tools/rook-s3cmd-config: tool to generate s3cmd config from rook.io secrets

2019-04-09 23:30:38 +02:00 · 2019-04-09 23:30:38 +02:00 · 2c5391b6e6
parent 7adc0eb998
commit 2c5391b6e6
1 changed files with 37 additions and 0 deletions
--- a/tools/rook-s3cmd-config
+++ b/tools/rook-s3cmd-config
@ -0,0 +1,37 @@
+#!/bin/bash
+
+# Generates s3cmd config from rook.io CephObjectStoreUser secrets fetched from
+# Kubernetes apiserver. Accepts extra K8S_INTERNAL=1 environment variable flag
+# that generates config that connects to internal rgw service.
+#
+# Usage:
+#   ./rook-s3cmd-config USERNAME STORENAME CLUSTERNAME > config
+#   s3cmd -c config --region "STORENAME:default-placement" mb s3://test/
+
+set -e
+
+username="${1:-registry}"
+storename="${2:-waw-hdd-redundant-1-object}"
+clustername="${3:-ceph-waw1}"
+
+secret="$(kubectl get secrets rook-ceph-object-user-$storename-$username -n $clustername -o json)"
+accesskey="$(echo "$secret" | jq -r '.data.AccessKey' | base64 -d)"
+secretkey="$(echo "$secret" | jq -r '.data.SecretKey' | base64 -d)"
+
+if [[ ! -z "$K8S_INTERNAL" ]]; then
+    domain="rook-ceph-rgw-$storename.$clustername.svc.cluster.local"
+else
+    domain="object.$clustername.hswaw.net"
+fi
+
+cat <<EOF
+[default]
+access_key = $accesskey
+secret_key = $secretkey
+host_base = $domain
+host_bucket = $domain
+EOF
+
+if [[ ! -z "$K8S_INTERNAL" ]]; then
+    echo "use_https = False"
+fi