mirror of
https://gerrit.hackerspace.pl/hscloud
synced 2025-01-20 14:53:54 +00:00
Serge Bazanski
8100a2de97
Building jq portably is annoying, and the way we were doing it (which we iirc stole from some google project?) sucked. Let's use a Go jq clone instead. This is an alternative for 1535. jq is currently used only in one script, which could really be replaced by a Go program, but let's keep it simple for now. Change-Id: Ie25dffadd545df143490f510e9b75a74adf81492 Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1540 Reviewed-by: palid <palid@hackerspace.pl>
75 lines
2.4 KiB
Bash
Executable file
75 lines
2.4 KiB
Bash
Executable file
#!/bin/bash
|
|
|
|
# Generates s3cmd config from rook.io CephObjectStoreUser secrets fetched from
|
|
# Kubernetes apiserver. Accepts extra K8S_INTERNAL=1 environment variable flag
|
|
# that generates config that connects to internal rgw service.
|
|
#
|
|
# Usage:
|
|
# bazel run //cluster/tools:rook-s3cmd-config > config
|
|
# s3cmd -c config --region "STORENAME:default-placement" mb s3://test/
|
|
|
|
set -euo pipefail
|
|
|
|
# Copy-pasted from Bazel's Bash runfiles library (tools/bash/runfiles/runfiles.bash).
|
|
if [[ ! -d "${RUNFILES_DIR:-/dev/null}" && ! -f "${RUNFILES_MANIFEST_FILE:-/dev/null}" ]]; then
|
|
if [[ -f "$0.runfiles_manifest" ]]; then
|
|
export RUNFILES_MANIFEST_FILE="$0.runfiles_manifest"
|
|
elif [[ -f "$0.runfiles/MANIFEST" ]]; then
|
|
export RUNFILES_MANIFEST_FILE="$0.runfiles/MANIFEST"
|
|
elif [[ -f "$0.runfiles/bazel_tools/tools/bash/runfiles/runfiles.bash" ]]; then
|
|
export RUNFILES_DIR="$0.runfiles"
|
|
fi
|
|
fi
|
|
if [[ -f "${RUNFILES_DIR:-/dev/null}/bazel_tools/tools/bash/runfiles/runfiles.bash" ]]; then
|
|
source "${RUNFILES_DIR}/bazel_tools/tools/bash/runfiles/runfiles.bash"
|
|
elif [[ -f "${RUNFILES_MANIFEST_FILE:-/dev/null}" ]]; then
|
|
source "$(grep -m1 "^bazel_tools/tools/bash/runfiles/runfiles.bash " "$RUNFILES_MANIFEST_FILE" | cut -d ' ' -f 2-)"
|
|
else
|
|
echo >&2 "ERROR: cannot find @bazel_tools//tools/bash/runfiles:runfiles.bash"
|
|
exit 1
|
|
fi
|
|
# endpaste
|
|
|
|
kubectl=$(rlocation "hscloud/cluster/tools/kubectl")
|
|
if [ -z "$kubectl" ]; then
|
|
echo "Could not find kubectl in runfiles" >&2
|
|
exit 1
|
|
fi
|
|
|
|
jq=$(rlocation "com_github_itchyny_gojq/cmd/gojq/gojq_/gojq")
|
|
if [ -z "$jq" ]; then
|
|
echo "Could not find jq in runfiles" >&2
|
|
exit 1
|
|
fi
|
|
|
|
username="${1}"
|
|
storename="${2:-waw-hdd-redundant-3-object}"
|
|
clustername="${3:-ceph-waw3}"
|
|
|
|
if [ -z "$username" ]; then
|
|
echo "Usage: $0 <username>" >&2
|
|
exit 1
|
|
fi
|
|
|
|
|
|
secret="$($kubectl get secrets rook-ceph-object-user-$storename-$username -n $clustername -o json)"
|
|
accesskey="$(echo "$secret" | $jq -r '.data.AccessKey' | base64 -d)"
|
|
secretkey="$(echo "$secret" | $jq -r '.data.SecretKey' | base64 -d)"
|
|
|
|
if [[ ! -z "${K8S_INTERNAL:-}" ]]; then
|
|
domain="rook-ceph-rgw-$storename.$clustername.svc.cluster.local"
|
|
else
|
|
domain="object.$clustername.hswaw.net"
|
|
fi
|
|
|
|
cat <<EOF
|
|
[default]
|
|
access_key = $accesskey
|
|
secret_key = $secretkey
|
|
host_base = $domain
|
|
host_bucket = $domain
|
|
EOF
|
|
|
|
if [[ ! -z "${K8S_INTERNAL:-}" ]]; then
|
|
echo "use_https = False"
|
|
fi
|