From c76c8b25173cb0d47c4aa2ada537a620794cb3ec Mon Sep 17 00:00:00 2001 From: Lockszmith Date: Sun, 27 Aug 2023 15:00:11 -0400 Subject: [PATCH] Modified tcdbinfo to extract superadmin credentials --- tcdbinfo.sh | 110 +++++++++++++++++++++++++++++++++++++++------------- 1 file changed, 83 insertions(+), 27 deletions(-) diff --git a/tcdbinfo.sh b/tcdbinfo.sh index 82115e9..d4af1ea 100755 --- a/tcdbinfo.sh +++ b/tcdbinfo.sh @@ -7,12 +7,11 @@ USER_HOME=$HOME set -e JSON=0 -if [[ $# -gt 0 && "$1" =~ ^-- ]]; then - if [[ "$1" == "--help" ]]; then - cat <] [app1] [app...] + sudo ./tcdbinfo.sh [--json|--cols=] [--force] [app1] [app...] Description: When running the script (as root) without any arguments, it will list @@ -58,15 +57,37 @@ Description: environment variable USAGE - exit 0 - elif [[ "$1" == "--json" ]]; then - JSON=1 - elif [[ "$1" =~ ^--cols ]]; then - [[ "$1" =~ ^--cols= ]] || shift - TCDBCOLS="${1#--cols=}" + exit 0 +fi + +ARGS=() +ARGS_MODE=1 +ALL=0 +while [[ -n "$1" ]]; do + if [[ "$ARGS_MODE" -eq 1 && "$1" =~ ^-- ]]; then + case "$1" in + "--json") + JSON=1 + ;; + "--cols"*) + [[ "$1" =~ ^--cols= ]] || shift + TCDBCOLS="${1#--cols=}" + ;; + "--force") + ALL=1 + ;; + "--") + ARGS_MODE='--' + ;; + *) + ARGS=("${ARGS[@]}" "$1") + esac + else + ARGS=("${ARGS[@]}" "$1") fi shift -fi +done + TCDBCOLS="${TCDBCOLS:-default}" case "$TCDBCOLS" in 'default' ) @@ -83,27 +104,60 @@ esac require_root QUERY_NAMESPACE=' -A' -[[ $# -eq 0 ]] || QUERY_NAMESPACE=$( printf -- ' --namespace=ix-%s' "${@}" ) +[[ ${#ARGS[@]} -eq 0 ]] || QUERY_NAMESPACE=$( printf -- ' --namespace=ix-%s' "${ARGS[@]}" ) jqcode=' -.items[] | select(.metadata.name|test("(dbcreds|cnpg-main-urls)$$")) +.items[] | select(.metadata.name|test("(dbcreds|cnpg-main-urls|-superuser)$$")) | { "name": .metadata.namespace, - "app": .metadata.labels."app.kubernetes.io/instance", - "url": (if .data.url != null then .data.url else .data.std end) | @base64d, + "app": ( + if .metadata.labels."app.kubernetes.io/instance" != null then + .metadata.labels."app.kubernetes.io/instance" + else + .metadata.labels."cnpg.io/cluster" + end + ), + "url": ( + if .data.url != null then + .data.url | @base64d + elif .data.std != null then + .data.std | @base64d + else { + "protocol": "", + "username": .data.username | @base64d, + "password": .data.password | @base64d, + "passwordlen": .data.password | @base64d | length, + "host": "", + "port": "", + "dbname": "" + } end) + ,"raw": . +} | { + "name": .name, + "app": .app, + "url": ( + if (.url|type) == "object" then + "" + else + .url + end + ), "data": ( - (if .data.url != null then .data.url else .data.std end) | - @base64d | - match("(.*)://(.+):(.+)@([^:]+)(:(\\d+))?/(.*)$") | .captures | { - "protocol": .[0].string, - "username": .[1].string, - "password": .[2].string, - "passwordlen": .[2].string | length, - "host": .[3].string, - "safeport": .[4].string, - "port": .[5].string, - "dbname": .[6].string, - } + if (.url|type) == "object" then + .url + else + .url | + match("(.*)://(.+):(.+)@([^:]+)(:(\\d+))?/(.*)$") | .captures | { + "protocol": .[0].string, + "username": .[1].string, + "password": .[2].string, + "passwordlen": .[2].string | length, + "host": .[3].string, + "safeport": .[4].string, + "port": .[5].string, + "dbname": .[6].string, + } + end ) } | { "name": .name, @@ -120,6 +174,8 @@ jqcode=' } ' +[[ "$ALL" -eq 1 ]] || jqcode="$jqcode | select( .raw_url != \"\" )" + json_results=$( <<<"${QUERY_NAMESPACE}" \ xargs -n1 k3s kubectl \