From 46d552b849f3025759d7f332f8262f7cab43d7c8 Mon Sep 17 00:00:00 2001
From: Jared Hocutt <jhocutt@redhat.com>
Date: Fri, 15 Sep 2023 11:28:47 -0400
Subject: [PATCH] Updating unpack script to unpack binaries and mirror images

Signed-off-by: Jared Hocutt <jhocutt@redhat.com>
---
 ocp4_disconnected/unpack.sh | 50 +++++++++++++++++++++++++++++++------
 prepare_for_installation.sh | 26 -------------------
 2 files changed, 43 insertions(+), 33 deletions(-)
 delete mode 100644 prepare_for_installation.sh

diff --git a/ocp4_disconnected/unpack.sh b/ocp4_disconnected/unpack.sh
index 820992c..bc5e1ca 100644
--- a/ocp4_disconnected/unpack.sh
+++ b/ocp4_disconnected/unpack.sh
@@ -1,6 +1,6 @@
 #!/usr/bin/env bash
 
-set -eux -o pipefail
+set -eux
 
 SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )
 
@@ -8,8 +8,10 @@ CLIENTS_DIR=${SCRIPT_DIR}/clients
 IMAGES_DIR=${SCRIPT_DIR}/images
 BIN_DIR=${SCRIPT_DIR}/bin
 REGISTRY_DIR=${SCRIPT_DIR}/registry
+METADATA_DIR=${SCRIPT_DIR}/metadata
 
-REGISTRY_PASSWORD=$(< /dev/urandom tr -dc A-Za-z0-9 | head -c 30)
+REGISTRY_PASSWORD=$(tr -dc A-Za-z0-9 </dev/urandom | head -c 30)
+LATEST_IMAGES_FILE=$(find ${IMAGES_DIR} -name 'mirror_seq*.tar' | sort -Vr | head -n 1)
 
 ###############################################################################
 # User Data Prompts
@@ -18,7 +20,7 @@ REGISTRY_PASSWORD=$(< /dev/urandom tr -dc A-Za-z0-9 | head -c 30)
 
 
 ###############################################################################
-# Mirror Registry - Unpack and Install
+# Mirror Registry
 ###############################################################################
 
 mkdir -p ${BIN_DIR}
@@ -29,9 +31,12 @@ else
 fi
 
 mkdir -p ${REGISTRY_DIR}
-if $(curl --insecure --silent https://$(hostname --fqdn):8443/status); then
+if [[ -d ${REGISTRY_DIR}/quay-install ]]; then
     echo "Mirror registry appears to already be running, skipping install"
 else
+    echo ${REGISTRY_PASSWORD} > ${REGISTRY_DIR}/registry_password
+
+    cd ${REGISTRY_DIR}
     ${BIN_DIR}/mirror-registry install \
         --quayHostname $(hostname --fqdn) \
         --quayRoot ${REGISTRY_DIR}/quay-install \
@@ -41,6 +46,37 @@ else
         --initPassword ${REGISTRY_PASSWORD}
 fi
 
-# TODO: Copy mirror registry certs to system trust bundle
-# TODO: Unpack oc, oc-mirror, and openshift-install binaries to system
-# TODO: Populate mirror registry with images from disk
+if [[ ! -f /etc/pki/ca-trust/source/anchors/quay_mirror_registry_ca.pem ]]; then
+    sudo cp ${REGISTRY_DIR}/quay-install/quay-rootCA/rootCA.pem /etc/pki/ca-trust/source/anchors/quay_mirror_registry_ca.pem
+    sudo update-ca-trust extract
+fi
+
+###############################################################################
+# OpenShift Clients
+###############################################################################
+
+cd ${SCRIPT_DIR}
+if [[ ! -f /usr/local/bin/oc ]]; then
+    sudo tar --extract --verbose --directory /usr/local/bin --file ${CLIENTS_DIR}/openshift-client-linux.tar.gz oc kubectl
+    sudo chmod +x /usr/local/bin/oc /usr/local/bin/kubectl
+fi
+
+if [[ ! -f /usr/local/bin/oc-mirror ]]; then
+    sudo tar --extract --verbose --directory /usr/local/bin --file ${CLIENTS_DIR}/oc-mirror.tar.gz oc-mirror
+    sudo chmod +x /usr/local/bin/oc-mirror
+fi
+
+if [[ ! -f /usr/local/bin/openshift-install ]]; then
+    sudo tar --extract --verbose --directory /usr/local/bin --file ${CLIENTS_DIR}/openshift-install-linux.tar.gz openshift-install
+    sudo chmod +x /usr/local/bin/openshift-install
+fi
+
+###############################################################################
+# Populate Mirror Registry
+###############################################################################
+
+mkdir -p ${METADATA_DIR}
+podman login --username openshift --password $(cat ${REGISTRY_DIR}/registry_password) $(hostname --fqdn):8443
+
+cd ${METADATA_DIR}
+oc mirror --from=${LATEST_IMAGES_FILE} docker://$(hostname --fqdn):8443
diff --git a/prepare_for_installation.sh b/prepare_for_installation.sh
deleted file mode 100644
index 9f4848e..0000000
--- a/prepare_for_installation.sh
+++ /dev/null
@@ -1,26 +0,0 @@
-#!/bin/bash
-
-# Install podman
-sudo dnf -y localinstall /mnt/ocp4_data/repos/*.rpm
-
-# Untar mirror registry
-tar --extract --verbose --directory /mnt/ocp4_data/clients --file /mnt/ocp4_data/clients/mirror-registry.tar.gz
-
-# Install mirror registry 
-#     tucking all the storage in /mnt/ocp4_data/quay for now
-#     hardcoding quay password to "discopass"
-/mnt/ocp4_data/clients/mirror-registry install --quayHostname $(hostname) --quayRoot /mnt/ocp4_data/quay/quay-install --quayStorage /mnt/ocp4_data/quay/quay-storage --pgStorage /mnt/ocp4_data/quay/pg-data --initPassword discopass
-
-# Login to podman to generate auth file
-#    TODO: add quay rootCA to system trust store if we want, or use your own?
-podman login -u init -p discopass --tls-verify=false $(hostname):8443
-
-# Move oc and oc-mirror to path
-tar --extract --verbose --directory /mnt/ocp4_data/clients --file /mnt/ocp4_data/clients/openshift-client-linux.tar.gz
-tar --extract --verbose --directory /mnt/ocp4_data/clients --file /mnt/ocp4_data/clients/openshift-install-linux.tar.gz
-tar --extract --verbose --directory /mnt/ocp4_data/clients --file /mnt/ocp4_data/clients/oc-mirror.tar.gz
-chmod +x /mnt/ocp4_data/clients/oc-mirror
-sudo mv /mnt/ocp4_data/clients/oc* /usr/local/bin/
-
-# Mirror from disk to registry
-oc mirror --from=/mnt/ocp4_data/images/mirror_seq1_000000.tar --dest-skip-tls docker://$(hostname):8443