Adding secret overlay in Charmed installer

Changing hardcoded password in charmed installation.
This fix will change the default passwords used in charmed installation
for Prometheus, Mariadb and Keystone.

Change-Id: I8a722d1afbe460831da91f893dc414a4fbd9c239
Signed-off-by: aticig <gulsum.atici@canonical.com>

diff --git a/installers/charmed_install.sh b/installers/charmed_install.sh
index d26b9e7..e6b8ffe 100755 (executable)
--- a/installers/charmed_install.sh
+++ b/installers/charmed_install.sh
@@ -23,6 +23,7 @@ KUBECTL="microk8s.kubectl"
 MICROK8S_VERSION=1.23
 OSMCLIENT_VERSION=latest
 IMAGES_OVERLAY_FILE=~/.osm/images-overlay.yaml
+PASSWORD_OVERLAY_FILE=~/.osm/password-overlay.yaml
 PATH=/snap/bin:${PATH}
 
 MODEL_NAME=osm
@@ -256,11 +257,14 @@ function deploy_charmed_osm(){
     if [ -v OVERLAY ]; then
         extra_overlay="--overlay $OVERLAY"
     fi
+    echo "Creating Password Overlay"
+
+    generate_password_overlay && secret_overlay="--overlay $PASSWORD_OVERLAY_FILE"
 
     if [ -v BUNDLE ]; then
-        juju deploy --trust --channel $CHARMHUB_CHANNEL -m $MODEL_NAME $BUNDLE --overlay ~/.osm/vca-overlay.yaml $images_overlay $extra_overlay
+        juju deploy --trust --channel $CHARMHUB_CHANNEL -m $MODEL_NAME $BUNDLE --overlay ~/.osm/vca-overlay.yaml $images_overlay $extra_overlay $secret_overlay
     else
-        juju deploy --trust --channel $CHARMHUB_CHANNEL -m $MODEL_NAME $OSM_BUNDLE --overlay ~/.osm/vca-overlay.yaml $images_overlay $extra_overlay
+        juju deploy --trust --channel $CHARMHUB_CHANNEL -m $MODEL_NAME $OSM_BUNDLE --overlay ~/.osm/vca-overlay.yaml $images_overlay $extra_overlay $secret_overlay
     fi
 
     if [ ! -v KUBECFG ]; then
@@ -313,6 +317,34 @@ function check_osm_deployed() {
     done
 }
 
+function generate_password_overlay() {
+    # prometheus
+    web_config_password=`openssl rand -base64 16`
+    # keystone
+    keystone_db_password=`openssl rand -base64 16`
+    keystone_admin_password=`openssl rand -base64 16`
+    keystone_service_password=`openssl rand -base64 16`
+    #  mariadb
+    mariadb_password=`openssl rand -hex 16`
+    mariadb_root_password=`openssl rand -hex 16`
+    cat << EOF > /tmp/password-overlay.yaml
+applications:
+  prometheus:
+    options:
+      web_config_password: $web_config_password
+  keystone:
+    options:
+      keystone-db-password: $keystone_db_password
+      admin-password: $keystone_admin_password
+      service-password: $keystone_service_password
+  mariadb:
+    options:
+      password: $mariadb_password
+      root_password: $mariadb_root_password
+EOF
+    mv /tmp/password-overlay.yaml $PASSWORD_OVERLAY_FILE
+}
+
 function create_overlay() {
     sudo snap install jq
     sudo snap install yq
@@ -529,6 +561,7 @@ else
     deploy_charmed_osm
     install_osmclient
     export OSM_HOSTNAME=$(juju config -m $MODEL_NAME nbi site_url | sed "s/http.*\?:\/\///"):443
+    export OSM_PASSWORD=$keystone_admin_password
     sleep 10
     add_local_k8scluster
     if [ -v MICROSTACK ]; then
@@ -540,10 +573,14 @@ else
     echo "1. Create the OSM_HOSTNAME environment variable with the NBI IP"
     echo
     echo "export OSM_HOSTNAME=$OSM_HOSTNAME"
+    echo "export OSM_PASSWORD=$OSM_PASSWORD"
     echo
-    echo "2. Add the previous command to your .bashrc for other Shell sessions"
+    echo "2. Add the previous commands to your .bashrc for other Shell sessions"
     echo
     echo "echo \"export OSM_HOSTNAME=$OSM_HOSTNAME\" >> ~/.bashrc"
+    echo "echo \"export OSM_PASSWORD=$OSM_PASSWORD\" >> ~/.bashrc"
+    echo
+    echo "3. Login OSM GUI by using admin password: $OSM_PASSWORD"
     echo
     echo "DONE"
 fi