#!/bin/bash install_ingress_ca() { ingress_ca=$(config_ingress_ca) if [[ -z "$ingress_ca" ]] then echo "Not installing ingress root CA." return fi local_file="${TEMP_DIR}/ingress_ca.pem" remote_file="${GENESIS_WORK_DIR}/ingress_ca.pem" cat <<< "$ingress_ca" > "$local_file" rsync_cmd "$local_file" "${GENESIS_NAME}":"$remote_file" } shipard_cmd_stdout() { install_ingress_ca ssh_cmd "${GENESIS_NAME}" \ docker run -t --network=host \ -v "${GENESIS_WORK_DIR}:/work" \ -e OS_AUTH_URL=http://keystone.ucp.svc.cluster.local:80/v3 \ -e OS_USERNAME=shipyard \ -e OS_USER_DOMAIN_NAME=default \ -e OS_PASSWORD="${SHIPYARD_PASSWORD}" \ -e OS_PROJECT_DOMAIN_NAME=default \ -e OS_PROJECT_NAME=service \ -e REQUESTS_CA_BUNDLE=/work/ingress_ca.pem \ --entrypoint /usr/local/bin/shipyard "${IMAGE_SHIPYARD_CLI}" $* 2>&1 } shipyard_cmd() { if [[ ! -z "${LOG_FILE}" ]] then set -o pipefail shipard_cmd_stdout $* | tee -a "${LOG_FILE}" set +o pipefail else shipard_cmd_stdout $* fi } drydock_cmd_stdout() { install_ingress_ca ssh_cmd "${GENESIS_NAME}" \ docker run -t --network=host \ -v "${GENESIS_WORK_DIR}:/work" \ -e DD_URL=http://drydock-api.ucp.svc.cluster.local:9000 \ -e OS_AUTH_URL=http://keystone.ucp.svc.cluster.local:80/v3 \ -e OS_USERNAME=shipyard \ -e OS_USER_DOMAIN_NAME=default \ -e OS_PASSWORD="${SHIPYARD_PASSWORD}" \ -e OS_PROJECT_DOMAIN_NAME=default \ -e OS_PROJECT_NAME=service \ -e REQUESTS_CA_BUNDLE=/work/ingress_ca.pem \ --entrypoint /usr/local/bin/drydock "${IMAGE_DRYDOCK_CLI}" $* 2>&1 } drydock_cmd() { if [[ ! -z "${LOG_FILE}" ]] then set -o pipefail drydock_cmd_stdout $* | tee -a "${LOG_FILE}" set +o pipefail else drydock_cmd_stdout $* fi } # Create a shipyard action # and poll until completion shipyard_action_wait() { action=$1 timeout=${2:-3600} poll_time=${3:-60} if [[ $action == "update_site" ]] then options="--allow-intermediate-commits" else options="" fi end_time=$(date -d "+${timeout} seconds" +%s) log "Starting Shipyard action ${action}, will timeout in ${timeout} seconds." ACTION_ID=$(shipyard_cmd create action ${options} "${action}") ACTION_ID=$(echo "${ACTION_ID}" | grep -oE 'action/[0-9A-Z]+') while true; do if [[ $(date +%s) -ge ${end_time} ]] then log "Shipyard action ${action} did not complete in ${timeout} seconds." return 2 fi ACTION_STATUS=$(shipyard_cmd describe "${ACTION_ID}" | grep -i "Lifecycle" | \ awk '{print $2}') ACTION_STEPS=$(shipyard_cmd describe "${ACTION_ID}" | grep -i "step/" | \ awk '{print $3}') # Verify lifecycle status if [ "${ACTION_STATUS}" == "Failed" ]; then echo -e "\n${ACTION_ID} FAILED\n" shipyard_cmd describe "${ACTION_ID}" exit 1 fi if [ "${ACTION_STATUS}" == "Complete" ]; then # Verify status of each action step for step in ${ACTION_STEPS}; do if [ "${step}" == "failed" ]; then echo -e "\n${ACTION_ID} FAILED\n" shipyard_cmd describe "${ACTION_ID}" exit 1 fi done echo -e "\n${ACTION_ID} completed SUCCESSFULLY\n" shipyard_cmd describe "${ACTION_ID}" exit 0 fi sleep "${poll_time}" done } # Re-use the ssh key from ssh-config # for MAAS-deployed nodes collect_ssh_key() { mkdir -p "${GATE_DEPOT}" if [[ ! -r ${SSH_CONFIG_DIR}/id_rsa.pub ]] then ssh_keypair_declare fi cat << EOF > ${GATE_DEPOT}/airship_ubuntu_ssh_key.yaml --- schema: deckhand/Certificate/v1 metadata: schema: metadata/Document/v1 name: ubuntu_ssh_key layeringDefinition: layer: site abstract: false storagePolicy: cleartext data: |- EOF cat ${SSH_CONFIG_DIR}/id_rsa.pub | sed -e 's/^/ /' >> ${GATE_DEPOT}/airship_ubuntu_ssh_key.yaml }