# This file's namePROGNAME=$(basename "$0")BOLD="\033[1m"REGULAR="\033[0m"

1. # This file's name
2. PROGNAME=$(basename "$0")
3. BOLD="\033[1m"
4. REGULAR="\033[0m"
5. # Configurable parameters
6. API_ENDPOINT="https://api.cf.eu10.hana.ondemand.com"
7. USER=""
8. PASSWORD=""
9. ORG="oneproc-paas-eu10"
10. SPACE="proc-dev-eu10"
11. APP_BASE_NAME="jwtretriever-app"
12. TARGET_DIRECTORY="$HOME/.temp/cf-instance-credentials"
13. USE_CF_ENV=false
14. PREV_TARGET_ORG=""
15. PREV_TARGET_SPACE=""
16. PREV_CF_HOME=$CF_HOME
17. step() {
18. echo -e "$BOLD-->$REGULAR $1"
19. }
20. # A helper function to exit the script with an error message
21. errorExit() {
22. echo "${PROGNAME}: ${1:-"Unknown Error"}" 1>&2
23. exit 1
24. }
25. # Helper function to print the scripts usage
26. usage() {
27. echo "Usage: $PROGNAME -a <api endpoint> -u <user> -p <password>
28. -o <org> -s <space> -n <application name> -t <target directory>
29. -e -h
30. -a Cloud Foundry API endpoint Default: $API_ENDPOINT
31. -u Cloud Foundry username
32. -p Cloud Foundry password
33. -o Cloud Foundry org Default: $ORG
34. -s Cloud Foundry space Default: $SPACE
35. -n Name of the application Default: $APP_BASE_NAME
36. from which to fetch the
37. instance credentials
38. -t Target directory Default: $TARGET_DIRECTORY
39. -e Use existing cf environment.
40. No cf login will be
41. performed.
42. -h Print help"
43. }
44. ###############################################################################
45. # Preparation
46. ###############################################################################
47. # Parse the command line arguments
48. while getopts ":a:u:p:o:s:n:t:he" option; do
49. case "$option" in
50. a)
51. API_ENDPOINT="$OPTARG"
52. ;;
53. u)
54. USER="$OPTARG"
55. ;;
56. p)
57. PASSWORD="$OPTARG"
58. ;;
59. o)
60. ORG="$OPTARG"
61. ;;
62. s)
63. SPACE="$OPTARG"
64. ;;
65. n)
66. APP_BASE_NAME="$OPTARG"
67. ;;
68. t)
69. TARGET_DIRECTORY="$OPTARG"
70. ;;
71. e)
72. USE_CF_ENV=true
73. ;;
74. h)
75. usage
76. exit 0
77. ;;
78. *)
79. usage
80. exit 1
81. ;;
82. esac
83. done
84. ###############################################################################
85. # Read the name of the app from which to fetch the instance credentials
86. ###############################################################################
87. step "Reading name of app to fetch instance credentials from"
88. APP_NAME=$(cf apps | cut -d ' ' -f 1 | grep "^$APP_BASE_NAME-.*$" | tail -1) || errorExit "Could not read app name"
89. ###############################################################################
90. # Fetch the instance credentials
91. ###############################################################################
92. step "Fetching instance credentials from $BOLD$APP_NAME$REGULAR"
93. # Prepare a directory in the users temporary directory for the credentials
94. if [[ ! -d $TARGET_DIRECTORY ]]; then
95. mkdir -p "$TARGET_DIRECTORY" \
96. || errorExit "Could not create directory for credential files: $TARGET_DIRECTORY"
97. else
98. rm "$TARGET_DIRECTORY"/* \
99. || errorExit "Could not clear contents of $TARGET_DIRECTORY"
100. fi
101. # Fetch the credentials and save them in the prepared directory
102. CF_CERT_PATH="$TARGET_DIRECTORY/instance-cert.crt"
103. CF_KEY_PATH="$TARGET_DIRECTORY/instance-key.key"
104. VCAP_SERVICES_PATH="$TARGET_DIRECTORY/vcap-services.json"
105. cf ssh $APP_NAME -c 'cat $CF_INSTANCE_CERT' > $CF_CERT_PATH || errorExit "Could not fetch instance certificate"
106. cf ssh $APP_NAME -c 'cat $CF_INSTANCE_KEY' > $CF_KEY_PATH || errorExit "Could not fetch instance key"
107. cf ssh $APP_NAME -c 'echo $VCAP_SERVICES' > $VCAP_SERVICES_PATH || errorExit "Could not fetch VCAP_SERVICES"
108. # Create java keystore
109. step "Creating java keystore"
110. CF_P12_PATH="$TARGET_DIRECTORY/certificate.p12"
111. CF_JKS_PATH="$TARGET_DIRECTORY/certificate.jks"
112. openssl pkcs12 -export -out $CF_P12_PATH -inkey $CF_KEY_PATH -in $CF_CERT_PATH -password pass:changeit
113. keytool -importkeystore -srckeystore $CF_P12_PATH -srcstoretype PKCS12 -srcstorepass changeit -destkeystore $CF_JKS_PATH -deststorepass changeit
114. # Format the file paths to be windows native if the script is run in a mingw environment
115. KERNEL_NAME=$(uname -s)
116. if [[ $KERNEL_NAME =~ "MINGW" || $KERNEL_NAME =~ "MSYS" ]]; then
117. CF_CERT_PATH=$(cygpath -w $CF_CERT_PATH)
118. CF_KEY_PATH=$(cygpath -w $CF_KEY_PATH)
119. VCAP_SERVICES_PATH=$(cygpath -w $VCAP_SERVICES_PATH)
120. CF_JKS_PATH=$(cygpath -w $CF_JKS_PATH)
121. fi
122. echo
123. echo "Path to certificate: $CF_CERT_PATH"
124. echo "Path to key: $CF_KEY_PATH"
125. echo "Path to VCAP_SERVICES: $VCAP_SERVICES_PATH"
126. echo "Path to JKS: $CF_JKS_PATH"
127. ###############################################################################
128. # Cleanup
129. ###############################################################################
130. if [[ $USE_CF_ENV == true ]]; then
131. echo
132. # Change the Cloud Foundry target back to the previous
133. step "Changing Cloud Foundry target back to $BOLD$PREV_TARGET_ORG$REGULAR:$BOLD$PREV_TARGET_SPACE$REGULAR"
134. cf target -o $PREV_TARGET_ORG -s $PREV_TARGET_SPACE > /dev/null || errorExit "Could not change Cloud Foundry target back to previous"
135. else
136. # Clear the local cloud foundry cli environment
137. rm -rf .cf || errorExit "Could not clear local Cloud Foundry CLI environment"
138. # Set CF_HOME to its previous value
139. if [[ -d $PREV_CF_HOME ]]; then
140. export CF_HOME=$PREV_CF_HOME
141. else
142. unset CF_HOME
143. fi
144. fi