Created
December 18, 2024 16:36
-
-
Save sneal/d6b8fc293ab05c41dc83f5a87256f74b to your computer and use it in GitHub Desktop.
UAA Concourse Tasks
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| vars_files_args=("") | |
| for vf in ${VARS_FILES} | |
| do | |
| vars_files_args+=("--vars-file ${vf}") | |
| done | |
| om interpolate -c env/${CLIENT_FILE} ${vars_files_args[@]} > uaac_config.yml | |
| while read line; do | |
| if [ -z "$line" ]; then | |
| continue; | |
| fi | |
| VAR=$(echo $line | cut -d ':' -f1 | tr -d ' ' | tr [a-z] [A-Z]) | |
| VAL=$(echo $line | cut -d ':' -f2- | tr -d ' ') | |
| IFS= read -r "$VAR" <<< $VAL | |
| done < uaac_config.yml | |
| # Get the cf installation name without bosh binary... | |
| CF_INSTALLATION=$(om -e env/${ENV_FILE} curl -s -p /api/v0/deployed/products | jq -r '.[]|select(.installation_name| startswith("cf-"))|.installation_name') | |
| UAA_ADMIN_CLIENT_SECRET=$(om -e env/${ENV_FILE} curl -s -p /api/v0/deployed/products/$CF_INSTALLATION/credentials/.uaa.admin_client_credentials | jq -r '.credential.value.password') | |
| uaac target "https://login.${UAA_SERVER}" | |
| uaac token client get admin -s "${UAA_ADMIN_CLIENT_SECRET}" | |
| if [[ $? -gt 0 ]]; then | |
| echo "Error: uaac command failed to login." | |
| exit 1 | |
| fi | |
| uaac_cmd="uaac client add ${CLIENT_NAME} --secret ${CLIENT_SECRET}" | |
| if [[ -n $AUTHORIZED_GRANT_TYPES ]]; then | |
| uaac_cmd+=" --authorized_grant_types ${AUTHORIZED_GRANT_TYPES}" | |
| fi | |
| if [[ -n $SCOPES ]]; then | |
| uaac_cmd+=" --scope ${SCOPES}" | |
| fi | |
| if [[ -n $AUTHORITIES ]]; then | |
| uaac_cmd+=" --authorities ${AUTHORITIES}" | |
| fi | |
| if [[ -n $REDIRECT_URI ]]; then | |
| uaac_cmd+=" --redirect_uri ${REDIRECT_URI}" | |
| fi | |
| $uaac_cmd | |
| if [[ $? -gt 0 ]]; then | |
| echo "Warning: uaac command exited with a non-zero error code. This might be fine if the credential already exists" | |
| fi |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| platform: linux | |
| inputs: | |
| - name: custom-tasks # contains this task | |
| - name: env # contains the env file with target OpsMan Information | |
| - name: config # contains the product configuration file | |
| - name: vars # contains the product variables file | |
| params: | |
| ENV_FILE: env.yml | |
| CLIENT_FILE: client.yml | |
| VARS_FILES: | |
| run: | |
| path: custom-tasks/tasks/uaac-client-add.sh |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| vars_files_args=("") | |
| for vf in ${VARS_FILES} | |
| do | |
| vars_files_args+=("--vars-file ${vf}") | |
| done | |
| om interpolate -c env/${GROUP_FILE} ${vars_files_args[@]} > uaacgroup_config.yml | |
| while read line; do | |
| if [ -z "$line" ]; then | |
| continue; | |
| fi | |
| VAR=$(echo $line | cut -d ':' -f1 | tr -d ' ' | tr [a-z] [A-Z]) | |
| VAL=$(echo $line | cut -d ':' -f2- | tr -d ' ') | |
| IFS= read -r "$VAR" <<< $VAL | |
| done < uaacgroup_config.yml | |
| # Get the cf installation name without bosh binary... | |
| CF_INSTALLATION=$(om -e env/${ENV_FILE} curl -s -p /api/v0/deployed/products | jq -r '.[]|select(.installation_name| startswith("cf-"))|.installation_name') | |
| UAA_ADMIN_CLIENT_SECRET=$(om -e env/${ENV_FILE} curl -s -p /api/v0/deployed/products/$CF_INSTALLATION/credentials/.uaa.admin_client_credentials | jq -r '.credential.value.password') | |
| uaac target "https://uaa.${UAA_SERVER}" | |
| uaac token client get admin -s "${UAA_ADMIN_CLIENT_SECRET}" | |
| if [[ $? -gt 0 ]]; then | |
| echo "Error: uaac command failed to login." | |
| exit 1 | |
| fi | |
| IFS=',' read -ra names <<< "$SCOPES" | |
| for name in "${names[@]}"; do | |
| uaac group map --name ${name} $GROUP \ | |
| --origin ${ORIGIN} | |
| if [[ $? -gt 0 ]]; then | |
| echo "Warning: uaac command exited with a non-zero error code. This might be fine if the group mapping already exists." | |
| fi | |
| done |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| platform: linux | |
| inputs: | |
| - name: custom-tasks # contains this task | |
| - name: env # contains the env file with target OpsMan Information | |
| - name: config | |
| - name: vars # contains the product variables file | |
| params: | |
| ENV_FILE: env.yml | |
| GROUP_FILE: | |
| VARS_FILES: | |
| run: | |
| path: custom-tasks/tasks/uaac-group-map.sh |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| vars_files_args=("") | |
| for vf in ${VARS_FILES} | |
| do | |
| vars_files_args+=("--vars-file ${vf}") | |
| done | |
| om interpolate -c env/${CLIENT_FILE} ${vars_files_args[@]} > uaac_config.yml | |
| while read line; do | |
| if [ -z "$line" ]; then | |
| continue; | |
| fi | |
| VAR=$(echo $line | cut -d ':' -f1 | tr -d ' ' | tr [a-z] [A-Z]) | |
| VAL=$(echo $line | cut -d ':' -f2- | tr -d ' ') | |
| IFS= read -r "$VAR" <<< $VAL | |
| done < uaac_config.yml | |
| # Get the cf installation name without bosh binary... | |
| CF_INSTALLATION=$(om -e env/${ENV_FILE} curl -s -p /api/v0/deployed/products | jq -r '.[]|select(.installation_name| startswith("cf-"))|.installation_name') | |
| UAA_ADMIN_CLIENT_SECRET=$(om -e env/${ENV_FILE} curl -s -p /api/v0/deployed/products/$CF_INSTALLATION/credentials/.uaa.admin_client_credentials | jq -r '.credential.value.password') | |
| uaac target "https://login.${UAA_SERVER}" | |
| uaac token client get admin -s "${UAA_ADMIN_CLIENT_SECRET}" | |
| if [[ $? -gt 0 ]]; then | |
| echo "Error: uaac command failed to login." | |
| exit 1 | |
| fi | |
| uaac_cmd="uaac user add ${USERNAME} -p ${PASSWORD} --emails ${EMAILS}" | |
| $uaac_cmd | |
| if [[ $? -gt 0 ]]; then | |
| echo "Warning: uaac command exited with a non-zero error code. This might be fine if the credential already exists" | |
| fi | |
| IFS=',' read -a group_array <<< "${MEMBER_GROUPS}" | |
| for group in ${group_array[@]}; do | |
| uaac_cmd="uaac member add ${group} ${USERNAME}" | |
| $uaac_cmd | |
| if [[ $? -gt 0 ]]; then | |
| echo "Warning: uaac command exited with a non-zero error code. This might be fine if the credential already exists" | |
| fi | |
| done |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| platform: linux | |
| inputs: | |
| - name: custom-tasks # contains this task | |
| - name: env # contains the env file with target OpsMan Information | |
| - name: config | |
| - name: vars # contains the product variables file | |
| params: | |
| ENV_FILE: env.yml | |
| CLIENT_FILE: | |
| VARS_FILES: | |
| run: | |
| path: custom-tasks/tasks/uaac-user-add-with-member-add.sh |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment