan-output.txt
47+
@rm -f /tmp/tfplan.bin
4848

4949
apply: init .terraform/apply
5050

secrets/secrets.yaml

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -10,7 +10,7 @@ s3_access_key: ENC[AES256_GCM,data:dvhYpsqgxm2hpNjuNA5SDPR4leU=,iv:ejPmt4Kqk9pRu
1010
s3_secret_key: ENC[AES256_GCM,data:9kgVRgWrIusg4F7NqIfAX5GxR1ya7sY/mCdOaoV6+v+SYJxDxpR2zg==,iv:/qUB565Eh31SOtF1YvyLdxxFftHqRDsFdRTUoyq2w08=,tag:IDS3RQlgVsg1LU8OxGRXSg==,type:str]
1111
awx_controller: ENC[AES256_GCM,data:zyrk6j48ssU16V1jxUUHrQrJzd/lBp6ZsLW06a2AvqI=,iv:DJ9SG7CaX39yIwHvtL3l7j1xP+jDz9RQfR8t0KE9nO8=,tag:aYetqf1tdh7WlE4Q3Wm30A==,type:str]
1212
awx_username: ENC[AES256_GCM,data:6sfFzVI=,iv:HG6k+IENkHdxD/vRKoip5tvUhfjCHvDwZcN3s9H0yFg=,tag:hNfP5Er4F230wcfqVwHtuw==,type:str]
13-
awx_password: ENC[AES256_GCM,data:g4NFyxEghnlXTFFljO++EBOHe8ypjn2TW5kW4f736PE=,iv:N8oyLQvq8IqCHPaZyGILnU34RQCpkhC8+iwJDGGpJ7w=,tag:Uor36E3t61wJyKJeeI53PQ==,type:str]
13+
awx_password: ENC[AES256_GCM,data:4Vc5Up89WY9HSfmW6Q4VRBbs6YPyqLjt1rO1wlW+ANg=,iv:Ub9PGKrrTDlqDmVuBBZfGUXwHHF2rjE3A4ISxLfJPb4=,tag:WXyxjUKUy4neENSp4Qte1Q==,type:str]
1414
sops:
1515
age:
1616
- recipient: age152ek83tm4fj5u70r3fecytn4kg7c5xca24erjchxexx4pfqg6das7q763l
@@ -22,7 +22,7 @@ sops:
2222
R05MZlJDY1JnVjBlb01Hdm10d3k3VXMKpYhy+H82z9yBAREn2O0cUQp+m9laXyAx
2323
5Hn86bDGLP4LxsVKbQS/77Weg0HI26WsKkTwOR8DB72TFia1SzQNqQ==
2424
-----END AGE ENCRYPTED FILE-----
25-
lastmodified: "2025-12-22T01:10:41Z"
26-
mac: ENC[AES256_GCM,data:LJ2hABhx31ZqPy0BBxu9WPqeg5sYwG3nq0zPP/nN+ShqaXLWL8gDyTxypmIctrvD6a8ANAYiys2/nDuGbQPOsFE9Ru7QztgkWvT6Cf5QOcnZVBEVAM23tT/6994w2uGd1aMonqyguarX/d4W/GYrEIEHFMWPiA1MMKLZvpTNK7g=,iv:IX7jlO408xajBIf/6V25UD3VNB2EOu/7j/wcqPRLrws=,tag:ovGeY95obCUQOPYzvVe3Sw==,type:str]
25+
lastmodified: "2025-12-22T02:47:11Z"
26+
mac: ENC[AES256_GCM,data:I6pnR7D7FRyakhRbewO1/pIFr/E4wtwekW6EXHIYhsmSf/+PuZzPYOrEWz8b4NvJNRA5llzv/mwiAzFxJMpvZ4OmA7ZW/0l+jJyLRX2WyotJ/vDRbdgRtR3uDE3YivsxtYLUpdsIab6bGzadwGqusIN+vIJlZwtrMwJh/HP4wiI=,iv:dhepV5lMHfyN4eZRL9jcJVkR4zNNfd2iCghq2i0dXyg=,tag:3DlqgxossCGXUonVVz6vHQ==,type:str]
2727
unencrypted_suffix: _unencrypted
2828
version: 3.10.2

0 commit comments

Comments
 (0)