Remove set -x from exporter scripts and htk s3 user script

This removes set -x from the templates for the user creation
scripts for the mariadb and postgresql user templates, and it
also removes the set -x from the helm-toolkit job for creating
s3 users. This prevents sensitive credentials from being
displayed to the console when these scripts are run

Change-Id: I0a78d8190fbbae1b300b74ca560d76dedaaf6fc1
This commit is contained in:
Steve Wilkerson 2019-02-19 13:27:49 -06:00
parent ded99204b2
commit 70e5769900
3 changed files with 6 additions and 5 deletions

View File

@ -17,9 +17,10 @@ limitations under the License.
{{- define "helm-toolkit.scripts.create_s3_user" }} {{- define "helm-toolkit.scripts.create_s3_user" }}
#!/bin/bash #!/bin/bash
set -ex set -e
function create_s3_user () { function create_s3_user () {
echo "Creating s3 user and key pair"
radosgw-admin user create \ radosgw-admin user create \
--uid=${S3_USERNAME} \ --uid=${S3_USERNAME} \
--display-name=${S3_USERNAME} \ --display-name=${S3_USERNAME} \
@ -37,7 +38,7 @@ function update_s3_user () {
for access_key in $old_access_keys; do for access_key in $old_access_keys; do
# If current access key is the same as the key supplied, do nothing. # If current access key is the same as the key supplied, do nothing.
if [ "$access_key" == "${S3_ACCESS_KEY}" ]; then if [ "$access_key" == "${S3_ACCESS_KEY}" ]; then
echo "Current key pair exists." echo "Current user and key pair exists."
continue continue
else else
# If keys differ, remove previous key # If keys differ, remove previous key
@ -54,7 +55,7 @@ function update_s3_user () {
# If the supplied key does not exist, modify the user # If the supplied key does not exist, modify the user
if [[ -z ${current_access_key} ]]; then if [[ -z ${current_access_key} ]]; then
# Modify user with new access and secret keys # Modify user with new access and secret keys
echo "Updating key pair" echo "Updating existing user's key pair"
radosgw-admin user modify \ radosgw-admin user modify \
--uid=${S3_USERNAME}\ --uid=${S3_USERNAME}\
--access-key ${S3_ACCESS_KEY} \ --access-key ${S3_ACCESS_KEY} \

View File

@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
limitations under the License. limitations under the License.
*/}} */}}
set -ex set -e
mysql --defaults-file=/etc/mysql/admin_user.cnf -e \ mysql --defaults-file=/etc/mysql/admin_user.cnf -e \
"CREATE OR REPLACE USER '${EXPORTER_USER}'@'%' IDENTIFIED BY '${EXPORTER_PASSWORD}'; \ "CREATE OR REPLACE USER '${EXPORTER_USER}'@'%' IDENTIFIED BY '${EXPORTER_PASSWORD}'; \

View File

@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
limitations under the License. limitations under the License.
*/}} */}}
set -ex set -e
psql "postgresql://${ADMIN_USER}:${ADMIN_PASSWORD}@${POSTGRESQL_HOST_PORT}?sslmode=disable" << EOF psql "postgresql://${ADMIN_USER}:${ADMIN_PASSWORD}@${POSTGRESQL_HOST_PORT}?sslmode=disable" << EOF
CREATE USER ${EXPORTER_USER} WITH PASSWORD '${EXPORTER_PASSWORD}'; CREATE USER ${EXPORTER_USER} WITH PASSWORD '${EXPORTER_PASSWORD}';