This repository was archived by the owner on Dec 19, 2022. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathinitAccountCredentials.sh
More file actions
executable file
·137 lines (110 loc) · 3.4 KB
/
initAccountCredentials.sh
File metadata and controls
executable file
·137 lines (110 loc) · 3.4 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
#!/bin/bash
# Defaults
OAINDEX_DEFAULT="01"
function usage() {
echo -e "\nInitialise the account/ALM level credentials information"
echo -e "\nUsage: $(basename $0) -o OID -i OAINDEX"
echo -e "\nwhere\n"
echo -e " -h shows this text"
echo -e "(o) -i OAINDEX is the 2 digit organisation account index e.g. \"01\", \"02\""
echo -e "(m) -o OID is the organisation id e.g. \"env\""
echo -e "\nDEFAULTS:\n"
echo -e "OAINDEX =\"${OAINDEX_DEFAULT}\""
echo -e "\nNOTES:\n"
echo -e "1) The organisation account id (OAID) is formed by concatenating the OID and the OAINDEX"
echo -e "2) The OAID needs to match the root of the directory structure"
echo -e ""
exit 1
}
OAINDEX="${OAINDEX_DEFAULT}"
# Parse options
while getopts ":hi:o:" opt; do
case $opt in
h)
usage
;;
i)
OAINDEX=$OPTARG
;;
o)
OID=$OPTARG
;;
\?)
echo -e "\nInvalid option: -$OPTARG"
usage
;;
:)
echo -e "\nOption -$OPTARG requires an argument"
usage
;;
esac
done
# Ensure mandatory arguments have been provided
if [[ "${OID}" == "" ||
"${OAINDEX}" == "" ]]; then
echo -e "\nInsufficient arguments"
usage
fi
OAID="${OID}${OAINDEX}"
BIN="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
ROOT="$(basename $(cd $BIN/../..;pwd))"
ROOT_DIR="$(cd $BIN/../..;pwd)"
CREDS_DIR="${ROOT_DIR}/infrastructure/credentials"
PROJECT_DIR="${CREDS_DIR}/${OAID}"
ALM_DIR="${PROJECT_DIR}/alm"
DOCKER_DIR="${ALM_DIR}/docker"
if [[ "${OAID}" != "${ROOT}" ]]; then
echo -e "\nThe provided OAID (${OAID}) doesn't match the root directory (${ROOT}). Nothing to do."
usage
fi
if [[ -e ${PROJECT_DIR} ]]; then
echo -e "\nLooks like this script has already been run. Don't want to overwrite passwords. Nothing to do."
usage
fi
# Generate initial passwords
ROOTPASSWORD="$(curl -s 'https://www.random.org/passwords/?num=1&len=20&format=plain&rnd=new')"
LDAPPASSWORD="$(curl -s 'https://www.random.org/passwords/?num=1&len=20&format=plain&rnd=new')"
BINDPASSWORD="$(curl -s 'https://www.random.org/passwords/?num=1&len=20&format=plain&rnd=new')"
# Create the "account" level credentials directory
if [[ ! -e ${PROJECT_DIR} ]]; then
mkdir ${PROJECT_DIR}
fi
# Generate the account level credentials
TEMPLATE="accountCredentials.ftl"
TEMPLATEDIR="${BIN}/templates"
OUTPUT="${PROJECT_DIR}/credentials.json"
ARGS="-v password=${ROOTPASSWORD}"
CMD="${BIN}/gsgen.sh -t $TEMPLATE -d $TEMPLATEDIR -o $OUTPUT $ARGS"
eval $CMD
if [[ ! -e ${ALM_DIR} ]]; then
mkdir ${ALM_DIR}
fi
# Generate the alm level credentials
TEMPLATE="almCredentials.ftl"
TEMPLATEDIR="${BIN}/templates"
OUTPUT="${ALM_DIR}/credentials.json"
ARGS="-v organisationId=${OID}"
ARGS="${ARGS} -v accountId=${OAID}"
ARGS="${ARGS} -v ldapPassword=${LDAPPASSWORD}"
ARGS="${ARGS} -v bindPassword=${BINDPASSWORD}"
CMD="${BIN}/gsgen.sh -t $TEMPLATE -d $TEMPLATEDIR -o $OUTPUT $ARGS"
eval $CMD
if [[ ! -e ${DOCKER_DIR} ]]; then
mkdir ${DOCKER_DIR}
fi
# Generate the ECS credentials for docker access
TEMPLATE="ecsConfig.ftl"
TEMPLATEDIR="${BIN}/templates"
OUTPUT="${DOCKER_DIR}/ecs.config"
ARGS="-v accountId=${OAID}"
ARGS="${ARGS} -v ldapPassword=${LDAPPASSWORD}"
CMD="${BIN}/gsgen.sh -t $TEMPLATE -d $TEMPLATEDIR -o $OUTPUT $ARGS"
eval $CMD
cd ${CREDS_DIR}
# Remove the placeholder file
if [[ -e .placeholder ]]; then
git rm .placeholder
fi
# Commit the results
git add *
git commit -m "Configure account/ALM credentials"