spiffe
/
spire-tutorials
mirror of https://github.com/spiffe/spire-tutorials.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
spire-tutorials/docker-compose/nested-spire/test.sh

54 lines
1.4 KiB
Bash
Executable File
Raw Blame History

#!/bin/bash
norm=$(tput sgr0) || true
green=$(tput setaf 2) || true
red=$(tput setaf 1) || true
bold=$(tput bold) || true
DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
timestamp() {
date -u "+[%Y-%m-%dT%H:%M:%SZ]"
}
log() {
echo "${bold}$(timestamp) $*${norm}"
}
fail() {
echo "${red}$(timestamp) $*${norm}"
exit 1
}
clean-env() {
log "Cleaning up..."
bash "${DIR}"/scripts/clean-env.sh
}
trap clean-env EXIT
log "Preparing Nested SPIRE environment..."
clean-env
bash "${DIR}"/scripts/set-env.sh
log "Creating workload registration entries..."
bash "${DIR}"/scripts/create-workload-registration-entries.sh
log "checking nested JWT-SVID..."
# Fetch JWT-SVID and extract token
token=$(docker compose -f "${DIR}"/docker-compose.yaml exec -u 1001 -T nestedA-agent \
/opt/spire/bin/spire-agent api fetch jwt -audience testIt -socketPath /opt/spire/sockets/workload_api.sock | sed -n '2p') || fail "JWT-SVID check failed"
# Validate token
validation_result=$(docker compose -f "${DIR}"/docker-compose.yaml exec -u 1001 -T nestedB-agent \
/opt/spire/bin/spire-agent api validate jwt -audience testIt -svid "${token}" -socketPath /opt/spire/sockets/workload_api.sock)
if echo $validation_result | grep -qe "SVID is valid."; then
echo "${green}Success${norm}"
exit 0
fi
echo "${red}Failed! JTW-SVID cannot be validated.${norm}".
exit 1
Reference in New Issue View Git Blame Copy Permalink