From 438b216ffa44c8da6ba8cd5930862694a8e3a2e6 Mon Sep 17 00:00:00 2001
From: venkata edara <redara@redhat.com>
Date: Mon, 31 Jul 2017 16:17:49 +0530
Subject: Added S3 authentication changes

changed the proxy-server.conf to enable authentication and scripts to add user

Signed-off-by: venkata edara <redara@redhat.com>
---
 gluster-s3object/CentOS/docker-gluster-s3/Dockerfile        |  7 ++++++-
 gluster-s3object/CentOS/docker-gluster-s3/README.md         |  2 +-
 .../CentOS/docker-gluster-s3/etc/swift/proxy-server.conf    |  9 ++++++++-
 .../CentOS/docker-gluster-s3/etc/sysconfig/swift-volumes    |  2 ++
 .../CentOS/docker-gluster-s3/gluster-swift-add-user         | 13 +++++++++++++
 .../CentOS/docker-gluster-s3/swift-adduser.service          | 11 +++++++++++
 .../CentOS/docker-gluster-s3/swift-gen-builders.service     |  2 +-
 .../CentOS/docker-gluster-s3/update_gluster_vol.sh          |  6 ++++--
 8 files changed, 46 insertions(+), 6 deletions(-)
 create mode 100755 gluster-s3object/CentOS/docker-gluster-s3/gluster-swift-add-user
 create mode 100644 gluster-s3object/CentOS/docker-gluster-s3/swift-adduser.service

diff --git a/gluster-s3object/CentOS/docker-gluster-s3/Dockerfile b/gluster-s3object/CentOS/docker-gluster-s3/Dockerfile
index 9ec1e2f..fdfb0ec 100644
--- a/gluster-s3object/CentOS/docker-gluster-s3/Dockerfile
+++ b/gluster-s3object/CentOS/docker-gluster-s3/Dockerfile
@@ -54,6 +54,7 @@ COPY swift-proxy.service /lib/systemd/system/
 COPY swift-account.service /lib/systemd/system/
 COPY swift-container.service /lib/systemd/system/
 COPY swift-object.service /lib/systemd/system/
+COPY swift-adduser.service /lib/systemd/system/
 
 # Replace openstack swift conf files with local gluster-swift ones
 COPY etc/swift/* /etc/swift/
@@ -62,6 +63,9 @@ COPY etc/swift/* /etc/swift/
 COPY update_gluster_vol.sh /usr/local/bin/update_gluster_vol.sh
 RUN chmod +x /usr/local/bin/update_gluster_vol.sh
 
+COPY gluster-swift-add-user /usr/local/bin/gluster-swift-add-user
+RUN chmod +x /usr/local/bin/gluster-swift-add-user
+
 # volumes to be exposed as object storage is present in swift-volumes file
 COPY etc/sysconfig/swift-volumes /etc/sysconfig/swift-volumes
 
@@ -76,7 +80,8 @@ systemctl enable memcached.service;\
 systemctl enable swift-proxy.service;\
 systemctl enable swift-account.service;\
 systemctl enable swift-container.service;\
-systemctl enable swift-object.service;
+systemctl enable swift-object.service;\
+systemctl enable swift-adduser.service;
 
 ENTRYPOINT ["/usr/local/bin/update_gluster_vol.sh"]
 CMD ["/usr/sbin/init"]
diff --git a/gluster-s3object/CentOS/docker-gluster-s3/README.md b/gluster-s3object/CentOS/docker-gluster-s3/README.md
index baa6d28..a8bd935 100644
--- a/gluster-s3object/CentOS/docker-gluster-s3/README.md
+++ b/gluster-s3object/CentOS/docker-gluster-s3/README.md
@@ -30,7 +30,7 @@ Where tv1 is the volume name.
 **Example:**
 
 ```bash
-# docker run -d --privileged  -v /sys/fs/cgroup/:/sys/fs/cgroup/:ro -p 8080:8080 -v /mnt/gluster-object:/mnt/gluster-object -e GLUSTER_VOLUMES="tv1" gluster-s3
+# docker run -d --privileged  -v /sys/fs/cgroup/:/sys/fs/cgroup/:ro -p 8080:8080 -v /mnt/gluster-object:/mnt/gluster-object -e GLUSTER_VOLUMES="tv1" -e GLUSTER_USER="admin" -e GLUSTER_PASSWORD="redhat" gluster-s3
 ```
 
 If you have selinux set to enforced on the host machine, refer to the
diff --git a/gluster-s3object/CentOS/docker-gluster-s3/etc/swift/proxy-server.conf b/gluster-s3object/CentOS/docker-gluster-s3/etc/swift/proxy-server.conf
index 979b735..8e6ecc5 100644
--- a/gluster-s3object/CentOS/docker-gluster-s3/etc/swift/proxy-server.conf
+++ b/gluster-s3object/CentOS/docker-gluster-s3/etc/swift/proxy-server.conf
@@ -5,7 +5,7 @@ user = root
 workers = 1
 
 [pipeline:main]
-pipeline = catch_errors gatekeeper healthcheck proxy-logging cache bulk ratelimit swift3 staticweb slo dlo proxy-logging proxy-server
+pipeline = catch_errors gatekeeper healthcheck proxy-logging cache bulk ratelimit swift3 gswauth staticweb slo dlo proxy-logging proxy-server
 
 [app:proxy-server]
 use = egg:gluster_swift#proxy
@@ -97,3 +97,10 @@ user_test5_tester5 = testing5 service
 
 [filter:swift3]
 use = egg:swift3#swift3
+
+[filter:gswauth]
+use = egg:gluster_swift#gswauth
+set log_name = gswauth
+super_admin_key = gswauthkey
+metadata_volume = gsmetadata
+s3_support = on
diff --git a/gluster-s3object/CentOS/docker-gluster-s3/etc/sysconfig/swift-volumes b/gluster-s3object/CentOS/docker-gluster-s3/etc/sysconfig/swift-volumes
index 8b49f07..3aeb7ec 100644
--- a/gluster-s3object/CentOS/docker-gluster-s3/etc/sysconfig/swift-volumes
+++ b/gluster-s3object/CentOS/docker-gluster-s3/etc/sysconfig/swift-volumes
@@ -1,2 +1,4 @@
 # Set Gluster volumes to be used by gluster-object service
 GLUSTER_VOLUMES="tv1"
+GLUSTER_USER="admin"
+GLUSTER_PASSWORD="redhat"
diff --git a/gluster-s3object/CentOS/docker-gluster-s3/gluster-swift-add-user b/gluster-s3object/CentOS/docker-gluster-s3/gluster-swift-add-user
new file mode 100755
index 0000000..59eb1b2
--- /dev/null
+++ b/gluster-s3object/CentOS/docker-gluster-s3/gluster-swift-add-user
@@ -0,0 +1,13 @@
+#!/bin/bash
+if [ "$#" -lt 3 ]; then
+	echo "Incorrect args. invoke gluster-swift-add-user $GLUSTER_USER $GLUSTER_PASSWORD $GLUSTER_VOLUMES"
+	exit 1
+else
+	GLUSTER_USER=$1
+	GLUSTER_PASSWORD=$2
+	GLUSTER_VOLUMES=$(echo $3 | cut -d" " -f1)
+	sleep 5
+	gswauth-prep -A http://0.0.0.0:8080/auth -K gswauthkey
+        gswauth-add-account -K gswauthkey $GLUSTER_VOLUMES
+	gswauth-add-user -K gswauthkey -a $GLUSTER_VOLUMES $GLUSTER_USER $GLUSTER_PASSWORD
+fi
diff --git a/gluster-s3object/CentOS/docker-gluster-s3/swift-adduser.service b/gluster-s3object/CentOS/docker-gluster-s3/swift-adduser.service
new file mode 100644
index 0000000..ee4c8d7
--- /dev/null
+++ b/gluster-s3object/CentOS/docker-gluster-s3/swift-adduser.service
@@ -0,0 +1,11 @@
+[Unit]
+Description=Swift Add User
+After=swift-object.service
+
+[Service]
+Type=oneshot
+EnvironmentFile=-/etc/sysconfig/swift-volumes
+ExecStart=/usr/local/bin/gluster-swift-add-user $GLUSTER_USER $GLUSTER_PASSWORD $GLUSTER_VOLUMES
+
+[Install]
+WantedBy=multi-user.target
diff --git a/gluster-s3object/CentOS/docker-gluster-s3/swift-gen-builders.service b/gluster-s3object/CentOS/docker-gluster-s3/swift-gen-builders.service
index ab30a7c..efafca5 100644
--- a/gluster-s3object/CentOS/docker-gluster-s3/swift-gen-builders.service
+++ b/gluster-s3object/CentOS/docker-gluster-s3/swift-gen-builders.service
@@ -5,7 +5,7 @@ Before=memcached.service
 [Service]
 Type=oneshot
 EnvironmentFile=-/etc/sysconfig/swift-volumes
-ExecStart=/usr/bin/gluster-swift-gen-builders $GLUSTER_VOLUMES
+ExecStart=/usr/bin/gluster-swift-gen-builders $GLUSTER_VOLUMES gsmetadata
 
 [Install]
 WantedBy=multi-user.target
diff --git a/gluster-s3object/CentOS/docker-gluster-s3/update_gluster_vol.sh b/gluster-s3object/CentOS/docker-gluster-s3/update_gluster_vol.sh
index dfb891d..9e9c60e 100644
--- a/gluster-s3object/CentOS/docker-gluster-s3/update_gluster_vol.sh
+++ b/gluster-s3object/CentOS/docker-gluster-s3/update_gluster_vol.sh
@@ -1,12 +1,14 @@
 #!/bin/bash
 
 # To update gluster volume name in swift-volumes, used by swift-gen-builders.service
-if [ -z "$GLUSTER_VOLUMES" ]; then
-        echo "You need to set GLUSTER_VOLUMES env variable"
+if [[ -z "$GLUSTER_VOLUMES" || -z "$GLUSTER_USER" || -z "$GLUSTER_PASSWORD" ]]; then
+        echo "You need to set GLUSTER_VOLUMES, GLUSTER_USER, GLUSTER_PASSWORD env variable"
         exit 1
 else
         echo "GLUSTER_VOLUMES env variable is set. Update in swift-volumes"
         sed -i.bak '/^GLUSTER_VOLUMES=/s/=.*/='\""$GLUSTER_VOLUMES"\"'/' /etc/sysconfig/swift-volumes
+	sed -i.bak '/^GLUSTER_USER=/s/=.*/='\""$GLUSTER_USER"\"'/' /etc/sysconfig/swift-volumes
+	sed -i.bak '/^GLUSTER_PASSWORD=/s/=.*/='\""$GLUSTER_PASSWORD"\"'/' /etc/sysconfig/swift-volumes
 fi
 
 # Hand off to CMD
-- 
cgit v1.2.3


From f8cde44e7c5a1a42a24e9993f4ebc088082a1deb Mon Sep 17 00:00:00 2001
From: venkata edara <redara@redhat.com>
Date: Mon, 31 Jul 2017 16:17:49 +0530
Subject: Added S3 authentication changes

changed the proxy-server.conf to enable authentication and scripts to add user

Signed-off-by: venkata edara <redara@redhat.com>
---
 gluster-s3object/CentOS/docker-gluster-s3/Dockerfile        |  7 ++++++-
 gluster-s3object/CentOS/docker-gluster-s3/README.md         |  2 +-
 .../CentOS/docker-gluster-s3/etc/swift/proxy-server.conf    |  9 ++++++++-
 .../CentOS/docker-gluster-s3/etc/sysconfig/swift-volumes    |  2 ++
 .../CentOS/docker-gluster-s3/gluster-swift-add-user         | 13 +++++++++++++
 .../CentOS/docker-gluster-s3/swift-adduser.service          | 11 +++++++++++
 .../CentOS/docker-gluster-s3/swift-gen-builders.service     |  2 +-
 .../CentOS/docker-gluster-s3/update_gluster_vol.sh          |  6 ++++--
 8 files changed, 46 insertions(+), 6 deletions(-)
 create mode 100755 gluster-s3object/CentOS/docker-gluster-s3/gluster-swift-add-user
 create mode 100644 gluster-s3object/CentOS/docker-gluster-s3/swift-adduser.service

diff --git a/gluster-s3object/CentOS/docker-gluster-s3/Dockerfile b/gluster-s3object/CentOS/docker-gluster-s3/Dockerfile
index 9ec1e2f..fdfb0ec 100644
--- a/gluster-s3object/CentOS/docker-gluster-s3/Dockerfile
+++ b/gluster-s3object/CentOS/docker-gluster-s3/Dockerfile
@@ -54,6 +54,7 @@ COPY swift-proxy.service /lib/systemd/system/
 COPY swift-account.service /lib/systemd/system/
 COPY swift-container.service /lib/systemd/system/
 COPY swift-object.service /lib/systemd/system/
+COPY swift-adduser.service /lib/systemd/system/
 
 # Replace openstack swift conf files with local gluster-swift ones
 COPY etc/swift/* /etc/swift/
@@ -62,6 +63,9 @@ COPY etc/swift/* /etc/swift/
 COPY update_gluster_vol.sh /usr/local/bin/update_gluster_vol.sh
 RUN chmod +x /usr/local/bin/update_gluster_vol.sh
 
+COPY gluster-swift-add-user /usr/local/bin/gluster-swift-add-user
+RUN chmod +x /usr/local/bin/gluster-swift-add-user
+
 # volumes to be exposed as object storage is present in swift-volumes file
 COPY etc/sysconfig/swift-volumes /etc/sysconfig/swift-volumes
 
@@ -76,7 +80,8 @@ systemctl enable memcached.service;\
 systemctl enable swift-proxy.service;\
 systemctl enable swift-account.service;\
 systemctl enable swift-container.service;\
-systemctl enable swift-object.service;
+systemctl enable swift-object.service;\
+systemctl enable swift-adduser.service;
 
 ENTRYPOINT ["/usr/local/bin/update_gluster_vol.sh"]
 CMD ["/usr/sbin/init"]
diff --git a/gluster-s3object/CentOS/docker-gluster-s3/README.md b/gluster-s3object/CentOS/docker-gluster-s3/README.md
index baa6d28..a8bd935 100644
--- a/gluster-s3object/CentOS/docker-gluster-s3/README.md
+++ b/gluster-s3object/CentOS/docker-gluster-s3/README.md
@@ -30,7 +30,7 @@ Where tv1 is the volume name.
 **Example:**
 
 ```bash
-# docker run -d --privileged  -v /sys/fs/cgroup/:/sys/fs/cgroup/:ro -p 8080:8080 -v /mnt/gluster-object:/mnt/gluster-object -e GLUSTER_VOLUMES="tv1" gluster-s3
+# docker run -d --privileged  -v /sys/fs/cgroup/:/sys/fs/cgroup/:ro -p 8080:8080 -v /mnt/gluster-object:/mnt/gluster-object -e GLUSTER_VOLUMES="tv1" -e GLUSTER_USER="admin" -e GLUSTER_PASSWORD="redhat" gluster-s3
 ```
 
 If you have selinux set to enforced on the host machine, refer to the
diff --git a/gluster-s3object/CentOS/docker-gluster-s3/etc/swift/proxy-server.conf b/gluster-s3object/CentOS/docker-gluster-s3/etc/swift/proxy-server.conf
index 979b735..8e6ecc5 100644
--- a/gluster-s3object/CentOS/docker-gluster-s3/etc/swift/proxy-server.conf
+++ b/gluster-s3object/CentOS/docker-gluster-s3/etc/swift/proxy-server.conf
@@ -5,7 +5,7 @@ user = root
 workers = 1
 
 [pipeline:main]
-pipeline = catch_errors gatekeeper healthcheck proxy-logging cache bulk ratelimit swift3 staticweb slo dlo proxy-logging proxy-server
+pipeline = catch_errors gatekeeper healthcheck proxy-logging cache bulk ratelimit swift3 gswauth staticweb slo dlo proxy-logging proxy-server
 
 [app:proxy-server]
 use = egg:gluster_swift#proxy
@@ -97,3 +97,10 @@ user_test5_tester5 = testing5 service
 
 [filter:swift3]
 use = egg:swift3#swift3
+
+[filter:gswauth]
+use = egg:gluster_swift#gswauth
+set log_name = gswauth
+super_admin_key = gswauthkey
+metadata_volume = gsmetadata
+s3_support = on
diff --git a/gluster-s3object/CentOS/docker-gluster-s3/etc/sysconfig/swift-volumes b/gluster-s3object/CentOS/docker-gluster-s3/etc/sysconfig/swift-volumes
index 8b49f07..3aeb7ec 100644
--- a/gluster-s3object/CentOS/docker-gluster-s3/etc/sysconfig/swift-volumes
+++ b/gluster-s3object/CentOS/docker-gluster-s3/etc/sysconfig/swift-volumes
@@ -1,2 +1,4 @@
 # Set Gluster volumes to be used by gluster-object service
 GLUSTER_VOLUMES="tv1"
+GLUSTER_USER="admin"
+GLUSTER_PASSWORD="redhat"
diff --git a/gluster-s3object/CentOS/docker-gluster-s3/gluster-swift-add-user b/gluster-s3object/CentOS/docker-gluster-s3/gluster-swift-add-user
new file mode 100755
index 0000000..59eb1b2
--- /dev/null
+++ b/gluster-s3object/CentOS/docker-gluster-s3/gluster-swift-add-user
@@ -0,0 +1,13 @@
+#!/bin/bash
+if [ "$#" -lt 3 ]; then
+	echo "Incorrect args. invoke gluster-swift-add-user $GLUSTER_USER $GLUSTER_PASSWORD $GLUSTER_VOLUMES"
+	exit 1
+else
+	GLUSTER_USER=$1
+	GLUSTER_PASSWORD=$2
+	GLUSTER_VOLUMES=$(echo $3 | cut -d" " -f1)
+	sleep 5
+	gswauth-prep -A http://0.0.0.0:8080/auth -K gswauthkey
+        gswauth-add-account -K gswauthkey $GLUSTER_VOLUMES
+	gswauth-add-user -K gswauthkey -a $GLUSTER_VOLUMES $GLUSTER_USER $GLUSTER_PASSWORD
+fi
diff --git a/gluster-s3object/CentOS/docker-gluster-s3/swift-adduser.service b/gluster-s3object/CentOS/docker-gluster-s3/swift-adduser.service
new file mode 100644
index 0000000..ee4c8d7
--- /dev/null
+++ b/gluster-s3object/CentOS/docker-gluster-s3/swift-adduser.service
@@ -0,0 +1,11 @@
+[Unit]
+Description=Swift Add User
+After=swift-object.service
+
+[Service]
+Type=oneshot
+EnvironmentFile=-/etc/sysconfig/swift-volumes
+ExecStart=/usr/local/bin/gluster-swift-add-user $GLUSTER_USER $GLUSTER_PASSWORD $GLUSTER_VOLUMES
+
+[Install]
+WantedBy=multi-user.target
diff --git a/gluster-s3object/CentOS/docker-gluster-s3/swift-gen-builders.service b/gluster-s3object/CentOS/docker-gluster-s3/swift-gen-builders.service
index ab30a7c..efafca5 100644
--- a/gluster-s3object/CentOS/docker-gluster-s3/swift-gen-builders.service
+++ b/gluster-s3object/CentOS/docker-gluster-s3/swift-gen-builders.service
@@ -5,7 +5,7 @@ Before=memcached.service
 [Service]
 Type=oneshot
 EnvironmentFile=-/etc/sysconfig/swift-volumes
-ExecStart=/usr/bin/gluster-swift-gen-builders $GLUSTER_VOLUMES
+ExecStart=/usr/bin/gluster-swift-gen-builders $GLUSTER_VOLUMES gsmetadata
 
 [Install]
 WantedBy=multi-user.target
diff --git a/gluster-s3object/CentOS/docker-gluster-s3/update_gluster_vol.sh b/gluster-s3object/CentOS/docker-gluster-s3/update_gluster_vol.sh
index dfb891d..9e9c60e 100644
--- a/gluster-s3object/CentOS/docker-gluster-s3/update_gluster_vol.sh
+++ b/gluster-s3object/CentOS/docker-gluster-s3/update_gluster_vol.sh
@@ -1,12 +1,14 @@
 #!/bin/bash
 
 # To update gluster volume name in swift-volumes, used by swift-gen-builders.service
-if [ -z "$GLUSTER_VOLUMES" ]; then
-        echo "You need to set GLUSTER_VOLUMES env variable"
+if [[ -z "$GLUSTER_VOLUMES" || -z "$GLUSTER_USER" || -z "$GLUSTER_PASSWORD" ]]; then
+        echo "You need to set GLUSTER_VOLUMES, GLUSTER_USER, GLUSTER_PASSWORD env variable"
         exit 1
 else
         echo "GLUSTER_VOLUMES env variable is set. Update in swift-volumes"
         sed -i.bak '/^GLUSTER_VOLUMES=/s/=.*/='\""$GLUSTER_VOLUMES"\"'/' /etc/sysconfig/swift-volumes
+	sed -i.bak '/^GLUSTER_USER=/s/=.*/='\""$GLUSTER_USER"\"'/' /etc/sysconfig/swift-volumes
+	sed -i.bak '/^GLUSTER_PASSWORD=/s/=.*/='\""$GLUSTER_PASSWORD"\"'/' /etc/sysconfig/swift-volumes
 fi
 
 # Hand off to CMD
-- 
cgit v1.2.3


From b214fff44235d8f011fcd9de12a9d2735deb50ee Mon Sep 17 00:00:00 2001
From: venkata edara <redara@redhat.com>
Date: Mon, 31 Jul 2017 17:27:44 +0530
Subject: changed travis.yml to include user and password

Signed-off-by: venkata edara <redara@redhat.com>
---
 .travis.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.travis.yml b/.travis.yml
index e855878..cc7ecb5 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -26,7 +26,7 @@ before_install:
 - sleep 10
 - docker exec -it gfedora systemctl is-active glusterd
 - docker build -t gluster/s3object ./gluster-s3object/CentOS/docker-gluster-s3/
-- docker run -d --name s3object --privileged -v /sys/fs/cgroup:/sys/fs/cgroup:ro -e GLUSTER_VOLUMES=vol gluster/s3object
+- docker run -d --name s3object --privileged -v /sys/fs/cgroup:/sys/fs/cgroup:ro -e GLUSTER_VOLUMES=vol -e GLUSTER_USER="admin" -e GLUSTER_PASSWORD="redhat" gluster/s3object
 - sleep 10
 - docker exec -it s3object systemctl is-active swift-object
 
-- 
cgit v1.2.3