[nifi] 01/03: Replace properties defined as env variables

chriss Tue, 28 Feb 2023 10:18:18 -0800

This is an automated email from the ASF dual-hosted git repository.

chriss pushed a commit to branch NIFI-7060
in repository https://gitbox.apache.org/repos/asf/nifi.git


commit abfea95ba5f76563b3bb2975c6972d12f865737a
Author: Adrian Martin <adrianmartinpa...@gmail.com>
AuthorDate: Wed Jan 22 18:35:33 2020 +0000

    Replace properties defined as env variables
---
 nifi-docker/dockerhub/sh/common.sh                 | 11 +++--
 nifi-docker/dockerhub/sh/secure.sh                 | 38 +++++++--------
 nifi-docker/dockerhub/sh/start.sh                  | 54 +++++++++++++---------
 nifi-docker/dockerhub/sh/toolkit.sh                |  7 +--
 .../sh/update_cluster_state_management.sh          |  4 +-
 nifi-docker/dockerhub/sh/update_login_providers.sh |  2 +-
 6 files changed, 66 insertions(+), 50 deletions(-)

diff --git a/nifi-docker/dockerhub/sh/common.sh 
b/nifi-docker/dockerhub/sh/common.sh
index d78aec494c..f2121abec8 100755
--- a/nifi-docker/dockerhub/sh/common.sh
+++ b/nifi-docker/dockerhub/sh/common.sh
@@ -20,13 +20,13 @@
 prop_replace () {
   target_file=${3:-${nifi_props_file}}
   echo "File [${target_file}] replacing [${1}]"
-  sed -i -e "s|^$1=.*$|$1=$2|"  ${target_file}
+  sed -i -e "s|^$1=.*$|$1=$2|"  "${target_file}"
 }
 
 uncomment() {
   target_file=${2}
   echo "File [${target_file}] uncommenting [${1}]"
-  sed -i -e "s|^\#$1|$1|" ${target_file}
+  sed -i -e "s|^\#$1|$1|" "${target_file}"
 }
 
 # 1 - property key to add or replace
@@ -37,9 +37,9 @@ prop_add_or_replace () {
   property_found=$(awk -v property="${1}" 'index($0, property) == 1')
   if [ -z "${property_found}" ]; then
     echo "File [${target_file}] adding [${1}]"
-    echo "$1=$2" >> ${target_file}
+    echo "$1=$2" >> "${target_file}"
   else
-    prop_replace $1 $2 $3  
+    prop_replace "$1" "$2" "$3"
   fi
 }
 
@@ -47,4 +47,5 @@ prop_add_or_replace () {
 export nifi_bootstrap_file=${NIFI_HOME}/conf/bootstrap.conf
 export nifi_props_file=${NIFI_HOME}/conf/nifi.properties
 export nifi_toolkit_props_file=${HOME}/.nifi-cli.nifi.properties
-export hostname=$(hostname)
+hostname=$(hostname)
+export hostname
diff --git a/nifi-docker/dockerhub/sh/secure.sh 
b/nifi-docker/dockerhub/sh/secure.sh
index 4fff214e8c..dd021ccd76 100755
--- a/nifi-docker/dockerhub/sh/secure.sh
+++ b/nifi-docker/dockerhub/sh/secure.sh
@@ -22,21 +22,21 @@ scripts_dir='/opt/nifi/scripts'
 # Perform idempotent changes of configuration to support secure environments
 echo 'Configuring environment with SSL settings'
 
-: ${KEYSTORE_PATH:?"Must specify an absolute path to the keystore being used."}
+: "${KEYSTORE_PATH:?"Must specify an absolute path to the keystore being 
used."}"
 if [ ! -f "${KEYSTORE_PATH}" ]; then
     echo "Keystore file specified (${KEYSTORE_PATH}) does not exist."
     exit 1
 fi
-: ${KEYSTORE_TYPE:?"Must specify the type of keystore (JKS, PKCS12, PEM) of 
the keystore being used."}
-: ${KEYSTORE_PASSWORD:?"Must specify the password of the keystore being used."}
+: "${KEYSTORE_TYPE:?"Must specify the type of keystore (JKS, PKCS12, PEM) of 
the keystore being used."}"
+: "${KEYSTORE_PASSWORD:?"Must specify the password of the keystore being 
used."}"
 
-: ${TRUSTSTORE_PATH:?"Must specify an absolute path to the truststore being 
used."}
+: "${TRUSTSTORE_PATH:?"Must specify an absolute path to the truststore being 
used."}"
 if [ ! -f "${TRUSTSTORE_PATH}" ]; then
     echo "Keystore file specified (${TRUSTSTORE_PATH}) does not exist."
     exit 1
 fi
-: ${TRUSTSTORE_TYPE:?"Must specify the type of truststore (JKS, PKCS12, PEM) 
of the truststore being used."}
-: ${TRUSTSTORE_PASSWORD:?"Must specify the password of the truststore being 
used."}
+: "${TRUSTSTORE_TYPE:?"Must specify the type of truststore (JKS, PKCS12, PEM) 
of the truststore being used."}"
+: "${TRUSTSTORE_PASSWORD:?"Must specify the password of the truststore being 
used."}"
 
 prop_replace 'nifi.security.keystore'           "${KEYSTORE_PATH}"
 prop_replace 'nifi.security.keystoreType'       "${KEYSTORE_TYPE}"
@@ -46,36 +46,38 @@ prop_replace 'nifi.security.truststore'         
"${TRUSTSTORE_PATH}"
 prop_replace 'nifi.security.truststoreType'     "${TRUSTSTORE_TYPE}"
 prop_replace 'nifi.security.truststorePasswd'   "${TRUSTSTORE_PASSWORD}"
 
-prop_replace 'keystore'           "${KEYSTORE_PATH}"                    
${nifi_toolkit_props_file}
-prop_replace 'keystoreType'       "${KEYSTORE_TYPE}"                    
${nifi_toolkit_props_file}
-prop_replace 'keystorePasswd'     "${KEYSTORE_PASSWORD}"                
${nifi_toolkit_props_file}
-prop_replace 'keyPasswd'          "${KEY_PASSWORD:-$KEYSTORE_PASSWORD}" 
${nifi_toolkit_props_file}
-prop_replace 'truststore'         "${TRUSTSTORE_PATH}"                  
${nifi_toolkit_props_file}
-prop_replace 'truststoreType'     "${TRUSTSTORE_TYPE}"                  
${nifi_toolkit_props_file}
+# shellcheck disable=SC2154
+prop_replace 'keystore'           "${KEYSTORE_PATH}"                    
"${nifi_toolkit_props_file}"
+prop_replace 'keystoreType'       "${KEYSTORE_TYPE}"                    
"${nifi_toolkit_props_file}"
+prop_replace 'keystorePasswd'     "${KEYSTORE_PASSWORD}"                
"${nifi_toolkit_props_file}"
+prop_replace 'keyPasswd'          "${KEY_PASSWORD:-$KEYSTORE_PASSWORD}" 
"${nifi_toolkit_props_file}"
+prop_replace 'truststore'         "${TRUSTSTORE_PATH}"                  
"${nifi_toolkit_props_file}"
+prop_replace 'truststoreType'     "${TRUSTSTORE_TYPE}"                  
"${nifi_toolkit_props_file}"
+# shellcheck disable=SC2086
 prop_replace 'truststorePasswd'   "${TRUSTSTORE_PASSWORD}"              
${nifi_toolkit_props_file}
 
 # Disable HTTP and enable HTTPS
 prop_replace 'nifi.web.http.port'   ''
 prop_replace 'nifi.web.http.host'   ''
 prop_replace 'nifi.web.https.port'  "${NIFI_WEB_HTTPS_PORT:-8443}"
-prop_replace 'nifi.web.https.host'  "${NIFI_WEB_HTTPS_HOST:-$HOSTNAME}"
+prop_replace 'nifi.web.https.host'  "${NIFI_WEB_HTTPS_HOST:-$hostname}"
 prop_replace 'nifi.remote.input.secure' 'true'
 # Enable the property only for cluster install
 prop_replace 'nifi.cluster.protocol.is.secure' "${NIFI_CLUSTER_IS_NODE:-false}"
 
 # Setup nifi-toolkit
-prop_replace 'baseUrl' 
"https://${NIFI_WEB_HTTPS_HOST:-$HOSTNAME}:${NIFI_WEB_HTTPS_PORT:-8443}"; 
${nifi_toolkit_props_file}
+prop_replace 'baseUrl' 
"https://${NIFI_WEB_HTTPS_HOST:-$hostname}:${NIFI_WEB_HTTPS_PORT:-8443}"; 
"${nifi_toolkit_props_file}"
 
 # Configure Authorizer and Login Identity Provider
 prop_replace 'nifi.security.user.authorizer' 
"${NIFI_SECURITY_USER_AUTHORIZER:-managed-authorizer}"
 prop_replace 'nifi.security.user.login.identity.provider' 
"${NIFI_SECURITY_USER_LOGIN_IDENTITY_PROVIDER}"
 
 # Establish initial user and an associated admin identity
-sed -i -e 's|<property name="Initial User Identity 1"></property>|<property 
name="Initial User Identity 1">'"${INITIAL_ADMIN_IDENTITY}"'</property>|'  
${NIFI_HOME}/conf/authorizers.xml
-sed -i -e 's|<property name="Initial Admin Identity"></property>|<property 
name="Initial Admin Identity">'"${INITIAL_ADMIN_IDENTITY}"'</property>|'  
${NIFI_HOME}/conf/authorizers.xml
+sed -i -e 's|<property name="Initial User Identity 1"></property>|<property 
name="Initial User Identity 1">'"${INITIAL_ADMIN_IDENTITY}"'</property>|'  
"${NIFI_HOME}/conf/authorizers.xml"
+sed -i -e 's|<property name="Initial Admin Identity"></property>|<property 
name="Initial Admin Identity">'"${INITIAL_ADMIN_IDENTITY}"'</property>|'  
"${NIFI_HOME}/conf/authorizers.xml"
 
 if [ -n "${NODE_IDENTITY}" ]; then
-    sed -i -e 's|<property name="Node Identity 1"></property>|<property 
name="Node Identity 1">'"${NODE_IDENTITY}"'</property>|'  
${NIFI_HOME}/conf/authorizers.xml
+    sed -i -e 's|<property name="Node Identity 1"></property>|<property 
name="Node Identity 1">'"${NODE_IDENTITY}"'</property>|'  
"${NIFI_HOME}/conf/authorizers.xml"
 fi
 
-prop_replace 'proxiedEntity' "${INITIAL_ADMIN_IDENTITY}" 
${nifi_toolkit_props_file}
+prop_replace 'proxiedEntity' "${INITIAL_ADMIN_IDENTITY}" 
"${nifi_toolkit_props_file}"
diff --git a/nifi-docker/dockerhub/sh/start.sh 
b/nifi-docker/dockerhub/sh/start.sh
index 869a8e41b5..35cf333718 100755
--- a/nifi-docker/dockerhub/sh/start.sh
+++ b/nifi-docker/dockerhub/sh/start.sh
@@ -17,44 +17,56 @@
 
 scripts_dir='/opt/nifi/scripts'
 
+# shellcheck source=./common.sh
 [ -f "${scripts_dir}/common.sh" ] && . "${scripts_dir}/common.sh"
 
 # Override JVM memory settings
-if [ ! -z "${NIFI_JVM_HEAP_INIT}" ]; then
-    prop_replace 'java.arg.2'       "-Xms${NIFI_JVM_HEAP_INIT}" 
${nifi_bootstrap_file}
+if [ -n "${NIFI_JVM_HEAP_INIT}" ]; then
+    # shellcheck disable=SC2154
+    prop_replace 'java.arg.2'       "-Xms${NIFI_JVM_HEAP_INIT}" 
"${nifi_bootstrap_file}"
 fi
 
-if [ ! -z "${NIFI_JVM_HEAP_MAX}" ]; then
-    prop_replace 'java.arg.3'       "-Xmx${NIFI_JVM_HEAP_MAX}" 
${nifi_bootstrap_file}
+if [ -n "${NIFI_JVM_HEAP_MAX}" ]; then
+    prop_replace 'java.arg.3'       "-Xmx${NIFI_JVM_HEAP_MAX}" 
"${nifi_bootstrap_file}"
 fi
 
-if [ ! -z "${NIFI_JVM_DEBUGGER}" ]; then
-    uncomment "java.arg.debug" ${nifi_bootstrap_file}
+if [ -n "${NIFI_JVM_DEBUGGER}" ]; then
+    uncomment "java.arg.debug" "${nifi_bootstrap_file}"
 fi
 
+# Replace NiFi properties with environment variables
+NIFI_ENV_VARS=$(printenv | awk -F= '/^NIFI_/ {print $1}')
+
+for ENV_VAR in $NIFI_ENV_VARS; do
+    PROP_NAME=$(echo "$ENV_VAR" | tr _ . | tr '[:upper:]' '[:lower:]')
+    PROP_VALUE=$(printenv "$ENV_VAR")
+    prop_replace "$PROP_NAME" "$PROP_VALUE"
+done
+
 # Establish baseline properties
 prop_replace 'nifi.web.https.port'              "${NIFI_WEB_HTTPS_PORT:-8443}"
-prop_replace 'nifi.web.https.host'              
"${NIFI_WEB_HTTPS_HOST:-$HOSTNAME}"
+prop_replace 'nifi.web.https.host'              
"${NIFI_WEB_HTTPS_HOST:-$hostname}"
 prop_replace 'nifi.web.proxy.host'              "${NIFI_WEB_PROXY_HOST}"
-prop_replace 'nifi.remote.input.host'           
"${NIFI_REMOTE_INPUT_HOST:-$HOSTNAME}"
+prop_replace 'nifi.remote.input.host'           
"${NIFI_REMOTE_INPUT_HOST:-$hostname}"
 prop_replace 'nifi.remote.input.socket.port'    
"${NIFI_REMOTE_INPUT_SOCKET_PORT:-10000}"
 prop_replace 'nifi.remote.input.secure'         'true'
 prop_replace 'nifi.cluster.protocol.is.secure'  'true'
 
 # Set nifi-toolkit properties files and baseUrl
 "${scripts_dir}/toolkit.sh"
-prop_replace 'baseUrl' 
"https://${NIFI_WEB_HTTPS_HOST:-$HOSTNAME}:${NIFI_WEB_HTTPS_PORT:-8443}"; 
${nifi_toolkit_props_file}
+# shellcheck disable=SC2154
+prop_replace 'baseUrl' 
"https://${NIFI_WEB_HTTPS_HOST:-$hostname}:${NIFI_WEB_HTTPS_PORT:-8443}"; 
"${nifi_toolkit_props_file}"
 
-prop_replace 'keystore'           "${NIFI_HOME}/conf/keystore.p12"      
${nifi_toolkit_props_file}
-prop_replace 'keystoreType'       "PKCS12"                              
${nifi_toolkit_props_file}
-prop_replace 'truststore'         "${NIFI_HOME}/conf/truststore.p12"    
${nifi_toolkit_props_file}
-prop_replace 'truststoreType'     "PKCS12"                              
${nifi_toolkit_props_file}
+prop_replace 'keystore'           "${NIFI_HOME}/conf/keystore.p12"      
"${nifi_toolkit_props_file}"
+prop_replace 'keystoreType'       "PKCS12"                              
"${nifi_toolkit_props_file}"
+prop_replace 'truststore'         "${NIFI_HOME}/conf/truststore.p12"    
"${nifi_toolkit_props_file}"
+prop_replace 'truststoreType'     "PKCS12"                              
"${nifi_toolkit_props_file}"
 
 if [ -n "${NIFI_WEB_HTTP_PORT}" ]; then
     prop_replace 'nifi.web.https.port'                        ''
     prop_replace 'nifi.web.https.host'                        ''
     prop_replace 'nifi.web.http.port'                         
"${NIFI_WEB_HTTP_PORT}"
-    prop_replace 'nifi.web.http.host'                         
"${NIFI_WEB_HTTP_HOST:-$HOSTNAME}"
+    prop_replace 'nifi.web.http.host'                         
"${NIFI_WEB_HTTP_HOST:-$hostname}"
     prop_replace 'nifi.remote.input.secure'                   'false'
     prop_replace 'nifi.cluster.protocol.is.secure'            'false'
     prop_replace 'nifi.security.keystore'                     ''
@@ -62,11 +74,11 @@ if [ -n "${NIFI_WEB_HTTP_PORT}" ]; then
     prop_replace 'nifi.security.truststore'                   ''
     prop_replace 'nifi.security.truststoreType'               ''
     prop_replace 'nifi.security.user.login.identity.provider' ''
-    prop_replace 'keystore'                                   '' 
${nifi_toolkit_props_file}
-    prop_replace 'keystoreType'                               '' 
${nifi_toolkit_props_file}
-    prop_replace 'truststore'                                 '' 
${nifi_toolkit_props_file}
-    prop_replace 'truststoreType'                             '' 
${nifi_toolkit_props_file}
-    prop_replace 'baseUrl' 
"http://${NIFI_WEB_HTTP_HOST:-$HOSTNAME}:${NIFI_WEB_HTTP_PORT}"; 
${nifi_toolkit_props_file}
+    prop_replace 'keystore'                                   '' 
"${nifi_toolkit_props_file}"
+    prop_replace 'keystoreType'                               '' 
"${nifi_toolkit_props_file}"
+    prop_replace 'truststore'                                 '' 
"${nifi_toolkit_props_file}"
+    prop_replace 'truststoreType'                             '' 
"${nifi_toolkit_props_file}"
+    prop_replace 'baseUrl' 
"http://${NIFI_WEB_HTTP_HOST:-$hostname}:${NIFI_WEB_HTTP_PORT}"; 
"${nifi_toolkit_props_file}"
 
     if [ -n "${NIFI_WEB_PROXY_HOST}" ]; then
         echo 'NIFI_WEB_PROXY_HOST was set but NiFi is not configured to run in 
a secure mode. Unsetting nifi.web.proxy.host.'
@@ -80,7 +92,7 @@ fi
 
 prop_replace 'nifi.variable.registry.properties'    
"${NIFI_VARIABLE_REGISTRY_PROPERTIES:-}"
 prop_replace 'nifi.cluster.is.node'                         
"${NIFI_CLUSTER_IS_NODE:-false}"
-prop_replace 'nifi.cluster.node.address'                    
"${NIFI_CLUSTER_ADDRESS:-$HOSTNAME}"
+prop_replace 'nifi.cluster.node.address'                    
"${NIFI_CLUSTER_ADDRESS:-$hostname}"
 prop_replace 'nifi.cluster.node.protocol.port'              
"${NIFI_CLUSTER_NODE_PROTOCOL_PORT:-}"
 prop_replace 'nifi.cluster.node.protocol.max.threads'       
"${NIFI_CLUSTER_NODE_PROTOCOL_MAX_THREADS:-50}"
 prop_replace 'nifi.zookeeper.connect.string'                
"${NIFI_ZK_CONNECT_STRING:-}"
@@ -109,7 +121,7 @@ if [ -n "${NIFI_SENSITIVE_PROPS_KEY}" ]; then
 fi
 
 if [ -n "${SINGLE_USER_CREDENTIALS_USERNAME}" ] && [ -n 
"${SINGLE_USER_CREDENTIALS_PASSWORD}" ]; then
-    ${NIFI_HOME}/bin/nifi.sh set-single-user-credentials 
"${SINGLE_USER_CREDENTIALS_USERNAME}" "${SINGLE_USER_CREDENTIALS_PASSWORD}"
+    "${NIFI_HOME}/bin/nifi.sh" set-single-user-credentials 
"${SINGLE_USER_CREDENTIALS_USERNAME}" "${SINGLE_USER_CREDENTIALS_PASSWORD}"
 fi
 
 . "${scripts_dir}/update_cluster_state_management.sh"
diff --git a/nifi-docker/dockerhub/sh/toolkit.sh 
b/nifi-docker/dockerhub/sh/toolkit.sh
index 5262c91734..465b38400f 100755
--- a/nifi-docker/dockerhub/sh/toolkit.sh
+++ b/nifi-docker/dockerhub/sh/toolkit.sh
@@ -15,7 +15,8 @@
 #    See the License for the specific language governing permissions and
 #    limitations under the License.
 
-cat <<EOT > ${nifi_toolkit_props_file}
+# shellcheck disable=SC2154
+cat <<EOT > "${nifi_toolkit_props_file}"
 baseUrl=
 keystore=
 keystoreType=
@@ -27,6 +28,6 @@ truststorePasswd=
 proxiedEntity=
 EOT
 
-cat <<EOT > ${HOME}/.nifi-cli.config
+cat <<EOT > "${HOME}/.nifi-cli.config"
 nifi.props=${nifi_toolkit_props_file}
-EOT
\ No newline at end of file
+EOT
diff --git a/nifi-docker/dockerhub/sh/update_cluster_state_management.sh 
b/nifi-docker/dockerhub/sh/update_cluster_state_management.sh
index 718e52de77..da49bdb65c 100755
--- a/nifi-docker/dockerhub/sh/update_cluster_state_management.sh
+++ b/nifi-docker/dockerhub/sh/update_cluster_state_management.sh
@@ -15,7 +15,7 @@
 #    See the License for the specific language governing permissions and
 #    limitations under the License.
 
-state_providers_file=${NIFI_HOME}/conf/state-management.xml
+state_providers_file="${NIFI_HOME}/conf/state-management.xml"
 property_xpath='/stateManagement/cluster-provider/property'
 
 edit_property() {
@@ -28,4 +28,4 @@ edit_property() {
 }
 
 edit_property 'Connect String'     "${NIFI_ZK_CONNECT_STRING}"
-edit_property "Root Node"                   "${NIFI_ZK_ROOT_NODE}"
\ No newline at end of file
+edit_property "Root Node"                   "${NIFI_ZK_ROOT_NODE}"
diff --git a/nifi-docker/dockerhub/sh/update_login_providers.sh 
b/nifi-docker/dockerhub/sh/update_login_providers.sh
index c0ddc0ca75..b323ce7153 100755
--- a/nifi-docker/dockerhub/sh/update_login_providers.sh
+++ b/nifi-docker/dockerhub/sh/update_login_providers.sh
@@ -15,7 +15,7 @@
 #    See the License for the specific language governing permissions and
 #    limitations under the License.
 
-login_providers_file=${NIFI_HOME}/conf/login-identity-providers.xml
+login_providers_file="${NIFI_HOME}/conf/login-identity-providers.xml"
 property_xpath='//loginIdentityProviders/provider/property'
 
 # Update a given property in the login-identity-providers file if a value is 
specified

[nifi] 01/03: Replace properties defined as env variables

Reply via email to