From be7676a787fcfa8f419c671835d2dc144cdd8195 Mon Sep 17 00:00:00 2001 From: Adam Israel Date: Wed, 2 Oct 2019 16:10:53 -0400 Subject: [PATCH] Re-enable OSMLCM_VCA_CACERT Re-enable the capture of the Juju CA certificate by base64-encoding it. Change-Id: I3e16209831525d8b594549287a91b1bf4ae0f702 Signed-off-by: Adam Israel --- installers/docker/__lcm__.env | 1 + installers/full_install_osm.sh | 18 +++++++++--------- 2 files changed, 10 insertions(+), 9 deletions(-) diff --git a/installers/docker/__lcm__.env b/installers/docker/__lcm__.env index 762061a0..b8ae0e3c 100644 --- a/installers/docker/__lcm__.env +++ b/installers/docker/__lcm__.env @@ -15,3 +15,4 @@ OSMLCM_VCA_HOST=__JUJU_CONTROLLER_IP__ OSMLCM_VCA_SECRET=__JUJU_PASSWORD__ OSMLCM_VCA_PUBKEY=__JUJU_PUBKEY__ OSMLCM_VCA_APIPROXY=__JUJU_APIPROXY__ +OSMLCM_VCA_CACERT=__JUJU_CACERT__ diff --git a/installers/full_install_osm.sh b/installers/full_install_osm.sh index e564cfb2..48f2cae4 100755 --- a/installers/full_install_osm.sh +++ b/installers/full_install_osm.sh @@ -798,11 +798,11 @@ function generate_docker_env_files() { $WORKDIR_SUDO sed -i "s|OSMLCM_VCA_PUBKEY.*|OSMLCM_VCA_PUBKEY=\"${OSM_VCA_PUBKEY}\"|g" $OSM_DOCKER_WORK_DIR/lcm.env fi - #if ! grep -Fq "OSMLCM_VCA_CACERT" $OSM_DOCKER_WORK_DIR/lcm.env; then - # echo "OSMLCM_VCA_CACERT=\"${OSM_VCA_CACERT}\"" | $WORKDIR_SUDO tee -a $OSM_DOCKER_WORK_DIR/lcm.env - #else - # $WORKDIR_SUDO sed -i "s|OSMLCM_VCA_CACERT.*|OSMLCM_VCA_CACERT=\"${OSM_VCA_CACERT}\"|g" $OSM_DOCKER_WORK_DIR/lcm.env - #fi + if ! grep -Fq "OSMLCM_VCA_CACERT" $OSM_DOCKER_WORK_DIR/lcm.env; then + echo "OSMLCM_VCA_CACERT=${OSM_VCA_CACERT}" | $WORKDIR_SUDO tee -a $OSM_DOCKER_WORK_DIR/lcm.env + else + $WORKDIR_SUDO sed -i "s|OSMLCM_VCA_CACERT.*|OSMLCM_VCA_CACERT=${OSM_VCA_CACERT}|g" $OSM_DOCKER_WORK_DIR/lcm.env + fi if ! grep -Fq "OSMLCM_VCA_APIPROXY" $OSM_DOCKER_WORK_DIR/lcm.env; then echo "OSMLCM_VCA_APIPROXY=${OSM_VCA_APIPROXY}" | $WORKDIR_SUDO tee -a $OSM_DOCKER_WORK_DIR/lcm.env @@ -1056,16 +1056,16 @@ function install_lightweight() { OSM_VCA_PUBKEY=$(cat $HOME/.local/share/juju/ssh/juju_id_rsa.pub) [ -z "$OSM_VCA_PUBKEY" ] && FATAL "Cannot obtain juju public key" fi - #if [ -z "$OSM_VCA_CACERT" ]; then - #OSM_VCA_CACERT=$(juju controllers --format json | jq -r '.controllers["osm"]["ca-cert"]' | grep -v "\-\-\-\-\-.*CERTIFICATE\-\-\-\-\-") - # [ -z "$OSM_VCA_CACERT" ] && FATAL "Cannot obtain juju CA certificate" - #fi if [ -z "$OSM_VCA_APIPROXY" ]; then OSM_VCA_APIPROXY=$DEFAULT_IP [ -z "$OSM_VCA_APIPROXY" ] && FATAL "Cannot obtain juju api proxy" fi juju_createproxy + if [ -z "$OSM_VCA_CACERT" ]; then + OSM_VCA_CACERT=$(juju controllers --format json | jq -r '.controllers["osm"]["ca-cert"]' | base64 | tr -d \\n) + [ -z "$OSM_VCA_CACERT" ] && FATAL "Cannot obtain juju CA certificate" + fi if [ -z "$OSM_DATABASE_COMMONKEY" ]; then OSM_DATABASE_COMMONKEY=$(generate_secret) [ -z "OSM_DATABASE_COMMONKEY" ] && FATAL "Cannot generate common db secret" -- 2.25.1