From 8af0bd6d3815cc0f0d25c1dcc7e062c3e8469317 Mon Sep 17 00:00:00 2001
From: Wenkai Yin <yinw@vmware.com>
Date: Tue, 25 Oct 2016 18:09:54 +0800
Subject: [PATCH] ova installation scripts

---
 .../ova/deps/docker-compose-1.7.1/install.sh  |  7 ++
 tools/ova/script/app_post_install.sh          | 15 ++++
 tools/ova/script/common.sh                    | 54 ++++++++++++
 tools/ova/script/config.sh                    | 88 +++++++++++++++++++
 tools/ova/script/firstboot.sh                 | 43 +++++++++
 tools/ova/script/start_harbor.sh              | 31 +++++++
 tools/ova/script/subsequentboot.sh            | 37 ++++++++
 7 files changed, 275 insertions(+)
 create mode 100755 tools/ova/deps/docker-compose-1.7.1/install.sh
 create mode 100755 tools/ova/script/app_post_install.sh
 create mode 100755 tools/ova/script/common.sh
 create mode 100755 tools/ova/script/config.sh
 create mode 100755 tools/ova/script/firstboot.sh
 create mode 100755 tools/ova/script/start_harbor.sh
 create mode 100755 tools/ova/script/subsequentboot.sh

diff --git a/tools/ova/deps/docker-compose-1.7.1/install.sh b/tools/ova/deps/docker-compose-1.7.1/install.sh
new file mode 100755
index 000000000..810b24630
--- /dev/null
+++ b/tools/ova/deps/docker-compose-1.7.1/install.sh
@@ -0,0 +1,7 @@
+#!/bin/bash
+
+echo "docker-compose version 1.7.1"
+cd "$( dirname "${BASH_SOURCE[0]}" )" 
+cp ./docker-compose-Linux-x86_64 /usr/local/bin/docker-compose
+chmod +x /usr/local/bin/docker-compose
+
diff --git a/tools/ova/script/app_post_install.sh b/tools/ova/script/app_post_install.sh
new file mode 100755
index 000000000..aeda8239a
--- /dev/null
+++ b/tools/ova/script/app_post_install.sh
@@ -0,0 +1,15 @@
+#!/usr/bin/env bash
+
+tdnf install -y docker
+systemctl enable docker.service
+
+mkdir -p /var/log/harbor
+
+echo "Downloading harbor..."
+wget -O /ova.tar.gz http://10.117.5.62/ISV/appliancePackages/ova.tar.gz
+
+echo "Downloading notice file..."
+wget -O /NOTICE_Harbor_0.4.1_Beta.txt http://10.117.5.62/ISV/appliancePackages/NOTICE_Harbor_0.4.1_Beta.txt
+
+echo "Downloading license file..."
+wget -O /LICENSE_Harbor_0.4.1_Beta_100216.txt http://10.117.5.62/ISV/appliancePackages/LICENSE_Harbor_0.4.1_Beta_100216.txt
\ No newline at end of file
diff --git a/tools/ova/script/common.sh b/tools/ova/script/common.sh
new file mode 100755
index 000000000..88b268a78
--- /dev/null
+++ b/tools/ova/script/common.sh
@@ -0,0 +1,54 @@
+#!/bin/bash
+
+#Shut down Harbor
+function down {
+	base_dir="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
+	docker-compose -f $base_dir/../harbor/docker-compose*.yml down
+}
+
+#Start Harbor
+function up {
+	base_dir="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
+	$base_dir/start_harbor.sh
+}
+
+#Configure Harbor
+function configure {
+	base_dir="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
+	$base_dir/config.sh
+}
+
+#Garbage collectoin
+function gc {
+	echo "======================= $(date)====================="
+	
+	#the registry image
+	image=$1
+
+	base_dir="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
+
+	docker run --name gc --rm --volume /data/registry:/storage \
+		--volume $base_dir/../harbor/common/config/registry/:/etc/registry/ \
+		$image garbage-collect /etc/registry/config.yml
+	
+	echo "===================================================="
+}
+
+#Add rules to iptables
+function addIptableRules {
+	iptables -A INPUT -p tcp --dport 5480 -j ACCEPT
+	iptables -A INPUT -p tcp --dport 5488 -j ACCEPT
+	iptables -A INPUT -p tcp --dport 5489 -j ACCEPT
+}
+
+#Install docker-compose
+function installDockerCompose {
+	base_dir="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
+	$base_dir/../deps/docker-compose-1.7.1/install.sh
+}
+
+#Load images
+function load {
+	basedir="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
+	docker load -i $basedir/../harbor/harbor*.tgz
+}
\ No newline at end of file
diff --git a/tools/ova/script/config.sh b/tools/ova/script/config.sh
new file mode 100755
index 000000000..43a238d59
--- /dev/null
+++ b/tools/ova/script/config.sh
@@ -0,0 +1,88 @@
+#!/bin/bash
+set -e
+
+attrs=( 
+	harbor_admin_password
+	auth_mode 
+	ldap_url 
+	ldap_searchdn 
+	ldap_search_pwd 
+	ldap_basedn 
+	ldap_uid 
+	email_server 
+	email_server_port 
+	email_username 
+	email_password 
+	email_from 
+	email_ssl 
+	db_password
+	verify_remote_cert
+	)
+
+base_dir="$( cd "$( dirname "${BASH_SOURCE[0]}" )/../" && pwd )"
+
+#The location of harbor.cfg
+cfg=$base_dir/harbor/harbor.cfg
+
+#Format cert and key files
+function format {
+	file=$1
+	head=$(sed -rn 's/(-+[A-Za-z ]*-+)([^-]*)(-+[A-Za-z ]*-+)/\1/p' $file)
+	body=$(sed -rn 's/(-+[A-Za-z ]*-+)([^-]*)(-+[A-Za-z ]*-+)/\2/p' $file)
+	tail=$(sed -rn 's/(-+[A-Za-z ]*-+)([^-]*)(-+[A-Za-z ]*-+)/\3/p' $file)
+	echo $head > $file
+	echo $body | sed  's/\s\+/\n/g' >> $file
+	echo $tail >> $file
+}
+
+#Modify hostname
+ip=$(ip addr show eth0|grep "inet "|tr -s ' '|cut -d ' ' -f 3|cut -d '/' -f 1)
+if [ -n "$ip" ]
+then
+	echo "Read IP address: [ IP - $ip ]"
+	sed -i -r s/"hostname = .*"/"hostname = $ip"/ $cfg
+else
+	echo "Failed to get the IP address"
+	exit 1
+fi
+
+#Handle http/https
+protocal=http
+echo "Read attribute using ovfenv: [ ssl_cert ]"
+ssl_cert=$(ovfenv -k ssl_cert)
+echo "Read attribute using ovfenv: [ ssl_cert_key ]"
+ssl_cert_key=$(ovfenv -k ssl_cert_key)
+if [ -n "$ssl_cert" ] && [ -n "$ssl_cert_key" ]
+then
+	echo "ssl_cert and ssl_cert_key are set, using HTTPS protocal"
+	protocal=https
+	sed -i -r s%"#?ui_url_protocol = .*"%"ui_url_protocol = $protocal"% $cfg
+	mkdir -p /path/to
+	echo $ssl_cert > /path/to/server.crt
+	format /path/to/server.crt
+	echo $ssl_cert_key > /path/to/server.key
+	format /path/to/server.key
+else
+	echo "ssl_cert and ssl_cert_key are not set, using HTTP protocal"
+fi
+
+for attr in "${attrs[@]}"
+do
+	echo "Read attribute using ovfenv: [ $attr ]"
+	value=$(ovfenv -k $attr)
+	
+	#ldap search password and email password can be null
+	if [ -n "$value" ] || [ "$attr" = "ldap_search_pwd" ] \
+		|| [ "$attr" = "email_password" ]
+	then
+		if [ "$attr" = ldap_search_pwd ] \
+			|| [ "$attr" = email_password ] \
+			|| [ "$attr" = db_password ] \
+			|| [ "$attr" = harbor_admin_password ]
+		then
+			bs=$(echo $value | base64)
+			#value={base64}$bs
+		fi
+		sed -i -r s%"#?$attr = .*"%"$attr = $value"% $cfg
+	fi
+done
\ No newline at end of file
diff --git a/tools/ova/script/firstboot.sh b/tools/ova/script/firstboot.sh
new file mode 100755
index 000000000..dde6da80e
--- /dev/null
+++ b/tools/ova/script/firstboot.sh
@@ -0,0 +1,43 @@
+#!/bin/bash
+set -e
+
+echo "======================= $(date)====================="
+
+export PATH=$PATH:/usr/local/bin
+
+base_dir="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
+source $base_dir/common.sh
+
+#Reset root password 
+value=$(ovfenv -k root_pwd)
+if [ -n "$value" ]
+then
+	echo "Resetting root password..."
+	printf "$value\n$value\n" | passwd root
+fi
+
+#echo "Adding rules to iptables..."
+#addIptableRules
+
+echo "Installing docker compose..."
+installDockerCompose
+
+echo "Starting docker service..."
+systemctl start docker
+
+echo "Uncompress Harbor offline instaler tar..."
+tar -zxvf $base_dir/../harbor-offline-installer*.tgz -C $base_dir/../
+
+echo "Loading images..."
+load
+
+#Configure Harbor
+echo "Configuring Harbor..."
+chmod 600 $base_dir/../harbor/harbor.cfg
+configure
+
+#Start Harbor
+echo "Starting Harbor..."
+up
+
+echo "===================================================="
\ No newline at end of file
diff --git a/tools/ova/script/start_harbor.sh b/tools/ova/script/start_harbor.sh
new file mode 100755
index 000000000..9dc967ede
--- /dev/null
+++ b/tools/ova/script/start_harbor.sh
@@ -0,0 +1,31 @@
+#!/bin/bash
+set -e
+
+workdir="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
+cd $workdir/../harbor
+
+echo "[Step 1]: preparing environment ..."
+./prepare
+
+echo "[Step 2]: starting Harbor ..."
+docker-compose -f docker-compose*.yml up -d
+
+protocol=http
+hostname=reg.mydomain.com
+
+if [[ $(cat ./harbor.cfg) =~ ui_url_protocol[[:blank:]]*=[[:blank:]]*(https?) ]]
+then
+protocol=${BASH_REMATCH[1]}
+fi
+
+if [[ $(grep 'hostname[[:blank:]]*=' ./harbor.cfg) =~ hostname[[:blank:]]*=[[:blank:]]*(.*) ]]
+then
+hostname=${BASH_REMATCH[1]}
+fi
+
+echo $"
+----Harbor has been installed and started successfully.----
+
+Now you should be able to visit the admin portal at ${protocol}://${hostname}. 
+For more details, please visit https://github.com/vmware/harbor .
+"
diff --git a/tools/ova/script/subsequentboot.sh b/tools/ova/script/subsequentboot.sh
new file mode 100755
index 000000000..ad09d8743
--- /dev/null
+++ b/tools/ova/script/subsequentboot.sh
@@ -0,0 +1,37 @@
+#!/bin/bash
+set -e
+echo "======================= $(date)====================="
+
+export PATH=$PATH:/usr/local/bin
+
+base_dir="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
+source $base_dir/common.sh
+
+#echo "Adding rules to iptables..."
+#addIptableRules
+
+#Stop Harbor
+echo "Shutting down Harbor..."
+down
+
+#Garbage collection
+value=$(ovfenv -k gc_enabled)
+if [ "$value" = "true" ]
+then
+	echo "GC enabled, starting garbage collection..."
+	#If the registry contains no images, the gc will fail.
+	#So append a true to avoid failure.
+	gc registry:2.5.0 2>&1 >> /var/log/harbor/gc.log || true
+else
+	echo "GC disabled, skip garbage collection"
+fi
+
+#Configure Harbor
+echo "Configuring Harbor..."
+configure
+
+#Start Harbor
+echo "Starting Harbor..."
+up
+
+echo "===================================================="
\ No newline at end of file