Update trymcp-day01 image scripts
Switch to nightly MCP_VERSION and add stuff for MM vm.
Related-Prod: PROD-27660
Related-Prod: PROD-29074
Change-Id: Ia9c0351bca244559e2a0cf326d3073a0f9af0823
diff --git a/trymcp-day01-image/files/etc/cloud/cloud.cfg b/trymcp-day01-image/files/etc/cloud/cloud.cfg
index 10290e1..ad73e20 100644
--- a/trymcp-day01-image/files/etc/cloud/cloud.cfg
+++ b/trymcp-day01-image/files/etc/cloud/cloud.cfg
@@ -77,14 +77,19 @@
hostname: cfg01.try-mcp.local
runcmd:
- - sed -i'.orig' -e's/PermitRootLogin.*/PermitRootLogin yes/g' -e's/PasswordAuthentication.*/PasswordAuthentication yes/g' /etc/ssh/sshd_config
- - service sshd restart
+ # TODO : add model update
+ #- salt-call state.apply reclass
- salt-call --timeout=120 test.ping
- salt-call saltutil.clear_cache
- salt-call saltutil.refresh_pillar
- salt-call saltutil.sync_all
+ #- salt-call state.sls salt.minion.ca
+ #- sleep 5
+ #- salt-call state.apply salt
+ - salt-call --timeout=120 test.ping
- systemctl restart docker
- sleep 20
+ - salt-call state.sls linux.system.user,openssh
- salt-call state.sls docker.swarm
- sleep 60
- salt-call state.sls nginx
@@ -93,9 +98,6 @@
- sleep 20
- salt-call state.sls docker.client
- sleep 60
- - salt-call state.sls openldap
- - sleep 20
- - salt-call state.sls gerrit
- - sleep 25
- salt-call state.sls jenkins
+ - bash /opt/add_keycloak_service_user.sh
- touch /done_cloud_init_bootstrap
diff --git a/trymcp-day01-image/files/opt/add_keycloak_service_user.sh b/trymcp-day01-image/files/opt/add_keycloak_service_user.sh
new file mode 100644
index 0000000..a38b236
--- /dev/null
+++ b/trymcp-day01-image/files/opt/add_keycloak_service_user.sh
@@ -0,0 +1,26 @@
+#!/bin/bash
+
+realm_name='drivetrain-realm'
+realm_user='operations-api'
+realm_usermail='drivetrain-eng@mirantis.com'
+echo "[ Getting Keycloak endpoint ]"
+keycloak_port=$(salt-call pillar.get --out=txt _param:haproxy_keycloak_exposed_port | awk '{print $2}')
+internal_address=$(salt-call pillar.get --out=txt _param:single_address | awk '{print $2}')
+keycloak_url="http://${internal_address}:${keycloak_port}"
+keycloak_admin_password=$(salt-call pillar.get --out=txt _param:keycloak_admin_password | awk '{print $2}')
+keycloak_user_password=$(salt-call pillar.get --out=txt _param:keycloak_user_password | awk '{print $2}')
+echo "[ Waiting for Keycloak server ]"
+until $(curl --output /dev/null --silent --head --fail ${keycloak_url}); do
+ sleep 2
+done
+
+KCADM="/opt/jboss/keycloak/bin/kcadm.sh"
+keycloak_container=$(docker ps --format '{{.Names}}' --filter 'name=keycloak-server')
+script="""
+$KCADM config credentials --server ${keycloak_url}/auth --realm master --user admin --password ${keycloak_admin_password} ;
+$KCADM create users -r ${realm_name} -s username=${realm_user} -s enabled=true -s emailVerified=true -s firstName=Operations-Service-User -s email=${realm_usermail} ;
+ID=\$($KCADM get users -r ${realm_name} --fields id -q username=${realm_user} -q email=${realm_usermail} | grep id | cut -f 2 -d \":\" | tr -d \"\\\"\" | tr -d \" \") ;
+$KCADM update users/\$ID/reset-password -r ${realm_name} -s type=password -s value=${keycloak_user_password} -s temporary=false -n ;
+"""
+
+docker exec -t ${keycloak_container} /bin/bash -c "${script}"
\ No newline at end of file
diff --git a/trymcp-day01-image/run.example.sh b/trymcp-day01-image/run.example.sh
index b2b02e5..37907b2 100755
--- a/trymcp-day01-image/run.example.sh
+++ b/trymcp-day01-image/run.example.sh
@@ -16,7 +16,7 @@
export CLUSTER_MODEL="https://gerrit.mcp.mirantis.com/trymcp/drivetrain-model"
export CLUSTER_MODEL_REF="master"
export CLUSTER_NAME="try-mcp"
-export MCP_VERSION="proposed"
+export MCP_VERSION="nightly"
export SALTSTACK_REPO="http://mirror.mirantis.com/${MCP_VERSION}/saltstack-2017.7/xenial xenial main"
export SALTSTACK_GPG="https://repo.saltstack.com/apt/ubuntu/16.04/amd64/2017.7/SALTSTACK-GPG-KEY.pub"
export APT_MIRANTIS_SALT_REPO="http://mirror.mirantis.com/${MCP_VERSION}/salt-formulas/xenial xenial main"
diff --git a/trymcp-day01-image/scripts/salt.sh b/trymcp-day01-image/scripts/salt.sh
index c0bb21a..f2e7027 100644
--- a/trymcp-day01-image/scripts/salt.sh
+++ b/trymcp-day01-image/scripts/salt.sh
@@ -1,6 +1,6 @@
#!/bin/bash -xe
-MCP_VERSION=${MCP_VERSION:-proposed}
+MCP_VERSION=${MCP_VERSION:-nightly}
APT_MIRANTIS_SALT_REPO=${APT_MIRANTIS_SALT_REPO:-"http://mirror.mirantis.com/${MCP_VERSION}/salt-formulas/xenial xenial main"}
SALT_OPTS="-t 10 --retcode-passthrough --no-color"
@@ -13,7 +13,7 @@
salt-call ${SALT_OPTS} saltutil.sync_all
salt-call ${SALT_OPTS} reclass.validate_pillar
-salt-call ${SALT_OPTS} state.sls linux.system.repo,linux.system.package,linux.system.user,linux.system.directory,linux.system.config
+salt-call ${SALT_OPTS} state.sls linux.system.repo,linux.system.package,linux.system.user,linux.system.directory,linux.system.config,openssh
salt-call ${SALT_OPTS} state.sls linux.network
salt-call ${SALT_OPTS} state.sls salt.minion.ca
@@ -22,8 +22,6 @@
sed -i "s/mcp_version:.*/mcp_version: ${MCP_VERSION}/g" /srv/salt/reclass/classes/cluster/try-mcp/overrides.yml
-docker pull "docker-prod-local.artifactory.mirantis.com/mirantis/cicd/mysql:${MCP_VERSION}"
-docker pull "docker-prod-local.artifactory.mirantis.com/mirantis/cicd/gerrit:${MCP_VERSION}"
docker pull "docker-prod-local.artifactory.mirantis.com/mirantis/cicd/jenkins:${MCP_VERSION}"
docker pull "docker-prod-local.artifactory.mirantis.com/mirantis/cicd/jnlp-slave:${MCP_VERSION}"
docker pull "docker-prod-local.artifactory.mirantis.com/mirantis/cicd/phpldapadmin:${MCP_VERSION}"