Sergiusz Bazanski | 0037eda | 2020-06-13 22:43:06 +0200 | [diff] [blame] | 1 | #!/bin/bash |
| 2 | |
| 3 | # Generates s3cmd config from rook.io CephObjectStoreUser secrets fetched from |
| 4 | # Kubernetes apiserver. Accepts extra K8S_INTERNAL=1 environment variable flag |
| 5 | # that generates config that connects to internal rgw service. |
| 6 | # |
| 7 | # Usage: |
| 8 | # bazel run //cluster/tools:rook-s3cmd-config > config |
| 9 | # s3cmd -c config --region "STORENAME:default-placement" mb s3://test/ |
| 10 | |
| 11 | set -euo pipefail |
| 12 | |
| 13 | # Copy-pasted from Bazel's Bash runfiles library (tools/bash/runfiles/runfiles.bash). |
| 14 | if [[ ! -d "${RUNFILES_DIR:-/dev/null}" && ! -f "${RUNFILES_MANIFEST_FILE:-/dev/null}" ]]; then |
| 15 | if [[ -f "$0.runfiles_manifest" ]]; then |
| 16 | export RUNFILES_MANIFEST_FILE="$0.runfiles_manifest" |
| 17 | elif [[ -f "$0.runfiles/MANIFEST" ]]; then |
| 18 | export RUNFILES_MANIFEST_FILE="$0.runfiles/MANIFEST" |
| 19 | elif [[ -f "$0.runfiles/bazel_tools/tools/bash/runfiles/runfiles.bash" ]]; then |
| 20 | export RUNFILES_DIR="$0.runfiles" |
| 21 | fi |
| 22 | fi |
| 23 | if [[ -f "${RUNFILES_DIR:-/dev/null}/bazel_tools/tools/bash/runfiles/runfiles.bash" ]]; then |
| 24 | source "${RUNFILES_DIR}/bazel_tools/tools/bash/runfiles/runfiles.bash" |
| 25 | elif [[ -f "${RUNFILES_MANIFEST_FILE:-/dev/null}" ]]; then |
| 26 | source "$(grep -m1 "^bazel_tools/tools/bash/runfiles/runfiles.bash " "$RUNFILES_MANIFEST_FILE" | cut -d ' ' -f 2-)" |
| 27 | else |
| 28 | echo >&2 "ERROR: cannot find @bazel_tools//tools/bash/runfiles:runfiles.bash" |
| 29 | exit 1 |
| 30 | fi |
| 31 | # endpaste |
| 32 | |
| 33 | kubectl=$(rlocation "hscloud/cluster/tools/kubectl") |
| 34 | if [ -z "$kubectl" ]; then |
| 35 | echo "Could not find kubectl in runfiles" >&2 |
| 36 | exit 1 |
| 37 | fi |
| 38 | |
| 39 | jq=$(rlocation "com_github_stedolan_jq/jq") |
| 40 | if [ -z "$jq" ]; then |
| 41 | echo "Could not find jq in runfiles" >&2 |
| 42 | exit 1 |
| 43 | fi |
| 44 | |
| 45 | username="${1}" |
| 46 | storename="${2:-waw-hdd-redundant-3-object}" |
| 47 | clustername="${3:-ceph-waw3}" |
| 48 | |
| 49 | if [ -z "$username" ]; then |
| 50 | echo "Usage: $0 <username>" >&2 |
| 51 | exit 1 |
| 52 | fi |
| 53 | |
| 54 | |
| 55 | secret="$($kubectl get secrets rook-ceph-object-user-$storename-$username -n $clustername -o json)" |
| 56 | accesskey="$(echo "$secret" | $jq -r '.data.AccessKey' | base64 -d)" |
| 57 | secretkey="$(echo "$secret" | $jq -r '.data.SecretKey' | base64 -d)" |
| 58 | |
| 59 | if [[ ! -z "${K8S_INTERNAL:-}" ]]; then |
| 60 | domain="rook-ceph-rgw-$storename.$clustername.svc.cluster.local" |
| 61 | else |
| 62 | domain="object.$clustername.hswaw.net" |
| 63 | fi |
| 64 | |
| 65 | cat <<EOF |
| 66 | [default] |
| 67 | access_key = $accesskey |
| 68 | secret_key = $secretkey |
| 69 | host_base = $domain |
| 70 | host_bucket = $domain |
| 71 | EOF |
| 72 | |
| 73 | if [[ ! -z "${K8S_INTERNAL:-}" ]]; then |
| 74 | echo "use_https = False" |
| 75 | fi |