Skip to content

Instantly share code, notes, and snippets.

@chwnam
Last active Jul 15, 2016
Embed
What would you like to do?
predix-seed automation shell script.
#!/bin/bash
## Automatic predix-seed generation script
## 2016-07-15 Changwoo Nam (ep6tri@hotmail.com)
## predix-seed: https://github.com/PredixDev/predix-seed
## EDIT THESE VARIABLES
predix_seed_name="pangyo_predix_seed"
uaa_service_name="pangyo_uaa_instance"
uaa_admin_secret="0000"
views_service_name="pangyo_views_service"
redis_service_name="pangyo_redis_4"
helloworld_app_name="Predix-HelloWorld-Webapp-pangyo"
uaa_client_id="pangyo"
uaa_client_secret="1111"
user_id="rocket"
user_email="rocket@example.com"
user_secret="Gu@rdian5"
## STOP EDITING! ##############################################################
id_secret_base64=`echo -n "$uaa_client_id:$uaa_client_secret" | base64`
safe_id_secret_base64=$(echo $id_secret_base64 | sed -e 's/\([+/]\)/\\\1/g')
echo "Querying current services..."
current_services=`cf s | tail -n +5 | cut -f 1 -d ' '`
# create UAA service
if echo ${current_services[*]} | grep -q -w -v "$uaa_service_name"; then
cf create-service predix-uaa Tiered $uaa_service_name -c {\"adminClientSecret\":\"$uaa_admin_secret\"}
echo "UAA Service instance $uaa_service_name is created."
else
echo "UAA Service instance $uaa_service_name is already created."
fi
# Dummy app to identify UAA service uri
if [[ ! -d test-hello-app ]]; then
echo "Cloning dummy app to identify UAA service uri..."
git clone https://github.com/PredixDev/Predix-HelloWorld-WebApp.git test-hello-app
fi
if cf s | grep -q "$helloworld_app_name"; then
echo "HelloWorld App is already bound"
else
echo "HelloWorld App is not bound. Push the app and bind a UAA service."
cd test-hello-app
git checkout manifest.yml
sed -i "s/name: \(.*\)/name: $helloworld_app_name/g" manifest.yml
cf push
cd ..
cf bind-service "$helloworld_app_name" "$uaa_service_name"
fi
# Query UAA URI
uri=`cf env "$helloworld_app_name" | grep uri | sed -n 's/\s*"uri": "\(.\+\)",/\1/p'`
safe_uri=$(echo $uri | sed -e 's/\//\\\//g')
echo "Found UAA URI: $uri"
# Now create view service instance
if echo ${current_services[*]} | grep -q -w -v "$views_service_name"; then
cf create-service predix-views Standard $views_service_name -c {\"trustedIssuerIds\":[\"$uri/oauth/token\"]}
echo "Views Service instance $views_service_name is created."
else
echo "Views Service instance $views_service_name is already created."
fi
# New create redis-4 service instance
if echo ${current_services[*]} | grep -q -w -v "$redis_service_name"; then
cf create-service redis-4 shared-vm $redis_service_name
echo "Views Service instance $redis_service_name is created."
else
echo "Views Service instance $redis_service_name is already created."
fi
# Cloning predix-seed
if [[ ! -d predix-seed ]]; then
echo "Cloning predix-seed..."
git clone https://github.com/PredixDev/predix-seed.git
fi
cd predix-seed
echo "install dependencies...."
npm install && bower install
# Edit manifest.yml
echo "Edit manifest.yml..."
git checkout manifest.yml
sed -i "s/\(- name:\s*\).*/\1$predix_seed_name/g" manifest.yml
sed -i "s/your_redis_instance/$redis_service_name/g" manifest.yml
sed -i "s/your_view_service_instance/$views_service_name/g" manifest.yml
sed -i "s/UAA_SERVER_URL: .\+ #/UAA_SERVER_URL: $safe_uri #/g" manifest.yml
sed -i "s/REDIS:.\+/REDIS: redis-4/g" manifest.yml # NOTE: this is the marketplace name.
# Edit nginx.conf
session_secret=`openssl rand -base64 32`
safe_session_secret=$(echo $session_secret | sed -e 's/\([+/]\)/\\\1/g')
echo "Edit dist/nginx.conf..."
git checkout dist/nginx.conf
sed -i "s/vcap_service_predix_seed_view_service_instanceId/vcap_service_${views_service_name}_instanceId/g" dist/nginx.conf
sed -i "s/vcap_service_predix_seed_view_service_uri/vcap_service_${views_service_name}_uri/g" dist/nginx.conf
sed -i "s/\(set\s*\$session_secret\s*\).*;/\1$safe_session_secret;/g" dist/nginx.conf
sed -i "s/\(set\s*\$client_id\s*\)\".*\";/\1\"$uaa_client_id\";/g" dist/nginx.conf
sed -i "s/\(set\s*\$uaa_authorization_header\s*\)\"Basic .*\";/\1\"Basic $safe_id_secret_base64\";/g" dist/nginx.conf
# UAA Setup
uaac target $uri
uaac token client get admin --secret $uaa_admin_secret
if uaac client get "$uaa_client_id" | grep -q CF::UAA::NotFound; then
uaac client add $uaa_client_id \
--secret "$uaa_client_secret" \
--authorities "openid scim.me uaa.resource" \
--scope "openid scim.me" \
--autoapprove "openid scim.me" \
--authorized_grant_types "refresh_token authorization_code"
echo "Client ID $uaa_client_id is added"
else
uaac client update $uaa_client_id \
--authorities "openid scim.me uaa.resource" \
--scope "openid scim.me" \
--autoapprove "openid scim.me" \
--authorized_grant_types "refresh_token authorization_code"
echo "Client ID $uaa_client_id exists. Data updated."
fi
if uaac user get $user_id | grep -q CF::UAA::NotFound; then
uaac user add $user_id --emails $user_email -p $user_secret
echo "User $user_id created."
else
echo "User $user_id already registered."
fi
# NOW PUSH!!
grunt dist && cf push
# Local development setup
git checkout tasks/options/connect.js
sed -i "s/\(clientId:\s*\)'.*',/\1\'$uaa_client_id\',/g" tasks/options/connect.js
sed -i "s/\(serverUrl:\s*\)'.*'/\1\'$safe_uri\'/g" tasks/options/connect.js
sed -i "s/\(base64ClientCredential:\s*\)'.*'/\1\'$safe_id_secret_base64\'/g" tasks/options/connect.js
view_uri=`cf env $predix_seed_name | grep uri | grep views | sed -n 's/\s*"uri": "\(.\+\)"/\1/p'`
echo "View URI: $view_uri"
safe_view_uri=$(echo $view_uri | sed -e 's/\//\\\//g')
sed -i "s/\(url:\s*\)'.*',/\1'${safe_view_uri}',/g" tasks/options/connect.js
view_instance=`cf env $predix_seed_name | grep instanceId | sed -n 's/\s*"instanceId": "\(.\+\)",/\1/p'`
echo "View instance ID: $view_instance"
sed -i "s/\(\s*instanceId:\s*\)'.*',/\1'$view_instance',/g" tasks/options/connect.js
# Give user permission to see views
# See https://www.predix.io/docs/?r=857927#task_llh_sz5_jv
# Web Application Development > Build a Basic Web Application > Deploying the Dashboard Seed to ...
# predix-seed github readme.md is misguiding.
view_scope="views.zones.$view_instance.user"
echo "Creating group $view_scope..."
uaac group add $view_scope
uaac group add views.admin.user
uaac group add views.power.user
echo "Adding client $uaa_client_id to groups..."
uaac member add $view_scope $uaa_client_id
uaac member add views.admin.user $uaa_client_id
uaac member add views.power.user $uaa_client_id
echo "Adding $user_id to $view_scope..."
uaac member add $view_scope $user_id
uaac member add views.power.user $user_id
echo "Client scope"
uaac client update $uaa_client_id --scope $view_scope,views.admin.user,views.power.user,openid,scim.me
echo "Client auto-approve"
uaac client update $uaa_client_id --autoapprove $view_scope,views.admin.user,views.power.user,openid,scim.me
echo "Client authorities"
uaac client update $uaa_client_id --authorities $view_scope,scim.me,uaa.resource,openid
echo "Visit https://$(cf a | tail -n+5 | grep $predix_seed_name | sed -n 's/\s\+/ /gp' | cut -f 6 -d ' ')"
echo "UAA URI: $uri"
echo "Views Service URI: $view_uri"
echo "Views Instance ID: $view_instance"
#!/bin/bash
APPS=(changwoo_predix_seed Predix-HelloWorld-Webapp-changwoo)
SERVICES=(changwoo_views_service changwoo_uaa_instance changwoo_redis_4)
for item in ${APPS[*]}
do
cf delete -f $item
done
for item in ${SERVICES[*]}
do
cf delete-service -f $item
done
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment