-
Notifications
You must be signed in to change notification settings - Fork 53
/
azhop_state.sh
executable file
·116 lines (100 loc) · 3.87 KB
/
azhop_state.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
#!/bin/bash
# Download / Upload state files from blobs
# Skip any existing newer local ones
COMMAND=${1,,}
SA_ACCOUNT=$2
SA_CONTAINER=$3
RESOURCE_GROUP=$4
STATE_DIR=.state
function usage()
{
echo "azhop_state command account container resource_group"
echo " command = download, upload, delete"
echo " account = azure storage account to read/write state"
echo " container = container to use"
echo " resource group = resource group to use (only for download)"
exit 1
}
function get_resource_group()
{
# If resource group is empty, read it from the configuration file
if [ -z $RESOURCE_GROUP ]; then
if [ ! -e $AZHOP_CONFIG ]; then
echo "$AZHOP_CONFIG doesn't exist, exiting"
exit 1
fi
RESOURCE_GROUP=$(yq eval '.resource_group' $AZHOP_CONFIG)
if [ -z $RESOURCE_GROUP ]; then
echo "Resource group is empty, exiting"
exit 1
fi
fi
}
if [ "$COMMAND" != "upload" ] && [ "$COMMAND" != "download" ] && [ "$COMMAND" != "delete" ]; then
usage
fi
AZHOP_CONFIG=config.yml
start=$(date -u -d "-10 minutes" '+%Y-%m-%dT%H:%MZ')
expiry=$(date -u -d "60 minutes" '+%Y-%m-%dT%H:%MZ')
case $COMMAND in
download)
get_resource_group
echo "Download state for $RESOURCE_GROUP"
sas=$(az storage container generate-sas --account-name $SA_ACCOUNT --name $SA_CONTAINER --permissions rl --start $start --expiry $expiry --output tsv)
azcopy copy "https://$SA_ACCOUNT.blob.core.windows.net/$SA_CONTAINER/$RESOURCE_GROUP/*?$sas" "$STATE_DIR" --recursive
if [ -d $STATE_DIR ]; then
# Use a local state directory as azcopy swallow the prefix file name if this one is the same that the directory name !!!
# This will also help uploading the whole directory content as well
cp -r -u $STATE_DIR/* .
# Fix SSH Keys permission as they are not preserved
ADMIN_USER=$(yq eval '.admin_user' $AZHOP_CONFIG)
chmod 600 ${ADMIN_USER}_id_rsa
chmod 644 ${ADMIN_USER}_id_rsa.pub
# Add chmod+x on scripts
if [ -d ./bin ]; then
chmod +x ./bin/*
fi
fi
;;
upload)
if [ ! -e $AZHOP_CONFIG ]; then
echo "$AZHOP_CONFIG doesn't exist, exiting"
exit
fi
RESOURCE_GROUP=$(yq eval '.resource_group' $AZHOP_CONFIG)
echo "Upload state for $RESOURCE_GROUP"
if [ -z $RESOURCE_GROUP ]; then
echo "Resource group is empty, exiting"
exit 1
fi
BICEP_PARAMS=$RESOURCE_GROUP.parameters.json
# cleanup state directory
rm -rf $STATE_DIR
# Copy state files into the state directory
mkdir -p $STATE_DIR
cp $AZHOP_CONFIG $STATE_DIR
ADMIN_USER=$(yq eval '.admin_user' $AZHOP_CONFIG)
cp ${ADMIN_USER}_id_rsa $STATE_DIR
cp ${ADMIN_USER}_id_rsa.pub $STATE_DIR
cp ${BICEP_PARAMS} $STATE_DIR
mkdir -p $STATE_DIR/packer
cp packer/options.json $STATE_DIR/packer/options.json
mkdir -p $STATE_DIR/playbooks/group_vars
cp playbooks/group_vars/all.yml $STATE_DIR/playbooks/group_vars
cp playbooks/inventory $STATE_DIR/playbooks
mkdir -p $STATE_DIR/tf
cp tf/terraform.tfstate $STATE_DIR/tf
mkdir -p $STATE_DIR/bin
cp bin/* $STATE_DIR/bin
mkdir -p $STATE_DIR/tf/cloud-init
cp tf/cloud-init/*.yml $STATE_DIR/tf/cloud-init
sas=$(az storage container generate-sas --account-name $SA_ACCOUNT --name $SA_CONTAINER --permissions rwdl --start $start --expiry $expiry --output tsv)
azcopy copy "$STATE_DIR/*" "https://$SA_ACCOUNT.blob.core.windows.net/$SA_CONTAINER/$RESOURCE_GROUP?$sas" --recursive
;;
delete)
get_resource_group
echo "Delete state for $RESOURCE_GROUP"
sas=$(az storage container generate-sas --account-name $SA_ACCOUNT --name $SA_CONTAINER --permissions rwdl --start $start --expiry $expiry --output tsv)
azcopy remove "https://$SA_ACCOUNT.blob.core.windows.net/$SA_CONTAINER/$RESOURCE_GROUP?$sas" --recursive=true
;;
esac