diff options
author | Henning Baldersheim <balder@yahoo-inc.com> | 2022-12-05 15:30:46 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-12-05 15:30:46 +0100 |
commit | f0b807bc2108b8c0ada96be431100e264dc558cb (patch) | |
tree | 21f81ca6d54f374c1c949b396c0e90e563b08d72 /vespaclient-java | |
parent | 05e1be527998e915a93decaec6b663bb9aa5fb04 (diff) | |
parent | 9f366b35f293bddc9ebb727d29210b694deffef2 (diff) |
Merge pull request #25115 from vespa-engine/balder/gc-unused-security-tools
GC unused security-tools
Diffstat (limited to 'vespaclient-java')
-rw-r--r-- | vespaclient-java/CMakeLists.txt | 1 | ||||
-rwxr-xr-x | vespaclient-java/src/main/sh/vespa-curl-wrapper | 109 |
2 files changed, 110 insertions, 0 deletions
diff --git a/vespaclient-java/CMakeLists.txt b/vespaclient-java/CMakeLists.txt index 666e9633726..ebb792633bb 100644 --- a/vespaclient-java/CMakeLists.txt +++ b/vespaclient-java/CMakeLists.txt @@ -13,3 +13,4 @@ vespa_install_script(src/main/sh/vespa-visit.sh vespa-visit bin) vespa_install_script(src/main/sh/vespa-visit-target.sh vespa-visit-target bin) vespa_install_script(src/main/sh/vespa-feed-perf vespa-feed-perf bin) vespa_install_script(src/main/sh/vespa-status-filedistribution.sh vespa-status-filedistribution bin) +vespa_install_script(src/main/sh/vespa-curl-wrapper vespa-curl-wrapper libexec/vespa) diff --git a/vespaclient-java/src/main/sh/vespa-curl-wrapper b/vespaclient-java/src/main/sh/vespa-curl-wrapper new file mode 100755 index 00000000000..9381d6f898b --- /dev/null +++ b/vespaclient-java/src/main/sh/vespa-curl-wrapper @@ -0,0 +1,109 @@ +#!/usr/bin/env bash +# Copyright Yahoo. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. + +# Uses security-env to call curl with paths to credentials. +# This script should be installed in libexec only. It is not public api. + +# BEGIN environment bootstrap section +# Do not edit between here and END as this section should stay identical in all scripts + +findpath () { + myname=${0} + mypath=${myname%/*} + myname=${myname##*/} + empty_if_start_slash=${mypath%%/*} + if [ "${empty_if_start_slash}" ]; then + mypath=$(pwd)/${mypath} + fi + if [ "$mypath" ] && [ -d "$mypath" ]; then + return + fi + mypath=$(pwd) + if [ -f "${mypath}/${myname}" ]; then + return + fi + echo "FATAL: Could not figure out the path where $myname lives from $0" + exit 1 +} + +COMMON_ENV=libexec/vespa/common-env.sh + +source_common_env () { + if [ "$VESPA_HOME" ] && [ -d "$VESPA_HOME" ]; then + export VESPA_HOME + common_env=$VESPA_HOME/$COMMON_ENV + if [ -f "$common_env" ]; then + . $common_env + return + fi + fi + return 1 +} + +findroot () { + source_common_env && return + if [ "$VESPA_HOME" ]; then + echo "FATAL: bad VESPA_HOME value '$VESPA_HOME'" + exit 1 + fi + if [ "$ROOT" ] && [ -d "$ROOT" ]; then + VESPA_HOME="$ROOT" + source_common_env && return + fi + findpath + while [ "$mypath" ]; do + VESPA_HOME=${mypath} + source_common_env && return + mypath=${mypath%/*} + done + echo "FATAL: missing VESPA_HOME environment variable" + echo "Could not locate $COMMON_ENV anywhere" + exit 1 +} + +findhost () { + if [ "${VESPA_HOSTNAME}" = "" ]; then + VESPA_HOSTNAME=$(vespa-detect-hostname || hostname -f || hostname || echo "localhost") || exit 1 + fi + validate="${VESPA_HOME}/bin/vespa-validate-hostname" + if [ -f "$validate" ]; then + "$validate" "${VESPA_HOSTNAME}" || exit 1 + fi + export VESPA_HOSTNAME +} + +findroot +findhost + +ROOT=${VESPA_HOME%/} +export ROOT + +# END environment bootstrap section + +set -e + +eval $(${VESPA_HOME}/libexec/vespa/script-utils security-env) + +CURL_PARAMETERS=("$@") + +if [ -n "${VESPA_TLS_ENABLED}" ] +then + CURL_PARAMETERS=("${CURL_PARAMETERS[@]/http:/https:}") +fi + +if [ -n "${VESPA_TLS_HOSTNAME_VALIDATION_DISABLED}" ] +then + CURL_PARAMETERS=("--insecure" "${CURL_PARAMETERS[@]}") +fi + +if [ -n "${VESPA_TLS_CA_CERT}" ] +then + CURL_PARAMETERS=("--cacert" "${VESPA_TLS_CA_CERT}" "${CURL_PARAMETERS[@]}") +fi + +if [[ -n "${VESPA_TLS_CERT}" && -n "${VESPA_TLS_PRIVATE_KEY}" ]] +then + CURL_PARAMETERS=("--cert" "${VESPA_TLS_CERT}" "--key" "${VESPA_TLS_PRIVATE_KEY}" "${CURL_PARAMETERS[@]}") +fi + +curl "${CURL_PARAMETERS[@]}" |