From f7fb6d5142ee69755cb240e481cd4438986931a2 Mon Sep 17 00:00:00 2001 From: anastasia prasolova Date: Thu, 3 Nov 2022 15:13:05 +0300 Subject: [PATCH] [#235]: Suppress output of certificates generation on `make up` Signed-off-by: anastasia prasolova --- Makefile | 5 +++-- services/nats/artifacts.mk | 2 +- services/storage/artifacts.mk | 17 ++--------------- services/storage/generate_cert.sh | 26 ++++++++++++++++++++++++++ 4 files changed, 32 insertions(+), 18 deletions(-) create mode 100755 services/storage/generate_cert.sh diff --git a/Makefile b/Makefile index 672f931..6e0ca96 100644 --- a/Makefile +++ b/Makefile @@ -75,8 +75,9 @@ up/basic: up/bootstrap .PHONY: up/bootstrap up/bootstrap: get vendor/hosts @$(foreach SVC, $(START_BOOTSTRAP), $(shell docker-compose -f services/$(SVC)/docker-compose.yml up -d)) - @./vendor/neofs-adm --config neofs-adm.yml morph init --alphabet-wallets ./services/ir --contracts vendor/contracts || exit 1 - @for f in ./services/storage/wallet*.json; do echo "Transfer GAS to wallet $${f}" && ./vendor/neofs-adm -c neofs-adm.yml morph refill-gas --storage-wallet $${f} --gas 10.0 --alphabet-wallets services/ir || exit 1; done + @source ./bin/helper.sh + @./vendor/neofs-adm --config neofs-adm.yml morph init --alphabet-wallets ./services/ir --contracts vendor/contracts || die "Failed to initialize Alphabet wallets" + @for f in ./services/storage/wallet*.json; do echo "Transfer GAS to wallet $${f}" && ./vendor/neofs-adm -c neofs-adm.yml morph refill-gas --storage-wallet $${f} --gas 10.0 --alphabet-wallets services/ir || die "Failed to transfer GAS to alphabet wallets"; done @echo "NeoFS sidechain environment is deployed" # Build up certain service diff --git a/services/nats/artifacts.mk b/services/nats/artifacts.mk index 83a3bc9..b66cebf 100644 --- a/services/nats/artifacts.mk +++ b/services/nats/artifacts.mk @@ -4,4 +4,4 @@ NATS_DIR=$(abspath services/nats) get.nats: @echo "⇒ Creating certs for NATS server and clients" - ${NATS_DIR}/generate_cert.sh ${LOCAL_DOMAIN} + ${NATS_DIR}/generate_cert.sh ${LOCAL_DOMAIN} > /dev/null diff --git a/services/storage/artifacts.mk b/services/storage/artifacts.mk index af80ff1..7132ac1 100644 --- a/services/storage/artifacts.mk +++ b/services/storage/artifacts.mk @@ -1,20 +1,7 @@ # Create new TLS certs to NeoFS node -CURRENT_DIR=$(dir $(abspath $(lastword $(MAKEFILE_LIST)))) -STORAGE_DIR=$(patsubst %/,%,$(CURRENT_DIR)) -SSL_CONFIG:=$(shell mktemp) +STORAGE_DIR=$(abspath services/storage) get.storage: @echo "⇒ Creating TLS certs to NeoFS node" - @(echo "[req]"; \ - echo "distinguished_name=req"; \ - echo "req_extensions=san"; \ - echo "[san]"; \ - echo "subjectAltName=DNS:s04.${LOCAL_DOMAIN}") > ${SSL_CONFIG} - @echo $(test -e "${STORAGE_DIR}/s04tls.key" && echo true) - @if [ ! -e "${STORAGE_DIR}/s04tls.key" ]; then \ - openssl req -new -newkey rsa:4096 -x509 -sha256 -days 365 -nodes \ - -subj "/C=RU/ST=SPB/L=St.Petersburg/O=NSPCC/OU=NSPCC/CN=s04.${LOCAL_DOMAIN}" \ - -keyout "${STORAGE_DIR}/s04tls.key" -out "${STORAGE_DIR}/s04tls.crt" \ - -extensions san -config "${SSL_CONFIG}" ; \ - fi + ${STORAGE_DIR}/generate_cert.sh ${LOCAL_DOMAIN} > /dev/null diff --git a/services/storage/generate_cert.sh b/services/storage/generate_cert.sh new file mode 100755 index 0000000..ddc7aa1 --- /dev/null +++ b/services/storage/generate_cert.sh @@ -0,0 +1,26 @@ +#!/bin/bash + +source bin/helper.sh + +WORKDIR=$(dirname "$0") +LOCAL_DOMAIN=$1 +SSL_CONFIG=$(mktemp) +CERT="${WORKDIR}/s04tls.crt" +KEY="${WORKDIR}/s04tls.key" + + +if [[ ! -f ${CERT} ]]; then + ( + echo "[req]"; \ + echo "distinguished_name=req"; \ + echo "req_extensions=san"; \ + echo "[san]"; \ + echo "subjectAltName=DNS:s04.${LOCAL_DOMAIN}" + ) > ${SSL_CONFIG} + + openssl req -new -newkey rsa:4096 -x509 -sha256 -days 365 -nodes \ + -subj "/C=RU/ST=SPB/L=St.Petersburg/O=NSPCC/OU=NSPCC/CN=s04.${LOCAL_DOMAIN}" \ + -keyout "${KEY}" -out "${CERT}" -extensions san -config "${SSL_CONFIG}" &> /dev/null || { + die "Failed to generate SSL certificate for s04" + } +fi