From 49736bf1eda0e228908916f08f70f7074a584de9 Mon Sep 17 00:00:00 2001 From: Assaf Giladi Date: Thu, 22 Feb 2024 18:10:04 +0200 Subject: [PATCH] chore: hide weka password --- join/join.go | 34 ++++++++++++++++++++++------------ 1 file changed, 22 insertions(+), 12 deletions(-) diff --git a/join/join.go b/join/join.go index b1a6172..84d7436 100644 --- a/join/join.go +++ b/join/join.go @@ -45,9 +45,6 @@ func (j *JoinScriptGenerator) GetJoinScript(ctx context.Context) string { common.ShuffleSlice(ips) bashScriptTemplate := ` - export WEKA_USERNAME="%s" - export WEKA_PASSWORD="%s" - export WEKA_RUN_CREDS="-e WEKA_USERNAME=$WEKA_USERNAME -e WEKA_PASSWORD=$WEKA_PASSWORD" IPS=(%s) HASHED_IP=$(%s) COMPUTE=%d @@ -139,13 +136,14 @@ func (j *JoinScriptGenerator) GetJoinScript(ctx context.Context) string { compute := j.Params.InstanceParams.Compute mem := j.Params.InstanceParams.ComputeMemory + setWekaCreds := j.setWekaCredentials() isReady := j.getIsReadyScript() addDrives := j.getAddDrivesScript() bashScriptTemplate = j.ScriptBase + dedent.Dedent(bashScriptTemplate) - bashScriptTemplate += isReady + addDrives + bashScriptTemplate += setWekaCreds + isReady + addDrives bashScript := fmt.Sprintf( - bashScriptTemplate, j.Params.WekaUsername, j.Params.WekaPassword, strings.Join(ips, " "), j.FailureDomainCmd, + bashScriptTemplate, strings.Join(ips, " "), j.FailureDomainCmd, compute, frontend, drive, mem, j.Params.InstallDpdk, gateways, j.Params.ProxyUrl, reportFunc, joinFinalizationFunc, getCoreIdsFunc, getNetStrForDpdkFunc, j.DeviceNameCmd, bash_functions.GetWekaPartitionScript(), ) @@ -162,10 +160,6 @@ func (j *JoinScriptGenerator) GetExistingContainersJoinScript(ctx context.Contex bashScriptTemplate := ` set -ex - - export WEKA_USERNAME="%s" - export WEKA_PASSWORD="%s" - export WEKA_RUN_CREDS="-e WEKA_USERNAME=$WEKA_USERNAME -e WEKA_PASSWORD=$WEKA_PASSWORD" host_ips="%s" # report function definition @@ -203,18 +197,32 @@ func (j *JoinScriptGenerator) GetExistingContainersJoinScript(ctx context.Contex fi ` + setWekaCreds := j.setWekaCredentials() isReady := j.getIsReadyScript() addDrives := j.getAddDrivesScript() bashScriptTemplate = j.ScriptBase + dedent.Dedent(bashScriptTemplate) - bashScriptTemplate += isReady + addDrives + bashScriptTemplate += setWekaCreds + isReady + addDrives bashScript := fmt.Sprintf( - bashScriptTemplate, j.Params.WekaUsername, j.Params.WekaPassword, strings.Join(ips, " "), reportFunc, + bashScriptTemplate, strings.Join(ips, " "), reportFunc, joinFinalizationFunc, statusFunc, ) return dedent.Dedent(bashScript) } +func (j *JoinScriptGenerator) setWekaCredentials() string { + s := ` + set +x + export WEKA_USERNAME=$(echo "%s" | base64 --decode) + export WEKA_PASSWORD=$(echo "%s" | base64 --decode) + export WEKA_RUN_CREDS="-e WEKA_USERNAME=$WEKA_USERNAME -e WEKA_PASSWORD=$WEKA_PASSWORD" + set -x + ` + + s = dedent.Dedent(s) + return fmt.Sprintf(s, j.Params.WekaUsername, j.Params.WekaPassword) +} + func (j *JoinScriptGenerator) getIsReadyScript() string { s := ` while ! weka debug manhole -s 0 operational_status | grep '"is_ready": true' ; do @@ -230,12 +238,14 @@ func (j *JoinScriptGenerator) getAddDrivesScript() string { s := ` compute_name=$(%s) - host_id=$(weka local run --container compute0 $WEKA_RUN_CREDS manhole getServerInfo | grep hostIdValue: | awk '{print $2}') mkdir -p /opt/weka/tmp # write down find_drives script (another string input for this template) cat >/opt/weka/tmp/find_drives.py <