From 294422755a90788c110d8de7fe8e6a65c1c3db40 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Franti=C5=A1ek=20Dvo=C5=99=C3=A1k?= <valtri@civ.zcu.cz>
Date: Sun, 21 Mar 2021 13:47:15 +0100
Subject: [PATCH] Hadoop: fix secrets in single machine setup

---
 image/config.json                    | 6 +++---
 image/scripts/hadoop-single-setup.sh | 7 ++++++-
 2 files changed, 9 insertions(+), 4 deletions(-)

diff --git a/image/config.json b/image/config.json
index 47c4c67..d7da3fb 100644
--- a/image/config.json
+++ b/image/config.json
@@ -23,9 +23,9 @@
       "n": "0",
       "node_hostname": "node",
       "secrets": {
-        "http_signature_secret": "UNUSED",
-        "kerberos_admin_password": "UNUSED",
-        "kerberos_master_password": "UNUSED"
+        "http_signature_secret": "@SECRET@",
+        "kerberos_admin_password": "@SECRET@",
+        "kerberos_master_password": "@SECRET@"
       },
       "type": "hadoop-single"
     }
diff --git a/image/scripts/hadoop-single-setup.sh b/image/scripts/hadoop-single-setup.sh
index 0e457e4..5c5504d 100755
--- a/image/scripts/hadoop-single-setup.sh
+++ b/image/scripts/hadoop-single-setup.sh
@@ -19,9 +19,14 @@ service puppet-master restart
 
 puppet config set server `hostname -f`
 puppet config set --section agent http_read_timeout 30
+f=/etc/puppet/code/environments/production/manifests/site.pp
+while grep -q '@SECRET@' $f; do
+	k="`dd if=/dev/random bs=27 count=1 2>/dev/null | base64 -`"
+	sed -i "0,/@SECRET@/s,@SECRET,$k," $f
+done
 puppet agent --test 2>&1 | tee stage1.log
 if test $? = 0 -o $? = 2; then
-	sed -i "s/^\\(\$hdfs_deployed\\s*=\\s*\\).*/\\1true/" /etc/puppet/code/environments/production/manifests/site.pp
+	sed -i "s/^\\(\$hdfs_deployed\\s*=\\s*\\).*/\\1true/" $f
 	puppet agent --test 2>&1 | tee stage2.log
 else
 	echo "First stage setup failed"
-- 
GitLab