aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rwxr-xr-xbin/scotch69
-rw-r--r--kubernetes/mongodb/add-user.yaml54
2 files changed, 123 insertions, 0 deletions
diff --git a/bin/scotch b/bin/scotch
new file mode 100755
index 0000000..1da5962
--- /dev/null
+++ b/bin/scotch
@@ -0,0 +1,69 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+
+import sys
+import subprocess
+
+
+class Color:
+ bold = "\033[1m"
+ faint = "\033[2m"
+ italic = "\033[3m"
+ underline = "\033[4m"
+ blink = "\033[5m"
+ negative = "\033[7m"
+ crossed = "\033[9m"
+ reset = "\033[0m"
+ one = "\x1b[38;5;216m"
+ two = "\x1b[38;5;192m"
+ three = "\x1b[38;5;22m"
+ four = "\x1b[38;5;25m"
+ five = "\x1b[38;5;98m"
+ six = "\x1b[38;5;68m"
+ seven = "\x1b[38;5;59m"
+ eight = "\x1b[38;5;36m"
+ nine = "\x1b[38;5;202m"
+ ten = "\x1b[38;5;100m"
+ eleven = "\x1b[38;5;105m"
+ twelve = "\x1b[38;5;106m"
+ thirteen = "\x1b[38;5;96m"
+ fourteen = "\x1b[38;5;31m"
+ fifteen = "\x1b[38;5;23m"
+ sixteen = "\x1b[38;5;105m"
+
+
+def call_from_shell_list(command_list):
+ if sys.version_info < (3, 7):
+ return subprocess.run(command_list, stdout=subprocess.PIPE)
+ else:
+ return subprocess.run(command_list, capture_output=True)
+
+
+def main():
+ if len(sys.argv) < 2:
+ print("you want to run something right?\nright?")
+ sys.exit(1)
+
+ args = sys.argv[1:]
+ args.insert(0, "strace")
+ result = call_from_shell_list(args)
+ lines = result.stderr.decode("utf-8").split("\n")
+ end_line = lines[-2]
+ lines = lines[:-2]
+ for line in lines:
+ syscall = line[0 : line.find("(")]
+ sysargs = line[line.find("(") + 1 : line.find(")")].split()
+ exitvalue = line[line.find(")") + 1 :]
+ print(Color.one + syscall, end=" ")
+ print(Color.two, end=" ")
+ for arg in sysargs:
+ if arg.find("|") > 0:
+ print(Color.five, arg, end=" ")
+ else:
+ print(arg, end=" ")
+ print(Color.three + exitvalue + Color.reset)
+ print(Color.reset + Color.bold + Color.nine + end_line + Color.reset)
+
+
+if __name__ == "__main__":
+ main()
diff --git a/kubernetes/mongodb/add-user.yaml b/kubernetes/mongodb/add-user.yaml
new file mode 100644
index 0000000..df68d31
--- /dev/null
+++ b/kubernetes/mongodb/add-user.yaml
@@ -0,0 +1,54 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: mongodb-standalone
+data:
+ ensure-users.js: |
+ const targetDbStr = 'training';
+ const rootUser = cat('/etc/k8-training/admin/MONGO_ROOT_USERNAME');
+ const rootPass = cat('/etc/k8-training/admin/MONGO_ROOT_PASSWORD');
+ const usersStr = cat('/etc/k8-training/MONGO_USERS_LIST');
+ // auth against admin
+ const adminDb = db.getSiblingDB('admin');
+ adminDb.auth(rootUser, rootPass);
+ print('Successfully authenticated admin user');
+ // we'll create the users here
+ const targetDb = db.getSiblingDB(targetDbStr);
+ // user-defined roles should be stored in the admin db
+ const customRoles = adminDb
+ .getRoles({rolesInfo: 1, showBuiltinRoles: false})
+ .map(role => role.role)
+ .filter(Boolean);
+ // parse the list of users, and create each user as needed
+ usersStr
+ .trim()
+ .split(';')
+ .map(s => s.split(':'))
+ .forEach(user => {
+ const username = user[0];
+ const rolesStr = user[1];
+ const password = user[2];
+ if (!rolesStr || !password) {
+ return;
+ }
+ const roles = rolesStr.split(',');
+ const userDoc = {
+ user: username,
+ pwd: password,
+ };
+ userDoc.roles = roles.map(role => {
+ if (!~customRoles.indexOf(role)) {
+ // is this a user defined role?
+ return role; // no, it is built-in, just use the role name
+ }
+ return {role: role, db: 'admin'}; // yes, user-defined, specify the long format
+ });
+ try {
+ targetDb.createUser(userDoc);
+ } catch (err) {
+ if (!~err.message.toLowerCase().indexOf('duplicate')) {
+ // if not a duplicate user
+ throw err; // rethrow
+ }
+ }
+ });