Skip to content

Commit e8f7bb1

Browse files
arampricearamprice
committed
CI: fix start-docker script
- replace ruby with bash - fail if more than one IP addr is found for "OUTER_CONTAINER_IP" - sundry bash lint cleanup
1 parent feaad1e commit e8f7bb1

File tree

1 file changed

+33
-13
lines changed

1 file changed

+33
-13
lines changed

ci/dockerfiles/docker-cpi/start-bosh.sh

Lines changed: 33 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -90,10 +90,12 @@ function stop_docker() {
9090
}
9191

9292
function start_docker() {
93+
local certs_dir
94+
certs_dir="${1}"
9395
# docker will fail starting with the new iptables. it throws:
9496
# iptables v1.8.7 (nf_tables): Could not fetch rule set generation id: ....
9597
update-alternatives --set iptables /usr/sbin/iptables-legacy
96-
generate_certs $1
98+
generate_certs "${certs_dir}"
9799
mkdir -p /var/log
98100
mkdir -p /var/run
99101

@@ -110,7 +112,8 @@ function start_docker() {
110112
mount -o remount,rw /proc/sys
111113
fi
112114

113-
local mtu=$(cat /sys/class/net/$(ip route get 169.254.169.254|awk '{ print $5 }')/mtu)
115+
local mtu
116+
mtu=$(cat "/sys/class/net/$(ip route get 169.254.169.254|awk '{ print $5 }')/mtu")
114117

115118
[[ ! -d /etc/docker ]] && mkdir /etc/docker
116119
cat <<EOF > /etc/docker/daemon.json
@@ -131,11 +134,11 @@ EOF
131134
service docker start
132135

133136
export DOCKER_TLS_VERIFY=1
134-
export DOCKER_CERT_PATH=$1
137+
export DOCKER_CERT_PATH="${certs_dir}"
135138

136139
rc=1
137140
for i in $(seq 1 100); do
138-
echo waiting for docker to come up...
141+
echo "waiting for docker to come up... (${i})"
139142
sleep 1
140143
set +e
141144
docker info
@@ -150,13 +153,23 @@ EOF
150153
exit 1
151154
fi
152155

153-
echo $certs_dir
156+
echo "${certs_dir}"
154157
}
155158

156159
function main() {
157-
export OUTER_CONTAINER_IP=$(ruby -rsocket -e 'puts Socket.ip_address_list
158-
.reject { |addr| !addr.ip? || addr.ipv4_loopback? || addr.ipv6? }
159-
.map { |addr| addr.ip_address }')
160+
OUTER_CONTAINER_IP=$(
161+
ip addr \
162+
| grep 'inet ' \
163+
| grep -v -E ' (127\.|172\.|10\.245)' \
164+
| cut -d/ -f 1 \
165+
| cut -d' ' -f6
166+
)
167+
export OUTER_CONTAINER_IP
168+
169+
if [[ "${OUTER_CONTAINER_IP}" == *$'\n'* ]] ; then
170+
echo "OUTER_CONTAINER_IP had more than one ip: '${OUTER_CONTAINER_IP}'" >&2
171+
exit 1
172+
fi
160173

161174
export DOCKER_HOST="tcp://${OUTER_CONTAINER_IP}:4243"
162175

@@ -167,9 +180,14 @@ function main() {
167180
local local_bosh_dir
168181
local_bosh_dir="/tmp/local-bosh/director"
169182

170-
docker network create -d bridge --subnet=10.245.0.0/16 director_network
183+
local docker_network_name="director_network"
184+
if docker network ls | grep -q "${docker_network_name}"; then
185+
echo "A docker network named '${docker_network_name}' already exists, skipping creation" >&2
186+
else
187+
docker network create -d bridge --subnet=10.245.0.0/16 "${docker_network_name}"
188+
fi
171189

172-
pushd ${BOSH_DEPLOYMENT_PATH:-/usr/local/bosh-deployment} > /dev/null
190+
pushd "${BOSH_DEPLOYMENT_PATH:-/usr/local/bosh-deployment}" > /dev/null
173191
export BOSH_DIRECTOR_IP="10.245.0.3"
174192
export BOSH_ENVIRONMENT="docker-director"
175193

@@ -191,7 +209,7 @@ function main() {
191209
-v internal_ip="${BOSH_DIRECTOR_IP}" \
192210
-v docker_host="${DOCKER_HOST}" \
193211
-v network=director_network \
194-
-v docker_tls="{\"ca\": \"$(cat ${certs_dir}/ca_json_safe.pem)\",\"certificate\": \"$(cat ${certs_dir}/client_certificate_json_safe.pem)\",\"private_key\": \"$(cat ${certs_dir}/client_private_key_json_safe.pem)\"}" \
212+
-v docker_tls="{\"ca\": \"$(cat "${certs_dir}/ca_json_safe.pem")\",\"certificate\": \"$(cat "${certs_dir}/client_certificate_json_safe.pem")\",\"private_key\": \"$(cat "${certs_dir}/client_private_key_json_safe.pem")\"}" \
195213
${@} > "${local_bosh_dir}/bosh-director.yml"
196214

197215
command bosh create-env "${local_bosh_dir}/bosh-director.yml" \
@@ -201,10 +219,12 @@ function main() {
201219
bosh int "${local_bosh_dir}/creds.yml" --path /director_ssl/ca > "${local_bosh_dir}/ca.crt"
202220
bosh -e "${BOSH_DIRECTOR_IP}" --ca-cert "${local_bosh_dir}/ca.crt" alias-env "${BOSH_ENVIRONMENT}"
203221

222+
bosh_client_secret="$(bosh int "${local_bosh_dir}/creds.yml" --path /admin_password)"
223+
204224
cat <<EOF > "${local_bosh_dir}/env"
205225
export BOSH_ENVIRONMENT="${BOSH_ENVIRONMENT}"
206226
export BOSH_CLIENT=admin
207-
export BOSH_CLIENT_SECRET=`bosh int "${local_bosh_dir}/creds.yml" --path /admin_password`
227+
export BOSH_CLIENT_SECRET=${bosh_client_secret}
208228
export BOSH_CA_CERT="${local_bosh_dir}/ca.crt"
209229
210230
EOF
@@ -215,4 +235,4 @@ EOF
215235
popd > /dev/null
216236
}
217237

218-
main $@
238+
main ${@}

0 commit comments

Comments
 (0)