bug: copy keys for sdc

This commit is contained in:
geek 2017-06-22 15:52:09 -05:00 committed by Sérgio Ramos
parent d90c23cd38
commit b47ebebf9e
5 changed files with 28 additions and 14 deletions

View File

@ -4,22 +4,15 @@ FROM quay.io/yldio/docker-compose-api
RUN apk add --update bash
# Install Consul
# Releases at https://releases.hashicorp.com/consul
RUN set -ex \
&& export CONSUL_VERSION=0.7.5 \
&& export CONSUL_CHECKSUM=40ce7175535551882ecdff21fdd276cef6eaab96be8a8260e0599fadb6f1f5b8 \
RUN export CONSUL_VERSION=0.7.0 \
&& export CONSUL_CHECKSUM=b350591af10d7d23514ebaa0565638539900cdb3aaa048f077217c4c46653dd8 \
&& curl --retry 7 --fail -vo /tmp/consul.zip "https://releases.hashicorp.com/consul/${CONSUL_VERSION}/consul_${CONSUL_VERSION}_linux_amd64.zip" \
&& echo "${CONSUL_CHECKSUM} /tmp/consul.zip" | sha256sum -c \
&& unzip /tmp/consul -d /usr/local/bin \
&& rm /tmp/consul.zip \
# Create empty directories for Consul config and data \
&& mkdir -p /etc/consul \
&& mkdir -p /var/lib/consul \
&& mkdir /config
# Add Containerpilot and set its configuration
ENV CONTAINERPILOT_VERSION 3.0.0
ENV CONTAINERPILOT /etc/containerpilot.json

View File

@ -4,7 +4,7 @@ ENV CONTAINERPILOT /etc/containerpilot.json5
RUN set -x \
&& apk update \
&& apk add curl bash build-base python zeromq-dev \
&& apk add curl bash build-base python zeromq-dev openssh \
&& rm -rf /var/cache/apk/*
RUN npm install -g npm@^4 \

View File

@ -11,3 +11,11 @@ then
echo -e "${TRITON_CERT}" | tr '#' '\n' > ${TRITON_CREDS_PATH}/cert.pem
echo -e "${TRITON_KEY}" | tr '#' '\n' > ${TRITON_CREDS_PATH}/key.pem
fi
eval `/usr/bin/ssh-agent -s`
mkdir -p ~/.ssh
echo -e "${SDC_KEY_PUB}" | tr '#' '\n' > ~/.ssh/id_rsa.pub
echo -e "${SDC_KEY}" | tr '#' '\n' > ~/.ssh/id_rsa
chmod 400 ~/.ssh/id_rsa.pub
chmod 400 ~/.ssh/id_rsa
ssh-add ~/.ssh/id_rsa

View File

@ -2,8 +2,8 @@
consul: 'localhost:8500',
jobs: [
{
"name": "setup-config",
"exec": "/bin/prestart.sh"
name: 'setup-config',
exec: '/bin/prestart.sh'
},
{
name: 'bootstrap',
@ -19,7 +19,7 @@
exec: 'node server.js',
health: {
exec: '/usr/bin/curl -o /dev/null --fail -s http://localhost:{{.PORT}}/check-it-out',
interval: 2,
interval: 5,
ttl: 5
},
tags: [
@ -87,7 +87,8 @@
when: {
source: 'watch.docker-compose-api',
each: 'changed'
}
},
restarts: 'unlimited'
},
],
watches: [

View File

@ -47,6 +47,18 @@ check() {
echo TRITON_CERT=$(cat "${DOCKER_CERT_PATH}"/cert.pem | tr '\n' '#') >> _env
echo TRITON_CERT_PATH=${TRITON_CREDS_PATH}/cert.pem >> _env
echo >> _env
for file in ~/.ssh/*.pub
do
SDC_KEY=$(ssh-keygen -E md5 -lf ${file} | awk '{print $2}' | awk -F"MD5:" '{print $2}')
if [ "$SDC_KEY" == "$SDC_KEY_ID" ]
then
echo SDC_KEY_PUB=$(cat "${file}" | tr '\n' '#') >> _env
priv_file=$(echo "${file}" | awk -F".pub" '{print $1}')
echo SDC_KEY=$(cat "${priv_file}" | tr '\n' '#') >> _env
break
fi
done
}
# default behavior