Merge "Add service parameter apply to update_docker_registry_auth.sh"

utilities/platform-util/scripts/update_docker_registry_auth.sh

@@ -1,6 +1,6 @@
 #!/bin/bash -e
 #
-# Copyright (c) 2021 Wind River Systems, Inc.
+# Copyright (c) 2021-2022 Wind River Systems, Inc.
 #
 # SPDX-License-Identifier: Apache-2.0
 #
@@ -39,28 +39,41 @@ else
     exit
 fi
 
+# Constant variables
 NEW_CREDS="username:${usr} password:${pw}"
+REGISTRY_LIST="docker-registry quay-registry elastic-registry gcr-registry \
+k8s-registry ghcr-registry"
+CENTRAL_REGISTRY_URL="registry.central"
 
 echo
 
 source /etc/platform/openrc
 
-for REGISTRY in docker-registry quay-registry elastic-registry gcr-registry \
-    k8s-registry ghcr-registry; do
-    echo -n "Updating" $REGISTRY "credentials ."
-    SECRET_UUID=$(system service-parameter-list | fgrep $REGISTRY |\
-        fgrep auth-secret | awk '{print $10}')
-    if [ -z "$SECRET_UUID" ]; then
-        echo "No $REGISTRY entry in service-parameters"
+for REGISTRY in "${REGISTRY_LIST}"; do
+    echo -n "Checking ${REGISTRY} url. "
+    registry_url=$(system service-parameter-list | grep -F ${REGISTRY} |\
+        grep -F url | awk '{print $10}')
+    if [[ -z "${registry_url}" ]] ||\
+        [[ "${registry_url}" != *"${CENTRAL_REGISTRY_URL}"* ]]; then
+        echo "${REGISTRY} is not a central registry. Skipping updating credential."
         echo
         continue
     fi
 
-    SECRET_REF=$(openstack secret list | fgrep ${SECRET_UUID} |\
+    echo -n "Updating ${REGISTRY} credentials ."
+    SECRET_UUID=$(system service-parameter-list | grep -F ${REGISTRY} |\
+        grep -F auth-secret | awk '{print $10}')
+    if [ -z "${SECRET_UUID}" ]; then
+        echo "No ${REGISTRY} entry in service-parameters"
+        echo
+        continue
+    fi
+
+    SECRET_REF=$(openstack secret list | grep -F ${SECRET_UUID} |\
         awk '{print $2}')
     echo -n "."
-    if [ -z "$SECRET_REF" ]; then
-        echo "No $REGISTRY entry in openstack secret list"
+    if [ -z "${SECRET_REF}" ]; then
+        echo "No ${REGISTRY} entry in openstack secret list"
     else
         SECRET_VALUE=$(openstack secret get ${SECRET_REF} --payload -f value)
         echo -n "."
@@ -68,27 +81,29 @@ for REGISTRY in docker-registry quay-registry elastic-registry gcr-registry \
         echo -n "."
     fi
 
-    NEW_SECRET_VALUE=$NEW_CREDS
+    NEW_SECRET_VALUE=${NEW_CREDS}
     openstack secret store -n ${REGISTRY}-secret -p "${NEW_SECRET_VALUE}" \
         >/dev/null
     echo -n "."
-    NEW_SECRET_REF=$(openstack secret list | fgrep ${REGISTRY}-secret |\
+    NEW_SECRET_REF=$(openstack secret list | grep -F ${REGISTRY}-secret |\
         awk '{print $2}')
     NEW_SECRET_UUID=$(echo "${NEW_SECRET_REF}" | awk -F/ '{print $6}')
-    system service-parameter-modify docker $REGISTRY \
+    system service-parameter-modify docker "${REGISTRY}" \
         auth-secret="${NEW_SECRET_UUID}" > /dev/null
     echo -n "."
     echo " done."
 
-    echo -n "Validating $REGISTRY credentials updated to:  "
-    SECRET_UUID=$(system service-parameter-list | fgrep $REGISTRY |\
-        fgrep auth-secret | awk '{print $10}')
-    if [ -z "$SECRET_UUID" ]; then
+    echo -n "Validating ${REGISTRY} credentials updated to:  "
+    SECRET_UUID=$(system service-parameter-list | grep -F ${REGISTRY} |\
+        grep -F auth-secret | awk '{print $10}')
+    if [ -z "${SECRET_UUID}" ]; then
         continue
     fi
-    SECRET_REF=$(openstack secret list | fgrep ${SECRET_UUID} | awk '{print $2}')
+    SECRET_REF=$(openstack secret list | grep -F ${SECRET_UUID} | awk '{print $2}')
     SECRET_VALUE=$(openstack secret get ${SECRET_REF} --payload -f value)
-    echo $SECRET_VALUE
+    echo "${SECRET_VALUE}"
 
     echo
 done
+
+system service-parameter-apply docker