Почетна Преглед Помоћ
Пријавите се
cryptarch
/
osurper
Прати 1
Волим 0
Креирај огранак 0
Датотеке Дискусије 0 Захтеви за спајање 0 Вики
Дрво: a120b0a8e6
Гране Ознаке
osurper
/
helpers.sh

helpers.sh 6.2 KB
Историја Датотека

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190 
  1. #! /bin/bash
    2. 

  2. 

  3. cache_dir=
    4. 

  4. if [[ -v $XDG_CACHE_HOME ]]; then
    5. 

  5.     cache_dir="$XDG_CACHE_HOME"/openstack
    6. 

  6. else
    7. 

  7.     cache_dir="$HOME/.cache/openstack"
    8. 

  8. fi
    9. 

  9. [[ -d "$cache_dir" ]] || mkdir -p "$cache_dir"
    10. 

  10. token_response_file=$cache_dir/$(uriparse "$OS_AUTH_URL" | awk '/^hostText/ {print $2}')
    11. 

  11. token_response_tmp="${token_response_file}-$(uuidgen)"
    12. 

  12. get_password_token() {
    13. 

  13.     # usually -s and -L shouldn't be combined, but they are needed for devcloud due to keystone redirect
    14. 

  14.     curl -sL -D- -X POST \
    15. 

  15.         --json '{"auth": {
    16. 

  16.                 "identity": {
    17. 

  17.                     "methods": [
    18. 

  18.                         "password"
    19. 

  19.                     ],
    20. 

  20.                     "password": {
    21. 

  21.                         "user": {
    22. 

  22.                             "domain": {
    23. 

  23.                                 "name": "'"$OS_USER_DOMAIN_NAME"'"
    24. 

  24.                             },
    25. 

  25.                             "name": "'"$OS_USERNAME"'",
    26. 

  26.                             "password": "'"$OS_PASSWORD"'"
    27. 

  27.                         }
    28. 

  28.                     }
    29. 

  29.                 },
    30. 

  30.                 "scope": {
    31. 

  31.                     "project": {
    32. 

  32.                         "domain": {
    33. 

  33.                             "name": "'"$OS_PROJECT_DOMAIN_NAME"'"
    34. 

  34.                         },
    35. 

  35.                         "name": "'"$OS_PROJECT_NAME"'",
    36. 

  36.                         "id": "'"$OS_PROJECT_ID"'"
    37. 

  37.                     }
    38. 

  38.                 }
    39. 

  39.             }}' "${OS_AUTH_URL}/auth/tokens"    \
    40. 

  40.         -o "$token_response_tmp"                \
    41. 

  41.     | awk -v IGNORECASE=1 '/x-subject-token/ {gsub(/\x0d/,"",$0); print $2}'
    42. 

  42. }
    43. 

  43. get_v3applicationcredential_token() {
    44. 

  44.     curl -sL -D- -X POST \
    45. 

  45.         -H "Content-Type: application/json"     \
    46. 

  46.         -d '{"auth": {
    47. 

  47.                 "identity": {
    48. 

  48.                     "methods": [
    49. 

  49.                         "application_credential"
    50. 

  50.                     ],
    51. 

  51.                     "application_credential": {
    52. 

  52.                         "id": "'"$OS_APPLICATION_CREDENTIAL_ID"'",
    53. 

  53.                         "secret": "'"$OS_APPLICATION_CREDENTIAL_SECRET"'"
    54. 

  54.                     }
    55. 

  55.                 }
    56. 

  56.             }}' "${OS_AUTH_URL}auth/tokens"     \
    57. 

  57.         -o "$token_response_tmp"                \
    58. 

  58.     | awk -v IGNORECASE=1 '/x-subject-token/ {gsub(/\x0d/,"",$0); print $2}'
    59. 

  59. }
    60. 

  60. 

  61. CURL_OS_TOKEN=
    62. 

  62. expiry=0
    63. 

  63. if [[ -f $token_response_file ]]; then
    64. 

  64.     expiry="$(jq -r '.token.expires_at' < $token_response_file | xargs date +%s --date)"
    65. 

  65. fi
    66. 

  66. now=$(date +%s)
    67. 

  67. renewal_warning_seconds=600
    68. 

  68. if [[ $expiry -gt $(( now + renewal_warning_seconds )) ]]; then
    69. 

  69.     CURL_OS_TOKEN="$(jq -r '.token.token' < $token_response_file)"
    70. 

  70. else
    71. 

  71.     CURL_OS_TOKEN=$(get_"${OS_AUTH_TYPE}"_token)
    72. 

  72.     jq -r '.token += {"token": "'"${CURL_OS_TOKEN}"'"}' < "$token_response_tmp" > "$token_response_file"
    73. 

  73.     rm "$token_response_tmp"
    74. 

  74. fi
    75. 

  75. export CURL_OS_TOKEN
    76. 

  76. 

  77. get_catalog() {
    78. 

  78.     region_filter=
    79. 

  79.     if [[ -n $OS_REGION_NAME ]]; then
    80. 

  80.         region_filter=' and .region == "'"$OS_REGION_NAME"'"'
    81. 

  81.     fi
    82. 

  82.     jq -r '["-----", "-----", "-----", "-----"], (.token.catalog[] | [.id, .type, .name, ([.endpoints[] | select(.interface == "'"$OS_INTERFACE"'"'"$region_filter"') | .url] | join(" "))]) | @tsv' < "$token_response_file" \
    83. 

  83.     | column -s$'\t' -o' | ' --table-columns id,type,name,endpoints --table-wrap endpoints -t
    84. 

  84. }
    85. 

  85. 

  86. get_service_endpoint() {
    87. 

  87.     iface="$OS_INTERFACE"
    88. 

  88.     if [[ -z $iface ]]; then
    89. 

  89.         iface=public
    90. 

  90.     fi
    91. 

  91.     if [[ -n $OS_REGION_NAME ]]; then
    92. 

  92.         region_filter=' and .region == "'"$OS_REGION_NAME"'"'
    93. 

  93.     fi
    94. 

  94.     jq -r '.token.catalog[] | select(.type == "'"$1"'") | .endpoints[] | select(.interface == "'"$iface"'"'"$region_filter"') | .url' < "$token_response_file"
    95. 

  95. }
    96. 

  96. 

  97. check_project_id() {
    98. 

  98.     curl -s -o /dev/null -w "%{http_code}\n"    \
    99. 

  99.         -H "X-Auth-Token: $CURL_OS_TOKEN"       \
    100. 

  100.         "${OS_AUTH_URL}/projects/$1"
    101. 

  101. }
    102. 

  102. 

  103. check_user_id() {
    104. 

  104.     curl -s -o /dev/null -w "%{http_code}\n"    \
    105. 

  105.         -H "X-Auth-Token: $CURL_OS_TOKEN"       \
    106. 

  106.         "${OS_AUTH_URL}/users/$1"
    107. 

  107. }
    108. 

  108. 

  109. get_project_id() {
    110. 

  110.     # Converts a project name to the project id
    111. 

  111.     curl -s                                     \
    112. 

  112.         -H "X-Auth-Token: $CURL_OS_TOKEN"       \
    113. 

  113.         "${OS_AUTH_URL}/projects?name=$1"       \
    114. 

  114.     | jq -r '.projects[].id'
    115. 

  115. }
    116. 

  116. 

  117. get_user_id() {
    118. 

  118.     # Converts a user name to the user id
    119. 

  119.     curl -s                                     \
    120. 

  120.         -H "X-Auth-Token: $CURL_OS_TOKEN"       \
    121. 

  121.         "${OS_AUTH_URL}/users?name=$1"          \
    122. 

  122.     | jq -r '.users[].id'
    123. 

  123. }
    124. 

  124. 

  125. get_role_id() {
    126. 

  126.     curl -s                                     \
    127. 

  127.         -H "X-Auth-Token: $CURL_OS_TOKEN"       \
    128. 

  128.         "${OS_AUTH_URL}/roles?name=$1"          \
    129. 

  129.     | jq -r '.roles[].id'
    130. 

  130. }
    131. 

  131. 

  132. get_aggregates() {
    133. 

  133.     local endpoint=$(get_service_endpoint compute)
    134. 

  134.     curl -s                                     \
    135. 

  135.         -H "X-Auth-Token: $CURL_OS_TOKEN"       \
    136. 

  136.         -H "X-OpenStack-Nova-API-Version: 2.42" \
    137. 

  137.         "${endpoint}/os-aggregates"
    138. 

  138. }
    139. 

  139. 

  140. get_instance() {
    141. 

  141.     local endpoint=$(get_service_endpoint compute)
    142. 

  142.     curl -s                                     \
    143. 

  143.         -H "X-Auth-Token: $CURL_OS_TOKEN"       \
    144. 

  144.         -H "X-OpenStack-Nova-API-Version: 2.42" \
    145. 

  145.         "${endpoint}/servers/$1"
    146. 

  146. }
    147. 

  147. 

  148. get_server_list_detailed() {
    149. 

  149.     local endpoint=$(get_service_endpoint compute)
    150. 

  150.     proj=$(coerce_project_id "$1")
    151. 

  151.     curl -s                                     \
    152. 

  152.         -H "X-Auth-Token: $CURL_OS_TOKEN"       \
    153. 

  153.         -H "X-OpenStack-Nova-API-Version: 2.42" \
    154. 

  154.         "${endpoint}/servers/detail?all_tenants=1&project_id=${proj}"
    155. 

  155. }
    156. 

  156. 

  157. coerce_project_id() {
    158. 

  158.     # Many API queries require project id, but we want to be able to call them using project name.
    159. 

  159.     # This function takes either an id or a name; ids are passed through, while names are coerced to ids.
    160. 

  160.     case $(check_project_id $1) in
    161. 

  161.         200)
    162. 

  162.             printf "%s\n" "$1"
    163. 

  163.             ;;
    164. 

  164.         *)
    165. 

  165.             get_project_id "$1"
    166. 

  166.             ;;
    167. 

  167.     esac
    168. 

  168. }
    169. 

  169. 

  170. coerce_user_id() {
    171. 

  171.     # Many API queries require user id, but we want to be able to call them using user name.
    172. 

  172.     # This function takes either an id or a name; ids are passed through, while names are coerced to ids.
    173. 

  173.     case $(check_user_id $1) in
    174. 

  174.         200)
    175. 

  175.             printf "%s\n" "$1"
    176. 

  176.             ;;
    177. 

  177.         *)
    178. 

  178.             get_user_id "$1"
    179. 

  179.             ;;
    180. 

  180.     esac
    181. 

  181. }
    182. 

  182. 

  183. filterify_arguments() {
    184. 

  184.     # https://stackoverflow.com/a/34802471
    185. 

  185.     (( $# )) || return
    186. 

  186.     local res
    187. 

  187.     printf -v res '"%s",' "$@"
    188. 

  188.     printf "%s\n" "${res%,}"
    189. 

  189. }
    190. 

  190.