From build machine we’ll use AWS, BitBucket and DockerHub and I want to automate auth process.
I can place login procedure to script, but I don’t want to store any keys in scripts.
So let’s create folder called “secret” to which we’ll place files with credentials.
This folder can be placed in Git repo or it can be transferred to build machine using SFTP.
Now we need to generate files with credentials for:
1. BitBucket
2. AWS
3. DockerHub
4. ssmtp (email)
5. mongoDB
1. BitBucket – we’ll use Deployment key:
2. AWS – we’ll sign in from cli on local machine and copy ~/.aws/credentials file to “secret” folder:
Please remember that AWS account must have AWSElasticBeanstalkFullAccess permissions.
3. DockerHub – we’ll sign in from cli on local machine and copy content of ~/.docker/config.json to ~/dockerconfig.
We need to remove auths block from ~/dockerconfig:
Than we need to create new S3 bucket in the same region as EBS will be deployed in and upload dockerconfig file to this bucket:
Finally, we need to copy ~/.docker/config.json file to “secret” folder:
4. SSMTP – We’ll create ssmtp.conf file with credentials:
5. MongoDB – we’ll store credentials in mongoConnStr file:
That’s all about credentials story, so let’s move forward to “build machine”.