forked from cloudfoundry/uaa
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathrun-minikube.sh
executable file
·152 lines (121 loc) · 3.66 KB
/
run-minikube.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
#!/usr/bin/env bash
set -o pipefail
UAA_INGRESS_IP=""
UAA_ADMIN_CLIENT_SECRET=""
UAA_CONFIG_DIR="${HOME}/.uaa"
UAA_ADMIN_CLIENT_SECRET_LOCATION="${UAA_CONFIG_DIR}/admin_client_secret.json"
minikube_status() {
local minikube_status_exit_code
minikube status
minikube_status_exit_code=$?
if [ ${minikube_status_exit_code} -ne 0 ]; then
exit ${minikube_status_exit_code}
fi
}
get_admin_client_secret() {
mkdir -p "${UAA_CONFIG_DIR}"
local admin_client_secret
admin_client_secret=$(jq ".admin.client_secret" "${UAA_ADMIN_CLIENT_SECRET_LOCATION}" -e -r 2> /dev/null)
if [ $? -ne 0 ]; then
admin_client_secret="$(openssl rand -hex 12)"
create_admin_client_secret "${admin_client_secret}"
fi
UAA_ADMIN_CLIENT_SECRET="${admin_client_secret}"
}
create_admin_client_secret() {
local admin_client_secret
admin_client_secret="${1}"
cat << EOF > "${UAA_ADMIN_CLIENT_SECRET_LOCATION}"
{
"admin": {
"client_secret": "${admin_client_secret}"
}
}
EOF
}
ytt_and_minikube() {
local ytt_kubectl_cmd="ytt -f templates -f addons -v admin.client_secret=\"${UAA_ADMIN_CLIENT_SECRET}\" ${@} | kubectl apply -f -"
local ytt_kubectl_cmd_exit_code
echo "Running '${ytt_kubectl_cmd}'"
eval "${ytt_kubectl_cmd}"
ytt_kubectl_cmd_exit_code=$?
if [ ${ytt_kubectl_cmd_exit_code} -ne 0 ]; then
exit ${ytt_kubectl_cmd_exit_code}
fi
}
check_k8s_for_admin_client_secret() {
local admin_client_secret=$(kubectl get secret/uaa-admin-client-credentials -o json | \
jq '.data."admin_client_credentials.yml"' -r - | \
base64 -D | \
yq r - "oauth.clients.admin.secret")
if [ -n "${admin_client_secret}" -a "${admin_client_secret}" != "${UAA_ADMIN_CLIENT_SECRET}" ]; then
create_admin_client_secret "${admin_client_secret}"
UAA_ADMIN_CLIENT_SECRET="${admin_client_secret}"
fi
}
wait_for_ingress() {
echo "Waiting for ingress availability"
local get_ip_cmd="kubectl get ingress -o json | jq '.items[0].status.loadBalancer.ingress[0].ip' -e -r"
local ip
ip=$(eval "${get_ip_cmd}")
while [ $? -ne 0 ]; do
echo "Checking for ingress ip... ${ip}"
sleep 4
ip=$(eval "${get_ip_cmd}")
done
echo "Checking for ingress ip... ${ip}"
UAA_INGRESS_IP="${ip}"
}
wait_for_availability() {
echo "Waiting for UAA availability"
local status_cmd="kubectl get deployments/uaa -o json | jq '.status.readyReplicas' -e"
local count_ready=
count_ready=$(eval "${status_cmd}")
while [ $? -ne 0 ]; do
echo "Waiting for UAA availability..."
sleep 2
count_ready=$(eval "${status_cmd}")
done
while [ 1 -gt ${count_ready} ]; do
echo "Waiting for UAA availability..."
sleep 2
count_ready=$(eval "${status_cmd}")
done
}
target_uaa() {
echo "Attempting to target the UAA"
local target_cmd="uaa target 'http://${UAA_INGRESS_IP}' --skip-ssl-validation"
eval "${target_cmd}"
while [ $? -ne 0 ]; do
echo "Attempting to target the UAA..."
sleep 2
eval "${target_cmd}"
done
}
get_client_credentials_token() {
local get_token_cmd
get_token_cmd="uaa get-client-credentials-token admin -s '${UAA_ADMIN_CLIENT_SECRET}'"
eval "${get_token_cmd}"
if [ $? -ne 0 ]; then
echo "Unable to retrieve admin client token. Performing a rollout restart."
kubectl rollout restart deployments/uaa
sleep 4
eval "${get_token_cmd}"
while [ $? -ne 0 ]; do
echo "Attempting to get a client_token for the UAA..."
sleep 4
eval "${get_token_cmd}"
done
fi
}
main() {
minikube_status
get_admin_client_secret
ytt_and_minikube "${@}"
check_k8s_for_admin_client_secret
wait_for_ingress
wait_for_availability
target_uaa "${UAA_INGRESS_IP}"
get_client_credentials_token
}
main "${@}"