forked from IBM/CodeEngine
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathrun
executable file
·140 lines (114 loc) · 4.56 KB
/
run
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
#!/bin/bash
# Env Vars:
# REGISTRY: name of the image registry/namespace to get the images
# COS_ID: If set, specifies the full CRN of a Cloud Object Storage instance to
# use
REGISTRY=${REGISTRY:-icr.io/codeengine}
PROJECT_NAME=$(ibmcloud ce project current | awk '/^Name/{ print $2 }')
PROJECT_REGION=$(ibmcloud ce project current | \
awk -F: '/^Region/{ print $2 }' | sed -e 's/^[[:space:]]*//' -e "s/[[:space:]]*$//")
POLICY_ID=""
PROJECT_ID=$(ibmcloud ce project get --name ${PROJECT_NAME} | \
awk '/^ID/{ print $2 }')
BUCKET=${PROJECT_NAME}-${PROJECT_ID}
SOURCE_BUCKET="${BUCKET}-source"
DESTINATION_BUCKET="${BUCKET}-destination"
# Clean up previous run
function clean() {
set +ex
echo "Cleaning..."
(
# Delete the event subscription
ibmcloud ce sub cos delete -n cos2cos-sub -f --wait=true
# Delete the IAM auth policy
if [[ -n "$POLICY_ID" ]]; then
ibmcloud iam authorization-policy-delete $POLICY_ID --force
fi
# Delete the app, config map, secret
ibmcloud ce app delete --name cos2cos --force
ibmcloud ce cm delete --name cos2cos-config --force
ibmcloud ce secret delete --name cos2cos-key --force
# Delete the COS service ID
ibmcloud iam service-id-delete cos2cos-service-id --force
# Empty the COS buckets
ibmcloud cos object-delete --bucket ${SOURCE_BUCKET} --key "README.md" --force
ibmcloud cos object-delete --bucket ${DESTINATION_BUCKET} --key "README.md" --force
# Delete the COS buckets
ibmcloud cos bucket-delete --bucket ${SOURCE_BUCKET} --force
ibmcloud cos bucket-delete --bucket ${DESTINATION_BUCKET} --force
# Delete the COS instance unless the instance was given to us
if [[ -z "$COS_ID" ]]; then
ibmcloud resource service-instance-delete ce-cos2cos -f -q
fi
rm -f out .tmpkey
) > /dev/null 2>&1
}
clean
[[ "$1" == "clean" ]] && exit 0
set -ex
CID=${COS_ID}
# Create a COS instance unless one has been specified for use
if [[ -z "$CID" ]]; then
ibmcloud resource service-instance-create ce-cos2cos \
cloud-object-storage lite global
CID=$(ibmcloud resource service-instance ce-cos2cos | awk '/^ID/{ print $2 }')
fi
# Set the COS config to use this instance
ibmcloud cos config crn --crn $CID --force
ibmcloud cos config auth --method IAM
# Create IAM authorization policy so we can receive notifications from COS
POLICY_ID=$(ibmcloud iam authorization-policy-create codeengine \
cloud-object-storage "Notifications Manager" \
--source-service-instance-name ${PROJECT_NAME} \
--target-service-instance-id ${CID} | awk '/^Authorization/{ print $3 }')
# Create our buckets
ibmcloud cos bucket-create --bucket ${SOURCE_BUCKET} \
--ibm-service-instance-id $CID \
--region $PROJECT_REGION
ibmcloud cos bucket-create --bucket ${DESTINATION_BUCKET} \
--ibm-service-instance-id $CID \
--region $PROJECT_REGION
# Create a configmap
COS_REGION=$(ibmcloud cos config list | awk '/Default Region/{ print $3 }')
ibmcloud ce cm create -n cos2cos-config \
--from-literal DESTINATION_BUCKET=${DESTINATION_BUCKET} \
--from-literal SOURCE_BUCKET=${SOURCE_BUCKET} \
--from-literal COS_ENDPOINT=https://s3.${COS_REGION}.cloud-object-storage.appdomain.cloud \
--from-literal COS_INSTANCE_ID=${CID} \
--from-literal IAM_ENDPOINT=https://iam.cloud.ibm.com/identity/token
# Create a service ID to use when accessing COS and an API key for that ID
ibmcloud iam service-id-create cos2cos-service-id
ibmcloud iam service-policy-create cos2cos-service-id \
--service-name cloud-object-storage \
--service-instance ${CID} --roles Writer
# Store the API key in a secret
ibmcloud iam service-api-key-create cos2cos-apikey cos2cos-service-id \
| awk '/API Key/{ print $3 }' > .tmpkey
ibmcloud ce secret create -n cos2cos-key --from-file APIKEY=.tmpkey
rm -f .tmpkey
# Create the app
ibmcloud ce app create -n cos2cos --image ${REGISTRY}/cos2cos \
--env-from-configmap cos2cos-config \
--env-from-secret cos2cos-key \
--min-scale 1 \
--max-scale 1
# Setup the COS Event Source
ibmcloud ce sub cos create -n cos2cos-sub -d cos2cos -b ${SOURCE_BUCKET} \
--path "/events/cos"
# Now wait until we get the event - shouldn't take more than a minute
while true ; do
sleep 10
# Upload a file to the source bucket (this will generate an event)
ibmcloud cos object-put --bucket ${SOURCE_BUCKET} --key "README.md" \
--body README.md
# Check for the file in the destination bucket (presence there is
# triggered by the upload event)
declare -i FOUND=$(ibmcloud cos objects --bucket ${DESTINATION_BUCKET} | \
grep -c "README.md")
if [[ $FOUND -ge 1 ]]; then
echo "File found in destination bucket"
break
fi
done
# Clean up
clean