bridgehead/lib/functions.sh

#!/bin/bash -e

exitIfNotRoot() {
  if [ "$EUID" -ne 0 ]; then
    echo "Please run as root"
    exit 1
  fi
}

checkOwner(){
  COUNT=$(find $1 ! -user $2 |wc -l)
  if [ $COUNT -gt 0 ]; then
    log ERROR "$COUNT files in $1 are not owned by user $2. Run find $1 ! -user $2 to see them, chown -R $2 $1 to correct this issue."
    return 1
  fi
  return 0
}

log() {
  echo -e "$(date +'%Y-%m-%d %T')" "$1:" "$2"
}

printUsage() {
	echo "Usage: bridgehead start|stop|update|install|uninstall PROJECTNAME"
	echo "PROJECTNAME should be one of ccp|nngm|gbn"
}

checkRequirements() {
	if ! lib/prerequisites.sh; then
		log "ERROR" "Validating Prerequisites failed, please fix the error(s) above this line."
		exit 1
	else
		return 0
	fi
}

fetchVarsFromVault() {
	[ -e /etc/bridgehead/vault.conf ] && source /etc/bridgehead/vault.conf

	if [ -z "$BW_MASTERPASS" ] || [ -z "$BW_CLIENTID" ] || [ -z "$BW_CLIENTSECRET" ]; then
		log "ERROR" "Please supply correct credentials in /etc/bridgehead/vault.conf."
		return 1
	fi

	set +e

	PASS=$(BW_MASTERPASS="$BW_MASTERPASS" BW_CLIENTID="$BW_CLIENTID" BW_CLIENTSECRET="$BW_CLIENTSECRET" docker run --rm -e BW_MASTERPASS -e BW_CLIENTID -e BW_CLIENTSECRET -e http_proxy samply/bridgehead-vaultfetcher $@)
	RET=$?

	if [ $RET -ne 0 ]; then
		echo "Code: $RET"
		echo $PASS
		return $RET
	fi

	eval $(echo -e "$PASS" | sed 's/\r//g')

	set -e

	return 0
}

fetchVarsFromVaultByFile() {
	VARS_TO_FETCH=""

	for line in $(cat $@); do
		if [[ $line =~ .*=[\"]*\<VAULT\>[\"]*.* ]]; then
			VARS_TO_FETCH+="$(echo -n $line | sed 's/=.*//') "
		fi
	done

	if [ -z "$VARS_TO_FETCH" ]; then
		return 0
	fi

	log INFO "Fetching $(echo $VARS_TO_FETCH | wc -w) secrets from Vault ..."

	fetchVarsFromVault $VARS_TO_FETCH

	return 0
}

assertVarsNotEmpty() {
	MISSING_VARS=""

	for VAR in $@; do
	if [ -z "${!VAR}" ]; then
			MISSING_VARS+="$VAR "
		fi
	done

	if [ -n "$MISSING_VARS" ]; then
		log "ERROR" "Mandatory variables not defined: $MISSING_VARS"
		return 1
	fi

	return 0
}

##Setting Network properties
export HOSTIP=$(MSYS_NO_PATHCONV=1 docker run --rm --add-host=host.docker.internal:host-gateway ubuntu cat /etc/hosts | grep 'host.docker.internal' | awk '{print $1}');
export HOST=$(hostname)
export PRODUCTION="false";
if [ "$(git branch --show-current)" == "main" ]; then
	export PRODUCTION="true";
fi
dktk-fed 2022-02-16 09:59:53 +01:00			`#!/bin/bash -e`

			`exitIfNotRoot() {`
			`if [ "$EUID" -ne 0 ]; then`
			`echo "Please run as root"`
			`exit 1`
			`fi`
			`}`

Move checkOwner() to functions.sh 2022-05-31 13:55:40 +02:00			`checkOwner(){`
			`COUNT=$(find $1 ! -user $2 \|wc -l)`
			`if [ $COUNT -gt 0 ]; then`
			`log ERROR "$COUNT files in $1 are not owned by user $2. Run find $1 ! -user $2 to see them, chown -R $2 $1 to correct this issue."`
			`return 1`
			`fi`
			`return 0`
			`}`

Don't do sudo 2022-01-10 15:31:07 +01:00			`log() {`
refactor: Ensured Usage of Log Function This should ensure a more consistent script output 2022-05-17 15:55:25 +02:00			`echo -e "$(date +'%Y-%m-%d %T')" "$1:" "$2"`
Don't do sudo 2022-01-10 15:31:07 +01:00			`}`
Housekeeping and script hardening in /srv/docker/bridgehead. Existing installations need to run bridgehead uninstall, bridgehead install. 2022-05-09 15:13:38 +02:00
			`printUsage() {`
			`echo "Usage: bridgehead start\|stop\|update\|install\|uninstall PROJECTNAME"`
docs: Added note on PROJECTNAME Parameter to Usage 2022-05-16 09:25:15 +02:00			`echo "PROJECTNAME should be one of ccp\|nngm\|gbn"`
Housekeeping and script hardening in /srv/docker/bridgehead. Existing installations need to run bridgehead uninstall, bridgehead install. 2022-05-09 15:13:38 +02:00			`}`

			`checkRequirements() {`
			`if ! lib/prerequisites.sh; then`
refactor: Ensured Usage of Log Function This should ensure a more consistent script output 2022-05-17 15:55:25 +02:00			`log "ERROR" "Validating Prerequisites failed, please fix the error(s) above this line."`
Housekeeping and script hardening in /srv/docker/bridgehead. Existing installations need to run bridgehead uninstall, bridgehead install. 2022-05-09 15:13:38 +02:00			`exit 1`
			`else`
			`return 0`
			`fi`
			`}`
Whenever a variable has the value <VAULT>, auto-fetch value from vault. 2022-05-12 18:23:52 +02:00
			`fetchVarsFromVault() {`
Support retrieving credentials for vault from /etc/bridgehead/vault.conf 2022-05-13 14:11:14 +02:00			`[ -e /etc/bridgehead/vault.conf ] && source /etc/bridgehead/vault.conf`

			`if [ -z "$BW_MASTERPASS" ] \|\| [ -z "$BW_CLIENTID" ] \|\| [ -z "$BW_CLIENTSECRET" ]; then`
refactor: Ensured Usage of Log Function This should ensure a more consistent script output 2022-05-17 15:55:25 +02:00			`log "ERROR" "Please supply correct credentials in /etc/bridgehead/vault.conf."`
Support retrieving credentials for vault from /etc/bridgehead/vault.conf 2022-05-13 14:11:14 +02:00			`return 1`
			`fi`

			`set +e`

Refactor fetchVarsFromVault 2022-05-31 09:22:38 +02:00			`PASS=$(BW_MASTERPASS="$BW_MASTERPASS" BW_CLIENTID="$BW_CLIENTID" BW_CLIENTSECRET="$BW_CLIENTSECRET" docker run --rm -e BW_MASTERPASS -e BW_CLIENTID -e BW_CLIENTSECRET -e http_proxy samply/bridgehead-vaultfetcher $@)`
Support retrieving credentials for vault from /etc/bridgehead/vault.conf 2022-05-13 14:11:14 +02:00			`RET=$?`

			`if [ $RET -ne 0 ]; then`
			`echo "Code: $RET"`
			`echo $PASS`
			`return $RET`
			`fi`

			`eval $(echo -e "$PASS" \| sed 's/\r//g')`

			`set -e`
Whenever a variable has the value <VAULT>, auto-fetch value from vault. 2022-05-12 18:23:52 +02:00
			`return 0`
			`}`
Removed ref to site.conf 2022-05-16 09:21:42 +02:00
Refactor fetchVarsFromVault 2022-05-31 09:22:38 +02:00			`fetchVarsFromVaultByFile() {`
			`VARS_TO_FETCH=""`

			`for line in $(cat $@); do`
Bugfix in fetchVarsFromVaultByFile: Detect variables with values à la "<VAULT>" 2022-05-31 13:40:25 +02:00			`if [[ $line =~ .=[\"]\<VAULT\>[\"]. ]]; then`
Refactor fetchVarsFromVault 2022-05-31 09:22:38 +02:00			`VARS_TO_FETCH+="$(echo -n $line \| sed 's/=.*//') "`
			`fi`
			`done`

			`if [ -z "$VARS_TO_FETCH" ]; then`
			`return 0`
			`fi`

			`log INFO "Fetching $(echo $VARS_TO_FETCH \| wc -w) secrets from Vault ..."`

			`fetchVarsFromVault $VARS_TO_FETCH`

			`return 0`
			`}`

New function assertVarsNotEmpty() 2022-05-31 13:56:12 +02:00			`assertVarsNotEmpty() {`
			`MISSING_VARS=""`

			`for VAR in $@; do`
			`if [ -z "${!VAR}" ]; then`
			`MISSING_VARS+="$VAR "`
			`fi`
			`done`

			`if [ -n "$MISSING_VARS" ]; then`
			`log "ERROR" "Mandatory variables not defined: $MISSING_VARS"`
			`return 1`
			`fi`

			`return 0`
			`}`

Removed ref to site.conf 2022-05-16 09:21:42 +02:00			`##Setting Network properties`
			`export HOSTIP=$(MSYS_NO_PATHCONV=1 docker run --rm --add-host=host.docker.internal:host-gateway ubuntu cat /etc/hosts \| grep 'host.docker.internal' \| awk '{print $1}');`
refactor: Ensured Usage of Log Function This should ensure a more consistent script output 2022-05-17 15:55:25 +02:00			`export HOST=$(hostname)`
feature: Set Production Flag based on main Branch 2022-05-23 11:21:16 +02:00			`export PRODUCTION="false";`
			`if [ "$(git branch --show-current)" == "main" ]; then`
			`export PRODUCTION="true";`
			`fi`