summaryrefslogtreecommitdiffstats
path: root/tools/keystone/fetchpass.sh
blob: 6e3b069233d0a07d5c13af3ef5624f911ce9b7a0 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
#!/bin/bash
#
# Author: Dimitri Mazmanov (dimitri.mazmanov@ericsson.com)
#
# All rights reserved. This program and the accompanying materials
# are made available under the terms of the Apache License, Version 2.0
# which accompanies this distribution, and is available at
# http://www.apache.org/licenses/LICENSE-2.0
#

# DISCLAIMER: This script is a dirty filthy hack! But we need it.
# Fetch service password from the configuration files and store them
# in a file to pass further down the build chain

EXPORT_FILE="/root/servicepass.ini"

GLANCE_CONF="/etc/glance/glance-registry.conf"
NOVA_CONF="/etc/nova/nova.conf"
NEUTRON_CONF="/etc/neutron/neutron.conf"
CINDER_CONF="/etc/cinder/cinder.conf"
HEAT_CONF="/etc/heat/heat.conf"
GLARE_CONF="/etc/glance/glance-glare.conf"
KEYSTONE_CONF='/etc/keystone/keystone.conf'
CEILOMETER_CONF='/etc/ceilometer/ceilometer.conf'
AODH_CONF='/etc/aodh/aodh.conf'

source openrc

# Get an option from an INI file
# iniget config-file section option
function iniget {
    local xtrace
    xtrace=$(set +o | grep xtrace)
    set +o xtrace
    local file=$1
    local section=$2
    local option=$3
    local line

    line=$(sed -ne "/^\[$section\]/,/^\[.*\]/ { /^$option[ \t]*=/ p; }" "$file")
    echo ${line#*=}
    $xtrace
}

bind_host=$(openstack endpoint list | grep keystone | grep public | cut -d '|' -f 8 | cut -d '/' -f 3 | cut -d ':' -f 1)

glance_password=$(iniget ${GLANCE_CONF} keystone_authtoken password)
nova_password=$(iniget ${NOVA_CONF} keystone_authtoken password)
cinder_password=$(iniget ${CINDER_CONF} keystone_authtoken password)
glare_password=$(iniget ${GLARE_CONF} keystone_authtoken password)
heat_password=$(iniget ${HEAT_CONF} keystone_authtoken password)
neutron_password=$(iniget ${NEUTRON_CONF} keystone_authtoken password)
ceilometer_password=$(iniget ${CEILOMETER_CONF} keystone_authtoken password)
aodh_password=$(iniget ${AODH_CONF} keystone_authtoken password)
#NOTE: can't find swift in /etc

cat <<EOT >> /root/passwords.ini
[DEFAULT]
identity_uri=${bind_host}
glance=${glance_password}
nova=${nova_password}
cinder=${cinder_password}
glare=${glare_password}
heat=${heat_password}
neutron=${neutron_password}
ceilometer=${ceilometer_password}
aodh=${aodh_password}
EOT

openssl enc -aes-256-cbc -salt -in /root/passwords.ini -out ${EXPORT_FILE} -k multisite

rm /root/passwords.ini