46afa85b01
- Replace subPath ConfigMap mount with init container that copies openclaw.json to writable NFS home (OpenClaw writes back to the file at runtime) - Remove invalid memory-api plugin references causing "Config invalid" - Increase memory to 2Gi (req+limit) with NODE_OPTIONS=--max-old-space-size=1536 - Fix tg wrapper to inject -auto-approve when apply --non-interactive is used
45 lines
1.2 KiB
Bash
Executable file
45 lines
1.2 KiB
Bash
Executable file
#!/usr/bin/env bash
|
|
# scripts/tg — wrapper: decrypt secrets then run terragrunt
|
|
# Usage: scripts/tg apply --non-interactive
|
|
# scripts/tg run --all -- plan
|
|
set -euo pipefail
|
|
|
|
REPO_ROOT="$(cd "$(dirname "$0")/.." && pwd)"
|
|
SOPS_FILE="$REPO_ROOT/secrets.sops.json"
|
|
OUT_FILE="$REPO_ROOT/secrets.auto.tfvars.json"
|
|
|
|
# Decrypt if needed (skips if already decrypted and up-to-date)
|
|
if [ -f "$SOPS_FILE" ]; then
|
|
if [ ! -f "$OUT_FILE" ] || [ "$SOPS_FILE" -nt "$OUT_FILE" ]; then
|
|
TEMP=$(mktemp "$OUT_FILE.XXXXXX")
|
|
trap "rm -f '$TEMP'" EXIT
|
|
sops -d "$SOPS_FILE" > "$TEMP"
|
|
mv "$TEMP" "$OUT_FILE"
|
|
echo "Decrypted secrets.sops.json → secrets.auto.tfvars.json"
|
|
fi
|
|
fi
|
|
|
|
# If running apply with --non-interactive, add -auto-approve for Terraform
|
|
args=("$@")
|
|
has_apply=false
|
|
has_non_interactive=false
|
|
for arg in "${args[@]}"; do
|
|
case "$arg" in
|
|
apply) has_apply=true ;;
|
|
--non-interactive) has_non_interactive=true ;;
|
|
esac
|
|
done
|
|
|
|
if $has_apply && $has_non_interactive; then
|
|
# Rebuild args: insert -auto-approve after apply
|
|
new_args=()
|
|
for arg in "${args[@]}"; do
|
|
new_args+=("$arg")
|
|
if [ "$arg" = "apply" ]; then
|
|
new_args+=("-auto-approve")
|
|
fi
|
|
done
|
|
exec terragrunt "${new_args[@]}"
|
|
else
|
|
exec terragrunt "$@"
|
|
fi
|