tripleo-common/scripts/upload-swift-artifacts
Keith Schincke 86cce51067 Add file type check to upload-swift-artifacts
deploy-artifacts supports only 'RPM' and 'gzip compressed data' [1]
while upload-swift-artifacts will allow the uploading
of any file. deploy-artifacts will fail if an unsupported file
type is downloaded resutling in a stack deploy failure.

This update add a check_file function which will validate the
file type of each file before it is uploaded. The script will
exit with a failure if an unsupported file is attempted.

Change-Id: I8c46110fa2779b818bc5b7882788f5d8739c1d2a
1: https://github.com/openstack/tripleo-heat-templates/blob/master/puppet/deploy-artifacts.sh#L12-L23
2018-02-15 07:20:12 -05:00

179 lines
5.5 KiB
Bash
Executable File

#!/bin/bash
#set -x
# Copyright 2015 Red Hat, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Script to upload files to a Swift container for deployment via
# TripleO Heat Templates.
#
set -eu
set -o pipefail
SCRIPT_NAME=$(basename $0)
SCRIPT_HOME=$(cd $(dirname $0); pwd)
function show_options {
echo "Usage: $SCRIPT_NAME"
echo
echo "Options:"
echo " -h, --help -- print this help."
echo " -f <file> -- File(s) to upload."
echo " -c <container> -- Swift container to use."
echo " Default: overcloud-artifacts"
echo " --environment <env> -- Generate this heat <env>"
echo " Default: $HOME/.tripleo/environments/deployment-artifacts.yaml"
echo " --seconds <seconds> -- Number of seconds for temp URLs."
echo " Default: 31536000 (one year)"
echo
echo "Upload a set of files to Swift and generate a Heat environment"
echo "file containing the required DeployArtifactURLs parameter(s) "
echo "so that it is used with TripleO Heat Templates."
echo
exit $1
}
function check_file
{
local FILE=$1
supported_files=(" RPM " "gzip compressed data")
array_length=${#supported_files[@]}
local test_type=`file $FILE`
local i=0
local matched=0
while [ $i -ne $array_length -a $matched -eq 0 ]
do
if [[ "$test_type" =~ ${supported_files[$i]} ]]
then
matched=1
fi
i=$((i+1))
done
if [ $matched -eq 0 ]
then
echo "Not a supported file type: $FILE"
exit 1
fi
}
TEMP=`getopt -o he:f:c:s: -l help,environment:,file:,container:,seconds: -n $SCRIPT_NAME -- "$@"`
if [ $? != 0 ]; then
echo "Terminating..." >&2
exit 1
fi
# Note the quotes around `$TEMP': they are essential!
eval set -- "$TEMP"
ENVIRONMENT_FILE="$HOME/.tripleo/environments/deployment-artifacts.yaml"
FILES=
CONTAINER_NAME=overcloud-artifacts
SECONDS=31536000
while true ; do
case "$1" in
-h|--help) show_options 0 >&2;;
-e|--environment) ENVIRONMENT_FILE=$2 ; shift 2;;
-f|--file) FILES+=" $2" ; shift 2;;
-c|--container) CONTAINER_NAME=$2 ; shift 2;;
-s|--seconds) SECONDS=$2 ; shift 2;;
--) shift ; break;;
*) echo "Error: unsupported option $1." ; exit 1;;
esac
done
if [ -z "${FILES:-}" ]; then
echo "Error: No files were specified."
exit 1
fi
if [ -z "${CONTAINER_NAME:-}" ]; then
echo "Error: No Swift --container was specified."
exit 1
fi
function create_heat_env() {
local heat_env_file=$1
mkdir -p $(dirname "$heat_env_file")
cat > "$heat_env_file" <<-EOF_CAT
# Heat environment to deploy artifacts via Swift Temp URL(s)
parameter_defaults:
DeployArtifactURLs:
EOF_CAT
}
# create the container (doing it more than once won't hurt...) and grab the
# account
SWIFT_ACCOUNT=$(openstack container create $CONTAINER_NAME -f value -c account)
# This works with newer openstackclient which displays the endpoints in list
SWIFT_INTERNAL_URL=$(openstack endpoint list | grep swift | grep internal | sed -e "s|.*\(http.*\)://\([^/]*\)/.*|\1://\2|" || true)
if [ -z "$SWIFT_INTERNAL_URL" ]; then
# fallback to old openstack client 'show' which displays all the URLs
SWIFT_INTERNAL_URL=$(openstack endpoint show swift | grep internalurl | sed -e "s|.*\(http.*\)://\([^/]*\)/.*|\1://\2|")
fi
# Does the Temp-URL-Key exist on this container?
# If not set it...
KEY_SET=$(openstack container show $CONTAINER_NAME -c properties -f value 2>/dev/null | tr ',' '\n' | grep Temp-Url-Key || true)
if [ -z $KEY_SET ]; then
echo "Creating new Swift Temp-URL-Key for container: $CONTAINER_NAME"
SWIFT_TEMP_URL_KEY=$(uuidgen | sha1sum | awk '{print $1}')
openstack container set --property "Temp-URL-Key=$SWIFT_TEMP_URL_KEY" "${CONTAINER_NAME}"
else
SWIFT_TEMP_URL_KEY=$(echo -n $KEY_SET | sed -rn "s/[[:space:]]*Temp-Url-Key='([[:alnum:]]+)'.*/\1/p")
fi
if [ -n "${ENVIRONMENT_FILE:-}" ]; then
echo "Creating heat environment file: $ENVIRONMENT_FILE"
create_heat_env "$ENVIRONMENT_FILE"
else
echo "No environment file specified... skipping creation of Heat environment."
fi
function get_tempurl {
# https://docs.openstack.org/swift/latest/api/temporary_url_middleware.html#hmac-sha1-signature-for-temporary-urls
local FILE="$1"
local SWIFT_METHOD='GET'
local SWIFT_PATH="/v1/${SWIFT_ACCOUNT}/${CONTAINER_NAME}/$(basename $FILE)"
local SWIFT_EXPIRES=$(( $(date '+%s') + $SECONDS ))
local SWIFT_SIG=$(printf '%s\n%s\n%s' $SWIFT_METHOD $SWIFT_EXPIRES $SWIFT_PATH | openssl sha1 -hmac $SWIFT_TEMP_URL_KEY | sed 's/^.* //')
echo -n "${SWIFT_PATH}?temp_url_sig=${SWIFT_SIG}&temp_url_expires=${SWIFT_EXPIRES}"
}
function upload_file {
local FILE="$1"
echo "Uploading file to swift: $1"
pushd $(dirname $FILE) &>/dev/null
openstack object create "$CONTAINER_NAME" $(basename $FILE)
popd &>/dev/null
echo "Upload complete."
local URL=$(get_tempurl "$FILE")
echo " - '${SWIFT_INTERNAL_URL}$URL'" >> $ENVIRONMENT_FILE
}
for FILE in ${FILES[@]}; do
check_file "$FILE"
upload_file "$FILE"
done