Created
February 8, 2023 07:55
-
-
Save chenweienn/a6438e1bee775de26eff7c3c115dd430 to your computer and use it in GitHub Desktop.
new-scs-config-server.sh
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| set -eu | |
| config_server_credentials=$(echo $VCAP_SERVICES | jq -r '.["p.config-server"][0].credentials') | |
| credhub_ref=$(echo ${config_server_credentials} | jq -r '."credhub-ref"') | |
| ## client_id, client_secret is not available as plain text when credhub integration is enabled | |
| # client_id=$(echo ${config_server_credentials}|jq -r '.client_id') | |
| # client_secret=$(echo ${config_server_credentials}|jq -r '.client_secret') | |
| # access_token_uri=$(echo ${config_server_credentials}|jq -r '.access_token_uri') | |
| creds=$(curl -s https://credhub.service.cf.internal:8844/api/v1/data?name=${credhub_ref} \ | |
| -X GET -H 'Content-Type: application/json' \ | |
| --cert /etc/cf-instance-credentials/instance.crt \ | |
| --key /etc/cf-instance-credentials/instance.key | jq 'flatten | .[0].value') | |
| echo "=== print creds ===" | |
| echo ${creds} | |
| client_id=$(echo ${creds} | jq -r '.client_id') | |
| client_secret=$(echo ${creds} | jq -r '.client_secret') | |
| access_token_uri=$(echo ${creds} | jq -r '.access_token_uri') | |
| echo "Fetching Spring Cloud Config Server Access Token from uri: ${access_token_uri} via client_id: ${client_id}" | |
| curl --fail --silent -X POST ${access_token_uri}\ | |
| -H 'Content-Type: application/x-www-form-urlencoded'\ | |
| -d "client_id=${client_id}&client_secret=${client_secret}&grant_type=client_credentials"\ | |
| -o token.json | |
| echo "=== debug token.json ===" | |
| cat token.json | |
| expires_in=$(cat token.json |jq -r ".expires_in") | |
| export config_server_access_token=$(cat token.json | jq -r ".access_token") | |
| export config_server_uri=$(echo ${creds} | jq -r '.uri') | |
| echo "Successfully fetch Spring Cloud Config Server access token which expires_in: ${expires_in} seconds for config_server_uri=${config_server_uri}" | |
| echo "config server access token is ${config_server_access_token}" | |
| pivnet_config_uri=${config_server_uri}/pivnet/default/master | |
| echo "Fetching Pivnet Config from uri: ${pivnet_config_uri}" | |
| curl --fail --silent --show-error ${pivnet_config_uri} -H "Authorization: bearer ${config_server_access_token}" -o pivnet-property-source.json | |
| export PIVNET_API_TOKEN=$(cat pivnet-property-source.json |jq -r ".propertySources[0].source.pivnet.api.token") |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment