| Denis Egorenko | 96e8b06 | 2019-04-03 18:05:50 +0400 | [diff] [blame] | 1 | #!/bin/bash |
| 2 | |
| 3 | realm_name='drivetrain-realm' |
| 4 | realm_user='operations-api' |
| 5 | realm_usermail='drivetrain-eng@mirantis.com' |
| 6 | echo "[ Getting Keycloak endpoint ]" |
| 7 | keycloak_port=$(salt-call pillar.get --out=txt _param:haproxy_keycloak_exposed_port | awk '{print $2}') |
| Vladimir Khlyunev | 029b932 | 2021-11-16 16:18:24 +0400 | [diff] [blame] | 8 | internal_address=$(salt-call pillar.get --out=txt _param:docker_default_gateway | awk '{print $2}') |
| Denis Egorenko | 96e8b06 | 2019-04-03 18:05:50 +0400 | [diff] [blame] | 9 | keycloak_url="http://${internal_address}:${keycloak_port}" |
| 10 | keycloak_admin_password=$(salt-call pillar.get --out=txt _param:keycloak_admin_password | awk '{print $2}') |
| 11 | keycloak_user_password=$(salt-call pillar.get --out=txt _param:keycloak_user_password | awk '{print $2}') |
| 12 | echo "[ Waiting for Keycloak server ]" |
| 13 | until $(curl --output /dev/null --silent --head --fail ${keycloak_url}); do |
| 14 | sleep 2 |
| 15 | done |
| 16 | |
| 17 | KCADM="/opt/jboss/keycloak/bin/kcadm.sh" |
| 18 | keycloak_container=$(docker ps --format '{{.Names}}' --filter 'name=keycloak-server') |
| 19 | script=""" |
| 20 | $KCADM config credentials --server ${keycloak_url}/auth --realm master --user admin --password ${keycloak_admin_password} ; |
| 21 | $KCADM create users -r ${realm_name} -s username=${realm_user} -s enabled=true -s emailVerified=true -s firstName=Operations-Service-User -s email=${realm_usermail} ; |
| 22 | ID=\$($KCADM get users -r ${realm_name} --fields id -q username=${realm_user} -q email=${realm_usermail} | grep id | cut -f 2 -d \":\" | tr -d \"\\\"\" | tr -d \" \") ; |
| 23 | $KCADM update users/\$ID/reset-password -r ${realm_name} -s type=password -s value=${keycloak_user_password} -s temporary=false -n ; |
| 24 | """ |
| 25 | |
| 26 | docker exec -t ${keycloak_container} /bin/bash -c "${script}" |