Skip to content

Commit

Permalink
Update set up script, adjust README accordingly
Browse files Browse the repository at this point in the history 
Signed-off-by: Avery Blanchard <[email protected]>
  • Loading branch information
Avery Blanchard committed Jul 20, 2022
1 parent 28adc09 commit 92bf857
Show file tree
Hide file tree
Showing 2 changed files with 27 additions and 19 deletions.
15 changes: 4 additions & 11 deletions keylime-ansible-gcp/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,18 +28,11 @@ Example:
[defaults]
private_key_file = /home/.ssh/my_gcp_key
```
9. Add values to the environment variables in set_env_var.sh and run the script. \
`. set_env_var.sh`
9.Run the script to set up the environment.
```
#!/bin/sh
export GCP_PROJECT= # ID of GCP project
export GCP_CRED_KIND="serviceaccount"
export GCP_CRED_FILE= # path to service account file
export GCP_CRED_EMAIL= # service account email
export GCP_ZONE= # zone for GCP instance, ex "northamerica-northeast1-a"
export GCP_REGION= # region for GCP instance, ex "northamerica-northeast1"
Warning: this script parses the GCP service account credential file for the email and project ID.
Usage: . set_env_var.sh <path to JSON cred file> <GCP region> <GCP zone>
```
Note: the project name is sometimes different from the project ID, check the ID to confirm. Otherwise errors will occur.
## Usage
Run the playbook to create and set up an instance.

Expand All @@ -51,7 +44,7 @@ ansible-playbook playbook.yml -e "custom-config=True"

Otherwise, run the playbook with the flag ` -e "custom-config=False"`. This will generate an allowlist and include a default excludes list.
```bash
ansible-playbook playbook.yml -e "custom-config='False'"
ansible-playbook playbook.yml -e "custom-config=False"
```

## Getting started with Keylime
Expand Down
31 changes: 23 additions & 8 deletions keylime-ansible-gcp/set_env_var.sh
View file
Original file line number Diff line number Diff line change
@@ -1,9 +1,24 @@
#!/bin/sh
echo "Exporting playbook environment variables..."
export GCP_PROJECT= "test" # ID of GCP project
export GCP_CRED_KIND="serviceaccount"
export GCP_CRED_FILE= # path to service account file
export GCP_CRED_EMAIL= # service account email
export GCP_ZONE= # zone for GCP instance, ex "northamerica-northeast1-a"
export GCP_REGION= # region for GCP instance, ex "northamerica-northeast1"
echo "Complete"
usage() {
echo "Warning: this script parses the GCP service account credential file for the email and project ID."
echo "Usage: ./set_env_var.sh <path to JSON cred file> <GCP region> <GCP zone>"
}
if [[ ($# -ne 3) || ($@ == "--help") || ($@ == "-h") ]]
then
usage
exit 1
fi
echo "Warning: this script parses the GCP service account credential file for the email and project ID."
sleep 5
export GCP_REGION="$2"
echo "GCP REGION is set to $GCP_REGION"
export GCP_ZONE="$3"
echo "GCP ZONE is set to $GCP_ZONE"
export GCP_CRED_FILE="$1"
echo "GCP CRED FILE is set to $GCP_CRED_FILE"
export GCP_PROJECT="$(sed -e 's/^"//' -e 's/"$//' <<< "$(jq .project_id $1)")"
echo "GCP PROJECT is set to $GCP_PROJECT"
export GCP_CRED_KIND="serviceaccount"
echo "GCP CRED KIND is set to $GCP_CRED_KIND"
export GCP_CRED_EMAIL="$(sed -e 's/^"//' -e 's/"$//' <<< "$(jq .client_email $1)")"
echo "GCP CRED EMAIL is set to $GCP_CRED_EMAIL"

0 comments on commit 92bf857

Please sign in to comment.