#! /usr/bin/env zsh## Deploy wrapper -- called via SSH from Jenkins.## User

1. #! /usr/bin/env zsh
2.  
3. #
4. # Deploy wrapper -- called via SSH from Jenkins.
5. #
6. # User dcmn authorized_keys looks like
7. # no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty,command="/home/dcmn/deploy" ...
8. # and Jenkins connects with a single call:
9. # ssh dcmn@saltmaster live foo < release.tar.gz
10. #
11. # or for EMR-AMI:
12. # ssh dcmn@saltmaster live bigdata < $WORKSPACE/bigdata/config/config.dist.yaml
13. # ssh dcmn@saltmaster live bigdata-spark < $WORKSPACE/bigdata-spark/application.dist.conf
14. # printf "tar_suffix=$tar_suffix\nbs_spark=$bs_spark\n" | ssh dcmn@saltmaster live bigdata-packer
15. #
16.  
17. PATH=/usr/bin:/bin
18. set -eu
19.  
20. stage=(live staging testing)
21. project=(foo
22. bar
23. baz
24. bigdata
25. bigdata-spark
26. bigdata-packer
27. )
28.  
29. function error {
30. print -r "Error: $@" >&2
31. exit 1
32. }
33.  
34. function cenv {
35. env - PATH=/usr/bin:/bin $@
36. }
37.  
38. [[ $SSH_ORIGINAL_COMMAND =~ [^a-zA-Z_\ \-] ]] && \
39. error 'bad parameter: "'"$SSH_ORIGINAL_COMMAND"'"'
40.  
41. args=(${(s. .)SSH_ORIGINAL_COMMAND})
42. [[ -z $args ]] && error 'missing $SSH_ORIGINAL_COMMAND'
43.  
44. case $args[1] in
45. (${(~j.|.)stage}) stage=$args[1] ;;
46. (*) error "stage not in (${(j.|.)stage})" ;;
47. esac
48.  
49. case $args[2] in
50. (${(~j.|.)project}) project=$args[2] ;;
51. (*) error "project not in (${(j.|.)project})" ;;
52. esac
53.  
54. mkdir -p "releases/$stage/$project"
55.  
56. case $project in
57. (bigdata|bigdata-spark)
58. case $project in
59. (bigdata)
60. configs=(bigdata bigdata-spark)
61. template="config.dist.yaml"
62. ;;
63. (bigdata-spark)
64. configs=(bigdata-spark)
65. template="application.dist.conf"
66. ;;
67. (*) false ;;
68. esac
69.  
70. cat > "releases/$stage/$project/$template"
71.  
72. tmpfile=$(mktemp /tmp/config_render.XXXXXXX)
73. trap "rm -f $tmpfile" EXIT HUP INT TERM
74.  
75. cd deployment
76. cenv sudo python scripts/config_render.py \
77. --configs "pillar/deployment/$stage/"${(v)^configs}".sls" \
78. --template "../releases/$stage/$project/$template" \
79. --output "$tmpfile"
80. aws s3 mv "$tmpfile" "s3://dcmn-emr-bootstrap/$stage/$project/${template/.dist/}"
81. ;;
82.  
83. (bigdata-packer)
84.  
85. #
86. # $tar_suffix
87. # $bs_spark
88. # (Prevent variable injection to execute arbitrary code.)
89. #
90. tmpfile=$(mktemp /tmp/env.XXXXXXX)
91. trap "rm -f $tmpfile" EXIT HUP INT TERM
92. grep -E '^(tar_suffix|bs_spark)=' | \
93. sed -e 's/[^a-zA-Z0-9_=\.\-]/_/g' > "$tmpfile"
94. source "$tmpfile"
95.  
96. source /etc/profile.d/packer.sh
97. cd deployment
98.  
99. packer build -var env="$stage" \
100. -var bigdata_version="$tar_suffix" \
101. -var bigdata_spark_version="$bs_spark" \
102. packer/emr/emr-base.json
103. ;;
104.  
105. (*)
106. cat > "releases/$stage/$project/releases.tar.gz"
107.  
108. cenv sudo salt 'static*.'"$stage"'.dcmn.lan' state.apply \
109. deployment.${stage}.$project \
110. pillar='{"deploy_project": "'$project'"}'
111. ;;
112. esac