Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #! /usr/bin/env zsh
- #
- # Deploy wrapper -- called via SSH from Jenkins.
- #
- # User dcmn authorized_keys looks like
- # no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty,command="/home/dcmn/deploy" ...
- # and Jenkins connects with a single call:
- # ssh dcmn@saltmaster live foo < release.tar.gz
- #
- # or for EMR-AMI:
- # ssh dcmn@saltmaster live bigdata < $WORKSPACE/bigdata/config/config.dist.yaml
- # ssh dcmn@saltmaster live bigdata-spark < $WORKSPACE/bigdata-spark/application.dist.conf
- # printf "tar_suffix=$tar_suffix\nbs_spark=$bs_spark\n" | ssh dcmn@saltmaster live bigdata-packer
- #
- PATH=/usr/bin:/bin
- set -eu
- stage=(live staging testing)
- project=(foo
- bar
- baz
- bigdata
- bigdata-spark
- bigdata-packer
- )
- function error {
- print -r "Error: $@" >&2
- exit 1
- }
- function cenv {
- env - PATH=/usr/bin:/bin $@
- }
- [[ $SSH_ORIGINAL_COMMAND =~ [^a-zA-Z_\ \-] ]] && \
- error 'bad parameter: "'"$SSH_ORIGINAL_COMMAND"'"'
- args=(${(s. .)SSH_ORIGINAL_COMMAND})
- [[ -z $args ]] && error 'missing $SSH_ORIGINAL_COMMAND'
- case $args[1] in
- (${(~j.|.)stage}) stage=$args[1] ;;
- (*) error "stage not in (${(j.|.)stage})" ;;
- esac
- case $args[2] in
- (${(~j.|.)project}) project=$args[2] ;;
- (*) error "project not in (${(j.|.)project})" ;;
- esac
- mkdir -p "releases/$stage/$project"
- case $project in
- (bigdata|bigdata-spark)
- case $project in
- (bigdata)
- configs=(bigdata bigdata-spark)
- template="config.dist.yaml"
- ;;
- (bigdata-spark)
- configs=(bigdata-spark)
- template="application.dist.conf"
- ;;
- (*) false ;;
- esac
- cat > "releases/$stage/$project/$template"
- tmpfile=$(mktemp /tmp/config_render.XXXXXXX)
- trap "rm -f $tmpfile" EXIT HUP INT TERM
- cd deployment
- cenv sudo python scripts/config_render.py \
- --configs "pillar/deployment/$stage/"${(v)^configs}".sls" \
- --template "../releases/$stage/$project/$template" \
- --output "$tmpfile"
- aws s3 mv "$tmpfile" "s3://dcmn-emr-bootstrap/$stage/$project/${template/.dist/}"
- ;;
- (bigdata-packer)
- #
- # $tar_suffix
- # $bs_spark
- # (Prevent variable injection to execute arbitrary code.)
- #
- tmpfile=$(mktemp /tmp/env.XXXXXXX)
- trap "rm -f $tmpfile" EXIT HUP INT TERM
- grep -E '^(tar_suffix|bs_spark)=' | \
- sed -e 's/[^a-zA-Z0-9_=\.\-]/_/g' > "$tmpfile"
- source "$tmpfile"
- source /etc/profile.d/packer.sh
- cd deployment
- packer build -var env="$stage" \
- -var bigdata_version="$tar_suffix" \
- -var bigdata_spark_version="$bs_spark" \
- packer/emr/emr-base.json
- ;;
- (*)
- cat > "releases/$stage/$project/releases.tar.gz"
- cenv sudo salt 'static*.'"$stage"'.dcmn.lan' state.apply \
- deployment.${stage}.$project \
- pillar='{"deploy_project": "'$project'"}'
- ;;
- esac
Add Comment
Please, Sign In to add comment