-
Notifications
You must be signed in to change notification settings - Fork 5
/
Copy pathrender-configs.sh
executable file
·149 lines (118 loc) · 5.55 KB
/
render-configs.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
#!/bin/bash
### How to call this script
# To write secrets to tmp files:
# ./render-configs.sh (defaults to dev azure, tools RBS)
# There are three optional arguments:
# ./render-configs.sh (Azure Synapse: -a dev|integration) (RBS: -r tools|dev) (Put string of env variables in your clipboard to copy to intellij: -i)
# e.g.: ./render-configs.sh -a dev -r tools -i
# This would set azure synapse to dev, RBS to tools, and put the variables in your clipboard
# If you're running Azure Integration Tests you should use the following settings:
# ./render-configs.sh -a integration -r tools
# Then, refresh your z-shell configuration (`source ~./zshrc`) (follow getting started doc to set env variables)
# Alternatively, if you use the -i flag, it copies the environment variables to your clipboard and you can paste them into your Intellij test profile.
# ./render-configs.sh -a integration -r tools -i
# If you want a set up locally, you can use the following settings:
# ./render-configs.sh -a dev -r dev
# Then, refresh your z-shell configuration (`source ~./zshrc`)
# ./gradlew bootRun
AZURE_ENV=dev
RBS_ENV=tools
COPY_INTELLIJ_ENV_VARS=n
while getopts ":a:r:i" option; do
case $option in
a)
AZURE_ENV=$OPTARG
;;
r)
RBS_ENV=$OPTARG
;;
i)
COPY_INTELLIJ_ENV_VARS=y
;;
*)
echo "Usage: $0 [-a (dev|integration)] [-r (tools|dev)] [-i]"
exit 1
;;
esac
done
# ========================
# Azure Credentials
# ========================
# If you want to run Azure Integration tests locally, you need to point to the "integration" environment
# Options: 'dev', 'integration'
if [[ "${AZURE_ENV}" == "dev" ]]; then
AZURE_SYNAPSE_WORKSPACENAME=tdr-synapse-east-us-ondemand.sql.azuresynapse.net
elif [[ "${AZURE_ENV}" == "integration" ]]; then
AZURE_SYNAPSE_WORKSPACENAME=tdr-snps-int-east-us-ondemand.sql.azuresynapse.net
else
echo "Invalid Azure environment: $AZURE_ENV"
exit 1
fi
# writing this values to a tmp file so the value can match the set azure environment
echo $AZURE_SYNAPSE_WORKSPACENAME > "/tmp/azure-synapse-workspacename.txt"
vault read -field=tenant-id secret/dsde/datarepo/"$AZURE_ENV"/azure-application-secrets \
> "/tmp/jade-dev-tenant-id.key"
AZURE_CREDENTIALS_HOMETENANTID=$(cat "/tmp/jade-dev-tenant-id.key")
vault read -field=client-id secret/dsde/datarepo/"$AZURE_ENV"/azure-application-secrets \
> "/tmp/jade-dev-client-id.key"
AZURE_CREDENTIALS_APPLICATIONID=$(cat "/tmp/jade-dev-client-id.key")
vault read -field=client-secret secret/dsde/datarepo/"$AZURE_ENV"/azure-application-secrets \
> "/tmp/jade-dev-azure.key"
AZURE_CREDENTIALS_SECRET=$(cat "/tmp/jade-dev-azure.key")
vault read -field=synapse-sql-admin-user secret/dsde/datarepo/"$AZURE_ENV"/azure-application-secrets \
> "/tmp/jade-dev-synapse-admin-user.key"
AZURE_SYNAPSE_SQLADMINUSER=$(cat "/tmp/jade-dev-synapse-admin-user.key")
vault read -field=synapse-sql-admin-password secret/dsde/datarepo/"$AZURE_ENV"/azure-application-secrets \
> "/tmp/jade-dev-synapse-admin-password.key"
AZURE_SYNAPSE_SQLADMINPASSWORD=$(cat "/tmp/jade-dev-synapse-admin-password.key")
vault read -field=synapse-encryption-key secret/dsde/datarepo/"$AZURE_ENV"/azure-application-secrets \
> "/tmp/jade-dev-synapse-encryption-key.key"
AZURE_SYNAPSE_ENCRYPTIONKEY=$(cat "/tmp/jade-dev-synapse-encryption-key.key")
# ========================
# Google Credentials
# ========================
vault read -field=data -format=json secret/dsde/datarepo/dev/sa-key.json \
| tee /tmp/jade-dev-account.json \
| jq -r .private_key > /tmp/jade-dev-account.pem
GOOGLE_APPLICATION_CREDENTIALS=/tmp/jade-dev-account.json
GOOGLE_SA_CERT=/tmp/jade-dev-account.pem
# ========================
# Resource Buffer Service
# ========================
# By default, RBS will use the tools project. GCP projects will automatically be deleted after 1 day.
# Other option: dev - this will allow for projects to persist for longer than 1 day
if [[ "${RBS_ENV}" == "tools" ]]; then
BUFFER_CLIENT_SERVICE_ACCOUNT_VAULT_PATH=secret/dsde/terra/kernel/integration/tools/buffer/client-sa
RBS_POOLID=datarepo_v1
RBS_INSTANCEURL=https://buffer.tools.integ.envs.broadinstitute.org
elif [[ "${RBS_ENV}" == "dev" ]]; then
BUFFER_CLIENT_SERVICE_ACCOUNT_VAULT_PATH=secret/dsde/terra/kernel/dev/dev/buffer/client-sa
RBS_POOLID=datarepo_v3
RBS_INSTANCEURL=https://buffer.dsde-dev.broadinstitute.org
else
echo "Invalid RBS environment: $RBS_ENV - only 'tools' and 'dev' are supported."
exit 1
fi
# writing these values to tmp files so the value can match the set RBS environment
echo $RBS_POOLID > "/tmp/rbs-pool-id.txt"
echo $RBS_INSTANCEURL > "/tmp/rbs-instance-url.txt"
RBS_CLIENTCREDENTIALFILEPATH=/tmp/buffer-client-sa-account.json
vault read -field=key "$BUFFER_CLIENT_SERVICE_ACCOUNT_VAULT_PATH" \
| base64 -d > "$RBS_CLIENTCREDENTIALFILEPATH"
if [[ "${COPY_INTELLIJ_ENV_VARS}" == "y" ]]; then
VARIABLE_NAMES=(AZURE_SYNAPSE_WORKSPACENAME AZURE_CREDENTIALS_HOMETENANTID AZURE_CREDENTIALS_APPLICATIONID AZURE_CREDENTIALS_SECRET AZURE_SYNAPSE_SQLADMINUSER AZURE_SYNAPSE_SQLADMINPASSWORD AZURE_SYNAPSE_ENCRYPTIONKEY GOOGLE_APPLICATION_CREDENTIALS GOOGLE_SA_CERT RBS_POOLID RBS_INSTANCEURL)
# Initialize an empty string
SETTINGS=""
# Loop over the array
for VAR_NAME in "${VARIABLE_NAMES[@]}"
do
# Append the variable name and its value to the string
SETTINGS+="$VAR_NAME=${!VAR_NAME};"
done
# Copy variables to clipboard
echo $SETTINGS | pbcopy
echo "Environment variables copied to clipboard"
fi
unset AZURE_ENV
unset RBS_ENV
unset COPY_INTELLIJ_ENV_VARS