From b47ebebf9e462b49998da4b09d4686c29594b331 Mon Sep 17 00:00:00 2001 From: geek Date: Thu, 22 Jun 2017 15:52:09 -0500 Subject: [PATCH] bug: copy keys for sdc --- docker-compose-api/Dockerfile | 11 ++--------- packages/portal-api/Dockerfile | 2 +- packages/portal-api/bin/prestart.sh | 8 ++++++++ packages/portal-api/etc/containerpilot.json5 | 9 +++++---- setup.sh | 12 ++++++++++++ 5 files changed, 28 insertions(+), 14 deletions(-) diff --git a/docker-compose-api/Dockerfile b/docker-compose-api/Dockerfile index f28a0296..a9776dfc 100644 --- a/docker-compose-api/Dockerfile +++ b/docker-compose-api/Dockerfile @@ -4,22 +4,15 @@ FROM quay.io/yldio/docker-compose-api RUN apk add --update bash -# Install Consul -# Releases at https://releases.hashicorp.com/consul -RUN set -ex \ - && export CONSUL_VERSION=0.7.5 \ - && export CONSUL_CHECKSUM=40ce7175535551882ecdff21fdd276cef6eaab96be8a8260e0599fadb6f1f5b8 \ +RUN export CONSUL_VERSION=0.7.0 \ + && export CONSUL_CHECKSUM=b350591af10d7d23514ebaa0565638539900cdb3aaa048f077217c4c46653dd8 \ && curl --retry 7 --fail -vo /tmp/consul.zip "https://releases.hashicorp.com/consul/${CONSUL_VERSION}/consul_${CONSUL_VERSION}_linux_amd64.zip" \ && echo "${CONSUL_CHECKSUM} /tmp/consul.zip" | sha256sum -c \ && unzip /tmp/consul -d /usr/local/bin \ && rm /tmp/consul.zip \ - # Create empty directories for Consul config and data \ - && mkdir -p /etc/consul \ - && mkdir -p /var/lib/consul \ && mkdir /config - # Add Containerpilot and set its configuration ENV CONTAINERPILOT_VERSION 3.0.0 ENV CONTAINERPILOT /etc/containerpilot.json diff --git a/packages/portal-api/Dockerfile b/packages/portal-api/Dockerfile index 62f0f2b0..07dae923 100644 --- a/packages/portal-api/Dockerfile +++ b/packages/portal-api/Dockerfile @@ -4,7 +4,7 @@ ENV CONTAINERPILOT /etc/containerpilot.json5 RUN set -x \ && apk update \ - && apk add curl bash build-base python zeromq-dev \ + && apk add curl bash build-base python zeromq-dev openssh \ && rm -rf /var/cache/apk/* RUN npm install -g npm@^4 \ diff --git a/packages/portal-api/bin/prestart.sh b/packages/portal-api/bin/prestart.sh index 795c45b4..04fcba52 100755 --- a/packages/portal-api/bin/prestart.sh +++ b/packages/portal-api/bin/prestart.sh @@ -11,3 +11,11 @@ then echo -e "${TRITON_CERT}" | tr '#' '\n' > ${TRITON_CREDS_PATH}/cert.pem echo -e "${TRITON_KEY}" | tr '#' '\n' > ${TRITON_CREDS_PATH}/key.pem fi + +eval `/usr/bin/ssh-agent -s` +mkdir -p ~/.ssh +echo -e "${SDC_KEY_PUB}" | tr '#' '\n' > ~/.ssh/id_rsa.pub +echo -e "${SDC_KEY}" | tr '#' '\n' > ~/.ssh/id_rsa +chmod 400 ~/.ssh/id_rsa.pub +chmod 400 ~/.ssh/id_rsa +ssh-add ~/.ssh/id_rsa diff --git a/packages/portal-api/etc/containerpilot.json5 b/packages/portal-api/etc/containerpilot.json5 index 5cb14dcd..dc477675 100644 --- a/packages/portal-api/etc/containerpilot.json5 +++ b/packages/portal-api/etc/containerpilot.json5 @@ -2,8 +2,8 @@ consul: 'localhost:8500', jobs: [ { - "name": "setup-config", - "exec": "/bin/prestart.sh" + name: 'setup-config', + exec: '/bin/prestart.sh' }, { name: 'bootstrap', @@ -19,7 +19,7 @@ exec: 'node server.js', health: { exec: '/usr/bin/curl -o /dev/null --fail -s http://localhost:{{.PORT}}/check-it-out', - interval: 2, + interval: 5, ttl: 5 }, tags: [ @@ -87,7 +87,8 @@ when: { source: 'watch.docker-compose-api', each: 'changed' - } + }, + restarts: 'unlimited' }, ], watches: [ diff --git a/setup.sh b/setup.sh index 5a7e13cd..b7ab92aa 100755 --- a/setup.sh +++ b/setup.sh @@ -47,6 +47,18 @@ check() { echo TRITON_CERT=$(cat "${DOCKER_CERT_PATH}"/cert.pem | tr '\n' '#') >> _env echo TRITON_CERT_PATH=${TRITON_CREDS_PATH}/cert.pem >> _env echo >> _env + + for file in ~/.ssh/*.pub + do + SDC_KEY=$(ssh-keygen -E md5 -lf ${file} | awk '{print $2}' | awk -F"MD5:" '{print $2}') + if [ "$SDC_KEY" == "$SDC_KEY_ID" ] + then + echo SDC_KEY_PUB=$(cat "${file}" | tr '\n' '#') >> _env + priv_file=$(echo "${file}" | awk -F".pub" '{print $1}') + echo SDC_KEY=$(cat "${priv_file}" | tr '\n' '#') >> _env + break + fi + done } # default behavior