Last active
July 15, 2016 19:13
-
-
Save chwnam/8ab7ed57bcc83631ac4c4c5dd4a7aec6 to your computer and use it in GitHub Desktop.
predix-seed automation shell script.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| ## Automatic predix-seed generation script | |
| ## 2016-07-15 Changwoo Nam (ep6tri@hotmail.com) | |
| ## predix-seed: https://github.com/PredixDev/predix-seed | |
| ## EDIT THESE VARIABLES | |
| predix_seed_name="pangyo_predix_seed" | |
| uaa_service_name="pangyo_uaa_instance" | |
| uaa_admin_secret="0000" | |
| views_service_name="pangyo_views_service" | |
| redis_service_name="pangyo_redis_4" | |
| helloworld_app_name="Predix-HelloWorld-Webapp-pangyo" | |
| uaa_client_id="pangyo" | |
| uaa_client_secret="1111" | |
| user_id="rocket" | |
| user_email="rocket@example.com" | |
| user_secret="Gu@rdian5" | |
| ## STOP EDITING! ############################################################## | |
| id_secret_base64=`echo -n "$uaa_client_id:$uaa_client_secret" | base64` | |
| safe_id_secret_base64=$(echo $id_secret_base64 | sed -e 's/\([+/]\)/\\\1/g') | |
| echo "Querying current services..." | |
| current_services=`cf s | tail -n +5 | cut -f 1 -d ' '` | |
| # create UAA service | |
| if echo ${current_services[*]} | grep -q -w -v "$uaa_service_name"; then | |
| cf create-service predix-uaa Tiered $uaa_service_name -c {\"adminClientSecret\":\"$uaa_admin_secret\"} | |
| echo "UAA Service instance $uaa_service_name is created." | |
| else | |
| echo "UAA Service instance $uaa_service_name is already created." | |
| fi | |
| # Dummy app to identify UAA service uri | |
| if [[ ! -d test-hello-app ]]; then | |
| echo "Cloning dummy app to identify UAA service uri..." | |
| git clone https://github.com/PredixDev/Predix-HelloWorld-WebApp.git test-hello-app | |
| fi | |
| if cf s | grep -q "$helloworld_app_name"; then | |
| echo "HelloWorld App is already bound" | |
| else | |
| echo "HelloWorld App is not bound. Push the app and bind a UAA service." | |
| cd test-hello-app | |
| git checkout manifest.yml | |
| sed -i "s/name: \(.*\)/name: $helloworld_app_name/g" manifest.yml | |
| cf push | |
| cd .. | |
| cf bind-service "$helloworld_app_name" "$uaa_service_name" | |
| fi | |
| # Query UAA URI | |
| uri=`cf env "$helloworld_app_name" | grep uri | sed -n 's/\s*"uri": "\(.\+\)",/\1/p'` | |
| safe_uri=$(echo $uri | sed -e 's/\//\\\//g') | |
| echo "Found UAA URI: $uri" | |
| # Now create view service instance | |
| if echo ${current_services[*]} | grep -q -w -v "$views_service_name"; then | |
| cf create-service predix-views Standard $views_service_name -c {\"trustedIssuerIds\":[\"$uri/oauth/token\"]} | |
| echo "Views Service instance $views_service_name is created." | |
| else | |
| echo "Views Service instance $views_service_name is already created." | |
| fi | |
| # New create redis-4 service instance | |
| if echo ${current_services[*]} | grep -q -w -v "$redis_service_name"; then | |
| cf create-service redis-4 shared-vm $redis_service_name | |
| echo "Views Service instance $redis_service_name is created." | |
| else | |
| echo "Views Service instance $redis_service_name is already created." | |
| fi | |
| # Cloning predix-seed | |
| if [[ ! -d predix-seed ]]; then | |
| echo "Cloning predix-seed..." | |
| git clone https://github.com/PredixDev/predix-seed.git | |
| fi | |
| cd predix-seed | |
| echo "install dependencies...." | |
| npm install && bower install | |
| # Edit manifest.yml | |
| echo "Edit manifest.yml..." | |
| git checkout manifest.yml | |
| sed -i "s/\(- name:\s*\).*/\1$predix_seed_name/g" manifest.yml | |
| sed -i "s/your_redis_instance/$redis_service_name/g" manifest.yml | |
| sed -i "s/your_view_service_instance/$views_service_name/g" manifest.yml | |
| sed -i "s/UAA_SERVER_URL: .\+ #/UAA_SERVER_URL: $safe_uri #/g" manifest.yml | |
| sed -i "s/REDIS:.\+/REDIS: redis-4/g" manifest.yml # NOTE: this is the marketplace name. | |
| # Edit nginx.conf | |
| session_secret=`openssl rand -base64 32` | |
| safe_session_secret=$(echo $session_secret | sed -e 's/\([+/]\)/\\\1/g') | |
| echo "Edit dist/nginx.conf..." | |
| git checkout dist/nginx.conf | |
| sed -i "s/vcap_service_predix_seed_view_service_instanceId/vcap_service_${views_service_name}_instanceId/g" dist/nginx.conf | |
| sed -i "s/vcap_service_predix_seed_view_service_uri/vcap_service_${views_service_name}_uri/g" dist/nginx.conf | |
| sed -i "s/\(set\s*\$session_secret\s*\).*;/\1$safe_session_secret;/g" dist/nginx.conf | |
| sed -i "s/\(set\s*\$client_id\s*\)\".*\";/\1\"$uaa_client_id\";/g" dist/nginx.conf | |
| sed -i "s/\(set\s*\$uaa_authorization_header\s*\)\"Basic .*\";/\1\"Basic $safe_id_secret_base64\";/g" dist/nginx.conf | |
| # UAA Setup | |
| uaac target $uri | |
| uaac token client get admin --secret $uaa_admin_secret | |
| if uaac client get "$uaa_client_id" | grep -q CF::UAA::NotFound; then | |
| uaac client add $uaa_client_id \ | |
| --secret "$uaa_client_secret" \ | |
| --authorities "openid scim.me uaa.resource" \ | |
| --scope "openid scim.me" \ | |
| --autoapprove "openid scim.me" \ | |
| --authorized_grant_types "refresh_token authorization_code" | |
| echo "Client ID $uaa_client_id is added" | |
| else | |
| uaac client update $uaa_client_id \ | |
| --authorities "openid scim.me uaa.resource" \ | |
| --scope "openid scim.me" \ | |
| --autoapprove "openid scim.me" \ | |
| --authorized_grant_types "refresh_token authorization_code" | |
| echo "Client ID $uaa_client_id exists. Data updated." | |
| fi | |
| if uaac user get $user_id | grep -q CF::UAA::NotFound; then | |
| uaac user add $user_id --emails $user_email -p $user_secret | |
| echo "User $user_id created." | |
| else | |
| echo "User $user_id already registered." | |
| fi | |
| # NOW PUSH!! | |
| grunt dist && cf push | |
| # Local development setup | |
| git checkout tasks/options/connect.js | |
| sed -i "s/\(clientId:\s*\)'.*',/\1\'$uaa_client_id\',/g" tasks/options/connect.js | |
| sed -i "s/\(serverUrl:\s*\)'.*'/\1\'$safe_uri\'/g" tasks/options/connect.js | |
| sed -i "s/\(base64ClientCredential:\s*\)'.*'/\1\'$safe_id_secret_base64\'/g" tasks/options/connect.js | |
| view_uri=`cf env $predix_seed_name | grep uri | grep views | sed -n 's/\s*"uri": "\(.\+\)"/\1/p'` | |
| echo "View URI: $view_uri" | |
| safe_view_uri=$(echo $view_uri | sed -e 's/\//\\\//g') | |
| sed -i "s/\(url:\s*\)'.*',/\1'${safe_view_uri}',/g" tasks/options/connect.js | |
| view_instance=`cf env $predix_seed_name | grep instanceId | sed -n 's/\s*"instanceId": "\(.\+\)",/\1/p'` | |
| echo "View instance ID: $view_instance" | |
| sed -i "s/\(\s*instanceId:\s*\)'.*',/\1'$view_instance',/g" tasks/options/connect.js | |
| # Give user permission to see views | |
| # See https://www.predix.io/docs/?r=857927#task_llh_sz5_jv | |
| # Web Application Development > Build a Basic Web Application > Deploying the Dashboard Seed to ... | |
| # predix-seed github readme.md is misguiding. | |
| view_scope="views.zones.$view_instance.user" | |
| echo "Creating group $view_scope..." | |
| uaac group add $view_scope | |
| uaac group add views.admin.user | |
| uaac group add views.power.user | |
| echo "Adding client $uaa_client_id to groups..." | |
| uaac member add $view_scope $uaa_client_id | |
| uaac member add views.admin.user $uaa_client_id | |
| uaac member add views.power.user $uaa_client_id | |
| echo "Adding $user_id to $view_scope..." | |
| uaac member add $view_scope $user_id | |
| uaac member add views.power.user $user_id | |
| echo "Client scope" | |
| uaac client update $uaa_client_id --scope $view_scope,views.admin.user,views.power.user,openid,scim.me | |
| echo "Client auto-approve" | |
| uaac client update $uaa_client_id --autoapprove $view_scope,views.admin.user,views.power.user,openid,scim.me | |
| echo "Client authorities" | |
| uaac client update $uaa_client_id --authorities $view_scope,scim.me,uaa.resource,openid | |
| echo "Visit https://$(cf a | tail -n+5 | grep $predix_seed_name | sed -n 's/\s\+/ /gp' | cut -f 6 -d ' ')" | |
| echo "UAA URI: $uri" | |
| echo "Views Service URI: $view_uri" | |
| echo "Views Instance ID: $view_instance" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| APPS=(changwoo_predix_seed Predix-HelloWorld-Webapp-changwoo) | |
| SERVICES=(changwoo_views_service changwoo_uaa_instance changwoo_redis_4) | |
| for item in ${APPS[*]} | |
| do | |
| cf delete -f $item | |
| done | |
| for item in ${SERVICES[*]} | |
| do | |
| cf delete-service -f $item | |
| done |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment