Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # This file's name
- PROGNAME=$(basename "$0")
- BOLD="\033[1m"
- REGULAR="\033[0m"
- # Configurable parameters
- API_ENDPOINT="https://api.cf.eu10.hana.ondemand.com"
- USER=""
- PASSWORD=""
- ORG="oneproc-paas-eu10"
- SPACE="proc-dev-eu10"
- APP_BASE_NAME="jwtretriever-app"
- TARGET_DIRECTORY="$HOME/.temp/cf-instance-credentials"
- USE_CF_ENV=false
- PREV_TARGET_ORG=""
- PREV_TARGET_SPACE=""
- PREV_CF_HOME=$CF_HOME
- step() {
- echo -e "$BOLD-->$REGULAR $1"
- }
- # A helper function to exit the script with an error message
- errorExit() {
- echo "${PROGNAME}: ${1:-"Unknown Error"}" 1>&2
- exit 1
- }
- # Helper function to print the scripts usage
- usage() {
- echo "Usage: $PROGNAME -a <api endpoint> -u <user> -p <password>
- -o <org> -s <space> -n <application name> -t <target directory>
- -e -h
- -a Cloud Foundry API endpoint Default: $API_ENDPOINT
- -u Cloud Foundry username
- -p Cloud Foundry password
- -o Cloud Foundry org Default: $ORG
- -s Cloud Foundry space Default: $SPACE
- -n Name of the application Default: $APP_BASE_NAME
- from which to fetch the
- instance credentials
- -t Target directory Default: $TARGET_DIRECTORY
- -e Use existing cf environment.
- No cf login will be
- performed.
- -h Print help"
- }
- ###############################################################################
- # Preparation
- ###############################################################################
- # Parse the command line arguments
- while getopts ":a:u:p:o:s:n:t:he" option; do
- case "$option" in
- a)
- API_ENDPOINT="$OPTARG"
- ;;
- u)
- USER="$OPTARG"
- ;;
- p)
- PASSWORD="$OPTARG"
- ;;
- o)
- ORG="$OPTARG"
- ;;
- s)
- SPACE="$OPTARG"
- ;;
- n)
- APP_BASE_NAME="$OPTARG"
- ;;
- t)
- TARGET_DIRECTORY="$OPTARG"
- ;;
- e)
- USE_CF_ENV=true
- ;;
- h)
- usage
- exit 0
- ;;
- *)
- usage
- exit 1
- ;;
- esac
- done
- ###############################################################################
- # Read the name of the app from which to fetch the instance credentials
- ###############################################################################
- step "Reading name of app to fetch instance credentials from"
- APP_NAME=$(cf apps | cut -d ' ' -f 1 | grep "^$APP_BASE_NAME-.*$" | tail -1) || errorExit "Could not read app name"
- ###############################################################################
- # Fetch the instance credentials
- ###############################################################################
- step "Fetching instance credentials from $BOLD$APP_NAME$REGULAR"
- # Prepare a directory in the users temporary directory for the credentials
- if [[ ! -d $TARGET_DIRECTORY ]]; then
- mkdir -p "$TARGET_DIRECTORY" \
- || errorExit "Could not create directory for credential files: $TARGET_DIRECTORY"
- else
- rm "$TARGET_DIRECTORY"/* \
- || errorExit "Could not clear contents of $TARGET_DIRECTORY"
- fi
- # Fetch the credentials and save them in the prepared directory
- CF_CERT_PATH="$TARGET_DIRECTORY/instance-cert.crt"
- CF_KEY_PATH="$TARGET_DIRECTORY/instance-key.key"
- VCAP_SERVICES_PATH="$TARGET_DIRECTORY/vcap-services.json"
- cf ssh $APP_NAME -c 'cat $CF_INSTANCE_CERT' > $CF_CERT_PATH || errorExit "Could not fetch instance certificate"
- cf ssh $APP_NAME -c 'cat $CF_INSTANCE_KEY' > $CF_KEY_PATH || errorExit "Could not fetch instance key"
- cf ssh $APP_NAME -c 'echo $VCAP_SERVICES' > $VCAP_SERVICES_PATH || errorExit "Could not fetch VCAP_SERVICES"
- # Create java keystore
- step "Creating java keystore"
- CF_P12_PATH="$TARGET_DIRECTORY/certificate.p12"
- CF_JKS_PATH="$TARGET_DIRECTORY/certificate.jks"
- openssl pkcs12 -export -out $CF_P12_PATH -inkey $CF_KEY_PATH -in $CF_CERT_PATH -password pass:changeit
- keytool -importkeystore -srckeystore $CF_P12_PATH -srcstoretype PKCS12 -srcstorepass changeit -destkeystore $CF_JKS_PATH -deststorepass changeit
- # Format the file paths to be windows native if the script is run in a mingw environment
- KERNEL_NAME=$(uname -s)
- if [[ $KERNEL_NAME =~ "MINGW" || $KERNEL_NAME =~ "MSYS" ]]; then
- CF_CERT_PATH=$(cygpath -w $CF_CERT_PATH)
- CF_KEY_PATH=$(cygpath -w $CF_KEY_PATH)
- VCAP_SERVICES_PATH=$(cygpath -w $VCAP_SERVICES_PATH)
- CF_JKS_PATH=$(cygpath -w $CF_JKS_PATH)
- fi
- echo
- echo "Path to certificate: $CF_CERT_PATH"
- echo "Path to key: $CF_KEY_PATH"
- echo "Path to VCAP_SERVICES: $VCAP_SERVICES_PATH"
- echo "Path to JKS: $CF_JKS_PATH"
- ###############################################################################
- # Cleanup
- ###############################################################################
- if [[ $USE_CF_ENV == true ]]; then
- echo
- # Change the Cloud Foundry target back to the previous
- step "Changing Cloud Foundry target back to $BOLD$PREV_TARGET_ORG$REGULAR:$BOLD$PREV_TARGET_SPACE$REGULAR"
- cf target -o $PREV_TARGET_ORG -s $PREV_TARGET_SPACE > /dev/null || errorExit "Could not change Cloud Foundry target back to previous"
- else
- # Clear the local cloud foundry cli environment
- rm -rf .cf || errorExit "Could not clear local Cloud Foundry CLI environment"
- # Set CF_HOME to its previous value
- if [[ -d $PREV_CF_HOME ]]; then
- export CF_HOME=$PREV_CF_HOME
- else
- unset CF_HOME
- fi
- fi
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement