diff --git a/development/shared/openrc b/development/shared/openrc old mode 100644 new mode 100755 index 3ea50bae..d27a907f --- a/development/shared/openrc +++ b/development/shared/openrc @@ -1,13 +1,31 @@ +# Checks to see if the juju model has been predefined if [ ! -z $JUJU_MODEL ]; then _juju_model_arg="-m $JUJU_MODEL" fi -_keystone_major_version=$(juju status $_juju_model_arg keystone --format yaml| \ - awk '/^ version:/ {print $2; exit}' | cut -f1 -d\.) + +# Make sure jq is installed +if ! command -v jq >/dev/null 2>&1; then + echo "jq is required to run this script. Please install it and try again." + exit 1 +fi + +# Make sure openstack client is installed +if ! command -v openstack >/dev/null 2>&1; then + echo "openstack client is required to run this script. Please install it and try again." + exit 1 +fi + +# Check juju major version +_juju_version=$(juju version | cut -f1 -d\. ) + +# Checks for keystone version. +_keystone_major_version=$(juju status $_juju_model_arg keystone --format json | jq -r '.applications.keystone.version' | cut -f1 -d\.) _keystone_preferred_api_version=$(juju config $_juju_model_arg keystone preferred-api-version) # The per user snap data directory is not created until first execution of snap openstack --version 2>&1 > /dev/null || true +# Checks for a place to store the root CA and gets the CA from Vault if [ -d ~/snap/openstackclients/common/ ]; then # When using the openstackclients confined snap the certificate has to be # placed in a location reachable by the clients in the snap. @@ -15,13 +33,38 @@ if [ -d ~/snap/openstackclients/common/ ]; then else _root_ca=/tmp/${JUJU_MODEL-""}root-ca.crt fi -juju run $_juju_model_arg --unit vault/leader 'leader-get root-ca' | tee $_root_ca >/dev/null 2>&1 +if [ "$_juju_version" -ge "3" ]; then + # Juju 3.0 and above + juju run $_juju_model_arg --format=json --quiet vault/leader get-root-ca | jq -r '.[].results.output' | tee $_root_ca >/dev/null 2>&1 +else + # Juju 2.9 and below + juju run $_juju_model_arg --unit vault/leader 'leader-get root-ca' | tee $_root_ca >/dev/null 2>&1 +fi -if [ $_keystone_major_version -ge 13 -o \ - "$_keystone_preferred_api_version" = '3' ]; then - echo Using Keystone v3 API - . $(dirname ${BASH_SOURCE[0]})/openrcv3_project +# Check shell and run the appropriate openrc file +_shell=$(ps -p $$ | tail -n 1 | awk '{print $4}') +echo "Shell: $_shell" +if [ "$_shell" = "bash" ]; then + if [ $_keystone_major_version -ge 13 -o \ + "$_keystone_preferred_api_version" = '3' ]; then + echo Using Keystone v3 API + . $(dirname ${BASH_SOURCE[0]})/openrcv3_project + else + echo Using Keystone v2.0 API + . $(dirname ${BASH_SOURCE[0]})/openrcv2 + fi + # shell is zsh or -zsh +elif [ "$_shell" = "zsh" ] || [ "$_shell" = "-zsh" ]; then + if [ $_keystone_major_version -ge 13 -o \ + "$_keystone_preferred_api_version" = '3' ]; then + echo Using Keystone v3 API + . $(dirname ${(%):-%x})/openrcv3_project + else + echo Using Keystone v2.0 API + . $(dirname ${(%):-%x})/openrcv2 + fi else - echo Using Keystone v2.0 API - . $(dirname ${BASH_SOURCE[0]})/openrcv2 + echo "Unsupported shell: $_shell" + exit 1 fi + diff --git a/development/shared/openrcv3_project b/development/shared/openrcv3_project index b1905628..5abe78f4 100644 --- a/development/shared/openrcv3_project +++ b/development/shared/openrcv3_project @@ -1,16 +1,46 @@ -_OS_PARAMS=$(env | awk 'BEGIN {FS="="} /^OS_/ {print $1;}' | paste -sd ' ') +# Get and clear all the environment variables beginning with OS_ +_OS_PARAMS=$(env | awk 'BEGIN {FS="="} /^OS_/ {print $1;}' | paste -sd ' ' '-') # the manual for paste specifies that '-' should be used when piping from stdin +# Fix _OS_PARAMS to be array in zsh +if [ "$_shell" = "zsh" ] || [ "$_shell" = "-zsh" ]; then + _OS_PARAMS=(${(s/ /)_OS_PARAMS}) +fi +# Inform the user of the environment variables that will be cleared +if [ -n "$_OS_PARAMS" ]; then + echo "The following environment variables will be cleared: $_OS_PARAMS" +fi for param in $_OS_PARAMS; do + # echo "Clearing $param" # debug unset $param done unset _OS_PARAMS +# Check juju version +_juju_version=$(juju version | cut -f1 -d\. ) + +# Get keystone ip address _keystone_vip=$(juju config $_juju_model_arg keystone vip) if [ -n "$_keystone_vip" ]; then _keystone_ip=$(echo $_keystone_vip | awk '{print $1}') else - _keystone_ip=$(juju run $_juju_model_arg --unit keystone/leader -- 'network-get --bind-address public') + if [ "$_juju_version" -ge "3" ]; then + # Juju 3.0 and above + # This method would probably work for Juju 2.9 and below, but it I will leave it as is for now. + _keystone_ip=$(juju status $_juju_model_arg keystone/leader --format json | jq -r '.applications.keystone.units[] | select(.leader == true) | ."public-address"') + else + # Juju 2.9 and below + _keystone_ip=$(juju run $_juju_model_arg --unit keystone/leader -- 'network-get --bind-address public') + fi +fi + +# Get admin password +if [ "$_juju_version" -ge "3" ]; then + # Juju 3.0 and above + _password=$(juju run $_juju_model_arg keystone/leader get-admin-password --quiet | awk '{print $2; exit}') +else + # Juju 2.9 and below + _password=$(juju run $_juju_model_arg --unit keystone/leader 'leader-get admin_passwd') fi -_password=$(juju run $_juju_model_arg --unit keystone/leader 'leader-get admin_passwd') + if [ ! -z "$_root_ca" -a -s "$_root_ca" ]; then export OS_AUTH_PROTOCOL=https @@ -28,3 +58,26 @@ export OS_IDENTITY_API_VERSION=3 export OS_AUTH_VERSION=3 # Gnocchi needs this export OS_AUTH_TYPE=password + +# # Debug +# echo "Environment variables set:" +# echo "env | grep OS_ result:" +# env | grep OS_ +# echo +# echo "If environment variables are not set, then run the following commands:" +# if [ ! -z "$_root_ca" -a -s "$_root_ca" ]; then +# echo "export OS_AUTH_PROTOCOL=https" +# echo "export OS_CACERT=${_root_ca}" +# fi +# echo "export OS_AUTH_URL=${OS_AUTH_PROTOCOL:-http}://${_keystone_ip}:5000/v3" +# echo "export OS_USERNAME=admin" +# echo "export OS_PASSWORD=${_password}" +# echo "export OS_USER_DOMAIN_NAME=admin_domain" +# echo "export OS_PROJECT_DOMAIN_NAME=admin_domain" +# echo "export OS_PROJECT_NAME=admin" +# echo "export OS_REGION_NAME=RegionOne" +# echo "export OS_IDENTITY_API_VERSION=3" +# # Swift needs this: +# echo "export OS_AUTH_VERSION=3" +# # Gnocchi needs this +# echo "export OS_AUTH_TYPE=password"