bash/tools/common-functions.sh

   1 #   COPYRIGHT NOTICE STARTS HERE
   2 #
   3 #   Copyright 2018 © Samsung Electronics Co., Ltd.
   4 #
   5 #   Licensed under the Apache License, Version 2.0 (the "License");
   6 #   you may not use this file except in compliance with the License.
   7 #   You may obtain a copy of the License at
   8 #
   9 #       http://www.apache.org/licenses/LICENSE-2.0
  10 #
  11 #   Unless required by applicable law or agreed to in writing, software
  12 #   distributed under the License is distributed on an "AS IS" BASIS,
  13 #   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  14 #   See the License for the specific language governing permissions and
  15 #   limitations under the License.
  16 #
  17 #   COPYRIGHT NOTICE ENDS HERE
  18
  19 #
  20 # this file contains shared variables and functions for the onap installer
  21 #
  22
  23 # any script which needs this file can check this variable
  24 # and it will know immediately if the functions and variables
  25 # are loaded and usable
  26 IS_COMMON_FUNCTIONS_SOURCED=YES
  27
  28 # setting of the path variables
  29 if [ -z "$APROJECT_DIR" ] ; then
  30     INCLUDE_PATH="${LOCAL_PATH}"/"${RELATIVE_PATH}"
  31     APROJECT_DIR=$(readlink -f "$INCLUDE_PATH"/../..)
  32 fi
  33
  34 RESOURCES_DIR="$APROJECT_DIR/resources"
  35 BASH_SCRIPTS_DIR="$APROJECT_DIR/bash"
  36 NEXUS_DATA="$RESOURCES_DIR/nexus_data"
  37 CERTS_TARGET_PATH="$APROJECT_DIR/live/certs"
  38 NGINX_LOG_DIR="$APROJECT_DIR/live/nginx_logs"
  39 GEN_CFG_PATH="$APROJECT_DIR/live/cfg"
  40 GIT_REPOS="$RESOURCES_DIR/git-repo"
  41 NGINX_HTTP_DIR="$RESOURCES_DIR/http"
  42 RHEL_REPO="$RESOURCES_DIR/pkg/rhel"
  43
  44 PATH="${PATH}:/usr/local/bin:/usr/local/sbin"
  45 export PATH
  46
  47 # just self-defense against locale
  48 LANG=C
  49 export LANG
  50
  51 # dns handling
  52 SIMUL_HOSTS="gcr.io \
  53 git.rancher.io \
  54 gerrit.onap.org \
  55 registry-1.docker.io \
  56 docker.io \
  57 registry.npmjs.org \
  58 nexus3.onap.org \
  59 nexus.onap.org \
  60 docker.elastic.co \
  61 www.getcloudify.org \
  62 www.springframework.org \
  63 registry.hub.docker.com \
  64 git.onap.org \
  65 repo1.maven.org \
  66 repo.maven.apache.org"
  67
  68 # default credentials to the repository
  69 NEXUS_USERNAME=admin
  70 NEXUS_PASSWORD=admin123
  71 NEXUS_EMAIL=admin@onap.org
  72
  73 # this function is intended to unify the installer output
  74 message() {
  75     case "$1" in
  76         info)
  77             echo 'INFO:' "$@"
  78             ;;
  79         debug)
  80             echo 'DEBUG:' "$@" >&2
  81             ;;
  82         warning)
  83             echo 'WARNING [!]:' "$@" >&2
  84             ;;
  85         error)
  86             echo 'ERROR [!!]:' "$@" >&2
  87             return 1
  88             ;;
  89         *)
  90             echo 'UNKNOWN [?!]:' "$@" >&2
  91             return 2
  92             ;;
  93     esac
  94     return 0
  95 }
  96 export message
  97
  98 # if the environment variable DEBUG is set to DEBUG-ONAP ->
  99 #  -> this function will print its arguments
 100 # otherwise nothing is done
 101 debug() {
 102     [ "$DEBUG" = DEBUG-ONAP ] && message debug "$@"
 103 }
 104 export debug
 105
 106 fail() {
 107     message error "$@"
 108     exit 1
 109 }
 110
 111 retry() {
 112     local n=1
 113     local max=5
 114     while ! "$@"; do
 115         if [ $n -lt $max ]; then
 116             n=$((n + 1))
 117             message warning "Command ${@} failed. Attempt: $n/$max"
 118             message info "waiting 10s for another try..."
 119             sleep 10s
 120         else
 121             fail "Command ${@} failed after $n attempts. Better to abort now."
 122         fi
 123     done
 124 }
 125
 126 may_self_extract() {
 127     # extract and untar to the current directory
 128     sed '0,/^# PAYLOAD BELOW #$/d' "$0" | tar -xvpf - ;
 129 }
 130
 131 update_hosts() {
 132     if grep -q "^[^#]\+\s$SIMUL_HOSTS\s*\$" /etc/hosts ; then
 133         message info "simulated domains already in /etc/hosts"
 134     else
 135         echo "$LOCAL_IP $SIMUL_HOSTS" >> /etc/hosts
 136         message info "simulated domains added to /etc/hosts (please check it)"
 137     fi
 138
 139     if grep -q "^[^#]\+\s$NEXUS_FQDN\s*\$" /etc/hosts ; then
 140         message info "nexus FQDN already in /etc/hosts"
 141     else
 142         echo "$LOCAL_IP $NEXUS_FQDN" >> /etc/hosts
 143         message info "Nexus FQDN added to /etc/hosts (please check it)"
 144     fi
 145
 146     if grep -q "^[^#]\+\srepo.install-server\s*\$" /etc/hosts ; then
 147         message info "custom repo FQDN already in /etc/hosts"
 148     else
 149         echo "$LOCAL_IP repo.install-server" >> /etc/hosts
 150         message info "Nexus FQDN added to /etc/hosts (please check it)"
 151     fi
 152 }
 153
 154 get_cfg_val() {
 155     name="$1"
 156     shift
 157     ask="$@"
 158
 159     value=$(eval "echo \$${name}")
 160     if [ -z "$value" ]; then
 161         while [ -z "$value" ] ; do
 162             printf "${ask}"
 163             read -r $name
 164
 165             value=$(eval "echo \$${name}")
 166         done
 167         echo "${name}='${value}'" >> ./local_repo.conf
 168     fi
 169 }
 170
 171 get_configuration() {
 172     if [ -f ./local_repo.conf ]; then
 173         . ./local_repo.conf
 174     fi
 175
 176     if [ -z "${NEXUS_FQDN}" ]; then
 177         NEXUS_FQDN="nexus.$HOSTNAME"
 178         echo "NEXUS_FQDN='${NEXUS_FQDN}'" >> ./local_repo.conf
 179     fi
 180
 181     if [ -z "${ONAP_SCALE}" ]; then
 182         ONAP_SCALE=full
 183         echo "ONAP_SCALE='${ONAP_SCALE}'" >> ./local_repo.conf
 184     fi
 185
 186     # nexus should be configured using those default entries
 187     # if it was not put the correct inputs instead
 188     if [ -z "${NPM_USERNAME}" ]; then
 189         NPM_USERNAME="${NEXUS_USERNAME}"
 190         echo "NPM_USERNAME='${NPM_USERNAME}'" >> ./local_repo.conf
 191     fi
 192
 193     if [ -z "${NPM_PASSWORD}" ]; then
 194         NPM_PASSWORD="${NEXUS_PASSWORD}"
 195         echo "NPM_PASSWORD='${NPM_PASSWORD}'" >> ./local_repo.conf
 196     fi
 197
 198     if [ -z "${NPM_EMAIL}" ]; then
 199         NPM_EMAIL="$NEXUS_EMAIL"
 200         echo "NPM_EMAIL='${NPM_EMAIL}'" >> ./local_repo.conf
 201     fi
 202
 203     export NEXUS_FQDN
 204     export ONAP_SCALE
 205     export NPM_USERNAME
 206     export NPM_PASSWORD
 207     export NPM_EMAIL
 208
 209     NODE_USERNAME="root"
 210
 211     if [ -z "$LOCAL_IP" ] ; then
 212         echo
 213         echo "======= Mandatory configuration ======="
 214         echo
 215         message info "fill in these mandatory configuration values"
 216         get_cfg_val "LOCAL_IP" "Enter the public IPv4 used for this '$HOSTNAME' install machine," \
 217             "\nDO NOT USE LOOPBACK! (for example: 10.0.0.1): "
 218     fi
 219 }
 220
 221 enable_local_repo() {
 222     sed -r "s%PATH%file://$APROJECT_DIR/resources/pkg/rhel%" "$APROJECT_DIR/resources/pkg/rhel/onap.repo" > /etc/yum.repos.d/onap.repo
 223 }
 224
 225 install_packages() {
 226     os_id="$1"
 227
 228     message info "Installing packages"
 229
 230     case "$os_id" in
 231         centos)
 232             yum -y install "$APROJECT_DIR/resources/pkg/centos/*.rpm"
 233             ;;
 234         rhel)
 235             enable_local_repo
 236             yum -y install docker-ce dnsmasq icewm firefox tigervnc-server
 237             systemctl enable docker
 238             systemctl start docker
 239             ;;
 240         ubuntu)
 241             dpkg -i "$APROJECT_DIR/resources/pkg/ubuntu/*.deb"
 242             ;;
 243         *)
 244             message error "OS release is not supported: $os_id"
 245             message info "ABORTING INSTALLATION"
 246             exit 1
 247             ;;
 248     esac
 249 }
 250
 251 install_files() {
 252     message info "installation of external binaries"
 253     for binary in kubectl helm rancher jq ; do
 254         cp "$APROJECT_DIR/resources/downloads/${binary}" /usr/local/bin/
 255         chmod 755 "/usr/local/bin/${binary}"
 256     done
 257     mkdir ~/.kube
 258 }
 259
 260 setup_vnc_server() {
 261     mkdir -p ~/.vnc ~/.icewm
 262     echo "onap" | vncpasswd -f > ~/.vnc/passwd
 263     chmod 0600 ~/.vnc/passwd
 264
 265     cat > ~/.vnc/xstartup <<EOF
 266 #!/bin/sh
 267
 268 unset SESSION_MANAGER
 269 unset DBUS_SESSION_BUS_ADDRESS
 270 exec icewm-session
 271
 272 EOF
 273
 274 chmod +x ~/.vnc/xstartup
 275
 276     cat > ~/.icewm/menu <<EOF
 277 prog Firefox firefox firefox
 278 separator
 279
 280 EOF
 281 vncserver
 282 }
 283
 284 update_docker_cfg() {
 285     if [ -f "/etc/docker/daemon.json" ]; then
 286         jq '.dns += ["172.17.0.1"]' /etc/docker/daemon.json > /tmp/daemon.json
 287         mv /tmp/daemon.json /etc/docker/daemon.json
 288     else
 289         echo '{"dns": ["172.17.0.1"]}' > /etc/docker/daemon.json
 290     fi
 291 }
 292
 293 create_root_CA() {
 294     echo "** Generate certificates **"
 295     openssl genrsa -out $CERTS_TARGET_PATH/rootCA.key 4096
 296
 297     echo "** Generate self signed ***"
 298     openssl req -config $GEN_CFG_PATH/cacert.cnf -key $CERTS_TARGET_PATH/rootCA.key -new -x509 -days 7300 -sha256 -extensions v3_ca \
 299                   -out $CERTS_TARGET_PATH/rootCAcert.pem
 300
 301
 302     # convert to crt
 303     openssl x509 -in $CERTS_TARGET_PATH/rootCAcert.pem -inform PEM -out $CERTS_TARGET_PATH/rootCAcert.crt
 304 }
 305
 306 install_root_CA() {
 307     os=$1
 308     echo "** Publishing root CA **"
 309     if [ "$os" == "redhat" ]; then
 310         # for centos
 311         update-ca-trust force-enable
 312         cp $CERTS_TARGET_PATH/rootCAcert.crt /etc/pki/ca-trust/source/anchors/
 313         update-ca-trust extract
 314     elif [ "$os" == "ubuntu" ]; then
 315         mkdir -p /usr/local/share/ca-certificates/extra
 316         cp $CERTS_TARGET_PATH/rootCAcert.crt /usr/local/share/ca-certificates/extra
 317         update-ca-certificates
 318     else
 319         echo "OS \"$os\" is not supported"
 320         exit -2
 321     fi
 322
 323     echo "** Restart docker (because of reload new CA) **"
 324     systemctl restart docker
 325
 326 }
 327
 328 create_cert() {
 329     server_name=$1
 330
 331     openssl genrsa -out $CERTS_TARGET_PATH/${server_name}_server.key 4096
 332     echo "** Generate sig request ***"
 333     openssl req -new -config $GEN_CFG_PATH/${server_name}_cert.cnf -key $CERTS_TARGET_PATH/${server_name}_server.key -out $CERTS_TARGET_PATH/${server_name}_server.csr
 334
 335     # v3.ext must be in separate file , because of bug in openssl 1.0
 336     echo "** sign **"
 337     openssl x509 -req -in $CERTS_TARGET_PATH/${server_name}_server.csr\
 338     -extfile $GEN_CFG_PATH/v3.ext\
 339     -CA $CERTS_TARGET_PATH/rootCAcert.crt\
 340     -CAkey $CERTS_TARGET_PATH/rootCA.key\
 341     -CAcreateserial -out $CERTS_TARGET_PATH/${server_name}_server.crt -days 3650 -sha256
 342 }
 343
 344 create_all_certs() {
 345     create_cert "nexus"
 346 }
 347
 348 update_firewall() {
 349 # TODO
 350 #firewall-cmd --permanent --add-port=53/udp
 351 #firewall-cmd --permanent --add-port=53/tcp
 352 #firewall-cmd --permanent --add-port=10001/tcp
 353 #firewall-cmd --permanent --add-port=80/tcp
 354 #firewall-cmd --permanent --add-port=443/tcp
 355 return 0
 356 }
 357
 358 distribute_root_CA() {
 359     targetip=$1
 360     scp $APROJECT_DIR/install_cacert.sh $targetip:.
 361     ssh $targetip ./install_cacert.sh
 362     echo "** Add DNS record to remote host **"
 363     ssh $targetip "echo nameserver $LOCAL_IP > /etc/resolv.conf"
 364 }
 365
 366 upload_ansible_pkgs() {
 367     os=$1
 368     targetip=$2
 369     #if [[ $os == "ubuntu" ]]; then
 370     # those deb & whl packages are needed for sdnc-ansible-server pod
 371     # independently on host OS distros
 372     echo "** Copy required packages for sdnc-ansible-pod to kubernetes node $targetip **"
 373     scp -r $APROJECT_DIR/resources/pkg/ubuntu/ansible_pkg $targetip:.
 374     #fi
 375 }
 376
 377 remote_setup_nfs_server() {
 378     os=$1
 379     targetip=$2
 380     shift 2
 381     scp $APROJECT_DIR/bash/tools/setup_nfs_server_${os}.sh $targetip:setup_nfs_server.sh
 382     if [[ $os == "ubuntu" ]]; then
 383         scp -r $APROJECT_DIR/resources/pkg/ubuntu/nfs-common-pkg/* $targetip:.
 384         ssh $targetip dpkg -i *.deb
 385     fi
 386
 387     ssh $targetip /bin/bash ./setup_nfs_server.sh "$@"
 388 }
 389
 390 remote_setup_nfs_mount() {
 391     os=$1
 392     targetip=$2
 393     nfsip=$3
 394     scp $APROJECT_DIR/bash/tools/setup_nfs_mount.sh $targetip:.
 395     if [[ $os == "ubuntu" ]]; then
 396         scp -r $APROJECT_DIR/resources/pkg/ubuntu/nfs-common-pkg/* $targetip:.
 397         ssh $targetip dpkg -i *.deb
 398     fi
 399     ssh $targetip /bin/bash ./setup_nfs_mount.sh $nfsip
 400 }
 401
 402 enable_remote_repo() {
 403     targetip=$1
 404     sed -r "s%PATH%http://repo.install-server%" $APROJECT_DIR/resources/pkg/rhel/onap.repo | ssh $targetip 'cat > /etc/yum.repos.d/onap.repo'
 405 }
 406
 407 install_remote_docker() {
 408     targetip=$1
 409     os=$2
 410     if [[ $os == "ubuntu" ]]; then
 411         scp -r $APROJECT_DIR/resources/pkg/ubuntu/{docker-ce_17.03.2~ce-0~ubuntu-xenial_amd64.deb,libltdl7_2.4.6-0.1_amd64.deb} $targetip:.
 412         ssh $targetip dpkg -i *.deb
 413     elif [[ $os == "rhel" ]]; then
 414         ssh $targetip yum -y install docker-ce
 415     fi
 416     ssh $targetip "mkdir -p /etc/docker"
 417     scp "$APROJECT_DIR/resources/downloads/jq" $targetip:/usr/local/bin/
 418     ssh $targetip "if [[ -f /etc/docker/daemon.json ]]; then
 419                        jq '.dns += [\"$LOCAL_IP\"]' /etc/docker/daemon.json > /tmp/daemon.json
 420                        mv /tmp/daemon.json /etc/docker/daemon.json
 421                    else
 422                        echo {'\"'dns'\"': ['\"'$LOCAL_IP'\"']} > /etc/docker/daemon.json
 423                    fi"
 424
 425     ssh $targetip 'systemctl enable docker; systemctl restart docker'
 426 }
 427
 428 deploy_rancher() {
 429     docker run -d --entrypoint "/bin/bash" --restart=unless-stopped -p 8080:8080 \
 430     -v $CERTS_TARGET_PATH:/usr/local/share/ca-certificates/extra:ro \
 431     --name rancher_server rancher/server:v1.6.14 \
 432     -c "/usr/sbin/update-ca-certificates;/usr/bin/entry /usr/bin/s6-svscan /service"
 433     echo "** wait until rancher is ready **"
 434 }
 435
 436 deploy_kubernetes() {
 437     os=$1
 438     set +e
 439     for i in `seq 5 -1 1`; do
 440         API_RESPONSE=`curl -s 'http://127.0.0.1:8080/v2-beta/apikey' \
 441             -d '{"type":"apikey","accountId":"1a1","name":"autoinstall"\
 442                  ,"description":"autoinstall","created":null,"kind":null,\
 443                  "removeTime":null,"removed":null,"uuid":null}'`
 444         if [[ "$?" -eq 0 ]]; then
 445             KEY_PUBLIC=`echo $API_RESPONSE | jq -r .publicValue`
 446             KEY_SECRET=`echo $API_RESPONSE | jq -r .secretValue`
 447             break
 448         fi
 449         echo "Waiting for rancher server to start"
 450         sleep 60
 451     done
 452     set -e
 453     export RANCHER_URL=http://${LOCAL_IP}:8080
 454     export RANCHER_ACCESS_KEY=$KEY_PUBLIC
 455     export RANCHER_SECRET_KEY=$KEY_SECRET
 456
 457     rancher env ls
 458     echo "wait 60 sec for rancher environments can settle before we create the onap kubernetes one"
 459     sleep 60
 460
 461     rancher env create -t kubernetes onap > kube_env_id.json
 462     PROJECT_ID=$(<kube_env_id.json)
 463     echo "env id: $PROJECT_ID"
 464     export RANCHER_HOST_URL=http://${LOCAL_IP}:8080/v1/projects/$PROJECT_ID
 465
 466     for i in `seq 5`; do
 467         status=$(rancher env ls | grep $PROJECT_ID | awk '{print $4}')
 468         if [[ "$status" == "active" ]]; then
 469             echo "Check on environments again before registering the URL response"
 470             rancher env ls
 471             break
 472         fi
 473         echo "Wait for environment to become active"
 474         sleep 30
 475     done
 476
 477     REG_URL_RESPONSE=`curl -X POST -u $KEY_PUBLIC:$KEY_SECRET -H 'Accept: application/json' -H 'ContentType: application/json' -d '{"name":"$LOCAL_IP"}' "http://$LOCAL_IP:8080/v1/projects/$PROJECT_ID/registrationtokens"`
 478     echo "wait for server to finish url configuration - 3 min"
 479     sleep 180
 480     # see registrationUrl in
 481     REGISTRATION_TOKENS=`curl http://127.0.0.1:8080/v2-beta/registrationtokens`
 482     REGISTRATION_DOCKER=`echo $REGISTRATION_TOKENS | jq -r .data[0].image`
 483     REGISTRATION_TOKEN=`echo $REGISTRATION_TOKENS | jq -r .data[0].token`
 484
 485     # base64 encode the kubectl token from the auth pair
 486     # generate this after the host is registered
 487     KUBECTL_TOKEN=$(echo -n 'Basic '$(echo -n "$RANCHER_ACCESS_KEY:$RANCHER_SECRET_KEY" | base64 -w 0) | base64 -w 0)
 488     echo "KUBECTL_TOKEN base64 encoded: ${KUBECTL_TOKEN}"
 489     cat > ~/.kube/config <<EOF
 490 apiVersion: v1
 491 kind: Config
 492 clusters:
 493 - cluster:
 494     api-version: v1
 495     insecure-skip-tls-verify: true
 496     server: "https://$LOCAL_IP:8080/r/projects/$PROJECT_ID/kubernetes:6443"
 497   name: "onap"
 498 contexts:
 499 - context:
 500     cluster: "onap"
 501     user: "onap"
 502   name: "onap"
 503 current-context: "onap"
 504 users:
 505 - name: "onap"
 506   user:
 507     token: "$KUBECTL_TOKEN"
 508
 509 EOF
 510
 511     if [[ $os == "rhel" ]]; then
 512         echo "Upgrade datavolume for RHEL"
 513         KUBELET_ID=`curl http://${LOCAL_IP}:8080/v2-beta/projects/${PROJECT_ID}/services/ | jq -r '.data[] | select(.name=="kubelet")'.id`
 514         OLD_LAUNCH_CONFIG=`curl http://${LOCAL_IP}:8080/v2-beta/projects/${PROJECT_ID}/services/${KUBELET_ID} | jq  '.launchConfig'`
 515         NEW_LAUNCH_CONFIG=`echo $OLD_LAUNCH_CONFIG | jq '.dataVolumes[2]="/sys/fs/cgroup:/sys/fs/cgroup:ro,rprivate"'`
 516
 517         DATA="{
 518                 \"inServiceStrategy\": {
 519                   \"batchSize\": 1,
 520                   \"intervalMillis\": 2000,
 521                   \"startFirst\": false,
 522                   \"launchConfig\": ${NEW_LAUNCH_CONFIG},
 523                   \"secondaryLaunchConfigs\": []
 524                 }
 525         }"
 526         curl -s -u $KEY_PUBLIC:$KEY_SECRET -X POST -H 'Content-Type: application/json' -d "${DATA}" "http://${LOCAL_IP}:8080/v2-beta/projects/${PROJECT_ID}/services/${KUBELET_ID}?action=upgrade" > /dev/null
 527
 528         echo "Give environment time to update (30 sec)"
 529         sleep 30
 530
 531         curl -s -u $KEY_PUBLIC:$KEY_SECRET -X POST "http://${LOCAL_IP}:8080/v2-beta/projects/${PROJECT_ID}/services/${KUBELET_ID}?action=finishupgrade" > /dev/null
 532     fi
 533 }
 534
 535 deploy_rancher_agent() {
 536     nodeip=$1
 537     if [ -z "$REGISTRATION_DOCKER" ]; then
 538         echo "ASSERT: Missing REGISTRATION_DOCKER"
 539         exit 1
 540     fi
 541     if [ -z "$RANCHER_URL" ]; then
 542         echo "ASSERT: Missing RANCHER_URL"
 543         exit 1
 544     fi
 545     if [ -z "$REGISTRATION_TOKEN" ]; then
 546         echo "ASSERT: Missing REGISTRATION_TOKEN"
 547         exit 1
 548     fi
 549
 550     ssh $nodeip "docker run --rm --privileged -v /var/run/docker.sock:/var/run/docker.sock -v /var/lib/racher:/var/lib/rancher $REGISTRATION_DOCKER $RANCHER_URL/v1/scripts/$REGISTRATION_TOKEN"
 551     echo "waiting 2 min for creating kubernetes environment"
 552     sleep 120
 553 }
 554
 555 deploy_node() {
 556     nodeip=$1
 557     os=$2
 558     echo "Deploying node $nodeip"
 559     distribute_root_CA $nodeip
 560     install_remote_docker $nodeip $os
 561     deploy_rancher_agent $nodeip
 562 }
 563
 564 deploy_onap() {
 565     pushd $APROJECT_DIR/resources/oom/kubernetes
 566     helm init --upgrade --skip-refresh
 567     # this might fail
 568     set +e
 569     helm repo remove stable
 570     set -e
 571     helm serve &
 572     echo "wait a moment before helm will come up ..."
 573     sleep 5
 574     helm repo add local http://127.0.0.1:8879
 575     make all
 576     #Pass the CA certificate contents directly during installation.
 577     helm install local/onap -n dev --namespace onap \
 578       --set "global.cacert=$(cat ${CERTS_TARGET_PATH}/rootCAcert.crt)"
 579     popd
 580 }
 581
 582 expand_file() {
 583     file=$1
 584     # print warning if patched file does not exist as some charts
 585     # might not be available for some deployments
 586     if [ ! -f "$file" ]; then
 587       echo "WARNING: Can't patch file $file because this file does not exists."
 588       return 0
 589     fi
 590
 591     shift
 592
 593     for ivar in "$@" ; do
 594         ivalue=$(eval 'echo "$'${ivar}'"')
 595         sed -i "s#${ivar}#${ivalue}#g" "$file"
 596     done
 597 }
 598
 599 patch_npm_oom() {
 600     if [ -z "$LOCAL_IP" ] ; then
 601         echo "ERROR: LOCAL_IP unset"
 602         return 1
 603     fi
 604     if [ -z "$NEXUS_FQDN" ] ; then
 605         echo "ERROR: NEXUS_FQDN unset"
 606         return 1
 607     fi
 608
 609     UPDATE_HOSTS_FILE="$LOCAL_IP $NEXUS_FQDN"
 610     UPDATE_NPM_REGISTRY="npm set registry \"http://${NEXUS_FQDN}/repository/npm-private/\""
 611
 612     expand_file $APROJECT_DIR/resources/oom/kubernetes/common/dgbuilder/templates/deployment.yaml \
 613         UPDATE_HOSTS_FILE \
 614         UPDATE_NPM_REGISTRY
 615     expand_file $APROJECT_DIR/resources/oom/kubernetes/sdnc/charts/sdnc-portal/templates/deployment.yaml \
 616         UPDATE_HOSTS_FILE \
 617         UPDATE_NPM_REGISTRY
 618 }
 619
 620 patch_spring_oom() {
 621     if [ -z "$LOCAL_IP" ] ; then
 622         echo "ERROR: LOCAL_IP unset"
 623         return 1
 624     fi
 625
 626     UPDATE_HOSTS_FILE="$LOCAL_IP www.springframework.org"
 627     expand_file $APROJECT_DIR/resources/oom/kubernetes/dmaap/charts/message-router/templates/deployment.yaml \
 628         UPDATE_HOSTS_FILE
 629 }
 630
 631 patch_cfy_manager_depl() {
 632     os="$1"
 633     file="${APROJECT_DIR}/resources/oom/kubernetes/dcaegen2/charts/dcae-cloudify-manager/templates/deployment.yaml"
 634
 635     case "$os" in
 636         centos|rhel)
 637             CERT_PATH="/etc/pki/ca-trust/source/anchors"
 638             ;;
 639         ubuntu)
 640             CERT_PATH="/usr/local/share/ca-certificates/extra"
 641             ;;
 642         '')
 643             echo "ERROR: missing argument"
 644             return 1
 645             ;;
 646         *)
 647             echo "ERROR: unknown OS: ${os}"
 648             return 1
 649             ;;
 650     esac
 651
 652     expand_file "$file" CERT_PATH
 653 }
 654
 655 copy_onap_values_file() {
 656     cp "${APROJECT_DIR}/${CUSTOM_CFG_RELPATH:-cfg}/${ONAP_SCALE}_depl_values.yaml" \
 657         "${APROJECT_DIR}/resources/oom/kubernetes/onap/values.yaml"
 658 }