-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathgen-secret
executable file
·117 lines (100 loc) · 2.99 KB
/
gen-secret
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
#!/bin/bash
# 1. Sets up a local Python environment via pyenv
# 2. Installs the Ansible prerequisites
# 3. Hands off to Ansible to generate secret
# Store the current PATH and PYENV_ROOT and then reset to default values
SYSTEM_PATH=$PATH
unset PATH
PATH="/opt/homebrew/bin:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin"
export PATH
# Store the curent PYENV_ROOT/PYENV_VERSION and reset to the submodule version
SYSTEM_PYENV_ROOT=$PYENV_ROOT
SYSTEM_PYENV_VERSION=$PYENV_VERSION
unset PYENV_ROOT
unset PYENV_VERSION
PYENV_ROOT="$(pwd)/vendor/pyenv"
export PYENV_ROOT
ANSIBLE_ENV_SETUP=vendor/ansible/hacking/env-setup
PYENV_INIT="${PYENV_ROOT}/bin/pyenv"
PATH="${PYENV_ROOT}/bin:$PATH"
PYTHON_39="${PYENV_ROOT}/versions/3.9.13"
progress(){
echo -ne "\r["
printf "%0.s=" `seq $1`
echo -n ">"
}
usage() {
echo "Usage: run [options...]"
echo "Options:"
echo " -h, --help"
echo " -v, --verbose (repeat for more verbosity)"
}
EXTRA_ARGS=()
while [ $# -gt 0 ]; do
if [ "$1" = '--verbose' -o "$1" = '-v' ]; then
VERBOSE=$((VERBOSE + 1))
elif [ "$1" = '--help' -o "$1" = '-h' -o "$1" = 'help' ]; then
usage
exit
elif [ -n "$1" ]; then
ENCRYPT_STRING_NAME=$1
fi
shift
done
if [[ $VERBOSE ]]; then
DEV_NULL=/dev/stdout
if [ $VERBOSE -gt 1 ]; then
echo 'Enabling extremely verbose output'
set -x
fi
else
trap 'echo "Exiting: run with -v/--verbose for more info"' EXIT
DEV_NULL=/dev/null
fi
if [ ! -e $PYENV_INIT ]; then
echo "Not found: $PYENV_INIT"
echo "Did you forget to 'git submodule update --init --recursive'?"
exit 1
fi
# Install pyenv 3.9.13 version, if missing or forced
eval "$(pyenv init -)"
if [ ! -e "$PYTHON_39" ]; then
echo "Installing Python 3.9.13..."
pyenv install 3.9.13 &> $DEV_NULL
elif [ -e "$PYTHON_39" ] && [ "$FORCE" ]; then
echo "Forcing reinstall of Python 3.9.13..."
pyenv install -f 3.9.13 &> $DEV_NULL
elif [ -e "$PYTHON_39" ]; then
echo "Skipping Python 3.9.13 pyenv install (already exists); use --force to override"
fi
# Activate pyenv 3.9.13 environment
pyenv global 3.9.13
# Troubleshooting during OS upgrades, or new machine installs: may need:
#
# sudo -H pip install --upgrade cryptography
# pip install --upgrade pip
#
if [[ -z $(pip show jinja2 PyYAML cryptography packaging resolvelib) || $FORCE ]]; then
if ! pip install -r vendor/ansible/requirements.txt &> $DEV_NULL; then
echo "Failed: pip install"
echo "Did you forget to 'export https_proxy=fwdproxy:8080' or similar?"
exit 1
fi
elif [[ ! $FORCE ]]; then
echo "Skipping pip installs (already exists); use --force to override"
fi
# Activate Ansible
source vendor/ansible/hacking/env-setup &> $DEV_NULL
# Encrypt a string
ansible-vault encrypt_string --vault-id @prompt --name $ENCRYPT_STRING_NAME
# Restore the previous PATH value
unset PATH
PATH=$SYSTEM_PATH
export PATH
# Restore the previous PYENV_ROOT/PYENV_VERSION value
unset PYENV_ROOT
PYENV_ROOT=$SYSTEM_PYENV_ROOT
PYENV_VERSION=$SYSTEM_PYENV_VERSION
export PYENV_ROOT
export PYENV_VERSION
trap - EXIT