-
Notifications
You must be signed in to change notification settings - Fork 4
/
Copy pathexample.sh
209 lines (170 loc) · 6.53 KB
/
example.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
#!/usr/bin/env bash
readlink_bin="${READLINK_PATH:-readlink}"
if ! "${readlink_bin}" -f test &> /dev/null; then
__DIR__="$(dirname "$(python3 -c "import os,sys; print(os.path.realpath(os.path.expanduser(sys.argv[1])))" "${0}")")"
else
__DIR__="$(dirname "$("${readlink_bin}" -f "${0}")")"
fi
consolelog() {
local color
local ts
# el-cheapo way to detect if timestamp needed or not
if [[ ! -z "${JENKINS_HOME}" ]]; then
ts=""
else
ts="[$(date -u +'%Y-%m-%d %H:%M:%S')] "
fi
color_reset='\e[0m'
case "${2}" in
success )
color='\e[0;32m'
;;
error )
color='\e[1;31m'
;;
* )
color='\e[0;37m'
;;
esac
if [[ ! -z "${1}" ]]; then
printf "${color}%s%s: %s${color_reset}\n" "${ts}" "${0##*/}" "${1}" >&2
fi
return 0
}
throw_exception() {
consolelog "Ooops!" error
echo 'Stack trace:' 1>&2
while caller $((n++)) 1>&2; do :; done;
exit 1
}
has_cmd() {
command -v "$1" >/dev/null
}
duration() {
local input="${1}"
local d=0 h=0 m=0 s=0
s=$((input%60))
m=$((input/60%60))
h=$((input/60/60%24))
d=$((input/60/60/24))
if [[ ${d} -gt 0 ]]; then
printf '%dd' "${d}"
fi
if [[ ${h} -gt 0 ]]; then
printf '%dh' "${h}"
fi
if [[ ${m} -gt 0 ]]; then
printf '%dm' "${m}"
fi
printf '%ds\n' "${s}"
}
set -e
trap 'throw_exception' ERR
source "${__DIR__}/.venv/bin/activate"
required_cmds=( \
aws \
rds-snap \
)
for required_cmd in "${required_cmds[@]}"; do
if ! has_cmd "${required_cmd}"; then
echo "required cmd missing (${required_cmd})" 1>&2
throw_exception
fi
done
DEFAULT_AWS_PROFILE="target-aws-profile"
TARGET_AWS_PROFILE="${DEFAULT_AWS_PROFILE:?}"
target_cluster_destroy() {
local start=$SECONDS
destroy_snapshot_identifier="${destroy_cluster_identifier:?}-$(date -u +%F-%H%M%S)"
consolelog "Destroy cluster ${destroy_cluster_identifier:?} after creating snapshot ${destroy_snapshot_identifier}"
rds-snap cluster delete --profile "${TARGET_AWS_PROFILE:?}" \
--snapshot-identifier "${destroy_snapshot_identifier:?}" \
--cluster-identifier "${destroy_cluster_identifier:?}" \
--wait
consolelog "Destroy cluster ${destroy_cluster_identifier:?} after creating snapshot ${destroy_snapshot_identifier} in duration $(duration $((SECONDS-start)))" success
}
target_snapshot_cycle() {
local start=$SECONDS
consolelog "Create snapshot of ${CLUSTER_IDENTIFIER} in ${SOURCE_AWS_PROFILE:?} and copy to ${TARGET_AWS_PROFILE:?}"
target_aws_acc_number=$(aws --profile "${TARGET_AWS_PROFILE}" sts get-caller-identity --query "Account" --output text)
if [[ -z ${target_aws_acc_number} ]]; then
consolelog "Could not obtain target_aws_acc_number" error
throw_exception
fi
rds-snap snapshot create --profile "${SOURCE_AWS_PROFILE:?}" --cluster "${CLUSTER_IDENTIFIER:?}" --snapshot-identifier "${snapshot_identifier:?}" --wait
rds-snap snapshot share --profile "${SOURCE_AWS_PROFILE:?}" --snapshot-identifier "${snapshot_identifier:?}" --account-number "${target_aws_acc_number:?}"
rds-snap snapshot copy --source-profile "${SOURCE_AWS_PROFILE:?}" --target-profile "${TARGET_AWS_PROFILE:?}" --snapshot-identifier "${snapshot_identifier:?}" --target-kms-alias "${TARGET_KMS_ALIAS:?}" --wait
rds-snap snapshot tag --profile "${TARGET_AWS_PROFILE:?}" --snapshot "${snapshot_identifier:?}" --tags '{"foo":"bar", "baz":"qux", "fred":"thud"}'
consolelog "Create snapshot of ${CLUSTER_IDENTIFIER} in ${SOURCE_AWS_PROFILE:?} and copy to ${TARGET_AWS_PROFILE:?} in $(duration $((SECONDS-start)))" success
}
target_cluster_create() {
local start=$SECONDS
consolelog "Create cluster ${cluster_identifier:?} in ${TARGET_AWS_PROFILE} based on ${create_cluster_source_snapshot_identifier:?}"
cluster_vpc_sg_id="$(aws --profile "${TARGET_AWS_PROFILE}" ec2 describe-security-groups --query 'SecurityGroups[].[GroupName, GroupId]' --output text | awk '/'"${TARGET_WORKSPACE:?}"'-something/ {print $NF}')"
rds-snap cluster restore --profile "${TARGET_AWS_PROFILE}" \
--snapshot-identifier "${create_cluster_source_snapshot_identifier:?}" \
--cluster-identifier "${cluster_identifier:?}" \
--db-subnet-group-name "${CLUSTER_SUBNET_GROUP_NAME:?}" \
--vpc-security-group-id "${cluster_vpc_sg_id:?}" \
--db-cluster-parameter-group-name "${CLUSTER_PARAMETER_GROUP_NAME:?}" \
--db-cluster-master-password "${CLUSTER_DB_PASSWORD:?}" \
--db-instance-class "${CLUSTER_INSTANCE_CLASS:?}"
rds-snap cluster tag --profile "${TARGET_AWS_PROFILE:?}" --cluster "${cluster_identifier:?}" --tags '{"foo":"bar", "baz":"qux", "fred":"thud"}'
consolelog "Create cluster ${cluster_identifier:?} in ${TARGET_AWS_PROFILE} based on ${create_cluster_source_snapshot_identifier:?} in duration $(duration $((SECONDS-start)))" success
}
target_example_create(){
local start=$SECONDS
SOURCE_AWS_PROFILE="source-aws-profile"
TARGET_WORKSPACE="my-workspace"
CLUSTER_IDENTIFIER="${TARGET_WORKSPACE:?}-example"
CLUSTER_INSTANCE_CLASS="db.r5.large"
CLUSTER_SUBNET_GROUP_NAME="${TARGET_WORKSPACE:?}-main-vpc"
CLUSTER_PARAMETER_GROUP_NAME="my-cluster-param-group"
TARGET_KMS_ALIAS="${TARGET_WORKSPACE:?}/db"
CLUSTER_DB_PASSWORD="cHaNgE-Me-pLeAsE"
cluster_identifier="${CLUSTER_IDENTIFIER:?}"
snapshot_identifier="${cluster_identifier:?}-$(date -u +%F-%H%M%S)"
create_cluster_source_snapshot_identifier="${snapshot_identifier:?}"
# snapshot
target_snapshot_cycle
# cluster create
target_cluster_create
consolelog "example_create duration $(duration $((SECONDS-start)))" success
}
target_example_destroy(){
local start=$SECONDS
SOURCE_AWS_PROFILE="source-aws-profile"
TARGET_WORKSPACE="prod"
CLUSTER_IDENTIFIER="${TARGET_WORKSPACE:?}-example"
cluster_identifier="${CLUSTER_IDENTIFIER:?}"
snapshot_identifier="${cluster_identifier:?}-$(date -u +%F-%H%M%S)"
create_cluster_source_snapshot_identifier="${snapshot_identifier:?}"
destroy_cluster_identifier="${cluster_identifier:?}"
# cluster destroy
target_cluster_destroy
consolelog "example_destroy duration $(duration $((SECONDS-start)))" success
}
target_example_refresh() {
target_example_destroy
target_example_create
}
if [[ -z "${1}" ]]; then
target="target_example_refresh"
else
target="target_${1}"
fi
if [[ "$(type -t "${target}")" != "function" ]]; then
consolelog "unknown target: ${target#*_}" "error"
echo -e "\n\nAvailable targets:"
targets=( $(compgen -A function) )
for target in "${targets[@]}"; do
if [[ "${target}" == "target_"* ]]; then
echo "- ${target#*_}"
fi
done
exit 1
fi
if [[ "${#@}" -gt "0" ]]; then
shift
fi
"${target}" "${@}"