#!/bin/bash install_ingress_ca() { ingress_ca=$(config_ingress_ca) if [[ -z "$ingress_ca" ]] then echo "Not installing ingress root CA." return fi local_file="${TEMP_DIR}/ingress_ca.pem" remote_file="${GENESIS_WORK_DIR}/ingress_ca.pem" cat <<< "$ingress_ca" > "$local_file" rsync_cmd "$local_file" "${GENESIS_NAME}":"$remote_file" } shipard_cmd_stdout() { install_ingress_ca ssh_cmd "${GENESIS_NAME}" \ docker run -t --network=host \ -v "${GENESIS_WORK_DIR}:/work" \ -e OS_AUTH_URL=http://keystone.ucp.svc.cluster.local:80/v3 \ -e OS_USERNAME=shipyard \ -e OS_USER_DOMAIN_NAME=default \ -e OS_PASSWORD="${SHIPYARD_PASSWORD}" \ -e OS_PROJECT_DOMAIN_NAME=default \ -e OS_PROJECT_NAME=service \ -e REQUESTS_CA_BUNDLE=/work/ingress_ca.pem \ --entrypoint /usr/local/bin/shipyard "${IMAGE_SHIPYARD_CLI}" $* 2>&1 } shipyard_cmd() { if [[ ! -z "${LOG_FILE}" ]] then set -o pipefail shipard_cmd_stdout $* | tee -a "${LOG_FILE}" set +o pipefail else shipard_cmd_stdout $* fi } drydock_cmd_stdout() { install_ingress_ca ssh_cmd "${GENESIS_NAME}" \ docker run -t --network=host \ -v "${GENESIS_WORK_DIR}:/work" \ -e DD_URL=http://drydock-api.ucp.svc.cluster.local:9000 \ -e OS_AUTH_URL=http://keystone.ucp.svc.cluster.local:80/v3 \ -e OS_USERNAME=shipyard \ -e OS_USER_DOMAIN_NAME=default \ -e OS_PASSWORD="${SHIPYARD_PASSWORD}" \ -e OS_PROJECT_DOMAIN_NAME=default \ -e OS_PROJECT_NAME=service \ -e REQUESTS_CA_BUNDLE=/work/ingress_ca.pem \ --entrypoint /usr/local/bin/drydock "${IMAGE_DRYDOCK_CLI}" $* 2>&1 } drydock_cmd() { if [[ ! -z "${LOG_FILE}" ]] then set -o pipefail drydock_cmd_stdout $* | tee -a "${LOG_FILE}" set +o pipefail else drydock_cmd_stdout $* fi } # Create a shipyard action # and poll until completion shipyard_action_wait() { action=$1 timeout=${2:-3600} poll_time=${3:-60} if [[ $action == "update_site" ]] then options="--allow-intermediate-commits" else options="" fi end_time=$(date -d "+${timeout} seconds" +%s) log "Starting Shipyard action ${action}, will timeout in ${timeout} seconds." ACTION_ID=$(shipyard_cmd create action ${options} "${action}") ACTION_ID=$(echo "${ACTION_ID}" | grep -oE 'action/[0-9A-Z]+') while true; do if [[ $(date +%s) -ge ${end_time} ]] then log "Shipyard action ${action} did not complete in ${timeout} seconds." return 2 fi RESULT=$(shipyard_cmd --output-format=raw describe "${ACTION_ID}") ACTION_STATUS=$(echo "${RESULT}" | jq -r '.action_lifecycle') ACTION_RESULT=$(echo "${RESULT}" | jq -r '.dag_status') if [[ "${ACTION_STATUS}" == "Complete" ]] then if [[ "${ACTION_RESULT}" == "success" ]] then log "Shipyard action ${action} success!" return 0 else log "Shipyard action ${action} completed with result ${ACTION_RESULT}" echo "${RESULT}" | jq >> "${LOG_FILE}" return 1 fi else sleep "${poll_time}" fi done } # Re-use the ssh key from ssh-config # for MAAS-deployed nodes collect_ssh_key() { mkdir -p "${GATE_DEPOT}" if [[ ! -r ${SSH_CONFIG_DIR}/id_rsa.pub ]] then ssh_keypair_declare fi cat << EOF > ${GATE_DEPOT}/airship_ubuntu_ssh_key.yaml --- schema: deckhand/Certificate/v1 metadata: schema: metadata/Document/v1 name: ubuntu_ssh_key layeringDefinition: layer: site abstract: false storagePolicy: cleartext data: |- EOF cat ${SSH_CONFIG_DIR}/id_rsa.pub | sed -e 's/^/ /' >> ${GATE_DEPOT}/airship_ubuntu_ssh_key.yaml }