Commit 9d715187 by Yann DEGAT

Fix terraform scripts

parent 69bb8ba8
FROM docker:1.10
FROM docker:1.11
ENV TERRAFORM_VERSION 0.6.14
ENV PACKER_VERSION 0.10.0
......@@ -7,7 +7,7 @@ ENV CFSSL_VERSION R1.2
#update
RUN set -ex \
&& apk update \
&& apk add --no-cache --virtual .fetch-deps curl gnupg git openssh-client py-pip jq make bash gpgme \
&& apk add --no-cache --virtual .fetch-deps curl gnupg git openssh-client py-pip jq make bash util-linux gpgme \
&& pip install docker-compose awscli \
&& wget https://releases.hashicorp.com/terraform/${TERRAFORM_VERSION}/terraform_${TERRAFORM_VERSION}_linux_amd64.zip \
&& unzip terraform_${TERRAFORM_VERSION}_linux_amd64.zip -d /usr/local/bin \
......@@ -46,7 +46,8 @@ RUN set -ex \
/usr/local/bin/terraform-provider-vsphere \
/usr/local/bin/terraform-provisioner-chef
RUN ln -s /usr/local/bin/packer /usr/local/bin/packer-io
RUN ln -s /usr/local/bin/packer /usr/local/bin/packer-io \
&& chmod +x /usr/local/bin/cfssl /usr/local/bin/cfssljson
ENV AWS_ACCESS_KEY_ID "your aws access key"
ENV AWS_SECRET_ACCESS_KEY "your aws secret access key"
......
......@@ -27,10 +27,10 @@ chmod +x "$(pwd)/run.sh"
which cfssl > /dev/null 2>&1
if [ $? -eq 0 ]; then
"$(pwd)/run.sh"
exec "$(pwd)/run.sh"
else
which docker > /dev/null 2>&1
if [ $? -eq 0 ]; then
if [ $? -eq 0 ] && [ -f /var/run/docker.sock ]; then
docker run --rm -v "$(pwd)":"$(pwd)" --entrypoint /bin/bash cfssl/cfssl -c "$(pwd)/run.sh"
else
echo "couldn't find nor cfssl nor docker binary." >&2
......
......@@ -36,10 +36,10 @@ chmod +x "$CERTDIR/run.sh"
which cfssl > /dev/null 2>&1
if [ $? -eq 0 ]; then
"$CERTDIR/run.sh"
exec "$CERTDIR/run.sh"
else
which docker > /dev/null 2>&1
if [ $? -eq 0 ]; then
if [ $? -eq 0 ] && [ -f /var/run/docker.sock ]; then
docker run --rm -v "$CERTDIR":"$CERTDIR" -u $(id -u):$(id -g) --entrypoint /bin/bash cfssl/cfssl -c "$CERTDIR/run.sh"
else
echo "couldn't find nor cfssl nor docker binary." >&2
......
......@@ -20,6 +20,7 @@ mkdir -p "$CERTDIR"
OU=$(uuidgen)
cat > "$CERTDIR"/run.sh <<EOF
#!/bin/bash
set -e
pushd $CERTDIR >/dev/null 2>&1
if [ ! -f "$CERTDIR/ca.pem" ]; then
......@@ -55,10 +56,10 @@ chmod +x "$CERTDIR/run.sh"
which cfssl > /dev/null 2>&1
if [ $? -eq 0 ]; then
"$CERTDIR/run.sh"
exec "$CERTDIR"/run.sh
else
which docker > /dev/null 2>&1
if [ $? -eq 0 ]; then
if [ $? -eq 0 ] && [ -f /var/run/docker.sock ]; then
docker run --rm -v "$CERTDIR":"$CERTDIR" -u $(id -u):$(id -g) --entrypoint /bin/bash cfssl/cfssl -c "$CERTDIR/run.sh"
else
echo "couldn't find nor cfssl nor docker binary." >&2
......
......@@ -80,10 +80,10 @@ chmod +x "$CERTDIR/run.sh"
which cfssl > /dev/null 2>&1
if [ $? -eq 0 ]; then
"$CERTDIR/run.sh"
exec "$CERTDIR"/run.sh
else
which docker > /dev/null 2>&1
if [ $? -eq 0 ]; then
if [ $? -eq 0 ] && [ -f /var/run/docker.sock ]; then
docker run --rm -v "$CERTDIR":"$CERTDIR" -v "$CACERTDIR":"$CACERTDIR" -u $(id -u):$(id -g) --entrypoint /bin/bash cfssl/cfssl -c "$CERTDIR/run.sh"
else
echo "couldn't find nor cfssl nor docker binary." >&2
......
#!/bin/bash
BASEDIR=$(dirname $(readlink $0))
BASEDIR=$(dirname $(readlink -f $0))
HEAD_DF_HOSTS="## DF PROXY COMMAND DO NOT EDIT !! HEAD ##"
TAIL_DF_HOSTS="## DF PROXY COMMAND DO NOT EDIT !! TAIL ##"
......
......@@ -5,7 +5,7 @@
# - ssh key
# - TLS certs
# - amis
BASEDIR=$(readlink "$(dirname "$0")")
BASEDIR=$(readlink -f "$(dirname "$0")")
source "$BASEDIR/functions.sh"
......
#!/bin/bash
BASEDIR=$(readlink $(dirname $0))/..
BASEDIR=$(readlink -f $(dirname $0))/..
source $BASEDIR/scripts/functions.sh
ADDITIONAL_NODES=${ADDITIONAL_NODES:-0}
TF_VARFILE=/tmp/terraform.$$.tfvars
......
#!/bin/bash
BASEDIR=$(readlink $(dirname $0))/..
BASEDIR=$(readlink -f $(dirname $0))/..
source $BASEDIR/scripts/functions.sh
TF_VARFILE=/tmp/terraform.$$.tfvars
......
#!/bin/bash
BASEDIR=$(readlink $(dirname $0))/..
BASEDIR=$(readlink -f $(dirname $0))/..
source $BASEDIR/scripts/functions.sh
TF_VARFILE=/tmp/terraform.$$.tfvars
......
#!/bin/bash
BASEDIR=$(readlink "$(dirname "$0")")/..
BASEDIR=$(readlink -f "$(dirname "$0")")/..
source "$BASEDIR/scripts/functions.sh"
ADDITIONAL_NODES=${ADDITIONAL_NODES:-0}
TF_VARFILE=/tmp/terraform.$$.tfvars
......
#!/bin/bash
BASEDIR=$(readlink $(dirname $0))/..
BASEDIR=$(readlink -f $(dirname $0))/..
source $BASEDIR/scripts/functions.sh
TF_VARFILE=/tmp/terraform.vpc.$$.tfvars
......
......@@ -7,7 +7,7 @@
# - swarm
# - vm
BASEDIR=$(readlink $(dirname $0))
BASEDIR=$(readlink -f $(dirname $0))
source $BASEDIR/functions.sh
OPTIND=1 # Reset is necessary if getopts was used previously in the script. It is a good idea to make this local in a function.
......
......@@ -2,7 +2,7 @@
## This file contains all the functions
## handling the lifecycle of a DC
BASEDIR=$(readlink "$(dirname "$0")")/..
BASEDIR=$(readlink -f "$(dirname "$0")")/..
BUCKET_NAME="blackfish-${AWS_ACCOUNT}-${STACK_NAME}"
PACKER_BLACKFISH_DIR=$BASEDIR/../../packer/blackfish
PACKER_BASTION_VPN_DIR=$BASEDIR/../../packer/bastion-vpn
......@@ -178,17 +178,17 @@ generate-tls-cacert(){
pushd $CERTDIR
#find . -type f -name "ca*.pem" -print0 | tar -cf certs.tar --null -T -
tar -cf cacert.tar ca.pem ca-key.pem
base64 < cacert.tar > $OUTPUT_DIR/cacert.tar.base64
base64 < cacert.tar > $OUTPUT_DIR/cacert.$DATACENTER.$STACK_NAME.tar.base64
popd
gpg --textmode --batch --passphrase "$KEYPAIR_PASSPHRASE" -c "$OUTPUT_DIR/cacert.$DATACENTER.$STACK_NAME.tar.base64" >&2
aws s3 cp "$OUTPUT_DIR/cacerts.$DATACENTER.$STACK_NAME.tar.base64.gpg" "s3://${BUCKET_NAME}/" >&2
aws s3 cp "$OUTPUT_DIR/cacert.$DATACENTER.$STACK_NAME.tar.base64.gpg" "s3://${BUCKET_NAME}/" >&2
}
dl-cacert(){
_checks
_check-s3bucket
log "get cacert from s3://${BUCKET_NAME}/cacerts.$DATACENTER.$STACK_NAME.tar.base64.gpg to ${PWD}"
aws s3 cp "s3://${BUCKET_NAME}/cacerts.$DATACENTER.$STACK_NAME.tar.base64.gpg" ./ >&2
log "get cacert from s3://${BUCKET_NAME}/cacert.$DATACENTER.$STACK_NAME.tar.base64.gpg to ${PWD}"
aws s3 cp "s3://${BUCKET_NAME}/cacert.$DATACENTER.$STACK_NAME.tar.base64.gpg" ./ >&2
}
......
#!/bin/bash
BASEDIR=$(readlink $(dirname $0))
BASEDIR=$(readlink -f $(dirname $0))
if [[ -z $AWS_ACCOUNT ]]; then
echo "You must set an aws account in \$AWS_ACCOUNT" >&2
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment