Skip to content

Commit

Permalink
Stop reading ironic API passwords from env vars
Browse files Browse the repository at this point in the history
Signed-off-by: Mahnoor Asghar <[email protected]>
  • Loading branch information
MahnoorAsghar committed Mar 27, 2024
1 parent 2bfb898 commit 1466ea4
Showing 1 changed file with 32 additions and 3 deletions.
35 changes: 32 additions & 3 deletions scripts/auth-common.sh
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,6 @@

set -euxo pipefail

export IRONIC_HTPASSWD=${IRONIC_HTPASSWD:-${HTTP_BASIC_HTPASSWD:-}}
export INSPECTOR_HTPASSWD=${INSPECTOR_HTPASSWD:-${HTTP_BASIC_HTPASSWD:-}}
export IRONIC_REVERSE_PROXY_SETUP=${IRONIC_REVERSE_PROXY_SETUP:-false}
export INSPECTOR_REVERSE_PROXY_SETUP=${INSPECTOR_REVERSE_PROXY_SETUP:-false}

Expand All @@ -15,7 +13,38 @@ else
fi

IRONIC_HTPASSWD_FILE=/etc/ironic/htpasswd
if [[ -f "/auth/ironic/username" ]]; then
read -r IRONIC_HTPASSWD_USERNAME<"/auth/ironic/username"
fi
IRONIC_HTPASSWD_USERNAME=${IRONIC_HTPASSWD_USERNAME:-}
if [[ -f "/auth/ironic/password" ]]; then
read -r IRONIC_HTPASSWD_PASSWORD<"/auth/ironic/password"
fi
IRONIC_HTPASSWD_PASSWORD=${IRONIC_HTPASSWD_PASSWORD:-}
if [[ -n "${IRONIC_HTPASSWD_USERNAME}" ]]; then
IRONIC_HTPASSWD="$(htpasswd -n -b -B "${IRONIC_HTPASSWD_USERNAME}" "${IRONIC_HTPASSWD_PASSWORD}")"
fi
IRONIC_HTPASSWD=${IRONIC_HTPASSWD:-${HTTP_BASIC_HTPASSWD:-}}
if [[ -n "${IRONIC_HTPASSWD}" ]]; then
export IRONIC_HTPASSWD
fi

INSPECTOR_HTPASSWD_FILE=/etc/ironic-inspector/htpasswd
if [[ -f "/auth/inspector/username" ]]; then
read -r INSPECTOR_HTPASSWD_USERNAME<"/auth/inspector/username"
fi
INSPECTOR_HTPASSWD_USERNAME=${INSPECTOR_HTPASSWD_USERNAME:-}
if [[ -f "/auth/inspector/password" ]]; then
read -r INSPECTOR_HTPASSWD_PASSWORD<"/auth/inspector/password"
fi
INSPECTOR_HTPASSWD_PASSWORD=${INSPECTOR_HTPASSWD_PASSWORD:-}
if [[ -n "${INSPECTOR_HTPASSWD_USERNAME}" ]]; then
INSPECTOR_HTPASSWD="$(htpasswd -n -b -B "${INSPECTOR_HTPASSWD_USERNAME}" "${INSPECTOR_HTPASSWD_PASSWORD}")"
fi
INSPECTOR_HTPASSWD=${INSPECTOR_HTPASSWD:-${HTTP_BASIC_HTPASSWD:-}}
if [[ -n "${INSPECTOR_HTPASSWD}" ]]; then
export INSPECTOR_HTPASSWD
fi

configure_client_basic_auth()
{
Expand Down Expand Up @@ -71,4 +100,4 @@ write_htpasswd_files()
if [[ -n "${INSPECTOR_HTPASSWD:-}" ]]; then
printf "%s\n" "${INSPECTOR_HTPASSWD}" > "${INSPECTOR_HTPASSWD_FILE}"
fi
}
}

0 comments on commit 1466ea4

Please sign in to comment.