Revert "Merge pull request #60 from stackhpc/secret-fix"

This reverts commit 36ec290, reversing
changes made to 534a2d9.

Author: assumptionsandg

scripts/config-diff.sh

@@ -30,7 +30,16 @@ function pre_config_init {
 }
 
 function post_config_init {
-    find_redacted_files "/src/etc/kayobe"
+    KAYOBE_CONFIG_SECRET_PATHS_DEFAULT=(
+        "etc/kayobe/kolla/passwords.yml"
+        "etc/kayobe/secrets.yml"
+        "etc/kayobe/environments/$KAYOBE_ENVIRONMENT/secrets.yml"
+        "etc/kayobe/environments/$KAYOBE_ENVIRONMENT/kolla/passwords.yml"
+        ${KAYOBE_CONFIG_SECRET_PATHS_EXTRA[@]}
+    )
+    KAYOBE_CONFIG_SECRET_PATHS=("${KAYOBE_CONFIG_SECRET_PATHS[@]:-${KAYOBE_CONFIG_SECRET_PATHS_DEFAULT[@]}}")
+
+    find_redacted_files "/stack/kayobe-automation-env/src/kayobe-config/etc/kayobe"
 
     # Some values are currently determined dynamically from container versions
     export KAYOBE_AUTOMATION_CONFIG_DIFF_FLUENTD_BINARY="${KAYOBE_AUTOMATION_CONFIG_DIFF_FLUENTD_BINARY:-td-agent}"
@@ -42,40 +51,21 @@ function post_config_init {
 
 function find_redacted_files {
     KAYOBE_CONFIG_VAULTED_FILES_PATHS=()
-    KAYOBE_CONFIG_SECRET_PATHS=()
     local directory="$1"
 
-    # Define forbidden paths patterns
-    KAYOBE_CONFIG_FORBIDDEN_ENVIRONMENTS=(
-        "aufn-ceph"
-        "ci-aio"
-        "ci-builder"
-        "ci-multinode")
+    echo $directory
 
     # Search for vaulted files recursively in the directory
     while IFS= read -r -d '' file; do
-        # Check if the file path contains any forbidden path patterns
-        local ignore_file=false
-        for pattern in "${KAYOBE_CONFIG_FORBIDDEN_ENVIRONMENTS[@]}"; do
-            if [[ "$file" == *"environments/${pattern}"* ]]; then
-                ignore_file=true
-                break
-            fi
-        done
-        # Continue to the next file if this one should be ignored
-        if [ "$ignore_file" = true ]; then
-            continue
-        fi
-        if head -n 1 "$file" | grep -q "ANSIBLE_VAULT;1"; then
+        if grep -q "ANSIBLE_VAULT;1" "$file"; then
             truncated_path="${file#"$directory/"}"
             vaulted_file="etc/kayobe/$truncated_path"
-            if [[ "$vaulted_file" == *.yml ]]; then
-                KAYOBE_CONFIG_SECRET_PATHS+=("etc/kayobe/$truncated_path")
-            else
+            if ! [[ "${KAYOBE_CONFIG_SECRET_PATHS_DEFAULT[*]}" =~ "$vaulted_file" ]]; then
                 KAYOBE_CONFIG_VAULTED_FILES_PATHS+=("etc/kayobe/$truncated_path")
             fi
         fi
     done < <(find "$directory" -type f -print0)
+    echo ${KAYOBE_CONFIG_VAULTED_FILES_PATHS[*]}
 }
 
 function redact_file {