From 127e24dab3590d6b963a50625399eb2d50709946 Mon Sep 17 00:00:00 2001 From: matt Date: Thu, 6 Oct 2022 15:03:05 -0400 Subject: [PATCH 1/3] GHM-822 Build virtalization package with secrets --- .gitignore | 1 + packages/virtualization/config.sh | 55 +++++++++++++++++++++++++++++-- 2 files changed, 53 insertions(+), 3 deletions(-) diff --git a/.gitignore b/.gitignore index 8faa841f..10e54b0b 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,3 @@ tmp/ /artifacts/ +.idea diff --git a/packages/virtualization/config.sh b/packages/virtualization/config.sh index f5c4de16..2d873e1b 100644 --- a/packages/virtualization/config.sh +++ b/packages/virtualization/config.sh @@ -56,12 +56,61 @@ function build() { # Build the virtualization package # logmust cd "$WORKDIR/repo/appliance" + + local secretDbArgs=() + + # Because ant does not read the environment variables of the execution context, we set them as + # parameters only if they exist in the execution context + + # Here we check for whether the environment variables are set and pass them along. We check for + # existence instead of emptiness to avoid adding a layer of interpretation. + + # We use parameter expansion in the form of ${variable+nothing} which evaluates to the variable + # 'nothing' if 'variable' is not set. Because 'nothing' is not defined it evaluates to "" when 'variable' + # is not set. So [[ "" ]] is what is actually evaluated when 'variable' is not set. + + if [[ ${SECRET_DB_USE_JUMPBOX+nothing} ]]; then + secretDbArgs+=(-DSECRET_DB_USE_JUMPBOX="$SECRET_DB_USE_JUMPBOX") + fi + + if [[ ${SECRET_DB_JUMP_BOX_HOST+nothing} ]]; then + secretDbArgs+=(-DSECRET_DB_JUMP_BOX_HOST="$SECRET_DB_JUMP_BOX_HOST") + fi + + if [[ ${SECRET_DB_JUMP_BOX_USER+nothing} ]]; then + secretDbArgs+=(-DSECRET_DB_JUMP_BOX_USER="$SECRET_DB_JUMP_BOX_USER") + fi + + if [[ ${SECRET_DB_JUMP_BOX_PRIVATE_KEY+nothing} ]]; then + secretDbArgs+=(-DSECRET_DB_JUMP_BOX_PRIVATE_KEY="$SECRET_DB_JUMP_BOX_PRIVATE_KEY") + fi + + if [[ ${SECRET_DB_AWS_ENDPOINT+nothing} ]]; then + secretDbArgs+=(-DSECRET_DB_AWS_ENDPOINT="$SECRET_DB_AWS_ENDPOINT") + fi + + if [[ ${SECRET_DB_AWS_PROFILE+nothing} ]]; then + secretDbArgs+=(-DSECRET_DB_AWS_PROFILE="$SECRET_DB_AWS_PROFILE") + fi + + if [[ ${SECRET_DB_AWS_REGION+nothing} ]]; then + secretDbArgs+=(-DSECRET_DB_AWS_REGION="$SECRET_DB_AWS_REGION") + fi + if [[ -n "$DELPHIX_RELEASE_VERSION" ]]; then - logmust ant -Ddockerize=true -DbuildJni=true \ + logmust ant \ + -Ddockerize=true \ + -DbuildJni=true \ -DhotfixGenDlpxVersion="$DELPHIX_RELEASE_VERSION" \ - -Dbuild.legacy.resources.war=true all package + -Dbuild.legacy.resources.war=true \ + ${secretDbArgs[@]} \ + all-secrets package else - logmust ant -Ddockerize=true -DbuildJni=true all package + logmust ant \ + -Ddockerize=true \ + -DbuildJni=true \ + ${secretDbArgs[@]} \ + all-secrets package fi # From febb8679fd5fe4824ac9144077033fa60fb68b04 Mon Sep 17 00:00:00 2001 From: Matt Skinner Date: Tue, 11 Oct 2022 16:15:35 -0400 Subject: [PATCH 2/3] Shell check fixes --- packages/virtualization/config.sh | 38 ++++++++++++++----------------- 1 file changed, 17 insertions(+), 21 deletions(-) diff --git a/packages/virtualization/config.sh b/packages/virtualization/config.sh index 2d873e1b..98ec2f38 100644 --- a/packages/virtualization/config.sh +++ b/packages/virtualization/config.sh @@ -57,7 +57,7 @@ function build() { # logmust cd "$WORKDIR/repo/appliance" - local secretDbArgs=() + local args=() # Because ant does not read the environment variables of the execution context, we set them as # parameters only if they exist in the execution context @@ -70,49 +70,45 @@ function build() { # is not set. So [[ "" ]] is what is actually evaluated when 'variable' is not set. if [[ ${SECRET_DB_USE_JUMPBOX+nothing} ]]; then - secretDbArgs+=(-DSECRET_DB_USE_JUMPBOX="$SECRET_DB_USE_JUMPBOX") + args+=("-DSECRET_DB_USE_JUMPBOX=\"$SECRET_DB_USE_JUMPBOX\"") fi if [[ ${SECRET_DB_JUMP_BOX_HOST+nothing} ]]; then - secretDbArgs+=(-DSECRET_DB_JUMP_BOX_HOST="$SECRET_DB_JUMP_BOX_HOST") + args+=("-DSECRET_DB_JUMP_BOX_HOST=\"$SECRET_DB_JUMP_BOX_HOST\"") fi if [[ ${SECRET_DB_JUMP_BOX_USER+nothing} ]]; then - secretDbArgs+=(-DSECRET_DB_JUMP_BOX_USER="$SECRET_DB_JUMP_BOX_USER") + args+=("-DSECRET_DB_JUMP_BOX_USER=\"$SECRET_DB_JUMP_BOX_USER\"") fi if [[ ${SECRET_DB_JUMP_BOX_PRIVATE_KEY+nothing} ]]; then - secretDbArgs+=(-DSECRET_DB_JUMP_BOX_PRIVATE_KEY="$SECRET_DB_JUMP_BOX_PRIVATE_KEY") + args+=("-DSECRET_DB_JUMP_BOX_PRIVATE_KEY=\"$SECRET_DB_JUMP_BOX_PRIVATE_KEY\"") fi if [[ ${SECRET_DB_AWS_ENDPOINT+nothing} ]]; then - secretDbArgs+=(-DSECRET_DB_AWS_ENDPOINT="$SECRET_DB_AWS_ENDPOINT") + args+=("-DSECRET_DB_AWS_ENDPOINT=\"$SECRET_DB_AWS_ENDPOINT\"") fi if [[ ${SECRET_DB_AWS_PROFILE+nothing} ]]; then - secretDbArgs+=(-DSECRET_DB_AWS_PROFILE="$SECRET_DB_AWS_PROFILE") + args+=("-DSECRET_DB_AWS_PROFILE=\"$SECRET_DB_AWS_PROFILE\"") fi if [[ ${SECRET_DB_AWS_REGION+nothing} ]]; then - secretDbArgs+=(-DSECRET_DB_AWS_REGION="$SECRET_DB_AWS_REGION") + args+=("-DSECRET_DB_AWS_REGION=\"$SECRET_DB_AWS_REGION\"") fi + args+=("-Ddockerize=true") + args+=("-DbuildJni=true") + if [[ -n "$DELPHIX_RELEASE_VERSION" ]]; then - logmust ant \ - -Ddockerize=true \ - -DbuildJni=true \ - -DhotfixGenDlpxVersion="$DELPHIX_RELEASE_VERSION" \ - -Dbuild.legacy.resources.war=true \ - ${secretDbArgs[@]} \ - all-secrets package - else - logmust ant \ - -Ddockerize=true \ - -DbuildJni=true \ - ${secretDbArgs[@]} \ - all-secrets package + args+=("-DhotfixGenDlpxVersion=\"$DELPHIX_RELEASE_VERSION\"") + args+=("-Dbuild.legacy.resources.war=true") fi + logmust ant \ + "${args[@]}" + all-secrets package + # # Publish the virtualization package artifacts # From fc6a97295546f35030b5d324910ce51b101829f3 Mon Sep 17 00:00:00 2001 From: Matt Skinner Date: Thu, 13 Oct 2022 14:10:18 -0400 Subject: [PATCH 3/3] Formatting --- packages/virtualization/config.sh | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/packages/virtualization/config.sh b/packages/virtualization/config.sh index 98ec2f38..aa49b492 100644 --- a/packages/virtualization/config.sh +++ b/packages/virtualization/config.sh @@ -105,9 +105,7 @@ function build() { args+=("-Dbuild.legacy.resources.war=true") fi - logmust ant \ - "${args[@]}" - all-secrets package + logmust ant "${args[@]}" all-secrets package # # Publish the virtualization package artifacts