github.com/verrazzano/verrazzano@v1.7.1/ci/scripts/lre_setup_ssh_tunnel.sh

github.com/verrazzano/verrazzano@v1.7.1/ci/scripts/lre_setup_ssh_tunnel.sh (about)

     1  #!/usr/bin/env bash
     2  #
     3  # Copyright (c) 2022, Oracle and/or its affiliates.
     4  # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl.
     5  #
     6  
     7  if [ -z "${ssh_private_key_path}" ] ; then
     8      echo "ssh_private_key_path env var must be set!"
     9      exit 1
    10  fi
    11  if [ -z "${ssh_public_key_path}" ] ; then
    12      echo "ssh_public_key_path env var must be set!"
    13      exit 1
    14  fi
    15  if [ -z "${COMPARTMENT_ID}" ] ; then
    16      echo "COMPARTMENT_ID env var must be set!"
    17      exit 1
    18  fi
    19  if [ -z "${KUBECONFIG}" ] ; then
    20      echo "KUBECONFIG env var must be set!"
    21      exit 1
    22  fi
    23  
    24  echo "Compartment id is ${COMPARTMENT_ID}"
    25  echo "Cluster IP is ${CLUSTER_IP}"
    26  BASTION_ID=$(oci bastion bastion list \
    27              --compartment-id "${COMPARTMENT_ID}" --all --bastion-lifecycle-state ACTIVE \
    28              | jq -r '.data[0]."id"')
    29  
    30  if [ -z "$BASTION_ID" ]; then
    31      echo "Failed to get the BASTION_ID"
    32      exit 1
    33  fi
    34  
    35  SESSION_ID=$(oci bastion session list --all --bastion-id $BASTION_ID \
    36               --session-lifecycle-state ACTIVE \
    37               | jq -r --arg sname ${SESSION_NAME} '.data[] | select(."display-name"==$sname) | .id')
    38  if [ -z "${SESSION_ID}" ]; then
    39      echo "Creating port forwarding bastion session ${SESSION_NAME} "
    40      SESSION_ID=$(oci bastion session create-port-forwarding \
    41        --bastion-id $BASTION_ID \
    42        --ssh-public-key-file ${ssh_public_key_path} \
    43        --session-ttl 10800 \
    44        --target-private-ip ${CLUSTER_IP} \
    45        --display-name ${SESSION_NAME} \
    46        --target-port 6443 | jq '.data.id' | sed s/\"//g)
    47        sleep 60
    48  else
    49      echo "Reusing existing session ${SESSION_NAME}, OCID: ${SESSION_ID}"
    50  fi
    51  
    52  if [ -z "$SESSION_ID" ]; then
    53      echo "Failed to create a bastion session"
    54      exit 1
    55  fi
    56  
    57  #echo "Waiting for $SESSION_ID to start"
    58  #sleep 60
    59  
    60  COMMAND=`oci bastion session get  --session-id=${SESSION_ID} | \
    61    jq '.data."ssh-metadata".command' | \
    62    sed 's/"//g' | \
    63    sed 's|<privateKey>|'"${OPC_USER_KEY_FILE}"'|g' | \
    64    sed 's|<localPort>|6443|g'`
    65  echo "command = ${COMMAND}"
    66  if [ -z "$COMMAND" ]; then
    67      echo "didn't find the command to set up ssh tunnel"
    68      exit 1
    69  fi
    70  COMMAND+=" -o StrictHostKeyChecking=no -v -4 &"
    71  echo "command = ${COMMAND}"
    72  echo "Setting up the ssh tunnel"
    73  eval ${COMMAND}
    74  
    75  
    76  if [ $? -ne 0 ]; then
    77    echo "Failed to setup ssh tunnel to the bastion host ${BASTION_ID}"
    78    exit 1
    79  fi
    80  
    81  echo "Successfully set up ssh tunnel"