Home Explore Help
Register Sign In
shixiong
/
okd
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 8cbd53ed64
Branches Tags
okd
/
images
/
installer
/
root
/
usr
/
local
/
bin
/
entrypoint-gcp

entrypoint-gcp 2.1 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051 
  1. #!/bin/bash
    2. 

  2. #
    3. 

  3. # This file sets up the user to run in the GCP environment.
    4. 

  4. # It provides dynamic inventory that works well when run in
    5. 

  5. # a container environment by setting up a default inventory.
    6. 

  6. # It assumes the user has provided a GCP service account token
    7. 

  7. # and ssh-privatekey file at "$(pwd)/inventory/dynamic/injected"
    8. 

  8. # and automatically links any YAML files found into the group
    9. 

  9. # vars directory, which allows the playbook to more easily be
    10. 

  10. # run in containerized contexts.
    11. 

  11. 

  12. WORK=$(pwd)
    13. 

  13. FILES="${WORK}/inventory/dynamic/injected"
    14. 

  14. 

  15. # Patch /etc/passwd file with the current user info.
    16. 

  16. # The current user's entry must be correctly defined in this file in order for
    17. 

  17. # the `ssh` command to work within the created container.
    18. 

  18. 

  19. if ! whoami &>/dev/null; then
    20. 

  20.   echo "${USER:-default}:x:$(id -u):$(id -g):Default User:$HOME:/sbin/nologin" >> /etc/passwd
    21. 

  21. fi
    22. 

  22. 

  23. # Provide a "files_dir" variable that points to inventory/dynamic/injected
    24. 

  24. echo "files_dir: \"${FILES}\"" > "${WORK}/inventory/dynamic/gcp/group_vars/all/00_default_files_dir.yml"
    25. 

  25. # Add any injected variable files into the group vars directory
    26. 

  26. find "${FILES}" -name '*.yml' -or -name '*.yaml' -or -name vars | xargs -L1 -I {} ln -fs {} "${WORK}/inventory/dynamic/gcp/group_vars/all"
    27. 

  27. # Avoid sudo when running locally - nothing in the image requires it.
    28. 

  28. mkdir -p "${WORK}/inventory/dynamic/gcp/host_vars/localhost"
    29. 

  29. echo "ansible_become: no" > "${WORK}/inventory/dynamic/gcp/host_vars/localhost/00_skip_root.yaml"
    30. 

  30. 

  31. if [[ -z "${ANSIBLE_CONFIG-}" ]]; then
    32. 

  32.   export ANSIBLE_CONFIG="${WORK}/inventory/dynamic/gcp/ansible.cfg"
    33. 

  33. fi
    34. 

  34. 

  35. # SSH requires the file to be owned by the current user, but Docker copies
    36. 

  36. # files in as root. Put the file into the ssh dir with the right permissions
    37. 

  37. if [[ -f "${FILES}/ssh-privatekey" ]]; then
    38. 

  38.   keyfile="${HOME}/.ssh/google_compute_engine"
    39. 

  39.   mkdir "${HOME}/.ssh"
    40. 

  40.   rm -f "${keyfile}"
    41. 

  41.   cat "${FILES}/ssh-privatekey" > "${keyfile}"
    42. 

  42.   chmod 0600 "${keyfile}"
    43. 

  43.   ssh-keygen -y -f "${keyfile}" >  "${keyfile}.pub"
    44. 

  44. fi
    45. 

  45. if [[ -f "${FILES}/gce.json" ]]; then
    46. 

  46.   gcloud auth activate-service-account --key-file="${FILES}/gce.json"
    47. 

  47. else
    48. 

  48.   echo "No service account file found at ${FILES}/gce.json, bypassing login"
    49. 

  49. fi
    50. 

  50. 

  51. exec "$@"
    52.