blob: 703b597ab4dd359aaba5424e033ee4d136c02691 [file] [log] [blame]
#!/bin/bash
# Generates s3cmd config from rook.io CephObjectStoreUser secrets fetched from
# Kubernetes apiserver. Accepts extra K8S_INTERNAL=1 environment variable flag
# that generates config that connects to internal rgw service.
#
# Usage:
# bazel run //cluster/tools:rook-s3cmd-config > config
# s3cmd -c config --region "STORENAME:default-placement" mb s3://test/
set -euo pipefail
# Copy-pasted from Bazel's Bash runfiles library (tools/bash/runfiles/runfiles.bash).
if [[ ! -d "${RUNFILES_DIR:-/dev/null}" && ! -f "${RUNFILES_MANIFEST_FILE:-/dev/null}" ]]; then
if [[ -f "$0.runfiles_manifest" ]]; then
export RUNFILES_MANIFEST_FILE="$0.runfiles_manifest"
elif [[ -f "$0.runfiles/MANIFEST" ]]; then
export RUNFILES_MANIFEST_FILE="$0.runfiles/MANIFEST"
elif [[ -f "$0.runfiles/bazel_tools/tools/bash/runfiles/runfiles.bash" ]]; then
export RUNFILES_DIR="$0.runfiles"
fi
fi
if [[ -f "${RUNFILES_DIR:-/dev/null}/bazel_tools/tools/bash/runfiles/runfiles.bash" ]]; then
source "${RUNFILES_DIR}/bazel_tools/tools/bash/runfiles/runfiles.bash"
elif [[ -f "${RUNFILES_MANIFEST_FILE:-/dev/null}" ]]; then
source "$(grep -m1 "^bazel_tools/tools/bash/runfiles/runfiles.bash " "$RUNFILES_MANIFEST_FILE" | cut -d ' ' -f 2-)"
else
echo >&2 "ERROR: cannot find @bazel_tools//tools/bash/runfiles:runfiles.bash"
exit 1
fi
# endpaste
kubectl=$(rlocation "hscloud/cluster/tools/kubectl")
if [ -z "$kubectl" ]; then
echo "Could not find kubectl in runfiles" >&2
exit 1
fi
jq=$(rlocation "com_github_stedolan_jq/jq")
if [ -z "$jq" ]; then
echo "Could not find jq in runfiles" >&2
exit 1
fi
username="${1}"
storename="${2:-waw-hdd-redundant-3-object}"
clustername="${3:-ceph-waw3}"
if [ -z "$username" ]; then
echo "Usage: $0 <username>" >&2
exit 1
fi
secret="$($kubectl get secrets rook-ceph-object-user-$storename-$username -n $clustername -o json)"
accesskey="$(echo "$secret" | $jq -r '.data.AccessKey' | base64 -d)"
secretkey="$(echo "$secret" | $jq -r '.data.SecretKey' | base64 -d)"
if [[ ! -z "${K8S_INTERNAL:-}" ]]; then
domain="rook-ceph-rgw-$storename.$clustername.svc.cluster.local"
else
domain="object.$clustername.hswaw.net"
fi
cat <<EOF
[default]
access_key = $accesskey
secret_key = $secretkey
host_base = $domain
host_bucket = $domain
EOF
if [[ ! -z "${K8S_INTERNAL:-}" ]]; then
echo "use_https = False"
fi