Skip to content

Commit ddc592d

Browse files
c3fotoc3foto
committed
Update App version
1 parent a4e254b commit ddc592d

8 files changed

+37
-4241
lines changed

deploy-cse-v2.0.2.sh

Lines changed: 0 additions & 573 deletions
This file was deleted.

deploy-cse-v3.0.1.sh

Lines changed: 0 additions & 615 deletions
This file was deleted.

deploy-cse-v3.0.2.sh

Lines changed: 0 additions & 602 deletions
This file was deleted.

deploy-cse-v4.0.0.sh

Lines changed: 0 additions & 602 deletions
This file was deleted.

deploy-cse-v4.0.1.sh

Lines changed: 0 additions & 607 deletions
This file was deleted.

deploy-cse-v5.0.2.sh

Lines changed: 0 additions & 607 deletions
This file was deleted.

deploy-cse-v5.1.0.sh

Lines changed: 0 additions & 612 deletions
This file was deleted.

deploy-cse-v5.2.0.sh renamed to deploy-cse-v5.5.0.sh

Lines changed: 37 additions & 23 deletions
Original file line numberDiff line numberDiff line change
@@ -4,7 +4,7 @@ EntryPoint(){
44

55
#Default Variables
66
blank=""
7-
cseVersionDefault="5.2.0"
7+
cseVersionDefault="5.4.0"
88
cseIdpProviderDefault="Google"
99
cseTakeoutClaim="cse_takeout"
1010
csePort="9000"
@@ -97,11 +97,11 @@ EntryPoint(){
9797
else
9898
InputAuthnNowLater $cseIdpOtherInputAuthnDefault
9999
if [ "$cseIdpOtherInputAuthn" = "Now" ]; then
100-
GetAuthnIssuersKey $cseAuthnIssuersKeyDefault
100+
GetAuthnIssuersKey $cseAuthnIssuersKeyDefault
101101
GetAuthnIssuersValue $cseAuthnIssuersValueDefault
102102
GetJWTAudAuthn $cseJWTAudAuthnValueDefault
103-
fi
104-
103+
fi
104+
105105
fi
106106

107107
MakeDirectories
@@ -110,6 +110,7 @@ EntryPoint(){
110110
GenerateOktaAuthnValues
111111
fi
112112
GenerateB64Variables
113+
MakeSecretsFile
113114
MakeEnv
114115
MakeRunScript
115116
clear
@@ -211,14 +212,14 @@ EntryPoint(){
211212
cseJWTAudAuthzValue="\"$cseJWTAudAuthzValueDefault\""
212213
;;
213214
esac
214-
echo " "
215+
echo " "
215216

216217

217218
}
218219

219220

220221

221-
222+
222223

223224

224225
GenerateB64Variables(){
@@ -231,15 +232,15 @@ EntryPoint(){
231232
if [ -n "${cseAuthnIssuersKey}" ]; then
232233
cseJWKSAuthnIssuers="{ $cseAuthnIssuersKey: $cseAuthnIssuersValue }"
233234
cseJWKSAuthnIssuers=$(echo $cseJWKSAuthnIssuers | base64 -w 0)
234-
235+
235236
#JWT Aud Variable
236237
cseJWTAud="{ $cseJWTAudAuthnKey: $cseJWTAudAuthnValue, $cseJWTAudAuthzKey: $cseJWTAudAuthzValue }"
237238
cseJWTAud=$(echo $cseJWTAud | base64 -w 0)
238239

239240
else
240241
cseJWKSAuthnIssuers=""
241242
fi
242-
243+
243244

244245

245246
}
@@ -258,8 +259,8 @@ EntryPoint(){
258259
;;
259260
esac
260261
echo " "
261-
262-
262+
263+
263264
}
264265

265266

@@ -278,7 +279,7 @@ EntryPoint(){
278279
esac
279280
echo " "
280281

281-
282+
282283
}
283284

284285

@@ -357,7 +358,7 @@ EntryPoint(){
357358

358359
cseCksFqdn="CKS_URL=${cksServerFqdn}"
359360
}
360-
361+
361362
GetGoogleAuthString(){
362363
local input=""
363364
read -p "Enter your Google OAuth Client ID String [$1]: " input
@@ -393,7 +394,7 @@ EntryPoint(){
393394
esac
394395
echo " "
395396
}
396-
397+
397398
GetAuthnIssuersValue(){
398399
local input=""
399400
read -p "Enter your AuthN Value [$1]: " input
@@ -411,7 +412,7 @@ EntryPoint(){
411412
esac
412413
echo " "
413414
}
414-
415+
415416
GetOktaDomain(){
416417
local input=""
417418
read -p "Enter your Okta Domain Value [$1]: " input
@@ -429,8 +430,8 @@ EntryPoint(){
429430
esac
430431
echo " "
431432
}
432-
433-
433+
434+
434435
GetJWTAudAuthn(){
435436
local input=""
436437
read -p "Enter your JWT AuthN Value [$1]: " input
@@ -448,8 +449,8 @@ EntryPoint(){
448449
esac
449450
echo " "
450451
}
451-
452-
452+
453+
453454
InputAuthnNowLater(){
454455
local input=""
455456
echo "Enter AuthN Now?"
@@ -498,7 +499,19 @@ EntryPoint(){
498499
cseAuthnIssuersKey="\"https://$cseOktaDomain/oauth2/default\""
499500
cseAuthnIssuersValue="\"https://$cseOktaDomain/oauth2/default/v1/keys\""
500501
}
502+
MakeSecretsFile(){
503+
secretsFile=/var/virtru/cse/secrets.json
504+
505+
501506

507+
/bin/cat <<EOM >$secretsFile
508+
{"active":"secret-key","secrets":[{"name":"secret-key","value":"$cseStandaloneSecretKeyValue"}]}
509+
EOM
510+
511+
chmod 646 /var/virtru/cse/secrets.json
512+
513+
}
514+
502515
MakeEnv(){
503516
envFile=/var/virtru/cse/cse.env
504517

@@ -510,7 +523,7 @@ EntryPoint(){
510523

511524

512525
/bin/cat <<EOM >$envFile
513-
526+
514527
HMAC_TOKEN_ID=$cseHMACTokenId
515528
HMAC_TOKEN_SECRET=$cseHMACTokenSecret
516529
$cseCksHmacId
@@ -526,13 +539,14 @@ $cseCksFqdn
526539
PORT=$csePort
527540
USE_SSL=true
528541
$cseCksUserEnv
529-
$cseSecretKeyEnvValue
542+
#$cseSecretKeyEnvValue
543+
SECRET_KEYS_PATH=/app/cse/secrets.json
530544
#The values below are only used for customer hosted EKM
531545
#EKM_JWT_AUTH_ISSUERS=aHR0cDovL2xvY2FsaG9zdDo5MDAwLGh0dHA6Ly9sb2NhbGhvc3Q6OTAwMC93aXRoL2EvcGF0aCxodHRwOi8vZmFrZUlzc3VlcixodHRwczovL2FjY291bnRzLmdvb2dsZS5jb20=
532546
#Base 64 encoded value of EKM Audience URL that the customer is using as the FQDN
533547
#EKM_AUDIENCE=
534548
#EKM_SUPPORTED_SIGNING_ALGS=RS265
535-
549+
536550
EOM
537551

538552
}
@@ -552,11 +566,11 @@ docker run --detach \\
552566
-p 443:$csePort \\
553567
-v /var/virtru/cse/server.cert:/run/secrets/server.cert \\
554568
-v /var/virtru/cse/server.key:/run/secrets/server.key \\
569+
-v /var/virtru/cse/secrets.json:/app/cse/secrets.json \\
555570
--restart unless-stopped \\
556571
--name cse-$cseVersion \\
557572
virtru/cse:v$cseVersion
558573

559-
560574
EOM
561575

562576
chmod +x $runScript
@@ -565,7 +579,7 @@ chmod +x $runScript
565579

566580

567581

568-
582+
569583
ShowLogo() {
570584
echo " "
571585
echo " +++ '++."

0 commit comments

Comments
 (0)