ahr user guide - apigee/ahr GitHub Wiki
-
AHR_HOME - defined in $AHR_HOME/bin/ahr-env as a directory from which ahr-env is sourced unless set
-
HYBRID_HOME - defined in $HYBRID_HOME/ as a directory from which ahr-env is sourced unless set
-
PROJECT - defined in and sourced from $HYBRID_HOME/
-
KUBECONFIG -config file that kubectl uses to hold cluster credentials configuration
Staying in the flow is important. One of the usability aspects, autocomplete functionality facilitate it.
ahr implements bash autocompletion. Two files, ahr-completion.bash
and apigeectl-completion.bash
are provided in the $AHR_HOME/bin
directory. They are sourced via $AHR_HOME/bin/ahr-env
.
In addition, $AHR_HOME/bin/ahr-env
scripts configures kubectl
completion and aliases it to k
.
bin/ahr-lib.sh
contains source-able collection of useful bash functions. Every ahr-*-ctl scripts sources it at the beginning of its execution. However, you can source it into your shell environment.
source $AHR_HOME/bin/ahr-lib.sh
token()
function solves the problem of active access token for your logged in identity that you can use for curl requests as Apigee Org Administrator. It piggybacks on gcloud config config-helper
command that checks if the access token hasn't expired and if it did, refreshes it automatically. It is especially useful in CI/CD use case scenarios.
You can use the token by supplying it in the following fashion:
curl -X POST -H "Authorization: Bearer $(token)" -H "Content-Type:application/json" "https://apigee.googleapis.com/v1/organizations/$ORG"
vaml()
invokes vim with color-coding for yaml inputs.
k get pods apigee-cassandra-0 -o yaml | vaml
'get_password()' function accepts a password in a secure way during interactive session, ie, without reflecting it at the command line. As we do not flash the password, there is a danger of mis-typing it. Therefore, it is important to ask it twice and compare inputs, then repeat unless equals.
export PASSWORD=$(get_password)
Usually, you just run a command with an action. Job done.
Sometime, you need to experiment, investigate, extend the tool or [it happans too] fix the bug.
The ahr-runtime-ctl org-config
command provides you with current property values of your Hybrid organisation.
ahr-runtime-ctl org-config
Hybrid Organization emea-cs-hybrid-demo6 properties:
{
"name": "emea-cs-hybrid-demo6",
"createdAt": "1569264223187",
"lastModifiedAt": "1584993859021",
"environments": [
"test"
],
"properties": {
"property": [
{
"name": "features.hybrid.enabled",
"value": "true"
},
{
"name": "features.mart.apigee.connect.enabled",
"value": "true"
},
{
"name": "features.mart.server.endpoint",
"value": "emea-cs-hybrid-demo6-mart.hybrid-apigee.net"
}
]
},
"analyticsRegion": "europe-west1",
"runtimeType": "HYBRID",
"subscriptionType": "PAID"
}
Sync Authorization:
{
"identities": [
"serviceAccount:[email protected]"
],
"etag": "BwWhZdJXjh4="
}
There are different ways to glimpse under the hood of ahr-*-ctl code.
If you want to re-use commands that ahr uses, look at the source code. It is copy-paste friendly.
For `org-runtime-ctl org-config command, we need to open the $AHR_HOME/bin/ahr-runtime-ctl file and search for "org-config" == "$ACTION"
?. Open the source file
less $AHR_HOME/bin/ahr-runtime-ctl
?. Enter the search regex
/"org-config"
?. Look around the action implementation
elif [ "org-config" == "$ACTION" ]; then
check_envvars "ORG"
echo "Hybrid Organization $ORG properties:"
curl -H "Authorization: Bearer $(token)" -H "Content-Type:application/json" "https://apigee.googleapis.com/v1/organizations/$ORG"
echo "Sync Authorization:"
curl -X POST -H "Authorization: Bearer $(token)" -H "Content-Type:application/json" "https://apigee.googleapis.com/v1/organizations/$ORG:getSyncAuthorization"
#-----------------------------------------------------------------------
?. Check that the required ORG environment variable is set:
echo $ORG
?. Verify that token ahr bash function is available.
echo $(token)
ya29.a0Ae4lvC0YyJtbd6y_...ip_0VOw9Z3FfQ
?. Copy-and-paste to execute the curl command directly
curl -X POST -H "Authorization: Bearer $(token)" -H "Content-Type:application/json" "https://apigee.googleapis.com/v1/organizations/$ORG:getSyncAuthorization"
{
"identities": [
"serviceAccount:[email protected]"
],
"etag": "BwWhZdJXjh4="
}
To troubleshoot ahr-*-ctl execution, we can prepend ahr command with bash -x
prefix. This way we can see bash tracing output for the executed script.
?. Execute ahr action in a tracing mode
bash -x ahr-runtime-ctl org-config
+ set -e
+++ dirname ahr-runtime-ctl
++ cd .
++ pwd
+ BASEDIR=/home/yuriyl/apigee-hybrid/ahr/bin
+ . /home/yuriyl/apigee-hybrid/ahr/bin/ahr-lib.sh
+ ACTION=org-config
+ '[' get == org-config ']'
+ '[' apigeectl == org-config ']'
...
+ '[' org-config == org-config ']'
+ check_envvars ORG
+ local varlist=ORG
+ local varsnotset=F
+ for v in $varlist
+ '[' -z emea-cs-hybrid-demo6 ']'
+ '[' F = T ']'
+ echo 'Hybrid Organization emea-cs-hybrid-demo6 properties:'
Hybrid Organization emea-cs-hybrid-demo6 properties:
++ token
+++ grep access_token
+++ gcloud config config-helper --force-auth-refresh
+++ grep -o -E '[^ ]+$'
++ echo -n ya29.a0Ae4...2aF2GZnyg
+ curl -H 'Authorization: Bearer ya29.a0Ae4...2aF2GZnyg' -H Content-Type:application/json https://apigee.googleapis.com/v1/organizations/emea-cs-hybrid-demo6
{
"name": "emea-cs-hybrid-demo6",
"createdAt": "1569264223187",
<snap-snap>
}
+ echo 'Sync Authorization:'
Sync Authorization:
++ token
+++ grep access_token
+++ grep -o -E '[^ ]+$'
+++ gcloud config config-helper --force-auth-refresh
++ echo -n ya29.a0Ae4...2aF2GZnyg
+ curl -X POST -H 'Authorization: Bearer ya29.a0Ae4...2aF2GZnyg' -H Content-Type:application/json https://apigee.googleapis.com/v1/organizations/emea-cs-hybrid-demo6:getSyncAuthorization
{
"identities": [
"serviceAccount:[email protected]"
],
"etag": "BwWhZdJXjh4="
}
(CLUSTER=emea-cs-hybrid-demo6-cluster; CLUSTER_ZONE=europe-west1-b; ahr-cluster-ctl delete)