-
Notifications
You must be signed in to change notification settings - Fork 2
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat(cron): working entrypoint.sh script for cron
- Loading branch information
Showing
6 changed files
with
100 additions
and
8 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1 @@ | ||
| {"keys":[{"kty":"RSA","use":"sig","kid":"XRvko8P7A3UaWSnU7bM9nT0MjhA","x5t":"XRvko8P7A3UaWSnU7bM9nT0MjhA","n":"vRIL3aZt-xVqOZgMOr71ltWe9YY2Wf_B28C4Jl2nBSTEcFnf_eqOHZ8yzUBbLc4Nti2_ETcCsTUNuzS368BWkSgxc45JBH1wFSoWNFUSXaPt8mRwJYTF0H32iNhw_tBb9mvdQVgVs4Ci0dVJRYiz-ilk3PeO8wzlwRuwWIsaKFYlMyOKG9DVFbg93DmP5Tjq3C3oJlATyhAiJJc1T2trEP8960an33dDEaWwVAHh3c_34meAO4R6kLzIq0JnSsZMYB9O_6bMyIlzxmdZ8F442SynCUHxhnIh3yZew-xDdeHr6Ofl7KeVUcvSiZP9X44CaVJvknXQbBYNl-H7YF5RgQ","e":"AQAB","x5c":["MIIC/jCCAeagAwIBAgIJAKysonliFZLIMA0GCSqGSIb3DQEBCwUAMC0xKzApBgNVBAMTImFjY291bnRzLmFjY2Vzc2NvbnRyb2wud2luZG93cy5uZXQwHhcNMjQwMjA4MTcwMjUzWhcNMjkwMjA4MTcwMjUzWjAtMSswKQYDVQQDEyJhY2NvdW50cy5hY2Nlc3Njb250cm9sLndpbmRvd3MubmV0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvRIL3aZt+xVqOZgMOr71ltWe9YY2Wf/B28C4Jl2nBSTEcFnf/eqOHZ8yzUBbLc4Nti2/ETcCsTUNuzS368BWkSgxc45JBH1wFSoWNFUSXaPt8mRwJYTF0H32iNhw/tBb9mvdQVgVs4Ci0dVJRYiz+ilk3PeO8wzlwRuwWIsaKFYlMyOKG9DVFbg93DmP5Tjq3C3oJlATyhAiJJc1T2trEP8960an33dDEaWwVAHh3c/34meAO4R6kLzIq0JnSsZMYB9O/6bMyIlzxmdZ8F442SynCUHxhnIh3yZew+xDdeHr6Ofl7KeVUcvSiZP9X44CaVJvknXQbBYNl+H7YF5RgQIDAQABoyEwHzAdBgNVHQ4EFgQU8Sqmrf0UFpZbGtl5y1CjUdQq5ycwDQYJKoZIhvcNAQELBQADggEBAA57FiIOUs5yyLD6a6rWCbQ4Z2XJTfQb+TM/tZ6V6QqNhSS+Q98KFOIWe9Sit0iAyDsCCKuA8f08PYnUiHmHq8dG/7YRTShE/3zCZXHYKJgMaBhYfS788zQuq/hXDdVVc5X0pZwM4ibc6+2XpcpeDHxpMOLwo2AwujDdHVLzedAkIaTCzwPIizP4LB6l6IxR+xRXsH/1f034Gk3ReAEGgHW12NkajtXmC3DKl6vGIHvx1PgAMWQbxq3F2OopNx6aZEIIZWcMpQZ6/62f3pxRJHzZiJZN+khV8hpNjJvCNf6/hNbxkLcjLAycjW8AttcCRSTM4F+02S3TyHmoE4pYywA="],"issuer":"https://login.microsoftonline.com/48617df8-fd3d-471b-8f71-dcf99a2ceb27/v2.0"},{"kty":"RSA","use":"sig","kid":"qor_VePWgmxWy3r1dpfsWsw2-zY","x5t":"qor_VePWgmxWy3r1dpfsWsw2-zY","n":"rV8eXna9NCyzvgVZvbz18NhLIAfo1Qzn-VQQCbQzyGi2KDe3RI2sLeHltv9mVI2sahcRjgvhYNSETyxqHaKw3w8L4jg0kJdfzhD8dvpl32hunOCzuY2WpyJVq6CkxzGN4iikWTEIe_GMGsu9qhdxybaTCBTAya8qyKL1sbEByk8FiY6nsm6BhuRUVCh_rzfAp3HY-U_58ORLF1tmZrmSljHMFwlxvYuOIlKHacXy9gen8HsT7PUSA4n2PdnT1XAmlKJG1mzvdqyG2L3iRQJ45tcmrERKcd1pYwhb7ZtTyKypkeR9lkKbaYiQUt1QhpeO12pH1bRB1_k9MMzOm8Ca1Q","e":"AQAB","x5c":["MIIC6jCCAdKgAwIBAgIJAMqvEglnjttEMA0GCSqGSIb3DQEBCwUAMCMxITAfBgNVBAMTGGxvZ2luLm1pY3Jvc29mdG9ubGluZS51czAeFw0yNDAxMjQyMjE0MjNaFw0yOTAxMjQyMjE0MjNaMCMxITAfBgNVBAMTGGxvZ2luLm1pY3Jvc29mdG9ubGluZS51czCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAK1fHl52vTQss74FWb289fDYSyAH6NUM5/lUEAm0M8hotig3t0SNrC3h5bb/ZlSNrGoXEY4L4WDUhE8sah2isN8PC+I4NJCXX84Q/Hb6Zd9obpzgs7mNlqciVaugpMcxjeIopFkxCHvxjBrLvaoXccm2kwgUwMmvKsii9bGxAcpPBYmOp7JugYbkVFQof683wKdx2PlP+fDkSxdbZma5kpYxzBcJcb2LjiJSh2nF8vYHp/B7E+z1EgOJ9j3Z09VwJpSiRtZs73ashti94kUCeObXJqxESnHdaWMIW+2bU8isqZHkfZZCm2mIkFLdUIaXjtdqR9W0Qdf5PTDMzpvAmtUCAwEAAaMhMB8wHQYDVR0OBBYEFKOxwRo5B0oCCCLMp8I/cHosF4cPMA0GCSqGSIb3DQEBCwUAA4IBAQCifXD9bW3dh6WAwfFHnL2HefUhuDQzisAZBR0o6kPASObicJK91BtfVg6iYW0LUCE70EVnFkyypTy19JIPf3zutQkHFAdXtS2/0NiR0vRJ561gi5Yqjl9BW9Az6Eb/O4UEzqBpe313FNt2co8I0OjRNhbKB1lIPUu6UZs5qBdfTwQFB6fU/XfXHnpZERZgRUZu5mku/n2EHZ1iMe9of1Qv/AtXgB51ZlfpT6YbrqMJBJs1yHxLd+rYqoXCwWLoBlJ3xYm4jEzSHPLjFgqHrUb9Cl2SazRKhV/UBAGqq0xG6qZMoiWvcfv0equddGa/r84lrEU2y1RBGUGw15jiLL/y"],"issuer":"https://login.microsoftonline.com/48617df8-fd3d-471b-8f71-dcf99a2ceb27/v2.0"}]} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,7 +1,73 @@ | ||
| #!/bin/sh | ||
| #!/usr/bin/env sh | ||
|
|
||
| env >> /etc/environment | ||
| echo 'start of configuration jwt_keys update'; | ||
|
|
||
| # execute CMD | ||
| echo "$@" | ||
| exec "$@" | ||
| if [ -z "$VUE_APP_AUTH_TENANT_ID" ]; then | ||
| echo "VUE_APP_AUTH_TENANT_ID is not set"; | ||
| exit 1; | ||
| fi | ||
| if [ -z "$COUCHDB_USER" ]; then | ||
| echo "COUCHDB_USER is not set"; | ||
| exit 1; | ||
| fi | ||
| if [ -z "$COUCHDB_PASSWORD" ]; then | ||
| echo "COUCHDB_PASSWORD is not set"; | ||
| exit 1; | ||
| fi | ||
|
|
||
| if [ -z "$COUCHDB_HOST" ]; then | ||
| echo "COUCHDB_HOST is not set"; | ||
| exit 1; | ||
| fi | ||
|
|
||
| echo "run apk update and install openssl, sed, curl, jq"; | ||
| apk update; | ||
| apk add openssl; | ||
| apk add --update sed; | ||
| apk add curl; | ||
| apk add jq; | ||
| # have tenand-id in env | ||
| # get json from https://login.microsoftonline.com/<tenant-id>/discovery/v2.0/keys | ||
|
|
||
| temp_file=$(mktemp) | ||
| keys_json_url="https://login.microsoftonline.com/$VUE_APP_AUTH_TENANT_ID/discovery/v2.0/keys" | ||
|
|
||
| wget -O ${temp_file} $keys_json_url | ||
| cat /${temp_file} | python3 -c 'import sys, json; keys = json.load(sys.stdin)["keys"]; [print(i["kid"], i["x5c"][0]) for i in keys]' | awk '{ print "-----BEGIN CERTIFICATE-----\n" $2 "\n" "-----END CERTIFICATE-----\n"> ($1 ".cer") }' | ||
|
|
||
| for file in $(find . -name "*.cer"); do | ||
| outputFile=${file%.cer}.pem | ||
| echo ${file} | ||
| openssl x509 -pubkey -noout -in ${file} >${outputFile} || rm ${outputFile} | ||
| done | ||
|
|
||
| result=$(echo "{" | ||
| ls -- *.pem | sed 's/\.pem//gi' \ | ||
| | xargs -I {} sh -c 'echo "\"rsa:{}\": \"$(cat -- {}.pem)" ' \ | ||
| | sed -z 's/\n/\\\\n/g' \ | ||
| | sed 's/END PUBLIC KEY-----\\\\n/END PUBLIC KEY-----\\\\n\",\n/g'\ | ||
| | sed 's/END CERTIFICATE-----\\\\n/END CERTIFICATE-----\\\\n\",\n/g' | ||
| echo "}" | ||
| ) | ||
|
|
||
|
|
||
| echo "${result}" >> jwt_keys.json | ||
|
|
||
| sed -zi 's/,\n}/\n}/g' jwt_keys.json | ||
|
|
||
| for key in $(jq -r 'keys[]' jwt_keys.json); do | ||
| echo "BEGIN------------------------" | ||
| value=$(jq ".[\"$key\"]" jwt_keys.json | sed 's/"//gi') | ||
| echo "key: $key" | ||
| echo "value: \"${value}\"" | ||
| curl -k -vvv -X PUT "http://${COUCHDB_USER}:${COUCHDB_PASSWORD}@${COUCHDB_HOST}:5984/_node/_local/_config/jwt_keys/${key}" -d "\"${value}\"" | ||
| echo "-----------------------END" | ||
| done | ||
|
|
||
| rm jwt_keys.json | ||
|
|
||
| # reload configuration | ||
| # POST /_node/nonode@nohost/_config/_reload | ||
| curl -X POST "http://${COUCHDB_USER}:${COUCHDB_PASSWORD}@${COUCHDB_HOST}:5984/_node/_local/_config/refresh" | ||
|
|
||
| echo "end of configuration jwt_keys update"; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,6 @@ | ||
| ; https://login.microsoftonline.com/<tenant-id>/discovery/v2.0/keys | ||
| ; In format rsa:<kid> = -----BEGIN PUBLIC KEY-----\n<public-key>\n-----END PUBLIC KEY-----\n | ||
| ; <public-key> can be get by "x509 -pubkey -noout -in cert.cer" where cert.cer is "-----BEGIN CERTIFICATE-----\n<x5c>\n-----END CERTIFICATE-----" | ||
| ; See /azure/convert.sh | ||
| rsa:XRvko8P7A3UaWSnU7bM9nT0MjhA = -----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvRIL3aZt+xVqOZgMOr71\nltWe9YY2Wf/B28C4Jl2nBSTEcFnf/eqOHZ8yzUBbLc4Nti2/ETcCsTUNuzS368BW\nkSgxc45JBH1wFSoWNFUSXaPt8mRwJYTF0H32iNhw/tBb9mvdQVgVs4Ci0dVJRYiz\n+ilk3PeO8wzlwRuwWIsaKFYlMyOKG9DVFbg93DmP5Tjq3C3oJlATyhAiJJc1T2tr\nEP8960an33dDEaWwVAHh3c/34meAO4R6kLzIq0JnSsZMYB9O/6bMyIlzxmdZ8F44\n2SynCUHxhnIh3yZew+xDdeHr6Ofl7KeVUcvSiZP9X44CaVJvknXQbBYNl+H7YF5R\ngQIDAQAB\n-----END PUBLIC KEY-----\n | ||
| rsa:qor_VePWgmxWy3r1dpfsWsw2-zY = -----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArV8eXna9NCyzvgVZvbz1\n8NhLIAfo1Qzn+VQQCbQzyGi2KDe3RI2sLeHltv9mVI2sahcRjgvhYNSETyxqHaKw\n3w8L4jg0kJdfzhD8dvpl32hunOCzuY2WpyJVq6CkxzGN4iikWTEIe/GMGsu9qhdx\nybaTCBTAya8qyKL1sbEByk8FiY6nsm6BhuRUVCh/rzfAp3HY+U/58ORLF1tmZrmS\nljHMFwlxvYuOIlKHacXy9gen8HsT7PUSA4n2PdnT1XAmlKJG1mzvdqyG2L3iRQJ4\n5tcmrERKcd1pYwhb7ZtTyKypkeR9lkKbaYiQUt1QhpeO12pH1bRB1/k9MMzOm8Ca\n1QIDAQAB\n-----END PUBLIC KEY-----\n |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters