diff options
author | Sylvain Desbureaux <sylvain.desbureaux@orange.com> | 2020-12-07 10:28:24 +0100 |
---|---|---|
committer | Sylvain Desbureaux <sylvain.desbureaux@orange.com> | 2020-12-07 10:31:27 +0100 |
commit | 16bdf241133bc2b448b89b445e489cbab76fcf25 (patch) | |
tree | 22ece7a4873d3c87ecfa27cd90071e5d475aaf8d /kubernetes/robot/scripts/etescript/vnfsdk-etescript.sh | |
parent | 2dce7527bc6a7c88934eb07f16e2b1b568fb29a6 (diff) |
[ROBOT] Reintegrate robot in main repository
Robot chart is currently in its own directory. As a lot will be done in
the charts with tight coordination between "common" part and components
parts, it's a lot easier to have everything in a same place for now.
we're using commit 85b5af5058bbda19b557add185d917f60c2188ee from robot
Issue-ID: OOM-2645
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I7c187b616d3436ed2eab7bf7e95cb6a1a90edf31
Diffstat (limited to 'kubernetes/robot/scripts/etescript/vnfsdk-etescript.sh')
-rwxr-xr-x | kubernetes/robot/scripts/etescript/vnfsdk-etescript.sh | 49 |
1 files changed, 49 insertions, 0 deletions
diff --git a/kubernetes/robot/scripts/etescript/vnfsdk-etescript.sh b/kubernetes/robot/scripts/etescript/vnfsdk-etescript.sh new file mode 100755 index 0000000000..f1d39691bf --- /dev/null +++ b/kubernetes/robot/scripts/etescript/vnfsdk-etescript.sh @@ -0,0 +1,49 @@ +# SPDX-License-Identifier: Apache-2.0 + +#!/bin/bash + +# +# Create root certificate CA (Certificate Authority) and its private key. +# Create the package certificate issued by CA +# Copy the stuff to SDC ONBOARDING and Robot pods. +# + + + +SDCVALID=sdc-valid +SDCINVALID=sdc-invalid +ROBOTPOD=$(kubectl -n $NAMESPACE get pods --no-headers=true -o custom-columns=:metadata.name | grep robot ) +SDCONBOARDINGPOD=$(kubectl -n $NAMESPACE get pods --no-headers=true -o custom-columns=:metadata.name | grep sdc-onboarding-be | grep -v cassandra) + +generate_ca_key_cert_and_package_cert_issued_by_CA () { + openssl req -batch -new -nodes -x509 -days 36500 -keyout rootCA-private-robot-$1.key -out rootCA-robot-$1.cert + openssl req -batch -new -nodes -keyout package-private-robot-$1.key -out package-robot-$1.csr + openssl x509 -req -CA rootCA-robot-$1.cert -CAkey rootCA-private-robot-$1.key -CAcreateserial -in package-robot-$1.csr -out package-robot-$1.cert +} + + +copy_root_cert_to_sdc_onboarding () { + kubectl cp $1/rootCA-robot-$5.cert $2/$3:$4 +} + +copy_package_certs_to_robot () { + for f in package-robot-$5.cert package-private-robot-$5.key + do + kubectl cp $1/$f $2/$3:$4 + done +} + +mkdir "$DIR/$SCRIPTDIR/tmp" +cd "$DIR/$SCRIPTDIR/tmp" +if [[ -f rootCA-robot-$SDCVALID.cert && -f package-robot-$SDCVALID.cert && -f package-robot-$SDCINVALID.cert && -f package-private-robot-$SDCVALID.key && -f package-private-robot-$SDCINVALID.key ]]; then + echo "All files are present"; +else + generate_ca_key_cert_and_package_cert_issued_by_CA $SDCVALID + generate_ca_key_cert_and_package_cert_issued_by_CA $SDCINVALID + +fi +cd ../../.. +copy_root_cert_to_sdc_onboarding "$DIR/$SCRIPTDIR/tmp" "$NAMESPACE" "$SDCONBOARDINGPOD" "/var/lib/jetty/cert" $SDCVALID +copy_package_certs_to_robot "$DIR/$SCRIPTDIR/tmp" "$NAMESPACE" "$ROBOTPOD" "/tmp" $SDCVALID +copy_package_certs_to_robot "$DIR/$SCRIPTDIR/tmp" "$NAMESPACE" "$ROBOTPOD" "/tmp" $SDCINVALID + |