-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathdev.sh
executable file
·212 lines (169 loc) · 8.6 KB
/
dev.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
#!/bin/bash
# Make the commands in this script relative to the script, not relative to where you ran them.
SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
cd $SCRIPT_DIR
# A few bash commands to make development against dev environment easy.
# Set the two properties below to sensible values for your project.
# The name of your CloudFormation stack. Two developers can share a stack by
# sharing this value, or have their own with different values.
if [ -z "$STACK_NAME" ]; then
STACK_NAME="Activity-Aware-IDS-Dev"
fi
# The name of an S3 bucket on your account to hold deployment artifacts.
if [ -z "$BUILD_ARTIFACT_BUCKET" ]; then
BUILD_ARTIFACT_BUCKET="activity-aware-ids-aws-dev"
fi
if ! type "aws" &> /dev/null; then
echo "'aws' was not found in the path. Install awscli using 'sudo pip install awscli' then try again."
exit 1
fi
if ! type "npm" &> /dev/null; then
echo "'npm' was not found in the path. Please follow the instruction at https://docs.npmjs.com/getting-started/installing-node then try again."
exit 1
fi
COMMAND="$1"
if [ "$COMMAND" = "build" ]; then
# Build one or more lambda functions.
# eg: ./dev.sh build destinations-slack sources-cloudtrail-cloudwatch-logs
# eg: ./dev.sh build
BUILD_ARGS=""
for ((i=2;i<=$#;i++)); do
BUILD_ARGS="$BUILD_ARGS --fxn=${!i}";
done
npm run build -- $BUILD_ARGS
elif [ "$COMMAND" = "delete" ]; then
aws cloudformation delete-stack --stack-name $STACK_NAME
if [ $? -ne 0 ]; then
# Print some help on why it failed.
echo ""
echo "Printing recent CloudFormation errors..."
aws cloudformation describe-stack-events --stack-name $STACK_NAME --query 'reverse(StackEvents[?ResourceStatus==`CREATE_FAILED`||ResourceStatus==`UPDATE_FAILED`].[ResourceType,LogicalResourceId,ResourceStatusReason])' --output text
fi
elif [ "$COMMAND" = "deploy" ] || [ "$COMMAND" = "package" ] || [ "$COMMAND" = "create" ]; then
# Deploy all code and update the CloudFormation stack.
# eg: ./dev.sh deploy [args]
# eg: aws-profile infrastructure_admin ./deploy.sh [args]
# Package all code to be deployed to CloudFormation later using an S3 url.
# eg: ./dev.sh package
# eg: aws-profile infrastructure_admin ./deploy.sh
aws cloudformation package --template-file infrastructure/cloudformation.yaml --s3-bucket $BUILD_ARTIFACT_BUCKET --s3-prefix lambdas --output-template-file /tmp/Activity-Aware-IDS.yaml
if [ $? -ne 0 ]; then
exit 1
fi
if [ "$COMMAND" = "deploy" ]; then
echo "Executing aws cloudformation deploy..."
aws cloudformation deploy --template-file /tmp/Activity-Aware-IDS.yaml --stack-name $STACK_NAME --capabilities CAPABILITY_IAM CAPABILITY_NAMED_IAM --parameter-overrides CloudTrailCloudWatchLogsGroupName="" ${@:2}
if [ $? -ne 0 ]; then
# Print some help on why it failed.
echo ""
echo "Printing recent CloudFormation errors..."
aws cloudformation describe-stack-events --stack-name $STACK_NAME --query 'reverse(StackEvents[?ResourceStatus==`CREATE_FAILED`||ResourceStatus==`UPDATE_FAILED`].[ResourceType,LogicalResourceId,ResourceStatusReason])' --output text
fi
elif [ "$COMMAND" = "create" ]; then
SLACK_WEBHOOK=$2
if [ -z "$SLACK_WEBHOOK" ]; then
echo "Missing Parameter Slack Webhook URL provided."
echo ""
echo "Input should be in the form:"
echo "./dev.sh create <webhook_url>"
exit 2
elif [ "$SLACK_WEBHOOK" = "https*" ]; then
echo "Invalid Slack Webhook URL provided."
echo ""
echo "Slack Webhooks should start with https"
fi
timestamp=$(date +"%Y%m%d-%H%M")
echo "Executing aws cloudformation create..."
change_set_id=$(aws cloudformation create-change-set --template-body file:///tmp/Activity-Aware-IDS.yaml --stack-name $STACK_NAME --capabilities CAPABILITY_IAM CAPABILITY_NAMED_IAM --change-set-name "$BUILD_ARTIFACT_BUCKET-$timestamp" --change-set-type CREATE --parameters ParameterKey=SlackWebhookURL,ParameterValue=$SLACK_WEBHOOK ParameterKey=CloudTrailCloudWatchLogsGroupName,ParameterValue="" --query "Id" --output text)
change_set_status=$(aws cloudformation describe-change-set --change-set-name $change_set_id --query Status --output text)
while [[ "$change_set_status" == "CREATE_IN_PROGRESS" ]]
do
sleep 1
change_set_status=$(aws cloudformation describe-change-set --change-set-name $change_set_id --query Status --output text)
done
aws cloudformation execute-change-set --change-set-name $change_set_id
else
timestamp=$(date +"%Y%m%d-%H%M")
echo "Packaging CloudFormation Template for consumption..."
aws s3 cp /tmp/Activity-Aware-IDS.yaml s3://$BUILD_ARTIFACT_BUCKET/cloudformation/$timestamp.yaml
echo ""
echo "The Packaged template has been made available at:"
echo "https://$BUILD_ARTIFACT_BUCKET.s3.amazonaws.com/cloudformation/$timestamp.yaml"
fi
# cleanup
rm /tmp/Activity-Aware-IDS.yaml
elif [ "$COMMAND" = "invoke" ]; then
# Invoke a lambda function.
# eg: ./sam.sh invoke myfunction myfile.json
FXN="$2"
JSON_FILE="$3"
if [ "$#" -ne 3 ]; then
echo "Supply a function name to invoke and json file to invoke with. eg: $0 invoke myfunction myfile.json"
exit 1
fi
if [ ! -d "./src/lambdas/$FXN" ]; then
echo "$FXN is not the directory of a lambda function in src/lambdas."
exit 2
fi
if [ ! -f $JSON_FILE ]; then
echo "$JSON_FILE does not exist."
exit 3
fi
# Search for the ID of the function assuming it was named something like FxnFunction where Fxn is the uppercased form of the dir name.
SED_COMMAND="sed"
if ! sed --version 2>&1 | grep "GNU sed" &> /dev/null; then
if ! type "gsed" &> /dev/null; then
echo "You appear to not be using an up to date version of GNU sed."
echo "If you are on a Mac, you can install this using:"
echo "'brew install gsed'"
exit 4
fi
SED_COMMAND="gsed"
fi
FXN_RESOURCE_PREFIX=$(echo $FXN | $SED_COMMAND -r 's/(^|-)([a-z])/\U\2/g')
FXN_ID="$(aws cloudformation describe-stack-resources --stack-name $STACK_NAME --query "StackResources[?ResourceType==\`AWS::Lambda::Function\`&&starts_with(LogicalResourceId,\`$FXN_RESOURCE_PREFIX\`)].PhysicalResourceId" --output text)"
if [ $? -ne 0 ]; then
echo "Could not discover the LogicalResourceId of $FXN. Check that there is a ${FXN_RESOURCE_PREFIX}Function Resource inside infrastructure/sam.yaml and check that it has been deployed."
exit 1
fi
aws lambda invoke --function-name $FXN_ID --payload fileb://$JSON_FILE /dev/stdout
elif [ "$COMMAND" = "upload" ]; then
# Upload new lambda function code.
# eg: ./sam.sh upload myfunction
FXN="$2"
if [ "$#" -ne 2 ]; then
echo "Supply a function name to build and upload. eg: $0 upload myfunction"
exit 1
fi
if [ ! -d "./src/lambdas/$FXN" ]; then
echo "$FXN is not the directory of a lambda function in src/lambdas."
exit 2
fi
npm run build -- --fxn=$FXN
if [ $? -ne 0 ]; then
exit 1
fi
# Search for the ID of the function assuming it was named something like FxnFunction where Fxn is the uppercased form of the dir name.
SED_COMMAND="sed"
if ! sed --version 2>&1 | grep "GNU sed" &> /dev/null; then
if ! type "gsed" &> /dev/null; then
echo "You appear to not be using an up to date version of GNU sed."
echo "If you are on a Mac, you can install this using:"
echo "'brew install gsed'"
exit 4
fi
SED_COMMAND="gsed"
fi
FXN_RESOURCE_PREFIX=$(echo $FXN | $SED_COMMAND -r 's/(^|-)([a-z])/\U\2/g')
FXN_ID="$(aws cloudformation describe-stack-resources --stack-name $STACK_NAME --query "StackResources[?ResourceType==\`AWS::Lambda::Function\`&&starts_with(LogicalResourceId,\`$FXN_RESOURCE_PREFIX\`)].PhysicalResourceId" --output text)"
if [ $? -ne 0 ]; then
echo "Could not discover the LogicalResourceId of $FXN. Check that there is a ${FXN_RESOURCE_PREFIX}Function Resource inside infrastructure/sam.yaml and check that it has been deployed."
exit 1
fi
aws lambda update-function-code --function-name $FXN_ID --zip-file fileb://./dist/$FXN/$FXN.zip
else
echo "Error: unknown command name '$COMMAND'."
echo " usage: $0 <command name>"
echo "Valid command names: build deploy package invoke"
exit 2
fi