Skip to content

Commit

Permalink
Merge pull request #406 from imperva/cpapke/use-mongosh-as-needed
Browse files Browse the repository at this point in the history
use the existing mongo shell binary
  • Loading branch information
jsonar-cpapke authored Apr 30, 2024
2 parents 5050af5 + fdd99c8 commit 3c7fc91
Showing 1 changed file with 10 additions and 5 deletions.
15 changes: 10 additions & 5 deletions modules/aws/sonar-base-instance/setup.tftpl
Original file line number Diff line number Diff line change
Expand Up @@ -249,11 +249,16 @@ function install_access_tokens() {
issuer="terraform"
time=$(date -u +"%Y-%m-%dT%H:%M:%S.000Z")

CERT_AS_PASSWD=$(cat "$JSONAR_LOCALDIR"/ssl/client/admin/cert.pem | awk -vORS="\\\n" '1')
MONGO_URI="$(JSONAR_LOCALDIR="$JSONAR_LOCALDIR" "$JSONAR_BASEDIR/bin/python3" -c "from python_commons.sonarw import admin_uri; print(admin_uri())")"
if [[ -f "$JSONAR_BASEDIR/bin/mongosh" ]]; then
MONGO_BINARY="$JSONAR_BASEDIR/bin/mongosh"
else
MONGO_BINARY="$JSONAR_BASEDIR/bin/mongo"
fi

$JSONAR_BASEDIR/bin/mongo --quiet --port 27117 --authenticationMechanism PLAIN --authenticationDatabase '$external' -u 'CN=admin' -p"$CERT_AS_PASSWD" <<__EOF__
"$MONGO_BINARY" "$MONGO_URI" --quiet <<__EOF__
use admin
db.system.users.save({ "_id" : "admin.$client_id", "user" : "$client_id", "db" : "admin", "userId" : "$user_id", "roles" : [ { "db" : "admin", "role" : "root" } ] })
db.system.users.insertOne({ "_id" : "admin.$client_id", "user" : "$client_id", "db" : "admin", "userId" : "$user_id", "roles" : [ { "db" : "admin", "role" : "root" } ] })
__EOF__

%{ for token_value in access_tokens_array }
Expand All @@ -265,9 +270,9 @@ __EOF__
echo "access_token is empty"
exit 1
fi
$JSONAR_BASEDIR/bin/mongo --quiet --port 27117 --authenticationMechanism PLAIN --authenticationDatabase '$external' -u 'CN=admin' -p"$CERT_AS_PASSWD" <<__EOF__
"$MONGO_BINARY" "$MONGO_URI" --quiet <<__EOF__
use admin
db.studio_auth_token.save({ "tid" : "$access_token", "issuer" : "$issuer", "subject" : "$client_id", "issuedAt" : ISODate("$time"), "startDate" : ISODate("$time"), "revoked" : false, "reason" : "$reason", "grants" : $scopes })
db.studio_auth_token.insertOne({ "tid" : "$access_token", "issuer" : "$issuer", "subject" : "$client_id", "issuedAt" : ISODate("$time"), "startDate" : ISODate("$time"), "revoked" : false, "reason" : "$reason", "grants" : $scopes })
__EOF__
%{ endfor ~}
fi
Expand Down

0 comments on commit 3c7fc91

Please sign in to comment.