forked from hswaw/hscloud
76 lines
2.3 KiB
Bash
76 lines
2.3 KiB
Bash
|
#!/bin/bash
|
||
|
|
||
|
# Generates s3cmd config from rook.io CephObjectStoreUser secrets fetched from
|
||
|
# Kubernetes apiserver. Accepts extra K8S_INTERNAL=1 environment variable flag
|
||
|
# that generates config that connects to internal rgw service.
|
||
|
#
|
||
|
# Usage:
|
||
|
# bazel run //cluster/tools:rook-s3cmd-config > config
|
||
|
# s3cmd -c config --region "STORENAME:default-placement" mb s3://test/
|
||
|
|
||
|
set -euo pipefail
|
||
|
|
||
|
# Copy-pasted from Bazel's Bash runfiles library (tools/bash/runfiles/runfiles.bash).
|
||
|
if [[ ! -d "${RUNFILES_DIR:-/dev/null}" && ! -f "${RUNFILES_MANIFEST_FILE:-/dev/null}" ]]; then
|
||
|
if [[ -f "$0.runfiles_manifest" ]]; then
|
||
|
export RUNFILES_MANIFEST_FILE="$0.runfiles_manifest"
|
||
|
elif [[ -f "$0.runfiles/MANIFEST" ]]; then
|
||
|
export RUNFILES_MANIFEST_FILE="$0.runfiles/MANIFEST"
|
||
|
elif [[ -f "$0.runfiles/bazel_tools/tools/bash/runfiles/runfiles.bash" ]]; then
|
||
|
export RUNFILES_DIR="$0.runfiles"
|
||
|
fi
|
||
|
fi
|
||
|
if [[ -f "${RUNFILES_DIR:-/dev/null}/bazel_tools/tools/bash/runfiles/runfiles.bash" ]]; then
|
||
|
source "${RUNFILES_DIR}/bazel_tools/tools/bash/runfiles/runfiles.bash"
|
||
|
elif [[ -f "${RUNFILES_MANIFEST_FILE:-/dev/null}" ]]; then
|
||
|
source "$(grep -m1 "^bazel_tools/tools/bash/runfiles/runfiles.bash " "$RUNFILES_MANIFEST_FILE" | cut -d ' ' -f 2-)"
|
||
|
else
|
||
|
echo >&2 "ERROR: cannot find @bazel_tools//tools/bash/runfiles:runfiles.bash"
|
||
|
exit 1
|
||
|
fi
|
||
|
# endpaste
|
||
|
|
||
|
kubectl=$(rlocation "hscloud/cluster/tools/kubectl")
|
||
|
if [ -z "$kubectl" ]; then
|
||
|
echo "Could not find kubectl in runfiles" >&2
|
||
|
exit 1
|
||
|
fi
|
||
|
|
||
|
jq=$(rlocation "com_github_stedolan_jq/jq")
|
||
|
if [ -z "$jq" ]; then
|
||
|
echo "Could not find jq in runfiles" >&2
|
||
|
exit 1
|
||
|
fi
|
||
|
|
||
|
username="${1}"
|
||
|
storename="${2:-waw-hdd-redundant-3-object}"
|
||
|
clustername="${3:-ceph-waw3}"
|
||
|
|
||
|
if [ -z "$username" ]; then
|
||
|
echo "Usage: $0 <username>" >&2
|
||
|
exit 1
|
||
|
fi
|
||
|
|
||
|
|
||
|
secret="$($kubectl get secrets rook-ceph-object-user-$storename-$username -n $clustername -o json)"
|
||
|
accesskey="$(echo "$secret" | $jq -r '.data.AccessKey' | base64 -d)"
|
||
|
secretkey="$(echo "$secret" | $jq -r '.data.SecretKey' | base64 -d)"
|
||
|
|
||
|
if [[ ! -z "${K8S_INTERNAL:-}" ]]; then
|
||
|
domain="rook-ceph-rgw-$storename.$clustername.svc.cluster.local"
|
||
|
else
|
||
|
domain="object.$clustername.hswaw.net"
|
||
|
fi
|
||
|
|
||
|
cat <<EOF
|
||
|
[default]
|
||
|
access_key = $accesskey
|
||
|
secret_key = $secretkey
|
||
|
host_base = $domain
|
||
|
host_bucket = $domain
|
||
|
EOF
|
||
|
|
||
|
if [[ ! -z "${K8S_INTERNAL:-}" ]]; then
|
||
|
echo "use_https = False"
|
||
|
fi
|