blob: dc4b1dd30661d1ade11c1ee09326075484a3a32c [file] [log] [blame]
Samuli Silvius9e9afd72018-12-21 14:23:51 +02001#! /usr/bin/env bash
2
3# COPYRIGHT NOTICE STARTS HERE
4#
5# Copyright 2018 © Samsung Electronics Co., Ltd.
6#
7# Licensed under the Apache License, Version 2.0 (the "License");
8# you may not use this file except in compliance with the License.
9# You may obtain a copy of the License at
10#
11# http://www.apache.org/licenses/LICENSE-2.0
12#
13# Unless required by applicable law or agreed to in writing, software
14# distributed under the License is distributed on an "AS IS" BASIS,
15# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16# See the License for the specific language governing permissions and
17# limitations under the License.
18#
19# COPYRIGHT NOTICE ENDS HERE
20
21
22### This script prepares Nexus repositories data blobs for ONAP
23
24# Mandatory variables need to be set in configuration file:
25# NXS_SRC_DOCKER_IMG_DIR - resource directory of docker images
26# NXS_SRC_NPM_DIR - resource directory of npm packages
Tomáš Levora1d902342019-02-05 10:01:43 +010027# NXS_SRC_PYPI_DIR - resource directory of pypi packages
Samuli Silvius9e9afd72018-12-21 14:23:51 +020028# NXS_DOCKER_IMG_LIST - list of docker images to be pushed to Nexus repository
29# NXS_DOCKER_WO_LIST - list of docker images which uses default repository
30# NXS_NPM_LIST - list of npm packages to be published to Nexus repository
Tomáš Levora1d902342019-02-05 10:01:43 +010031# NXS_PYPI_LIST - list of pypi packages to be uploaded to Nexus repository
Samuli Silvius9e9afd72018-12-21 14:23:51 +020032# NEXUS_DATA_TAR - target tarball of Nexus data path/name
33# NEXUS_DATA_DIR - directory used for the Nexus blob build
34# NEXUS_IMAGE - Sonatype/Nexus3 docker image which will be used for data blob creation
35
36# Fail fast settings
37set -e
38
39# Nexus repository location
40NEXUS_DOMAIN="nexus"
41NPM_REGISTRY="http://${NEXUS_DOMAIN}:8081/repository/npm-private/"
Tomáš Levora1d902342019-02-05 10:01:43 +010042PYPI_REGISTRY="http://${NEXUS_DOMAIN}:8081/repository/pypi-private/"
Samuli Silvius9e9afd72018-12-21 14:23:51 +020043DOCKER_REGISTRY="${NEXUS_DOMAIN}:8082"
44
45# Nexus repository credentials
46NEXUS_USERNAME=admin
47NEXUS_PASSWORD=admin123
48NEXUS_EMAIL=admin@example.org
49
50# Setup simulated domain names to be able to push all in private Nexus repository
51SIMUL_HOSTS="docker.elastic.co gcr.io hub.docker.com nexus3.onap.org nexus.onap.org registry.hub.docker.com ${NEXUS_DOMAIN}"
52
53# Nexus repository configuration setup
54NEXUS_CONFIG_GROOVY='import org.sonatype.nexus.security.realm.RealmManager
55import org.sonatype.nexus.repository.attributes.AttributesFacet
56import org.sonatype.nexus.security.user.UserManager
57import org.sonatype.nexus.repository.manager.RepositoryManager
58import org.sonatype.nexus.security.user.UserNotFoundException
59/* Use the container to look up some services. */
60realmManager = container.lookup(RealmManager.class)
61userManager = container.lookup(UserManager.class, "default") //default user manager
62repositoryManager = container.lookup(RepositoryManager.class)
63/* Managers are used when scripting api cannot. Note that scripting api can only create mostly, and that creation methods return objects of created entities. */
64/* Perform cleanup by removing all repos and users. Realms do not need to be re-disabled, admin and anonymous user will not be removed. */
65userManager.listUserIds().each({ id ->
66 if (id != "anonymous" && id != "admin")
67 userManager.deleteUser(id)
68})
69repositoryManager.browse().each {
70 repositoryManager.delete(it.getName())
71}
72/* Add bearer token realms at the end of realm lists... */
73realmManager.enableRealm("NpmToken")
74realmManager.enableRealm("DockerToken")
Tomáš Levora1d902342019-02-05 10:01:43 +010075realmManager.enableRealm("PypiToken")
Samuli Silvius9e9afd72018-12-21 14:23:51 +020076/* Create the docker user. */
77security.addUser("docker", "docker", "docker", "docker@example.com", true, "docker", ["nx-anonymous"])
Tomáš Levora1d902342019-02-05 10:01:43 +010078/* Create docker, npm and pypi repositories. Their default configuration should be compliant with our requirements, except the docker registry creation. */
Samuli Silvius9e9afd72018-12-21 14:23:51 +020079repository.createNpmHosted("npm-private")
Tomáš Levora1d902342019-02-05 10:01:43 +010080repository.createPyPiHosted("pypi-private")
Samuli Silvius9e9afd72018-12-21 14:23:51 +020081def r = repository.createDockerHosted("onap", 8082, 0)
82/* force basic authentication true by default, must set to false for docker repo. */
83conf=r.getConfiguration()
84conf.attributes("docker").set("forceBasicAuth", false)
85repositoryManager.update(conf)'
86
87usage () {
88 echo " This script is preparing Nexus data blob from docker images and npm packages"
89 echo " Usage:"
90 echo " ./$(basename $0) <config_file> [<target>]"
91 echo " "
92 echo " config_file is a file with defined variables, which are mandatory for this script"
93 echo " target is optional parameter where you can specify full path/name of resulted package"
94 echo " which replaces the value specified in configuration file"
95 echo " "
96 echo " Example: ./$(basename $0) ./package.conf /root/nexus_data.tar"
97 echo " "
98 echo " Parameters need to be defined in configuration file:"
99 echo " "
100 echo " NXS_SRC_DOCKER_IMG_DIR - directory of resource docker images"
101 echo " NXS_SRC_NPM_DIR - directory of resource npm packages"
Tomáš Levora1d902342019-02-05 10:01:43 +0100102 echo " NXS_SRC_PYPI_DIR - directory of resource pypi packages"
Samuli Silvius9e9afd72018-12-21 14:23:51 +0200103 echo " NXS_DOCKER_IMG_LIST - list of docker images to be pushed to Nexus repository"
104 echo " NXS_DOCKER_WO_LIST - list of docker images which uses default repository"
105 echo " NXS_NPM_LIST - list of npm packages to be published to Nexus repository"
Tomáš Levora1d902342019-02-05 10:01:43 +0100106 echo " NXS_PYPI_LIST - list of pypi packages to be uploaded to Nexus repository"
Samuli Silvius9e9afd72018-12-21 14:23:51 +0200107 echo " NEXUS_DATA_TAR - target tarball of Nexus data path/name"
108 echo " NEXUS_DATA_DIR - directory used for the Nexus blob build"
109 echo " NEXUS_IMAGE - Sonatype/Nexus3 docker image which will be used for data blob creation"
110 exit 1
111}
112
113
114#################################
115# Prepare the local environment #
116#################################
117
118# Load the config file
119if [ "${1}" == "-h" ] || [ -z "${1}" ]; then
120 usage
121elif [ -f ${1} ]; then
122 . ${1}
123else
124 echo "Missing mandatory configuration file!"
125 usage
126 exit 1
127fi
128
129if [ -n "${2}" ]; then
130 NEXUS_DATA_TAR="${2}"
131fi
132
Tomáš Levora1d902342019-02-05 10:01:43 +0100133for VAR in NXS_SRC_DOCKER_IMG_DIR NXS_SRC_NPM_DIR NXS_SRC_PYPI_DIR NXS_DOCKER_IMG_LIST NXS_DOCKER_WO_LIST NXS_NPM_LIST NXS_PYPI_LIST NEXUS_DATA_TAR NEXUS_DATA_DIR NEXUS_IMAGE; do
Samuli Silvius9e9afd72018-12-21 14:23:51 +0200134 if [ -n "${!VAR}" ] ; then
135 echo "${VAR} is set to ${!VAR}"
136 else
137 echo "${VAR} is not set and it is mandatory"
138 FAIL="1"
139 fi
140done
141
142if [ "${FAIL}" == "1" ]; then
143 echo "One or more mandatory variables are not set"
144 exit 1
145fi
146
147# Check the dependencies in the beginning
148
Tomáš Levorad2048532019-01-16 16:14:43 +0100149# Install jq
150if yum list installed "jq" >/dev/null 2>&1; then
151 echo "jq is already installed"
Samuli Silvius9e9afd72018-12-21 14:23:51 +0200152else
Tomáš Levorad2048532019-01-16 16:14:43 +0100153 yum install -y --setopt=skip_missing_names_on_install=False http://dl.fedoraproject.org/pub/epel/7/x86_64/Packages/j/jq-1.5-1.el7.x86_64.rpm
Samuli Silvius9e9afd72018-12-21 14:23:51 +0200154fi
155
156# Install curl if necessary
157if yum list installed "curl" >/dev/null 2>&1; then
158 echo "curl is already installed"
159else
160 yum install -y --setopt=skip_missing_names_on_install=False curl
161fi
162
163# Install expect if necessary
164if yum list installed "expect" >/dev/null 2>&1; then
165 echo "expect is already installed"
166else
167 yum install -y --setopt=skip_missing_names_on_install=False expect
168fi
169
170# Install Docker (docker-ce in version 17.03 for RHEL) from online repositories if no version installed
171if yum list installed "docker-ce" >/dev/null 2>&1 || which docker>/dev/null 2>&1; then
172 echo "Docker is already installed"
173else
174 curl https://releases.rancher.com/install-docker/17.03.sh | sh
175fi
176
177# Prepare the Nexus configuration
178NEXUS_CONFIG=$(echo "${NEXUS_CONFIG_GROOVY}" | jq -Rsc '{"name":"configure", "type":"groovy", "content":.}')
179
180# Add simulated domain names to /etc/hosts
181cp /etc/hosts /etc/$(date +"%Y-%m-%d_%H-%M-%S")_hosts.bk
182for DNS in ${SIMUL_HOSTS}; do
183 echo "127.0.0.1 ${DNS}" >> /etc/hosts
184done
185
186# Backup the current docker registry settings
187if [ -f /root/.docker/config.json ]; then
188 mv /root/.docker/config.json /root/.docker/$(date +"%Y-%m-%d_%H-%M-%S")config.json.bk
189fi
190
191#################################
192# Docker repository preparation #
193#################################
194
195# Load all necessary images
196for ARCHIVE in $(sed $'s/\r// ; s/\:/\_/g ; s/\//\_/g ; s/$/\.tar/g' ${NXS_DOCKER_IMG_LIST} | awk '{ print $1 }'); do
197 docker load -i ${NXS_SRC_DOCKER_IMG_DIR}/${ARCHIVE}
198done
199
200for ARCHIVE in $(sed $'s/\r// ; s/\:/\_/g ; s/\//\_/g ; s/$/\.tar/g' ${NXS_DOCKER_WO_LIST} | awk '{ print $1 }'); do
201 docker load -i ${NXS_SRC_DOCKER_IMG_DIR}/${ARCHIVE}
202done
203
204# Tag docker images from default repository to simulated repository to be able to upload it to our private registry
205for IMAGE in $(sed $'s/\r//' ${NXS_DOCKER_WO_LIST} | awk '{ print $1 }'); do
206 docker tag ${IMAGE} ${DOCKER_REGISTRY}/${IMAGE}
207done
208
209
210################################
211# Nexus repository preparation #
212################################
213
214# Load predefined Nexus image
215docker load -i ${NEXUS_IMAGE}
216
217# Prepare nexus-data directory
218if [ -d ${NEXUS_DATA_DIR} ]; then
219 if [ "$(docker ps -q -f name=nexus)" ]; then
220 docker rm -f $(docker ps -aq -f name=nexus)
221 fi
222 cd ${NEXUS_DATA_DIR}/..
223 mv ${NEXUS_DATA_DIR} $(date +"%Y-%m-%d_%H-%M-%S")_$(basename ${NEXUS_DATA_DIR})_bk
224fi
225
226mkdir -p ${NEXUS_DATA_DIR}
227chown 200:200 ${NEXUS_DATA_DIR}
228chmod 777 ${NEXUS_DATA_DIR}
229
230# Save Nexus version to prevent/catch data incompatibility
231docker images --no-trunc | grep sonatype/nexus3 | awk '{ print $1":"$2" "$3}' > ${NEXUS_DATA_DIR}/nexus.ver
232
233# Start the Nexus
234NEXUS_CONT_ID=$(docker run -d --rm -v ${NEXUS_DATA_DIR}:/nexus-data:rw --name nexus -p 8081:8081 -p 8082:8082 -p 80:8082 -p 10001:8082 sonatype/nexus3)
235echo "Waiting for Nexus to fully start"
236until curl -su admin:admin123 http://${NEXUS_DOMAIN}:8081/service/metrics/healthcheck | grep '"healthy":true' > /dev/null ; do
237 printf "."
238 sleep 3
239done
240echo -e "\nNexus started"
241
242# Configure the nexus repository
243curl -X POST --header 'Content-Type: application/json' --data-binary "${NEXUS_CONFIG}" http://admin:admin123@${NEXUS_DOMAIN}:8081/service/rest/v1/script
244curl -X POST --header "Content-Type: text/plain" http://admin:admin123@${NEXUS_DOMAIN}:8081/service/rest/v1/script/configure/run
245
246###########################
247# Populate NPM repository #
248###########################
249
250# Configure NPM registry to our Nexus repository
251npm config set registry ${NPM_REGISTRY}
252
253# Login to NPM registry
254/usr/bin/expect <<EOF
255spawn npm login
256expect "Username:"
257send "${NEXUS_USERNAME}\n"
258expect "Password:"
259send "${NEXUS_PASSWORD}\n"
260expect Email:
261send "${NEXUS_EMAIL}\n"
262expect eof
263EOF
264
265# Patch problematic package
Tomáš Levora1d902342019-02-05 10:01:43 +0100266pushd ${NXS_SRC_NPM_DIR}
Samuli Silvius9e9afd72018-12-21 14:23:51 +0200267tar xvzf tsscmp-1.0.5.tgz
268rm -f tsscmp-1.0.5.tgz
Tomáš Levora504adc12019-04-09 09:27:06 +0200269sed -i 's|\"registry\":\ \".*\"|\"registry\":\ \"'"${NPM_REGISTRY}"'\"|g' package/package.json
Samuli Silvius9e9afd72018-12-21 14:23:51 +0200270tar -zcvf tsscmp-1.0.5.tgz package
271rm -rf package
272
273# Push NPM packages to Nexus repository
274for ARCHIVE in $(sed $'s/\r// ; s/\\@/\-/g ; s/$/\.tgz/g' ${NXS_NPM_LIST} | awk '{ print $1 }'); do
275 npm publish --access public ${ARCHIVE}
276done
Tomáš Levora1d902342019-02-05 10:01:43 +0100277popd
278
279##############################
280# Populate PyPi repository #
281##############################
282
283pushd ${NXS_SRC_PYPI_DIR}
284for PACKAGE in $(sed $'s/\r//; s/==/-/' ${NXS_PYPI_LIST}); do
285 twine upload -u ${NEXUS_USERNAME} -p ${NEXUS_PASSWORD} --repository-url ${PYPI_REGISTRY} ./${PACKAGE}*
286done
287popd
Samuli Silvius9e9afd72018-12-21 14:23:51 +0200288
289##############################
290# Populate Docker repository #
291##############################
292
293for REGISTRY in $(sed 's/\/.*//' ${NXS_DOCKER_IMG_LIST} | uniq) ${NEXUS_DOMAIN}:8082; do
294 docker login -u "${NEXUS_USERNAME}" -p "${NEXUS_PASSWORD}" ${REGISTRY} > /dev/null
295done
296
297for IMAGE in $(sed $'s/\r//' ${NXS_DOCKER_WO_LIST} | awk '{ print $1 }'); do
298 docker push ${DOCKER_REGISTRY}/${IMAGE}
299done
300
301for IMAGE in $(sed $'s/\r//' ${NXS_DOCKER_IMG_LIST} | awk '{ print $1 }'); do
302 docker push ${IMAGE}
303done
304
305##############################
306# Stop the Nexus and cleanup #
307##############################
308
309# Stop the Nexus
310docker stop ${NEXUS_CONT_ID}
311
312# Create the nexus-data package
313cd ${NEXUS_DATA_DIR}/..
314echo "Packing the ${NEXUS_DATA_DIR} dir"
315until tar -cf ${NEXUS_DATA_TAR} $(basename ${NEXUS_DATA_DIR}); do
316 printf "."
317 sleep 5
318done
319echo "${NEXUS_DATA_TAR} has been created"
320
321# Return the previous version of /etc/hosts back to its place
322mv -f $(ls -tr /etc/*hosts.bk | tail -1) /etc/hosts
323
324exit 0