I need to replace some value of configmap.yaml and I have to automate it through shell script. How to do this?
In my case, some line of config.YAML file is
"ABC_KEY" : "*******"
While I am automating the total installation process, it got stuck with an error:
error: error parsing yamlfiles/configMap.yaml: error converting YAML to JSON: yaml: line 22: did not find the expected key"
What I want while I run the shell script to automate the installation process and it applies the config.YAML file, is that it asks me some value of the specific key and I will manually enter the value. Then it should run and complete the automation of installation process
Input YAML file:
SECRET_KEY: "******""
JWT_KEY: "********"
SFTP_PWD: "*********"
In the shell script I am executing this command:
kubectl apply -f yamlfiles/configMap.yaml
After running the kubectl command, I want it to ask me the value of those keys so that I can manually enter the value then the apply of configmap will be fulfilled. Is it possible?
Related
For background: I'm attempting to automate steps to provision and create a multitude of Logstash processes within Ansible, but want to ensure the steps and configuration work manually before automating the process.
I have installed Logstash as per Elastic's documentation (its an RPM installation), and have it correctly shipping logs to my ES instance without issue. Elasticsearch and Logstash are both v7.12.0.
Following the keystore docs, I've created a /etc/sysconfig/logstash file and have set the permissions to the file to 0600. I've added the LOGSTASH_KEYSTORE_PASS key to the file to use as the environment variable sourced by the keystore command on creation and reading of the keystore itself.
Upon running the sudo /usr/share/logstash/bin/logstash-keystore --path.settings /etc/logstash create command, the process spits back the following error:
WARNING: The keystore password is not set.
Please set the environment variable `LOGSTASH_KEYSTORE_PASS`.
Failure to do so will result in reduced security.
Continue without password protection on the keystore? [y/N]
This should not be the case, as the keystore process should be sourcing my password env var from the aforementioned file. Has anyone experienced a similar issue, and if so, how did you solve it?
This is expected, the file /etc/sysconfig/logstash will be read only when you start logstash as a service, not when you run it from command line.
To create the keystore you will need to export the variable with the password first, as explained in the documentation.
set +o history
export LOGSTASH_KEYSTORE_PASS=mypassword
set -o history
sudo -E /usr/share/logstash/bin/logstash-keystore --path.settings /etc/logstash create
After that, when you start logstash as a service it will read the variable from the /etc/sysconfig/logstash file.
1 - you should write your password for KEYSTORE itself.
It is under config/startup-options.
E.g. LOGSTASH_KEYSTORE_PASS=mypassword (without export)
2 - Then you should use the Keystore password to create your keystore file.
set +o history
export LOGSTASH_KEYSTORE_PASS=mypassword
set -o history
..logstash/bin/logstash-keystore --path.settings ../logstash create
Note: logstash-keystore and logstash.keystore are different things. you created the one with dot. It is in config/.. directory where your startup.options is.
History command is to hide your password to be seen. Because if somebody uses "history" to list all the commands used previously, they can see your password.
3 - Then you can add your first password into keystore file. You should give your keystore password beforehand.
set +o history
export LOGSTASH_KEYSTORE_PASS=mypassword
set -o history
./bin/logstash-keystore add YOUR_KEY
Then it will ask for your VALUE. If you do not give your keystore password, you get an error: Found a file at....but it's not a valid Logstash keystore
4 - Once you give your password. You can list the content of your keystore file, or remove. Replace "list" with "remove".
./bin/logstash-keystore list
I am able to make the code works for me in command line but what I am trying to achieve is a bit more and I am not getting how to achieve that.
For Example, I have a string MySQL Server#db1com:1111 And this contained hostname is db1.com.
Instead of copying only hostname everytime, I am using javascript functionality to extract the hostname only, I mean as below
function getHostname() {
dbiNode = process.argv.slice(2).toString();
hostname = dbiNode.split(/[#:]/)[1];
console.log(hostname)
}
getHostname()
And for now to automatically SSH I am using below command
ssh "$(node gethostname.js "MySQL Server#db1:1111")""
And it works with out any issue. What I am trying to achieve here is if I type "MySQL Server#db1:1111" in terminal, somehow I need to make my bash execute function via .bashrc where I can handle extracting hostname and SSH into that.
But how, I am not getting.
Any reference links/suggestions greatly appreciated.
You don't need node here, just add the following to your .bashrc
MySQL() {
host="${1##*#}" # remove everything before #
host="${host%%:*}" # remove everything after :
ssh "$host"
}
I am writing a bash script on a machine without expect.
The script automates the build of a helm (v2.9.1) chart.
I've got to the part in the script where it runs a
helm package --sign --key 'mykey' --keyring 'path/to/keyring' -d chartdir chart
and because helm prompts for the passphrase of the gpg key I created in order to use provenance files (a requirement), I cannot script around the soliciting of the passphrase, which I would like to prompt for separately as the script is part of a CI/CD build chain.
I have tried using
yes $promptedPassPhrase | helm package --sign...
and I got
xrealloc: cannot allocate 18446744071562067968 bytes (237568 bytes allocated)
I also tried plain old
echo $promptedPassPhrase | helm package --sign...
and I got
Error: inappropriate ioctl for device
I also tried script and got the same response. As I do not have expect on the server, I cannot expect my way round it, so I'm stumped as to how to automate the helm package command and am not going to use a key without a passphrase as it is bad practice.
I don't know how long this has been the case, or exactly which versions this works on, but this doc page says:
If your PGP private key has a passphrase, [...] You can set the HELM_KEY_PASSPHRASE environment variable to that passphrase in case you don't want to be prompted to enter the passphrase.
This works for me on v2.13.1. It looks like it was added in October of 2018, so my guess is that it was first available in v2.12.0-rc.1.
Although this doesn't directly answer the OP's question (since they asked about v2.9.1), it will hopefully help anyone who ends up here because they (like me the first time round) missed that line in the doc.
I am new to unix and scripting, need your help for the below scenario.
These are the contents of my .sh file
#!/bin/bash
usrun xyz
whoami
When I am calling this bash file from putty its asking me for my xyz user's password some other information to properly log in the xyz user.
After successfully login, the $ sign in putty changes to #### xyz$, so I am guessing its opening a new session for the xyz user.
However, after that, the whoami command is not getting executed. Only after I type exit the whoami command is getting executed.
why is this happening? How to execute the whoami command after successful authentication of xyz user?
The #### represents the last four digits of my server to which I am currently connected to via putty.
The usrun command without any parameters blocks the execution of the bash script. Thus, until the command is not finished (when you type exit), the next command (whoami) is not executed.
If you want to login into the machine and execute a command you should try:
#!/bin/bash
usrun -u xyz whoami
The -u option allows you to specify the user and next you can provide the command to execute.
If you want to execute more than one command in the remote machine using Putty I suggest you to follow something similar to this post:
https://superuser.com/questions/1103873/how-to-type-commands-in-putty-by-creating-batch-file
I have a shell provisioning script that invokes a command that requires user input - but when I run vagrant provision, the process hangs at that point in the script, as the command is waiting for my input, but there is nowhere to give it. Is there any way around this - i.e. to force the script to run in some interactive mode?
The specifics are that I creating a clean Ubuntu VM, and then invoking the Heroku CLI to download a database backup (this is in my provisioning script):
curl -o /tmp/db.backup `heroku pgbackups:url -a myapp`
However, because this is a clean VM, and therefore this is the first time that I have run an Heroku CLI command, I am prompted for my login credentials. Because the script is being managed by Vagrant, there is no interactive shell attached, and so the script just hangs there.
If you want to pass temporary input or variables to a Vagrant script, you can have them enter their credentials as temporary environment variables for that command by placing them first on the same line:
username=x password=x vagrant provision
and access them from within Vagrantfile as
$u = ENV['username']
$p = ENV['password']
Then you can pass them as an argument to your bash script:
config.vm.provision "shell" do |s|
s.inline: "echo username: $1, password: $2"
s.args: [$u, $p]
end
You can install something like expect in the vm to handle passing those variables to the curl command.
I'm assuming you don't want to hard code your credentials in plain text thus trying to force an interactive mode.
Thing is just as you I don't see such option in vagrant provision doc ( http://docs.vagrantup.com/v1/docs/provisioners/shell.html ) so one way or another you need to embed the authentication within your script.
Have you thought about using something like getting a token and use the heroku REST Api instead of the CLI?
https://devcenter.heroku.com/articles/authentication