#!/bin/bash
# This script sets the environment properly so that a user can use the OpenStack CLI
# Copyright (C) 2017, ETH Zuerich, Switzerland
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, version 3 of the License.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see .
#
# AUTHORS Pablo Fernandez & Massimo Benini
# DATE July 11th, 2017 (Updated: March 2021)
[[ "${BASH_SOURCE[0]}" == "${0}" ]] && \
echo "USAGE INFO: you need source this script (source $0 or . $0)." && \
echo " You can also pass a parameter that serves a project name filter (for scoped tokens)" && exit
echo " * Creating environment for openstack CLI:"
read -p 'Username: ' uservar
read -sp 'Password: ' passvar
echo ""
# Prepare filter parameter
if [ "$1" == "" ]; then
PRJ_FILTER="."
else
PRJ_FILTER=" $1$"
fi
# Prepare environment
for key in $( set | awk '{FS="="} /^OS_/ {print $1}' ); do unset $key ; done
export OS_USERNAME=$uservar
export OS_PASSWORD=$passvar
export OS_IDENTITY_API_VERSION=3
export OS_AUTH_URL=https://pollux.cscs.ch:13000/v3
export OS_IDENTITY_PROVIDER=cscskc
export OS_PROTOCOL=openid
export OS_INTERFACE=public
export OS_CLIENT_ID=pollux-prod
export OS_CLIENT_SECRET="82c7a379-f5ee-48c7-8a6b-7ee15557e28e" #set to anything if keycloak client is public
export OS_DISCOVERY_ENDPOINT=https://auth.cscs.ch/auth/realms/cscs/.well-known/openid-configuration
# Getting the unscoped token:
echo "[openstack --os-auth-type v3oidcpassword token issue]"
UNSCOPED_TOKEN="$(openstack --os-auth-type v3oidcpassword token issue --format value --column id)"
# Remove the password from the environment, for security
if [ $? -ne 0 ]; then
echo " * Failed to get unscoped token, exit"
unset OS_PASSWORD
return
fi
echo " * Got an unscoped token, preparing environment..."
export OS_AUTH_TYPE=token
export OS_TOKEN=$UNSCOPED_TOKEN
unset OS_PASSWORD
# Getting the user ID with python directly (no other way, plus serves as an example!!)
echo -n " * Logged in user ID $OS_USERNAME: "
python <