samply
/
bridgehead
mirror of https://github.com/samply/bridgehead.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

refactor: Use jq from docker

This commit is contained in:
janskiba 2024-01-31 09:21:19 +00:00 committed by juarez
parent 92a1f4bb59
commit 01d3a38e18
2 changed files with 10 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
ccp/modules/datashield-setup.sh
View File

@ -17,17 +17,18 @@ if [ "$ENABLE_DATASHIELD" == true ]; then
chmod g+r /tmp/bridgehead/opal-key.pem chmod g+r /tmp/bridgehead/opal-key.pem
fi fi
mkdir -p /tmp/bridgehead/opal-map mkdir -p /tmp/bridgehead/opal-map
jq -n '{"sites": input | map({ sites="$(cat ./$PROJECT/modules/datashield-mappings.json)"
echo "$sites" | docker_jq -n --args '{"sites": input | map({
"name": ., "name": .,
"id": ., "id": .,
"virtualhost": "\(.):443", "virtualhost": "\(.):443",
"beamconnect": "datashield-connect.\(.).'"$BROKER_ID"'" "beamconnect": "datashield-connect.\(.).'"$BROKER_ID"'"
})}' ./$PROJECT/modules/datashield-mappings.json > /tmp/bridgehead/opal-map/central.json })}' $sites > /tmp/bridgehead/opal-map/central.json
jq -n '[{ echo "$sites" | docker_jq -n --args '[{
"external": "'"$SITE_ID"':443", "external": "'"$SITE_ID"':443",
"internal": "opal:8443", "internal": "opal:8443",
"allowed": input | map("datashield-connect.\(.).'"$BROKER_ID"'") "allowed": input | map("datashield-connect.\(.).'"$BROKER_ID"'")
}]' ./$PROJECT/modules/datashield-mappings.json > /tmp/bridgehead/opal-map/local.json }]' > /tmp/bridgehead/opal-map/local.json
chown -R bridgehead:docker /tmp/bridgehead/ chown -R bridgehead:docker /tmp/bridgehead/*
add_private_oidc_redirect_url "/opal/*" add_private_oidc_redirect_url "/opal/*"
fi fi

4
lib/functions.sh
View File

@ -345,3 +345,7 @@ generate_simple_password(){
local combined_text="This is a salt string to generate one consistent password for ${seed_text}. It is not required to be secret." local combined_text="This is a salt string to generate one consistent password for ${seed_text}. It is not required to be secret."
echo "${combined_text}" | openssl rsautl -sign -inkey "/etc/bridgehead/pki/${SITE_ID}.priv.pem" 2> /dev/null | base64 | head -c 26 | sed 's/[+\/]/A/g' echo "${combined_text}" | openssl rsautl -sign -inkey "/etc/bridgehead/pki/${SITE_ID}.priv.pem" 2> /dev/null | base64 | head -c 26 | sed 's/[+\/]/A/g'
} }
docker_jq() {
docker run --rm -i docker.verbis.dkfz.de/cache/jqlang/jq:1.7 "$@"
}