github.com/kyma-incubator/compass/components/director@v0.0.0-20230623144113-d764f56ff805/runSystemFetcher.sh (about) 1 #!/usr/bin/env bash 2 3 # This script is responsible for running Director with PostgreSQL. 4 5 RED='\033[0;31m' 6 GREEN='\033[0;32m' 7 YELLOW='\033[0;33m' 8 INVERTED='\033[7m' 9 NC='\033[0m' # No Color 10 11 set -e 12 13 ROOT_PATH=$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd ) 14 TENANT_CREATION=true 15 APP_VERIFY_TENANT="" 16 17 POSITIONAL=() 18 while [[ $# -gt 0 ]] 19 do 20 21 key="$1" 22 23 case ${key} in 24 --skip-tenant-creation) 25 TENANT_CREATION=false 26 shift 27 ;; 28 --debug) 29 DEBUG=true 30 DEBUG_PORT=40001 31 shift 32 ;; 33 --debug-port) 34 DEBUG_PORT=$2 35 shift 36 shift 37 ;; 38 --tenant) 39 APP_VERIFY_TENANT=$2 40 shift 41 shift 42 ;; 43 --*) 44 echo "Unknown flag ${1}" 45 exit 1 46 ;; 47 esac 48 done 49 set -- "${POSITIONAL[@]}" # restore positional parameters 50 51 # Exit when tenant is not provided 52 if [[ ${APP_VERIFY_TENANT} == "" ]]; then 53 echo -e "${RED}Tenant not provided. Use --tenant. ${NC}" 54 exit 1 55 fi 56 57 GCLOUD_LOGGED=$(gcloud auth list --format="json" | jq '. | length') 58 59 if [[ ${GCLOUD_LOGGED} == "0" ]]; then 60 echo -e "${RED}Login to GCloud. Use 'gcloud auth login'. ${NC}" 61 exit 1 62 fi 63 64 POSTGRES_CONTAINER="test-postgres" 65 POSTGRES_VERSION="12" 66 67 DB_USER="postgres" 68 DB_PWD="pgsql@12345" 69 DB_NAME="compass" 70 DB_PORT="5432" 71 DB_HOST="127.0.0.1" 72 73 K3D_CONTEXT="k3d-k3d-cluster" 74 STAGE_CONTEXT="gke_sap-cp-cmp-stage_europe-west1_sap-cp-cmp-stage" 75 76 CLIENT_CERT_SECRET_NAMESPACE="default" 77 CLIENT_CERT_SECRET_NAME="external-client-certificate" 78 EXT_SVC_CERT_SECRET_NAME="ext-svc-client-certificate" 79 80 function cleanup() { 81 if [[ ${DEBUG} == true ]]; then 82 echo -e "${GREEN}Cleanup System Fetcher ${NC}" 83 rm $GOPATH/src/github.com/kyma-incubator/compass/components/director/systemfetcher 84 fi 85 rm -fr $GOPATH/src/github.com/kyma-incubator/compass/components/director/run 86 } 87 88 89 trap cleanup EXIT 90 91 function execute_gql_query(){ 92 local URL=${1} 93 local DIRECTOR_TOKEN=${2} 94 local MUTATION=${3:-""} 95 96 if [ "" != "${MUTATION}" ]; then 97 local GQL_QUERY='{ "query": "'${MUTATION}'" }' 98 fi 99 curl --request POST --url "${URL}" --header "Content-Type: application/json" --header "authorization: Bearer ${DIRECTOR_TOKEN}" -d "${GQL_QUERY}" 100 } 101 102 echo -e "${GREEN}Starting application${NC}" 103 104 export APP_DB_USER=${DB_USER} 105 export APP_DB_PASSWORD=${DB_PWD} 106 export APP_DB_HOST=${DB_HOST} 107 export APP_DB_PORT=${DB_PORT} 108 export APP_DB_NAME=${DB_NAME} 109 export APP_DIRECTOR_GRAPHQL_URL="http://localhost:3000/graphql" 110 export APP_DIRECTOR_SKIP_SSL_VALIDATION="true" 111 export APP_DIRECTOR_REQUEST_TIMEOUT="30s" 112 export APP_SYSTEM_INFORMATION_PARALLELLISM="1" 113 export APP_SYSTEM_INFORMATION_QUEUE_SIZE="1" 114 export APP_ENABLE_SYSTEM_DELETION="false" 115 export APP_OPERATIONAL_MODE="DISCOVER_SYSTEMS" 116 export APP_SYSTEM_INFORMATION_FETCH_TIMEOUT="30s" 117 export APP_SYSTEM_INFORMATION_PAGE_SIZE="200" 118 export APP_SYSTEM_INFORMATION_PAGE_SKIP_PARAM='$skip' 119 export APP_SYSTEM_INFORMATION_PAGE_SIZE_PARAM='$top' 120 export APP_OAUTH_TENANT_HEADER_NAME="x-zid" 121 export APP_OAUTH_SCOPES_CLAIM="uaa.resource" 122 export APP_OAUTH_TOKEN_PATH="/oauth/token" 123 export APP_OAUTH_TOKEN_ENDPOINT_PROTOCOL="https" 124 export APP_OAUTH_TOKEN_REQUEST_TIMEOUT="30s" 125 export APP_OAUTH_SKIP_SSL_VALIDATION="false" 126 export APP_DB_SSL="disable" 127 export APP_LOG_FORMAT="text" 128 export APP_DB_MAX_OPEN_CONNECTIONS="5" 129 export APP_DB_MAX_IDLE_CONNECTIONS="2" 130 export APP_EXTERNAL_CLIENT_CERT_SECRET=${CLIENT_CERT_SECRET_NAMESPACE}/${CLIENT_CERT_SECRET_NAME}-stage 131 export APP_EXTERNAL_CLIENT_CERT_KEY="tls.crt" 132 export APP_EXTERNAL_CLIENT_KEY_KEY="tls.key" 133 export APP_EXTERNAL_CLIENT_CERT_SECRET_NAME=${CLIENT_CERT_SECRET_NAME}-stage 134 export APP_EXT_SVC_CLIENT_CERT_SECRET=${CLIENT_CERT_SECRET_NAMESPACE}/${EXT_SVC_CERT_SECRET_NAME}-stage 135 export APP_EXT_SVC_CLIENT_CERT_KEY="tls.crt" 136 export APP_EXT_SVC_CLIENT_KEY_KEY="tls.key" 137 export APP_EXT_SVC_CLIENT_CERT_SECRET_NAME=${EXT_SVC_CERT_SECRET_NAME}-stage 138 export APP_SELF_REGISTER_DISTINGUISH_LABEL_KEY="xsappname" 139 export APP_CONFIGURATION_FILE="$GOPATH/src/github.com/kyma-incubator/compass/components/director/run/config.yaml" 140 export APP_TEMPLATES_FILE_LOCATION="$GOPATH/src/github.com/kyma-incubator/compass/components/director/run/templates/" 141 142 mkdir -p ${APP_TEMPLATES_FILE_LOCATION} || true 143 144 # Fetch needed artifacts from stage cluster 145 kubectl config use-context ${STAGE_CONTEXT} 146 kubectl get configmap compass-system-fetcher-templates-config -n compass-system -o json | jq -r '.data."app-templates.json"' | jq -r '.' > ${APP_TEMPLATES_FILE_LOCATION}/app-templates.json 147 kubectl get configmap compass-director-config -n compass-system -o json | jq -r '.data."config.yaml"' > ${APP_CONFIGURATION_FILE} 148 export APP_OAUTH_CLIENT_ID=$(kubectl get secret xsuaa-instance -n compass-system -o json | jq -r '.data."x509.credentials.clientid"' | base64 --decode) 149 export APP_OAUTH_TOKEN_BASE_URL=$(kubectl get secret xsuaa-instance -n compass-system -o json | jq -r '.data."x509.credentials.certurl"' | base64 --decode) 150 export APP_EXTERNAL_CLIENT_CERT_VALUE=$(kubectl get secret -n compass-system ${CLIENT_CERT_SECRET_NAME} -o json | jq -r '.data."tls.crt"' | base64 --decode) 151 export APP_EXTERNAL_CLIENT_KEY_VALUE=$(kubectl get secret -n compass-system ${CLIENT_CERT_SECRET_NAME} -o json | jq -r '.data."tls.key"' | base64 --decode) 152 export APP_EXT_SVC_CLIENT_CERT_VALUE=$(kubectl get secret -n compass-system ${EXT_SVC_CERT_SECRET_NAME} -o json | jq -r '.data."tls.crt"' | base64 --decode) 153 export APP_EXT_SVC_CLIENT_KEY_VALUE=$(kubectl get secret -n compass-system ${EXT_SVC_CERT_SECRET_NAME} -o json | jq -r '.data."tls.key"' | base64 --decode) 154 155 ENV_VARS=$(kubectl get cronjob -n compass-system compass-system-fetcher -o=jsonpath='{.spec.jobTemplate.spec.template.spec.containers[?(@.name=="system-fetcher")]}' | jq -r '.env') 156 157 export APP_SYSTEM_INFORMATION_ENDPOINT=$(echo -E ${ENV_VARS} | jq -r '.[] | select(.name == "APP_SYSTEM_INFORMATION_ENDPOINT") | .value' ) 158 export APP_SYSTEM_INFORMATION_FILTER_CRITERIA=$(echo -E ${ENV_VARS} | jq -r '.[] | select(.name == "APP_SYSTEM_INFORMATION_FILTER_CRITERIA") | .value') 159 export APP_SYSTEM_INFORMATION_SOURCE_KEY=$(echo -E ${ENV_VARS} | jq -r '.[] | select(.name == "APP_SYSTEM_INFORMATION_SOURCE_KEY") | .value') 160 export APP_TEMPLATE_LABEL_FILTER=$(echo -E ${ENV_VARS} | jq -r '.[] | select(.name == "APP_TEMPLATE_LABEL_FILTER") | .value') 161 export APP_TEMPLATE_OVERRIDE_APPLICATION_INPUT=$(echo -E ${ENV_VARS} | jq -r '.[] | select(.name == "APP_TEMPLATE_OVERRIDE_APPLICATION_INPUT") | .value') 162 export APP_TEMPLATE_PLACEHOLDER_TO_SYSTEM_KEY_MAPPINGS=$(echo -E ${ENV_VARS} | jq -r '.[] | select(.name == "APP_TEMPLATE_PLACEHOLDER_TO_SYSTEM_KEY_MAPPINGS") | .value' ) 163 export APP_ORD_WEBHOOK_MAPPINGS=$(echo -E ${ENV_VARS} | jq -r '.[] | select(.name == "APP_ORD_WEBHOOK_MAPPINGS") | .value' ) 164 165 # Adjust artifacts inside local cluster 166 kubectl config use-context ${K3D_CONTEXT} 167 kubectl create secret generic "$CLIENT_CERT_SECRET_NAME"-stage --from-literal="$APP_EXTERNAL_CLIENT_CERT_KEY"="$APP_EXTERNAL_CLIENT_CERT_VALUE" --from-literal="$APP_EXTERNAL_CLIENT_KEY_KEY"="$APP_EXTERNAL_CLIENT_KEY_VALUE" --save-config --dry-run=client -o yaml | kubectl apply -f - 168 kubectl create secret generic "$EXT_SVC_CERT_SECRET_NAME"-stage --from-literal="$APP_EXT_SVC_CLIENT_CERT_KEY"="$APP_EXT_SVC_CLIENT_CERT_VALUE" --from-literal="$APP_EXT_SVC_CLIENT_KEY_KEY"="$APP_EXT_SVC_CLIENT_KEY_VALUE" --save-config --dry-run=client -o yaml | kubectl apply -f - 169 170 # Create tenant if requested 171 if [[ ${TENANT_CREATION} == true ]]; then 172 echo -e "${GREEN}Creating tenant${NC}" 173 . ${ROOT_PATH}/hack/jwt_generator.sh 174 DIRECTOR_TOKEN="$(get_token | tr -d '\n')" 175 176 CREATE_TENANT_MUTATION="mutation { writeTenant(in: { name: \\\"Validation Tenant\\\", externalTenant: \\\"${APP_VERIFY_TENANT}\\\", type: \\\"account\\\", provider: \\\"Compass Tests\\\" })}" 177 CREATE_TENANT_RESULT="$(execute_gql_query "${APP_DIRECTOR_GRAPHQL_URL}" "${DIRECTOR_TOKEN}" "${CREATE_TENANT_MUTATION}")" 178 echo -e "${GREEN}Tenant created:${NC}" 179 echo ${CREATE_TENANT_RESULT} 180 else 181 echo -e "${GREEN}Teant creation skipped${NC}" 182 fi 183 184 # Start Debug or Run mode 185 if [[ ${DEBUG} == true ]]; then 186 echo -e "${GREEN}Debug mode activated on port $DEBUG_PORT${NC}" 187 cd $GOPATH/src/github.com/kyma-incubator/compass/components/director 188 CGO_ENABLED=0 go build -gcflags="all=-N -l" ./cmd/systemfetcher 189 dlv --listen=:$DEBUG_PORT --headless=true --api-version=2 exec ./systemfetcher 190 else 191 go run ${ROOT_PATH}/cmd/systemfetcher/main.go 192 fi