Samuli Silvius | 9e9afd7 | 2018-12-21 14:23:51 +0200 | [diff] [blame] | 1 | #! /usr/bin/env bash |
| 2 | |
| 3 | # COPYRIGHT NOTICE STARTS HERE |
| 4 | # |
| 5 | # Copyright 2018 © Samsung Electronics Co., Ltd. |
| 6 | # |
| 7 | # Licensed under the Apache License, Version 2.0 (the "License"); |
| 8 | # you may not use this file except in compliance with the License. |
| 9 | # You may obtain a copy of the License at |
| 10 | # |
| 11 | # http://www.apache.org/licenses/LICENSE-2.0 |
| 12 | # |
| 13 | # Unless required by applicable law or agreed to in writing, software |
| 14 | # distributed under the License is distributed on an "AS IS" BASIS, |
| 15 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 16 | # See the License for the specific language governing permissions and |
| 17 | # limitations under the License. |
| 18 | # |
| 19 | # COPYRIGHT NOTICE ENDS HERE |
| 20 | |
| 21 | |
| 22 | ### This script prepares Nexus repositories data blobs for ONAP |
| 23 | |
| 24 | # Mandatory variables need to be set in configuration file: |
| 25 | # NXS_SRC_DOCKER_IMG_DIR - resource directory of docker images |
| 26 | # NXS_SRC_NPM_DIR - resource directory of npm packages |
Tomáš Levora | 1d90234 | 2019-02-05 10:01:43 +0100 | [diff] [blame] | 27 | # NXS_SRC_PYPI_DIR - resource directory of pypi packages |
Samuli Silvius | 9e9afd7 | 2018-12-21 14:23:51 +0200 | [diff] [blame] | 28 | # NXS_DOCKER_IMG_LIST - list of docker images to be pushed to Nexus repository |
| 29 | # NXS_DOCKER_WO_LIST - list of docker images which uses default repository |
| 30 | # NXS_NPM_LIST - list of npm packages to be published to Nexus repository |
Tomáš Levora | 1d90234 | 2019-02-05 10:01:43 +0100 | [diff] [blame] | 31 | # NXS_PYPI_LIST - list of pypi packages to be uploaded to Nexus repository |
Samuli Silvius | 9e9afd7 | 2018-12-21 14:23:51 +0200 | [diff] [blame] | 32 | # NEXUS_DATA_TAR - target tarball of Nexus data path/name |
| 33 | # NEXUS_DATA_DIR - directory used for the Nexus blob build |
| 34 | # NEXUS_IMAGE - Sonatype/Nexus3 docker image which will be used for data blob creation |
| 35 | |
| 36 | # Fail fast settings |
| 37 | set -e |
| 38 | |
| 39 | # Nexus repository location |
| 40 | NEXUS_DOMAIN="nexus" |
| 41 | NPM_REGISTRY="http://${NEXUS_DOMAIN}:8081/repository/npm-private/" |
Tomáš Levora | 1d90234 | 2019-02-05 10:01:43 +0100 | [diff] [blame] | 42 | PYPI_REGISTRY="http://${NEXUS_DOMAIN}:8081/repository/pypi-private/" |
Samuli Silvius | 9e9afd7 | 2018-12-21 14:23:51 +0200 | [diff] [blame] | 43 | DOCKER_REGISTRY="${NEXUS_DOMAIN}:8082" |
| 44 | |
| 45 | # Nexus repository credentials |
| 46 | NEXUS_USERNAME=admin |
| 47 | NEXUS_PASSWORD=admin123 |
| 48 | NEXUS_EMAIL=admin@example.org |
| 49 | |
| 50 | # Setup simulated domain names to be able to push all in private Nexus repository |
| 51 | SIMUL_HOSTS="docker.elastic.co gcr.io hub.docker.com nexus3.onap.org nexus.onap.org registry.hub.docker.com ${NEXUS_DOMAIN}" |
| 52 | |
| 53 | # Nexus repository configuration setup |
| 54 | NEXUS_CONFIG_GROOVY='import org.sonatype.nexus.security.realm.RealmManager |
| 55 | import org.sonatype.nexus.repository.attributes.AttributesFacet |
| 56 | import org.sonatype.nexus.security.user.UserManager |
| 57 | import org.sonatype.nexus.repository.manager.RepositoryManager |
| 58 | import org.sonatype.nexus.security.user.UserNotFoundException |
| 59 | /* Use the container to look up some services. */ |
| 60 | realmManager = container.lookup(RealmManager.class) |
| 61 | userManager = container.lookup(UserManager.class, "default") //default user manager |
| 62 | repositoryManager = container.lookup(RepositoryManager.class) |
| 63 | /* Managers are used when scripting api cannot. Note that scripting api can only create mostly, and that creation methods return objects of created entities. */ |
| 64 | /* Perform cleanup by removing all repos and users. Realms do not need to be re-disabled, admin and anonymous user will not be removed. */ |
| 65 | userManager.listUserIds().each({ id -> |
| 66 | if (id != "anonymous" && id != "admin") |
| 67 | userManager.deleteUser(id) |
| 68 | }) |
| 69 | repositoryManager.browse().each { |
| 70 | repositoryManager.delete(it.getName()) |
| 71 | } |
| 72 | /* Add bearer token realms at the end of realm lists... */ |
| 73 | realmManager.enableRealm("NpmToken") |
| 74 | realmManager.enableRealm("DockerToken") |
Tomáš Levora | 1d90234 | 2019-02-05 10:01:43 +0100 | [diff] [blame] | 75 | realmManager.enableRealm("PypiToken") |
Samuli Silvius | 9e9afd7 | 2018-12-21 14:23:51 +0200 | [diff] [blame] | 76 | /* Create the docker user. */ |
| 77 | security.addUser("docker", "docker", "docker", "docker@example.com", true, "docker", ["nx-anonymous"]) |
Tomáš Levora | 1d90234 | 2019-02-05 10:01:43 +0100 | [diff] [blame] | 78 | /* Create docker, npm and pypi repositories. Their default configuration should be compliant with our requirements, except the docker registry creation. */ |
Samuli Silvius | 9e9afd7 | 2018-12-21 14:23:51 +0200 | [diff] [blame] | 79 | repository.createNpmHosted("npm-private") |
Tomáš Levora | 1d90234 | 2019-02-05 10:01:43 +0100 | [diff] [blame] | 80 | repository.createPyPiHosted("pypi-private") |
Samuli Silvius | 9e9afd7 | 2018-12-21 14:23:51 +0200 | [diff] [blame] | 81 | def r = repository.createDockerHosted("onap", 8082, 0) |
| 82 | /* force basic authentication true by default, must set to false for docker repo. */ |
| 83 | conf=r.getConfiguration() |
| 84 | conf.attributes("docker").set("forceBasicAuth", false) |
| 85 | repositoryManager.update(conf)' |
| 86 | |
| 87 | usage () { |
| 88 | echo " This script is preparing Nexus data blob from docker images and npm packages" |
| 89 | echo " Usage:" |
| 90 | echo " ./$(basename $0) <config_file> [<target>]" |
| 91 | echo " " |
| 92 | echo " config_file is a file with defined variables, which are mandatory for this script" |
| 93 | echo " target is optional parameter where you can specify full path/name of resulted package" |
| 94 | echo " which replaces the value specified in configuration file" |
| 95 | echo " " |
| 96 | echo " Example: ./$(basename $0) ./package.conf /root/nexus_data.tar" |
| 97 | echo " " |
| 98 | echo " Parameters need to be defined in configuration file:" |
| 99 | echo " " |
| 100 | echo " NXS_SRC_DOCKER_IMG_DIR - directory of resource docker images" |
| 101 | echo " NXS_SRC_NPM_DIR - directory of resource npm packages" |
Tomáš Levora | 1d90234 | 2019-02-05 10:01:43 +0100 | [diff] [blame] | 102 | echo " NXS_SRC_PYPI_DIR - directory of resource pypi packages" |
Samuli Silvius | 9e9afd7 | 2018-12-21 14:23:51 +0200 | [diff] [blame] | 103 | echo " NXS_DOCKER_IMG_LIST - list of docker images to be pushed to Nexus repository" |
| 104 | echo " NXS_DOCKER_WO_LIST - list of docker images which uses default repository" |
| 105 | echo " NXS_NPM_LIST - list of npm packages to be published to Nexus repository" |
Tomáš Levora | 1d90234 | 2019-02-05 10:01:43 +0100 | [diff] [blame] | 106 | echo " NXS_PYPI_LIST - list of pypi packages to be uploaded to Nexus repository" |
Samuli Silvius | 9e9afd7 | 2018-12-21 14:23:51 +0200 | [diff] [blame] | 107 | echo " NEXUS_DATA_TAR - target tarball of Nexus data path/name" |
| 108 | echo " NEXUS_DATA_DIR - directory used for the Nexus blob build" |
| 109 | echo " NEXUS_IMAGE - Sonatype/Nexus3 docker image which will be used for data blob creation" |
| 110 | exit 1 |
| 111 | } |
| 112 | |
| 113 | |
| 114 | ################################# |
| 115 | # Prepare the local environment # |
| 116 | ################################# |
| 117 | |
| 118 | # Load the config file |
| 119 | if [ "${1}" == "-h" ] || [ -z "${1}" ]; then |
| 120 | usage |
| 121 | elif [ -f ${1} ]; then |
| 122 | . ${1} |
| 123 | else |
| 124 | echo "Missing mandatory configuration file!" |
| 125 | usage |
| 126 | exit 1 |
| 127 | fi |
| 128 | |
| 129 | if [ -n "${2}" ]; then |
| 130 | NEXUS_DATA_TAR="${2}" |
| 131 | fi |
| 132 | |
Tomáš Levora | 1d90234 | 2019-02-05 10:01:43 +0100 | [diff] [blame] | 133 | for VAR in NXS_SRC_DOCKER_IMG_DIR NXS_SRC_NPM_DIR NXS_SRC_PYPI_DIR NXS_DOCKER_IMG_LIST NXS_DOCKER_WO_LIST NXS_NPM_LIST NXS_PYPI_LIST NEXUS_DATA_TAR NEXUS_DATA_DIR NEXUS_IMAGE; do |
Samuli Silvius | 9e9afd7 | 2018-12-21 14:23:51 +0200 | [diff] [blame] | 134 | if [ -n "${!VAR}" ] ; then |
| 135 | echo "${VAR} is set to ${!VAR}" |
| 136 | else |
| 137 | echo "${VAR} is not set and it is mandatory" |
| 138 | FAIL="1" |
| 139 | fi |
| 140 | done |
| 141 | |
| 142 | if [ "${FAIL}" == "1" ]; then |
| 143 | echo "One or more mandatory variables are not set" |
| 144 | exit 1 |
| 145 | fi |
| 146 | |
| 147 | # Check the dependencies in the beginning |
| 148 | |
Tomáš Levora | d204853 | 2019-01-16 16:14:43 +0100 | [diff] [blame] | 149 | # Install jq |
| 150 | if yum list installed "jq" >/dev/null 2>&1; then |
| 151 | echo "jq is already installed" |
Samuli Silvius | 9e9afd7 | 2018-12-21 14:23:51 +0200 | [diff] [blame] | 152 | else |
Tomáš Levora | d204853 | 2019-01-16 16:14:43 +0100 | [diff] [blame] | 153 | yum install -y --setopt=skip_missing_names_on_install=False http://dl.fedoraproject.org/pub/epel/7/x86_64/Packages/j/jq-1.5-1.el7.x86_64.rpm |
Samuli Silvius | 9e9afd7 | 2018-12-21 14:23:51 +0200 | [diff] [blame] | 154 | fi |
| 155 | |
| 156 | # Install curl if necessary |
| 157 | if yum list installed "curl" >/dev/null 2>&1; then |
| 158 | echo "curl is already installed" |
| 159 | else |
| 160 | yum install -y --setopt=skip_missing_names_on_install=False curl |
| 161 | fi |
| 162 | |
| 163 | # Install expect if necessary |
| 164 | if yum list installed "expect" >/dev/null 2>&1; then |
| 165 | echo "expect is already installed" |
| 166 | else |
| 167 | yum install -y --setopt=skip_missing_names_on_install=False expect |
| 168 | fi |
| 169 | |
| 170 | # Install Docker (docker-ce in version 17.03 for RHEL) from online repositories if no version installed |
| 171 | if yum list installed "docker-ce" >/dev/null 2>&1 || which docker>/dev/null 2>&1; then |
| 172 | echo "Docker is already installed" |
| 173 | else |
| 174 | curl https://releases.rancher.com/install-docker/17.03.sh | sh |
| 175 | fi |
| 176 | |
| 177 | # Prepare the Nexus configuration |
| 178 | NEXUS_CONFIG=$(echo "${NEXUS_CONFIG_GROOVY}" | jq -Rsc '{"name":"configure", "type":"groovy", "content":.}') |
| 179 | |
| 180 | # Add simulated domain names to /etc/hosts |
| 181 | cp /etc/hosts /etc/$(date +"%Y-%m-%d_%H-%M-%S")_hosts.bk |
| 182 | for DNS in ${SIMUL_HOSTS}; do |
| 183 | echo "127.0.0.1 ${DNS}" >> /etc/hosts |
| 184 | done |
| 185 | |
| 186 | # Backup the current docker registry settings |
| 187 | if [ -f /root/.docker/config.json ]; then |
| 188 | mv /root/.docker/config.json /root/.docker/$(date +"%Y-%m-%d_%H-%M-%S")config.json.bk |
| 189 | fi |
| 190 | |
| 191 | ################################# |
| 192 | # Docker repository preparation # |
| 193 | ################################# |
| 194 | |
| 195 | # Load all necessary images |
| 196 | for ARCHIVE in $(sed $'s/\r// ; s/\:/\_/g ; s/\//\_/g ; s/$/\.tar/g' ${NXS_DOCKER_IMG_LIST} | awk '{ print $1 }'); do |
| 197 | docker load -i ${NXS_SRC_DOCKER_IMG_DIR}/${ARCHIVE} |
| 198 | done |
| 199 | |
| 200 | for ARCHIVE in $(sed $'s/\r// ; s/\:/\_/g ; s/\//\_/g ; s/$/\.tar/g' ${NXS_DOCKER_WO_LIST} | awk '{ print $1 }'); do |
| 201 | docker load -i ${NXS_SRC_DOCKER_IMG_DIR}/${ARCHIVE} |
| 202 | done |
| 203 | |
| 204 | # Tag docker images from default repository to simulated repository to be able to upload it to our private registry |
| 205 | for IMAGE in $(sed $'s/\r//' ${NXS_DOCKER_WO_LIST} | awk '{ print $1 }'); do |
| 206 | docker tag ${IMAGE} ${DOCKER_REGISTRY}/${IMAGE} |
| 207 | done |
| 208 | |
| 209 | |
| 210 | ################################ |
| 211 | # Nexus repository preparation # |
| 212 | ################################ |
| 213 | |
| 214 | # Load predefined Nexus image |
| 215 | docker load -i ${NEXUS_IMAGE} |
| 216 | |
| 217 | # Prepare nexus-data directory |
| 218 | if [ -d ${NEXUS_DATA_DIR} ]; then |
| 219 | if [ "$(docker ps -q -f name=nexus)" ]; then |
| 220 | docker rm -f $(docker ps -aq -f name=nexus) |
| 221 | fi |
| 222 | cd ${NEXUS_DATA_DIR}/.. |
| 223 | mv ${NEXUS_DATA_DIR} $(date +"%Y-%m-%d_%H-%M-%S")_$(basename ${NEXUS_DATA_DIR})_bk |
| 224 | fi |
| 225 | |
| 226 | mkdir -p ${NEXUS_DATA_DIR} |
| 227 | chown 200:200 ${NEXUS_DATA_DIR} |
| 228 | chmod 777 ${NEXUS_DATA_DIR} |
| 229 | |
| 230 | # Save Nexus version to prevent/catch data incompatibility |
| 231 | docker images --no-trunc | grep sonatype/nexus3 | awk '{ print $1":"$2" "$3}' > ${NEXUS_DATA_DIR}/nexus.ver |
| 232 | |
| 233 | # Start the Nexus |
| 234 | NEXUS_CONT_ID=$(docker run -d --rm -v ${NEXUS_DATA_DIR}:/nexus-data:rw --name nexus -p 8081:8081 -p 8082:8082 -p 80:8082 -p 10001:8082 sonatype/nexus3) |
| 235 | echo "Waiting for Nexus to fully start" |
| 236 | until curl -su admin:admin123 http://${NEXUS_DOMAIN}:8081/service/metrics/healthcheck | grep '"healthy":true' > /dev/null ; do |
| 237 | printf "." |
| 238 | sleep 3 |
| 239 | done |
| 240 | echo -e "\nNexus started" |
| 241 | |
| 242 | # Configure the nexus repository |
| 243 | curl -X POST --header 'Content-Type: application/json' --data-binary "${NEXUS_CONFIG}" http://admin:admin123@${NEXUS_DOMAIN}:8081/service/rest/v1/script |
| 244 | curl -X POST --header "Content-Type: text/plain" http://admin:admin123@${NEXUS_DOMAIN}:8081/service/rest/v1/script/configure/run |
| 245 | |
| 246 | ########################### |
| 247 | # Populate NPM repository # |
| 248 | ########################### |
| 249 | |
| 250 | # Configure NPM registry to our Nexus repository |
| 251 | npm config set registry ${NPM_REGISTRY} |
| 252 | |
| 253 | # Login to NPM registry |
| 254 | /usr/bin/expect <<EOF |
| 255 | spawn npm login |
| 256 | expect "Username:" |
| 257 | send "${NEXUS_USERNAME}\n" |
| 258 | expect "Password:" |
| 259 | send "${NEXUS_PASSWORD}\n" |
| 260 | expect Email: |
| 261 | send "${NEXUS_EMAIL}\n" |
| 262 | expect eof |
| 263 | EOF |
| 264 | |
| 265 | # Patch problematic package |
Tomáš Levora | 1d90234 | 2019-02-05 10:01:43 +0100 | [diff] [blame] | 266 | pushd ${NXS_SRC_NPM_DIR} |
Samuli Silvius | 9e9afd7 | 2018-12-21 14:23:51 +0200 | [diff] [blame] | 267 | tar xvzf tsscmp-1.0.5.tgz |
| 268 | rm -f tsscmp-1.0.5.tgz |
Tomáš Levora | 504adc1 | 2019-04-09 09:27:06 +0200 | [diff] [blame] | 269 | sed -i 's|\"registry\":\ \".*\"|\"registry\":\ \"'"${NPM_REGISTRY}"'\"|g' package/package.json |
Samuli Silvius | 9e9afd7 | 2018-12-21 14:23:51 +0200 | [diff] [blame] | 270 | tar -zcvf tsscmp-1.0.5.tgz package |
| 271 | rm -rf package |
| 272 | |
| 273 | # Push NPM packages to Nexus repository |
| 274 | for ARCHIVE in $(sed $'s/\r// ; s/\\@/\-/g ; s/$/\.tgz/g' ${NXS_NPM_LIST} | awk '{ print $1 }'); do |
| 275 | npm publish --access public ${ARCHIVE} |
| 276 | done |
Tomáš Levora | 1d90234 | 2019-02-05 10:01:43 +0100 | [diff] [blame] | 277 | popd |
| 278 | |
| 279 | ############################## |
| 280 | # Populate PyPi repository # |
| 281 | ############################## |
| 282 | |
| 283 | pushd ${NXS_SRC_PYPI_DIR} |
| 284 | for PACKAGE in $(sed $'s/\r//; s/==/-/' ${NXS_PYPI_LIST}); do |
| 285 | twine upload -u ${NEXUS_USERNAME} -p ${NEXUS_PASSWORD} --repository-url ${PYPI_REGISTRY} ./${PACKAGE}* |
| 286 | done |
| 287 | popd |
Samuli Silvius | 9e9afd7 | 2018-12-21 14:23:51 +0200 | [diff] [blame] | 288 | |
| 289 | ############################## |
| 290 | # Populate Docker repository # |
| 291 | ############################## |
| 292 | |
| 293 | for REGISTRY in $(sed 's/\/.*//' ${NXS_DOCKER_IMG_LIST} | uniq) ${NEXUS_DOMAIN}:8082; do |
| 294 | docker login -u "${NEXUS_USERNAME}" -p "${NEXUS_PASSWORD}" ${REGISTRY} > /dev/null |
| 295 | done |
| 296 | |
| 297 | for IMAGE in $(sed $'s/\r//' ${NXS_DOCKER_WO_LIST} | awk '{ print $1 }'); do |
| 298 | docker push ${DOCKER_REGISTRY}/${IMAGE} |
| 299 | done |
| 300 | |
| 301 | for IMAGE in $(sed $'s/\r//' ${NXS_DOCKER_IMG_LIST} | awk '{ print $1 }'); do |
| 302 | docker push ${IMAGE} |
| 303 | done |
| 304 | |
| 305 | ############################## |
| 306 | # Stop the Nexus and cleanup # |
| 307 | ############################## |
| 308 | |
| 309 | # Stop the Nexus |
| 310 | docker stop ${NEXUS_CONT_ID} |
| 311 | |
| 312 | # Create the nexus-data package |
| 313 | cd ${NEXUS_DATA_DIR}/.. |
| 314 | echo "Packing the ${NEXUS_DATA_DIR} dir" |
| 315 | until tar -cf ${NEXUS_DATA_TAR} $(basename ${NEXUS_DATA_DIR}); do |
| 316 | printf "." |
| 317 | sleep 5 |
| 318 | done |
| 319 | echo "${NEXUS_DATA_TAR} has been created" |
| 320 | |
| 321 | # Return the previous version of /etc/hosts back to its place |
| 322 | mv -f $(ls -tr /etc/*hosts.bk | tail -1) /etc/hosts |
| 323 | |
| 324 | exit 0 |