#!/usr/bin/env bash GIT_URL="https://git.autonomic.zone/coop-cloud/" ABRA_DIR="${ABRA_DIR:-$HOME/.abra}" ABRA_VERSION="0.6.0" ABRA_BACKUP_DIR="${ABRA_BACKUP_DIR:-$ABRA_DIR/backups}" ABRA_VENDOR_DIR="$ABRA_DIR/vendor" YQ="$ABRA_VENDOR_DIR/yq" ####################################### # Global help ####################################### DOC=" The cooperative cloud utility belt 🎩🐇 Usage: abra [options] app (list|ls) [--status] [--server=] [--type=] abra [options] app new [--server=] [--domain=] [--app-name=] [--pass] [--secrets] abra [options] app backup (|--all) abra [options] app deploy [--update] [--force] abra [options] app check abra [options] app version abra [options] app config abra [options] app cp abra [options] app logs [] abra [options] app ps abra [options] app restore (|--all) abra [options] app (rm|delete) [--force] [--volumes] [--secrets] abra [options] app restore [] abra [options] app run [--no-tty] [--user=] ... abra [options] app rollback abra [options] app secret generate ( |--all) [] [--pass] abra [options] app secret insert [--pass] abra [options] app secret (rm|delete) (|--all) [--pass] [--force] abra [options] app undeploy [--force] abra [options] app [...] abra [options] server add [] [] abra [options] server new abra [options] server (list|ls) abra [options] server rm abra [options] server init abra [options] server apps [--status] abra [options] upgrade [--dev] abra [options] version abra [options] help [...] abra [options] Options: -e, --env= Environment variables to load -h, --help Show this message and exit -s, --stack= Name of the target stack -C, --skip-check Don't verify app variables -U, --skip-update Don't pull latest app definitions -v, --verbose Show INFO messages -d, --debug Show DEBUG messages -b, --branch= Git branch to use while cloning app repos See 'abra help ...' to read about a specific subcommand. " # docopt parser below, refresh this parser with `docopt.sh abra` # shellcheck disable=2016,1075,2154 docopt() { parse() { if ${DOCOPT_DOC_CHECK:-true}; then local doc_hash if doc_hash=$(printf "%s" "$DOC" | (sha256sum 2>/dev/null || shasum -a 256)); then if [[ ${doc_hash:0:5} != "$digest" ]]; then stderr "The current usage doc (${doc_hash:0:5}) does not match \ what the parser was generated with (${digest}) Run \`docopt.sh\` to refresh the parser."; _return 70; fi; fi; fi local root_idx=$1; shift; argv=("$@"); parsed_params=(); parsed_values=() left=(); testdepth=0; local arg; while [[ ${#argv[@]} -gt 0 ]]; do if [[ ${argv[0]} = "--" ]]; then for arg in "${argv[@]}"; do parsed_params+=('a'); parsed_values+=("$arg"); done; break elif [[ ${argv[0]} = --* ]]; then parse_long elif [[ ${argv[0]} = -* && ${argv[0]} != "-" ]]; then parse_shorts elif ${DOCOPT_OPTIONS_FIRST:-false}; then for arg in "${argv[@]}"; do parsed_params+=('a'); parsed_values+=("$arg"); done; break; else parsed_params+=('a'); parsed_values+=("${argv[0]}"); argv=("${argv[@]:1}"); fi done; local idx; if ${DOCOPT_ADD_HELP:-true}; then for idx in "${parsed_params[@]}"; do [[ $idx = 'a' ]] && continue if [[ ${shorts[$idx]} = "-h" || ${longs[$idx]} = "--help" ]]; then stdout "$trimmed_doc"; _return 0; fi; done; fi if [[ ${DOCOPT_PROGRAM_VERSION:-false} != 'false' ]]; then for idx in "${parsed_params[@]}"; do [[ $idx = 'a' ]] && continue if [[ ${longs[$idx]} = "--version" ]]; then stdout "$DOCOPT_PROGRAM_VERSION" _return 0; fi; done; fi; local i=0; while [[ $i -lt ${#parsed_params[@]} ]]; do left+=("$i"); ((i++)) || true; done if ! required "$root_idx" || [ ${#left[@]} -gt 0 ]; then error; fi; return 0; } parse_shorts() { local token=${argv[0]}; local value; argv=("${argv[@]:1}") [[ $token = -* && $token != --* ]] || _return 88; local remaining=${token#-} while [[ -n $remaining ]]; do local short="-${remaining:0:1}" remaining="${remaining:1}"; local i=0; local similar=(); local match=false for o in "${shorts[@]}"; do if [[ $o = "$short" ]]; then similar+=("$short") [[ $match = false ]] && match=$i; fi; ((i++)) || true; done if [[ ${#similar[@]} -gt 1 ]]; then error "${short} is specified ambiguously ${#similar[@]} times" elif [[ ${#similar[@]} -lt 1 ]]; then match=${#shorts[@]}; value=true shorts+=("$short"); longs+=(''); argcounts+=(0); else value=false if [[ ${argcounts[$match]} -ne 0 ]]; then if [[ $remaining = '' ]]; then if [[ ${#argv[@]} -eq 0 || ${argv[0]} = '--' ]]; then error "${short} requires argument"; fi; value=${argv[0]}; argv=("${argv[@]:1}") else value=$remaining; remaining=''; fi; fi; if [[ $value = false ]]; then value=true; fi; fi; parsed_params+=("$match"); parsed_values+=("$value"); done }; parse_long() { local token=${argv[0]}; local long=${token%%=*} local value=${token#*=}; local argcount; argv=("${argv[@]:1}") [[ $token = --* ]] || _return 88; if [[ $token = *=* ]]; then eq='='; else eq='' value=false; fi; local i=0; local similar=(); local match=false for o in "${longs[@]}"; do if [[ $o = "$long" ]]; then similar+=("$long") [[ $match = false ]] && match=$i; fi; ((i++)) || true; done if [[ $match = false ]]; then i=0; for o in "${longs[@]}"; do if [[ $o = $long* ]]; then similar+=("$long"); [[ $match = false ]] && match=$i fi; ((i++)) || true; done; fi; if [[ ${#similar[@]} -gt 1 ]]; then error "${long} is not a unique prefix: ${similar[*]}?" elif [[ ${#similar[@]} -lt 1 ]]; then [[ $eq = '=' ]] && argcount=1 || argcount=0; match=${#shorts[@]} [[ $argcount -eq 0 ]] && value=true; shorts+=(''); longs+=("$long") argcounts+=("$argcount"); else if [[ ${argcounts[$match]} -eq 0 ]]; then if [[ $value != false ]]; then error "${longs[$match]} must not have an argument"; fi elif [[ $value = false ]]; then if [[ ${#argv[@]} -eq 0 || ${argv[0]} = '--' ]]; then error "${long} requires argument"; fi; value=${argv[0]}; argv=("${argv[@]:1}") fi; if [[ $value = false ]]; then value=true; fi; fi; parsed_params+=("$match") parsed_values+=("$value"); }; required() { local initial_left=("${left[@]}") local node_idx; ((testdepth++)) || true; for node_idx in "$@"; do if ! "node_$node_idx"; then left=("${initial_left[@]}"); ((testdepth--)) || true return 1; fi; done; if [[ $((--testdepth)) -eq 0 ]]; then left=("${initial_left[@]}"); for node_idx in "$@"; do "node_$node_idx"; done; fi return 0; }; either() { local initial_left=("${left[@]}"); local best_match_idx local match_count; local node_idx; ((testdepth++)) || true for node_idx in "$@"; do if "node_$node_idx"; then if [[ -z $match_count || ${#left[@]} -lt $match_count ]]; then best_match_idx=$node_idx; match_count=${#left[@]}; fi; fi left=("${initial_left[@]}"); done; ((testdepth--)) || true if [[ -n $best_match_idx ]]; then "node_$best_match_idx"; return 0; fi left=("${initial_left[@]}"); return 1; }; optional() { local node_idx for node_idx in "$@"; do "node_$node_idx"; done; return 0; }; oneormore() { local i=0; local prev=${#left[@]}; while "node_$1"; do ((i++)) || true [[ $prev -eq ${#left[@]} ]] && break; prev=${#left[@]}; done if [[ $i -ge 1 ]]; then return 0; fi; return 1; }; _command() { local i local name=${2:-$1}; for i in "${!left[@]}"; do local l=${left[$i]} if [[ ${parsed_params[$l]} = 'a' ]]; then if [[ ${parsed_values[$l]} != "$name" ]]; then return 1; fi left=("${left[@]:0:$i}" "${left[@]:((i+1))}") [[ $testdepth -gt 0 ]] && return 0; if [[ $3 = true ]]; then eval "((var_$1++)) || true"; else eval "var_$1=true"; fi; return 0; fi; done return 1; }; switch() { local i; for i in "${!left[@]}"; do local l=${left[$i]} if [[ ${parsed_params[$l]} = "$2" ]]; then left=("${left[@]:0:$i}" "${left[@]:((i+1))}") [[ $testdepth -gt 0 ]] && return 0; if [[ $3 = true ]]; then eval "((var_$1++))" || true; else eval "var_$1=true"; fi; return 0; fi; done return 1; }; value() { local i; for i in "${!left[@]}"; do local l=${left[$i]} if [[ ${parsed_params[$l]} = "$2" ]]; then left=("${left[@]:0:$i}" "${left[@]:((i+1))}") [[ $testdepth -gt 0 ]] && return 0; local value value=$(printf -- "%q" "${parsed_values[$l]}"); if [[ $3 = true ]]; then eval "var_$1+=($value)"; else eval "var_$1=$value"; fi; return 0; fi; done return 1; }; stdout() { printf -- "cat <<'EOM'\n%s\nEOM\n" "$1"; }; stderr() { printf -- "cat <<'EOM' >&2\n%s\nEOM\n" "$1"; }; error() { [[ -n $1 ]] && stderr "$1"; stderr "$usage"; _return 1; }; _return() { printf -- "exit %d\n" "$1"; exit "$1"; }; set -e; trimmed_doc=${DOC:1:2072} usage=${DOC:40:1536}; digest=9142c shorts=(-U -v -s -h -C -b -d -e '' '' '' '' '' '' '' '' '' '' '' '' '' '') longs=(--skip-update --verbose --stack --help --skip-check --branch --debug --env --status --server --type --domain --app-name --pass --secrets --all --update --force --volumes --no-tty --user --dev) argcounts=(0 0 1 0 0 1 0 1 0 1 1 1 1 0 0 0 0 0 0 0 1 0); node_0(){ switch __skip_update 0; }; node_1(){ switch __verbose 1; }; node_2(){ value __stack 2; }; node_3(){ switch __help 3; }; node_4(){ switch __skip_check 4; }; node_5(){ value __branch 5; }; node_6(){ switch __debug 6; }; node_7(){ value __env 7; }; node_8(){ switch __status 8; } node_9(){ value __server 9; }; node_10(){ value __type 10; }; node_11(){ value __domain 11; }; node_12(){ value __app_name 12; }; node_13(){ switch __pass 13; }; node_14(){ switch __secrets 14; }; node_15(){ switch __all 15; }; node_16(){ switch __update 16; }; node_17(){ switch __force 17; }; node_18(){ switch __volumes 18; }; node_19(){ switch __no_tty 19; }; node_20(){ value __user 20; }; node_21(){ switch __dev 21 }; node_22(){ value _type_ a; }; node_23(){ value _app_ a; }; node_24(){ value _service_ a; }; node_25(){ value _src_ a; }; node_26(){ value _dst_ a; } node_27(){ value _backup_file_ a; }; node_28(){ value _args_ a true; } node_29(){ value _secret_ a; }; node_30(){ value _version_ a; }; node_31(){ value _cmd_ a; }; node_32(){ value _data_ a; }; node_33(){ value _command_ a; } node_34(){ value _host_ a; }; node_35(){ value _user_ a; }; node_36(){ value _port_ a; }; node_37(){ value _provider_ a; }; node_38(){ value _subcommands_ a true; }; node_39(){ _command app; }; node_40(){ _command list; }; node_41(){ _command ls; }; node_42(){ _command new; } node_43(){ _command backup; }; node_44(){ _command deploy; }; node_45(){ _command check; }; node_46(){ _command version; }; node_47(){ _command config; } node_48(){ _command cp; }; node_49(){ _command logs; }; node_50(){ _command ps }; node_51(){ _command restore; }; node_52(){ _command rm; }; node_53(){ _command delete; }; node_54(){ _command run; }; node_55(){ _command rollback; } node_56(){ _command secret; }; node_57(){ _command generate; }; node_58(){ _command insert; }; node_59(){ _command undeploy; }; node_60(){ _command server }; node_61(){ _command add; }; node_62(){ _command init; }; node_63(){ _command apps; }; node_64(){ _command upgrade; }; node_65(){ _command help; } node_66(){ optional 0 1 2 3 4 5 6 7; }; node_67(){ optional 66; }; node_68(){ either 40 41; }; node_69(){ required 68; }; node_70(){ optional 8; }; node_71(){ optional 9; }; node_72(){ optional 10; }; node_73(){ required 67 39 69 70 71 72 }; node_74(){ optional 11; }; node_75(){ optional 12; }; node_76(){ optional 13 }; node_77(){ optional 14; }; node_78(){ required 67 39 42 71 74 75 76 77 22; } node_79(){ either 24 15; }; node_80(){ required 79; }; node_81(){ required 67 39 23 43 80; }; node_82(){ optional 16; }; node_83(){ optional 17; } node_84(){ required 67 39 23 44 82 83; }; node_85(){ required 67 39 23 45; } node_86(){ required 67 39 23 46; }; node_87(){ required 67 39 23 47; } node_88(){ required 67 39 23 48 25 26; }; node_89(){ optional 24; }; node_90(){ required 67 39 23 49 89; }; node_91(){ required 67 39 23 50; }; node_92(){ required 67 39 23 51 80; }; node_93(){ either 52 53; }; node_94(){ required 93 }; node_95(){ optional 18; }; node_96(){ required 67 39 23 94 83 95 77; } node_97(){ optional 27; }; node_98(){ required 67 39 23 51 24 97; }; node_99(){ optional 19; }; node_100(){ optional 20; }; node_101(){ oneormore 28; } node_102(){ required 67 39 23 54 99 100 24 101; }; node_103(){ required 67 39 23 55 24; }; node_104(){ required 29 30; }; node_105(){ either 104 15; }; node_106(){ required 105; }; node_107(){ optional 31; } node_108(){ required 67 39 23 56 57 106 107 76; }; node_109(){ required 67 39 23 56 58 29 30 32 76; }; node_110(){ either 29 15; }; node_111(){ required 110; }; node_112(){ required 67 39 23 56 94 111 76 83; }; node_113(){ required 67 39 23 59 83; }; node_114(){ optional 101; }; node_115(){ required 67 39 23 33 114; }; node_116(){ optional 35; }; node_117(){ optional 36 }; node_118(){ required 67 60 61 34 116 117; }; node_119(){ required 67 60 42 37 }; node_120(){ required 67 60 69; }; node_121(){ required 67 60 34 52; } node_122(){ required 67 60 34 62; }; node_123(){ required 67 60 34 63 70; } node_124(){ optional 21; }; node_125(){ required 67 64 124; }; node_126(){ required 67 46; }; node_127(){ oneormore 38; }; node_128(){ optional 127; } node_129(){ required 67 65 128; }; node_130(){ required 67; }; node_131(){ either 73 78 81 84 85 86 87 88 90 91 92 96 98 102 103 108 109 112 113 115 118 119 120 121 122 123 125 126 129 130 }; node_132(){ required 131; }; cat <<<' docopt_exit() { [[ -n $1 ]] && printf "%s\n" "$1" >&2; printf "%s\n" "${DOC:40:1536}" >&2 exit 1; }'; unset var___skip_update var___verbose var___stack var___help \ var___skip_check var___branch var___debug var___env var___status var___server \ var___type var___domain var___app_name var___pass var___secrets var___all \ var___update var___force var___volumes var___no_tty var___user var___dev \ var__type_ var__app_ var__service_ var__src_ var__dst_ var__backup_file_ \ var__args_ var__secret_ var__version_ var__cmd_ var__data_ var__command_ \ var__host_ var__user_ var__port_ var__provider_ var__subcommands_ var_app \ var_list var_ls var_new var_backup var_deploy var_check var_version var_config \ var_cp var_logs var_ps var_restore var_rm var_delete var_run var_rollback \ var_secret var_generate var_insert var_undeploy var_server var_add var_init \ var_apps var_upgrade var_help; parse 132 "$@"; local prefix=${DOCOPT_PREFIX:-''} unset "${prefix}__skip_update" "${prefix}__verbose" "${prefix}__stack" \ "${prefix}__help" "${prefix}__skip_check" "${prefix}__branch" \ "${prefix}__debug" "${prefix}__env" "${prefix}__status" "${prefix}__server" \ "${prefix}__type" "${prefix}__domain" "${prefix}__app_name" "${prefix}__pass" \ "${prefix}__secrets" "${prefix}__all" "${prefix}__update" "${prefix}__force" \ "${prefix}__volumes" "${prefix}__no_tty" "${prefix}__user" "${prefix}__dev" \ "${prefix}_type_" "${prefix}_app_" "${prefix}_service_" "${prefix}_src_" \ "${prefix}_dst_" "${prefix}_backup_file_" "${prefix}_args_" \ "${prefix}_secret_" "${prefix}_version_" "${prefix}_cmd_" "${prefix}_data_" \ "${prefix}_command_" "${prefix}_host_" "${prefix}_user_" "${prefix}_port_" \ "${prefix}_provider_" "${prefix}_subcommands_" "${prefix}app" "${prefix}list" \ "${prefix}ls" "${prefix}new" "${prefix}backup" "${prefix}deploy" \ "${prefix}check" "${prefix}version" "${prefix}config" "${prefix}cp" \ "${prefix}logs" "${prefix}ps" "${prefix}restore" "${prefix}rm" \ "${prefix}delete" "${prefix}run" "${prefix}rollback" "${prefix}secret" \ "${prefix}generate" "${prefix}insert" "${prefix}undeploy" "${prefix}server" \ "${prefix}add" "${prefix}init" "${prefix}apps" "${prefix}upgrade" \ "${prefix}help"; eval "${prefix}"'__skip_update=${var___skip_update:-false}' eval "${prefix}"'__verbose=${var___verbose:-false}' eval "${prefix}"'__stack=${var___stack:-}' eval "${prefix}"'__help=${var___help:-false}' eval "${prefix}"'__skip_check=${var___skip_check:-false}' eval "${prefix}"'__branch=${var___branch:-}' eval "${prefix}"'__debug=${var___debug:-false}' eval "${prefix}"'__env=${var___env:-}' eval "${prefix}"'__status=${var___status:-false}' eval "${prefix}"'__server=${var___server:-}' eval "${prefix}"'__type=${var___type:-}' eval "${prefix}"'__domain=${var___domain:-}' eval "${prefix}"'__app_name=${var___app_name:-}' eval "${prefix}"'__pass=${var___pass:-false}' eval "${prefix}"'__secrets=${var___secrets:-false}' eval "${prefix}"'__all=${var___all:-false}' eval "${prefix}"'__update=${var___update:-false}' eval "${prefix}"'__force=${var___force:-false}' eval "${prefix}"'__volumes=${var___volumes:-false}' eval "${prefix}"'__no_tty=${var___no_tty:-false}' eval "${prefix}"'__user=${var___user:-}' eval "${prefix}"'__dev=${var___dev:-false}' eval "${prefix}"'_type_=${var__type_:-}'; eval "${prefix}"'_app_=${var__app_:-}' eval "${prefix}"'_service_=${var__service_:-}' eval "${prefix}"'_src_=${var__src_:-}'; eval "${prefix}"'_dst_=${var__dst_:-}' eval "${prefix}"'_backup_file_=${var__backup_file_:-}' if declare -p var__args_ >/dev/null 2>&1; then eval "${prefix}"'_args_=("${var__args_[@]}")'; else eval "${prefix}"'_args_=()' fi; eval "${prefix}"'_secret_=${var__secret_:-}' eval "${prefix}"'_version_=${var__version_:-}' eval "${prefix}"'_cmd_=${var__cmd_:-}'; eval "${prefix}"'_data_=${var__data_:-}' eval "${prefix}"'_command_=${var__command_:-}' eval "${prefix}"'_host_=${var__host_:-}' eval "${prefix}"'_user_=${var__user_:-}' eval "${prefix}"'_port_=${var__port_:-}' eval "${prefix}"'_provider_=${var__provider_:-}' if declare -p var__subcommands_ >/dev/null 2>&1; then eval "${prefix}"'_subcommands_=("${var__subcommands_[@]}")'; else eval "${prefix}"'_subcommands_=()'; fi; eval "${prefix}"'app=${var_app:-false}' eval "${prefix}"'list=${var_list:-false}'; eval "${prefix}"'ls=${var_ls:-false}' eval "${prefix}"'new=${var_new:-false}' eval "${prefix}"'backup=${var_backup:-false}' eval "${prefix}"'deploy=${var_deploy:-false}' eval "${prefix}"'check=${var_check:-false}' eval "${prefix}"'version=${var_version:-false}' eval "${prefix}"'config=${var_config:-false}' eval "${prefix}"'cp=${var_cp:-false}'; eval "${prefix}"'logs=${var_logs:-false}' eval "${prefix}"'ps=${var_ps:-false}' eval "${prefix}"'restore=${var_restore:-false}' eval "${prefix}"'rm=${var_rm:-false}' eval "${prefix}"'delete=${var_delete:-false}' eval "${prefix}"'run=${var_run:-false}' eval "${prefix}"'rollback=${var_rollback:-false}' eval "${prefix}"'secret=${var_secret:-false}' eval "${prefix}"'generate=${var_generate:-false}' eval "${prefix}"'insert=${var_insert:-false}' eval "${prefix}"'undeploy=${var_undeploy:-false}' eval "${prefix}"'server=${var_server:-false}' eval "${prefix}"'add=${var_add:-false}' eval "${prefix}"'init=${var_init:-false}' eval "${prefix}"'apps=${var_apps:-false}' eval "${prefix}"'upgrade=${var_upgrade:-false}' eval "${prefix}"'help=${var_help:-false}'; local docopt_i=1 [[ $BASH_VERSION =~ ^4.3 ]] && docopt_i=2; for ((;docopt_i>0;docopt_i--)); do declare -p "${prefix}__skip_update" "${prefix}__verbose" "${prefix}__stack" \ "${prefix}__help" "${prefix}__skip_check" "${prefix}__branch" \ "${prefix}__debug" "${prefix}__env" "${prefix}__status" "${prefix}__server" \ "${prefix}__type" "${prefix}__domain" "${prefix}__app_name" "${prefix}__pass" \ "${prefix}__secrets" "${prefix}__all" "${prefix}__update" "${prefix}__force" \ "${prefix}__volumes" "${prefix}__no_tty" "${prefix}__user" "${prefix}__dev" \ "${prefix}_type_" "${prefix}_app_" "${prefix}_service_" "${prefix}_src_" \ "${prefix}_dst_" "${prefix}_backup_file_" "${prefix}_args_" \ "${prefix}_secret_" "${prefix}_version_" "${prefix}_cmd_" "${prefix}_data_" \ "${prefix}_command_" "${prefix}_host_" "${prefix}_user_" "${prefix}_port_" \ "${prefix}_provider_" "${prefix}_subcommands_" "${prefix}app" "${prefix}list" \ "${prefix}ls" "${prefix}new" "${prefix}backup" "${prefix}deploy" \ "${prefix}check" "${prefix}version" "${prefix}config" "${prefix}cp" \ "${prefix}logs" "${prefix}ps" "${prefix}restore" "${prefix}rm" \ "${prefix}delete" "${prefix}run" "${prefix}rollback" "${prefix}secret" \ "${prefix}generate" "${prefix}insert" "${prefix}undeploy" "${prefix}server" \ "${prefix}add" "${prefix}init" "${prefix}apps" "${prefix}upgrade" \ "${prefix}help"; done; } # docopt parser above, complete command for generating this parser is `docopt.sh abra` PROGRAM_NAME=$(basename "$0") ####################################### # Helpers ####################################### ###### Utility functions error() { echo "$(tput setaf 1)ERROR: $*$(tput sgr0)" exit 1 } warning() { echo "$(tput setaf 3)WARNING: $*$(tput sgr0)" } success() { echo "$(tput setaf 2)SUCCESS: $*$(tput sgr0)" } info() { if [ "$abra___verbose" = "false" ] && [ "$abra___debug" = "false" ]; then return fi echo "$(tput setaf 4)INFO: $*$(tput sgr0)" } debug() { if [ "$abra___debug" = "false" ]; then return fi echo "$(tput setaf 13)DEBUG: $*$(tput sgr0)" } # 3wc: temporarily disable debug and verbose silence() { # FIXME 3wc: required otherwise we get debug output in the password _abra___debug="$abra___debug" _abra___verbose="$abra___verbose" abra___verbose="false" abra___debug="false" } unsilence() { # FIXME 3wc: required otherwise we get debug output in the password abra___verbose="$_abra___verbose" abra___debug="$_abra___debug" } ###### Default settings if [ -z "$COMPOSE_FILE" ]; then COMPOSE_FILE="compose.yml" fi ###### Safety checks require_bash_4() { # we're using things like `mapfile` which require bash 4+ if ! bash -c '[[ $BASH_VERSION > 4.0 ]]'; then error "bash version '$BASH_VERSION' is too old, 4 or newer required" fi } require_pwqgen() { if ! type pwqgen > /dev/null 2>&1; then error "pwqgen program is not installed" fi } require_wget() { if ! type wget > /dev/null 2>&1; then error "wget program is not installed" fi } require_abra_dir() { mkdir -p "$ABRA_DIR" } require_vendor_dir() { mkdir -p "$ABRA_VENDOR_DIR" } require_consent_for_update() { if [ "$CONSENT_TO_UPDATE" = "false" ]; then error "A new app state will be deployed! Please use --update to consent" fi } require_app_latest() { APP="$1" APP_DIR="$ABRA_DIR/apps/$APP" BRANCH="${abra___branch:-master}" debug "Checking for type '$APP'" if [ ! -d "$APP_DIR" ]; then warning "The app type '$APP' was not found, fetching via Git" if ! git clone --branch "$BRANCH" "$GIT_URL/$APP.git" "$ABRA_DIR/apps/$APP" > /dev/null 2>&1 ; then error "Could not retrieve app type '$APP', this app type doesn't exist?" fi success "Fetched app configuration via Git (branch: $BRANCH)" fi debug "Using $APP_DIR" if [ "$abra___skip_update" = "false" ]; then debug "Pulling latest '$APP' definition via git" (cd "$APP_DIR" && git pull > /dev/null 2>&1) fi } require_yq() { require_vendor_dir require_wget YQ_VERSION="4.6.1" YQ_BINARY="yq_linux_amd64" YQ_RELEASE_URL="https://github.com/mikefarah/yq/releases/download/v${YQ_VERSION}/${YQ_BINARY}" if [ -f "$YQ" ]; then debug "yq is already vendored" return fi case $(uname -m) in x86_64) warning "Attempting to download the yq binary into $ABRA_VENDOR_DIR" wget -q "$YQ_RELEASE_URL" && chmod +x "$YQ_BINARY" && mv "$YQ_BINARY" "$YQ" success "yq is now vendored ☮" ;; *) error "Unable to automatically vendor yq, you'll have to manually manage this\n Please see https://mikefarah.gitbook.io/yq/#install and place the yq binary in the $YQ path" ;; esac } # FIXME 3wc: update or remove if [ -z "$ABRA_ENV" ] && [ -f .env ] && type direnv > /dev/null 2>&1 && ! direnv status | grep -q 'Found RC allowed true'; then error "direnv is blocked, run direnv allow" fi ###### Run-time loading load_abra_sh() { if [ -f abra.sh ]; then # shellcheck disable=SC1091 source abra.sh info "Loading abra.sh" fi if [ -n "$abra__app_" ]; then require_app_latest "$TYPE" fi if [ -f "$APP_DIR/abra.sh" ]; then info "Loading $APP_DIR/abra.sh" # shellcheck disable=SC1090,SC1091 source "$APP_DIR/abra.sh" fi } output_version_summary() { echo " Versions:" CONSENT_TO_UPDATE=$abra___update FORCE_DEPLOY=$abra___force local -a IS_AN_UPDATE="false" local -a UNABLE_TO_DETECT="false" local -a UNDEPLOYED_STATE="false" local -a CHECKED_SERVICES # array if ! docker stack ls --format "{{ .Name }}" | grep -q "$STACK_NAME"; then UNDEPLOYED_STATE="true" fi IFS=':' read -ra COMPOSE_FILES <<< "$COMPOSE_FILE" for COMPOSE in "${COMPOSE_FILES[@]}"; do SERVICES=$($YQ e '.services | keys | .[]' "${APP_DIR}/${COMPOSE}") for SERVICE in $SERVICES; do if [[ ${CHECKED_SERVICES[*]} =~ ${SERVICE} ]]; then debug "already inspected ${STACK_NAME}_${SERVICE} for versions, skipping..." continue fi filter="{{index .Spec.Labels \"coop-cloud.$STACK_NAME.$SERVICE.version\" }}" label=$(docker service inspect -f "$filter" "${STACK_NAME}_${SERVICE}" 2>/dev/null) live_version=$(echo "$label" | cut -d- -f1) live_digest=$(echo "$label" | cut -d- -f2) if [ -n "$live_version" ] && [ -n "$live_digest" ]; then image=$($YQ e ".services.${SERVICE}.image" "${APP_DIR}/${COMPOSE}" | cut -d':' -f1) echo " ${STACK_NAME}_${SERVICE} (${image}):" echo " deployed: $(tput setaf 2)$live_version ($live_digest)$(tput sgr0)" app_version_lookup="ABRA_TYPE_${SERVICE^^}_VERSION" app_version=${!app_version_lookup} app_digest_lookup="ABRA_TYPE_${SERVICE^^}_DIGEST" app_digest=${!app_digest_lookup} if [ "$live_version" != "$app_version" ] || [ "$live_digest" != "$app_digest" ]; then IS_AN_UPDATE="true" echo " to de deployed: $(tput setaf 1)$app_version ($app_digest)$(tput sgr0)" fi else if [[ $UNDEPLOYED_STATE == "true" ]]; then image=$($YQ e ".services.${SERVICE}.image" "${APP_DIR}/${COMPOSE}" | cut -d':' -f1) echo " ${STACK_NAME}_${SERVICE} (${image}):" echo " undeployed!" else warning "Unable to detect deployed version of ${STACK_NAME}_${SERVICE}, please proceed with caution" UNABLE_TO_DETECT="true" fi fi CHECKED_SERVICES+=("$SERVICE") done done if [[ $IS_AN_UPDATE == "true" ]] && [[ $FORCE_DEPLOY != "true" ]]; then require_consent_for_update else if [[ ! $UNABLE_TO_DETECT == "true" ]] && [[ $FORCE_DEPLOY != "true" ]] && [[ ! $UNDEPLOYED_STATE == "true" ]]; then success "Nothing to deploy, you're on latest (use --force to re-deploy anyway)" exit 0 fi fi } ###### FIXME 3wc: name this section get_servers() { shopt -s nullglob dotglob # shellcheck disable=SC2206 SERVERS=($ABRA_DIR/servers/*) shopt -u nullglob dotglob } get_app_secrets() { # FIXME 3wc: requires bash 4, use for loop instead mapfile -t PASSWORDS < <(grep "SECRET.*VERSION.*" "$ENV_FILE") } load_instance() { APP="$abra__app_" # load all files matching "$APP.env" into ENV_FILES array mapfile -t ENV_FILES < <(find -L "$ABRA_DIR" -name "$APP.env") # FIXME 3wc: requires bash 4, use for loop instead case "${#ENV_FILES[@]}" in 1 ) ;; 0 ) error "Can't find app '$APP'"; return;; * ) error "Found $APP in multiple servers: ${ENV_FILES[*]}"; return;; esac ENV_FILE="${ENV_FILES[0]}" debug "Selected ENV_FILE $ENV_FILE" if [ ! -f "$ENV_FILE" ]; then error "Can't open ENV_FILE '$ENV_FILE'" fi # split up the path by "/" IFS='/' read -r -a PARTS <<< "$ENV_FILE" SERVER="${PARTS[-2]}" export STACK_NAME="${APP//./_}" debug "Using ${STACK_NAME} as the STACK_NAME var" } load_instance_env() { # 3wc: using set -a means we don't need `export` in the env files set -a # shellcheck disable=SC1090 source "$ENV_FILE" set +a debug "Loaded variables from $ENV_FILE" if [ -z "$TYPE" ]; then error "TYPE not set, maybe $ENV_FILE is using an old format?" fi APP_DIR="$ABRA_DIR/apps/$TYPE" export DOCKER_CONTEXT="$SERVER" info "Setting DOCKER_CONTEXT=$DOCKER_CONTEXT" export DOMAIN } load_context() { # Load current context from env or Docker if [ -z "$DOCKER_CONTEXT" ]; then warning "\$DOCKER_CONTEXT not set, (slowly) looking it up" # shellcheck disable=SC2063 DOCKER_CONTEXT=$(docker context ls | grep '*' | cut -d' ' -f1) # make sure grep doesn't parse this, we want a literal '*' fi } prompt_confirm() { read -rp "Continue? (y/[n])? " choice case "$choice" in y|Y ) return ;; * ) exit;; esac } parse_secret() { SECRET="$1" if [[ "$SECRET" == *"length"* ]]; then # shellcheck disable=SC2001 abra__length_="$(echo "$SECRET" | sed -e 's/.*[^0-9]$[0-9]\+$[^0-9]*$/\1/')" else # Note(decentral1se): unset this so that a length value from another secret # definition does not get passed on to another secret generation flow unset abra__length_ fi abra__secret_="${SECRET%_VERSION=*}" # strip _VERSION=v1 abra__secret_="${abra__secret_#SECRET_}" # strip SECRET_ abra__secret_="${abra__secret_,,}" # lowercase abra__version_="$(echo "$SECRET" | sed -n 's/.*$v[0-9]$.*/\1/p')" if [[ -n "$abra__length_" ]]; then echo "Generating $abra__secret_, version: $abra__version_, length: $abra__length_" else echo "Generating $abra__secret_, version: $abra__version_" fi sub_app_secret_generate } stack_logs (){ # Note(decentral1se): see https://github.com/moby/moby/issues/31458#issuecomment-617871046 STACK="$1" services=$(docker stack services "${STACK}" --format "{{.ID}}") # shellcheck disable=SC2154 trap 'jobs=$(jobs -p) && test -n "$jobs" && kill $jobs' EXIT for item in ${services//\\n/$'\n'}; do docker service logs -f -t --tail 10 "$item" & done sleep infinity } auto_gen_secrets (){ get_app_secrets if [ "${#PASSWORDS[@]}" -eq 0 ]; then error "No secrets found in $ENV_FILE" fi for PASSWORD in "${PASSWORDS[@]}"; do parse_secret "$PASSWORD" done } ####################################### # abra app .. ####################################### ###### .. app ls help_app_ls (){ help_app_list } sub_app_ls (){ sub_app_list } help_app_list (){ echo "abra [options] app (list|ls) [--status] [--server=] [--type=] List your exciting apps. OPTIONS --status Show whether apps are deployed (warning! slow!) --server= Only show apps on a specific server --type= Only show apps of the given type POWERED BY (for --status) docker stack ls" } sub_app_list (){ SERVER="$abra___server" if [ -z "$SERVER" ]; then SERVER='*' fi shopt -s nullglob dotglob # shellcheck disable=SC2206 ENV_FILES=($ABRA_DIR/servers/$SERVER/*.env) shopt -u nullglob dotglob STATUS="$( [[ $abra___status == "true" ]] && echo "Y" )" if [ -n "$STATUS" ]; then if [ "$SERVER" = "*" ]; then get_servers else SERVERS=( "$SERVER" ) fi local -a DEPLOYED_APPS # array local -a CHECKED_SERVERS # array warning "Loading status from ${#SERVERS[@]} server(s), patience advised.." for SERVER in "${SERVERS[@]}"; do SERVER="${SERVER##*/}" # basename mapfile -t SERVER_APPS < <(DOCKER_CONTEXT="$SERVER" docker stack ls --format '{{ .Name }}' 2>/dev/null) # add $SERVER~ to the start of each DEPLOYED_APPS DEPLOYED_APPS+=("${SERVER_APPS[@]/#/$SERVER~}") done fi # FIXME 3wc: doesn't take into account --type filtering printf "%s lovely apps:\n\n" "${#ENV_FILES[@]}" for i in "${!ENV_FILES[@]}"; do # Output header inside the loop, so it's included in the pipe to `column` if [ "$i" == 0 ]; then printf " DOMAIN\tTYPE\tSERVER%s%s\n" "${STATUS:+ }" "${STATUS:+STATUS}" printf " --\t--\t--%s\n" "${STATUS:+ --}" fi local ENV_FILE="${ENV_FILES[$i]}" APP_STACK_NAME IFS='/' read -r -a PARTS <<< "$ENV_FILE" FILE="${PARTS[-1]}" SERVER="${PARTS[-2]}" DOMAIN="${FILE%.env}" set -a # shellcheck disable=SC1090 TYPE="$(source "$ENV_FILE" && echo "$TYPE")" # shellcheck disable=SC1090 APP_STACK_NAME="$(source "$ENV_FILE" && echo "$STACK_NAME")" set +a if [ "$abra___type" != "" ] && [ "$abra___type" != "$TYPE" ]; then continue fi if [ -z "$APP_STACK_NAME" ]; then APP_STACK_NAME="${DOMAIN//./_}" fi if [ -n "$STATUS" ]; then APP_STATUS=$( printf '%s\n' "${DEPLOYED_APPS[@]}" | grep -qP "^${SERVER}~${APP_STACK_NAME}$" && echo "deployed" || echo "inactive") if [[ "$APP_STATUS" == "inactive" ]] ; then if [[ ${CHECKED_SERVERS[*]} =~ ${SERVER} ]]; then APP_STATUS="unknown" else if ! docker context inspect "$SERVER" > /dev/null 2>&1; then APP_STATUS="unknown" fi CHECKED_SERVERS+=("$SERVER") fi fi fi printf " %s\t%s\t%s%s\n" "$DOMAIN" "$TYPE" "$SERVER" "${STATUS:+ }${APP_STATUS}" done | column -s' ' -t # Align table `-t` based on tab characters -s`^V` } ###### .. app new help_app_new (){ echo "abra [options] app new [--app-name=] [--server=] [--domain=] [--pass] [--secrets] Create a new app of (e.g. wordpress or custom-html). OPTIONS --server= Specify which server to use (default: prompt) --domain= Set the domain name (default: prompt) --app-name= Set the app name (default: prompt) --secrets Auto-generate secrets (default: no) --pass Store generated secrets in pass (default: no)" } sub_app_new (){ shopt -s extglob require_abra_dir get_servers # decentral1se: we are overloading the use of the word "app" in the # command-line interface to mean two things -- in the code, we differentiate # between them as $APP ("an instance of an app") and $TYPE ("a kind of app") TYPE=$abra__type_ SERVER=$abra___server DOMAIN=$abra___domain APP_NAME=$abra___app_name require_app_latest "$TYPE" if [ -z "$SERVER" ]; then echo "Where would you like to put $TYPE?" select SERVER_ITEM in "${SERVERS[@]##*/}"; do if [ 1 -le "$REPLY" ] && [ "$REPLY" -le ${#SERVERS[@]} ]; then SERVER="$SERVER_ITEM" success "Selected server ${SERVER}" break fi done fi SERVER="$ABRA_DIR/servers/$SERVER" if [ ! -d "$SERVER" ]; then error "Server '$SERVER' not found" fi APP_DIR="$ABRA_DIR/apps/$TYPE" if [ -z "$DOMAIN" ]; then read -rp "Domain name: " DOMAIN fi if [ -z "$APP_NAME" ]; then # e.g.: # TYPE=custom-html, DOMAIN=foo.bar-baz.com # -> custom_html_foo_bar_baz_com DEFAULT_NAME="${TYPE/-/_}_${DOMAIN//+([.-])/_}" # truncate to 45 chars (see below) DEFAULT_NAME="${DEFAULT_NAME:0:45}" # and remove trailing _ DEFAULT_NAME="${DEFAULT_NAME%%_}" read -rp "App name [$DEFAULT_NAME]: " APP_NAME if [ -z "$APP_NAME" ]; then APP_NAME="$DEFAULT_NAME" fi fi if [ ${#APP_NAME} -gt 45 ]; then # 3wc: Docker won't create secret names > 64 characters -- setting a # 45-character limit here is enough for all our secrets so far. error "$APP_NAME cannot be longer than 45 characters in length" fi ENV_FILE="$SERVER/$APP_NAME.env" if [ -f "$ENV_FILE" ]; then error "$ENV_FILE already exists" fi cp "$APP_DIR/.env.sample" "$ENV_FILE" sed -i "s/$TYPE\.example\.com/$DOMAIN/g" "$ENV_FILE" sed -i "s/example\.com/$DOMAIN/g" "$ENV_FILE" abra__app_="$APP_NAME" get_app_secrets if [ "$abra___secrets" == "true" ]; then if [ "${#PASSWORDS[@]}" -eq 0 ]; then warning "--secrets provided but no secrets found" fi auto_gen_secrets fi echo "$(tput setaf 4)Your new '$TYPE' has been created!$(tput sgr0)" echo " $(tput setaf 3)Please customise the configuration defaults:" echo " abra app $APP_NAME config$(tput sgr0)" echo " $(tput setaf 2)Then you can deploy it:" echo " abra app $APP_NAME deploy$(tput sgr0)" } ###### .. app backup sub_app_backup (){ require_app_latest "$TYPE" # Add _ if it's defined FUNCTION="abra_backup${abra__service_:+_}$abra__service_" if ! type "$FUNCTION" > /dev/null 2>&1; then error "'$TYPE' doesn't know how to do ${abra__service_}${abra__service_:+ }backups."\ "See $GIT_URL$TYPE/issues/" fi mkdir -p "$ABRA_DIR/backups" $FUNCTION } ###### .. app restore sub_app_restore (){ require_app_latest "$TYPE" FUNCTION="abra_restore_$abra__service_" if ! type "$FUNCTION" > /dev/null 2>&1; then error "'$TYPE' doesn't know how to restore '${abra__service_}' backups."\ "See $GIT_URL$TYPE/issues/" fi $FUNCTION "$abra__backup_file_" } ###### backup utility functions # Usage: _abra_backup_dir service:/path/to/src _abra_backup_dir() { { abra__src_="$1" abra__dst_="-" } # shellcheck disable=SC2154 FILENAME="$ABRA_BACKUP_DIR/${abra__app_}_$(basename "$1")_$(date +%F).tar.gz" debug "Copying '$1' to '$FILENAME'" silence sub_app_cp | gzip > "$FILENAME" success "Backed up '$1' to $FILENAME" unsilence } _abra_backup_db_prep() { # shellcheck disable=SC2034 abra__service_="$1" # 3wc: necessary because $abra__service_ won't be set if we're coming from # `abra_backup`, i.e. `abra app ... backup --all` # What's the name of the Docker secret? Default to db_root_password DB_PASSWORD_NAME=${4:-db_root_password} debug "Looking up secret '$DB_PASSWORD_NAME'" silence DB_PASSWORD="$(sub_app_run cat "/run/secrets/$DB_PASSWORD_NAME")" unsilence # 3wc: strip newline \r from variable DB_PASSWORD="${DB_PASSWORD//$'\015'}" # shellcheck disable=SC2154 FILENAME="$ABRA_BACKUP_DIR/${abra__app_}_$(date +%F).sql.gz" } # usage: _abra_backup_postgres [ ] _abra_backup_postgres() { _abra_backup_db_prep "$@" debug "Running pg_dump to '$FILENAME'" silence # shellcheck disable=SC2034 PGPASSWORD="$DB_PASSWORD" sub_app_run pg_dump -U "${3:-postgres}" "$2" | gzip > "$FILENAME" unsilence success "Backed up '$abra__service_:$2' to '$FILENAME'" } _abra_backup_mysql() { _abra_backup_db_prep "$@" silence # shellcheck disable=SC2086 sub_app_run mysqldump -u root -p"${DB_PASSWORD}" "$2" | gzip > "$FILENAME" unsilence success "Backed up '$abra__service_:$2' to $FILENAME" } ###### .. app deploy help_app_deploy (){ echo "abra [options] app deploy [--update] Deploy app to the configured server. OPTIONS --update Consent to deploying an updated app version POWERED BY docker stack deploy -c compose.yml " } sub_app_deploy (){ require_yq require_app_latest "$TYPE" FORCE_DEPLOY=$abra___force echo "Deployment overview:" echo " Server: $(tput setaf 4)${SERVER}$(tput sgr0)" if [ "${COMPOSE_FILE/:/}" == "${COMPOSE_FILE}" ]; then echo " Compose: $(tput setaf 3)${APP_DIR}/${COMPOSE_FILE}$(tput sgr0)" else echo " Compose: $(tput setaf 3)${APP_DIR}/" IFS=':' read -ra COMPOSE_FILES <<< "$COMPOSE_FILE" for COMPOSE in "${COMPOSE_FILES[@]}"; do echo " - ${COMPOSE}" done tput sgr0 fi if [ -n "$DOMAIN" ]; then echo " Domain: $(tput setaf 2)${DOMAIN}$(tput sgr0)" fi echo " Stack: $(tput setaf 3)${STACK_NAME}$(tput sgr0)" output_version_summary if [[ $FORCE_DEPLOY != "true" ]]; then prompt_confirm fi APP=$(basename "$APP_DIR") ( (cd "$APP_DIR" || error "\$APP_DIR '$APP_DIR' not found") # shellcheck disable=SC2086 if (cd "$APP_DIR" && docker stack deploy -c ${COMPOSE_FILE//:/ -c } "$STACK_NAME"); then if [ -n "$DOMAIN" ]; then success "Yay! App should be available at https://${DOMAIN}" else success "Yay! That worked. No \$DOMAIN defined, check status by running \"abra app ${STACK_NAME} ps\"" fi else error "Oh no! Something went wrong 😕 Check errors above" fi ) } ###### .. app undeploy help_app_undeploy (){ echo "abra [options] app undeploy Opposite of \`app deploy\`; deactivate an app without deleting anything. If you want to completely delete an app, then you're looking for \`app rm\`. POWERED BY docker stack rm " } sub_app_undeploy (){ FORCE_UNDEPLOY=$abra___force warning "About to un-deploy $STACK_NAME from $SERVER" if [[ $FORCE_UNDEPLOY != "true" ]]; then prompt_confirm fi docker stack rm "$STACK_NAME" } ###### .. app config help_app_config (){ echo "abra [options] app config Open the app configuration in \$EDITOR." } sub_app_config (){ if [ -z "$EDITOR" ]; then warning "\$EDITOR not set; which text editor would you like to use?" EDITORS_ALL=(vi vim nano pico emacs) declare -a EDITORS_AVAILABLE for EDITOR in "${EDITORS_ALL[@]}"; do if type "$EDITOR" > /dev/null 2>&1; then EDITORS_AVAILABLE+=("$EDITOR") fi done if [ ${#EDITORS_AVAILABLE[@]} = 0 ]; then error "No text editors found! Are you using a magnetised needle? 🤪" fi select EDITOR in "${EDITORS_AVAILABLE[@]}"; do if [ 1 -le "$REPLY" ] && [ "$REPLY" -le ${#EDITORS_AVAILABLE[@]} ]; then SERVER="$EDITOR" success "Using '${EDITOR}'; Add 'export EDITOR=${EDITOR}' to your ~/.bashrc to set as default" break fi done fi $EDITOR "$ENV_FILE" } ###### .. app version sub_app_version (){ # shellcheck disable=SC2016 echo '`abra app version` command working correctly!' } ###### .. app check help_app_check (){ echo "abra [options] app check Make sure that all an app's required variables are set." } sub_app_check (){ if [ "$abra___skip_check" = "true" ]; then return 0 fi APP_ENV=$(grep -v '^#' "$ENV_FILE" | cut -d' ' -f2 | cut -d'=' -f1 | sort -u) STACK_ENV=$(grep -v '^#' "$APP_DIR/.env.sample" | cut -d' ' -f2 | cut -d'=' -f1 | sort -u) debug "APP_ENV: $APP_ENV" debug "STACK_ENV: $STACK_ENV" # Only show "1", items in STACK_ENV which aren't in APP_ENV MISSING_VARS=$(comm -23 <(echo "$STACK_ENV") <(echo "$APP_ENV")) if [ -z "$MISSING_VARS" ]; then success "Yay! All the necessary basic variables are defined" return 0 fi error "Found missing variables: $MISSING_VARS" } ###### .. app ps help_app_ps (){ echo "abra [options] app ps Show 's running containers. POWERED BY docker stack ps " } sub_app_ps (){ docker stack ps "$STACK_NAME" } ###### .. app delete help_app_rm (){ help_app_delete } sub_app_rm (){ sub_app_delete } help_app_delete (){ echo "abra [options] app (rm|delete) [--force] Delete completely (\"hard delete\"). All local configuration, volumes and secrets can be removed with this command. OPTIONS --force Live dangerously; skip prompt for confirmation --volumes Delete all storage volumes --secrets Delete all secrets POWERED BY docker volume ls / docker volume rm docker secret ls / docker secret rm " } sub_app_delete (){ if [ "$abra___force" != "true" ]; then warning "About to delete $ENV_FILE" prompt_confirm fi rm "$ENV_FILE" if [ "$abra___volumes" = "true" ]; then volumes="$(docker volume ls --filter "name=${STACK_NAME}" --quiet)" if [ "$abra___force" != "true" ] && [ "$abra___volumes" = "true" ]; then # shellcheck disable=SC2086 warning "SCARY: About to remove all volumes associated with ${STACK_NAME}: $(echo $volumes | tr -d '\n')" prompt_confirm fi docker volume rm --force "$volumes" fi if [ "$abra___secrets" = "true" ]; then secrets="$(docker secret ls --filter "name=${STACK_NAME}" --quiet)" if [ "$abra___force" != "true" ] && [ "$abra___secrets" = "true" ]; then # shellcheck disable=SC2086 warning "SCARY: About to remove all secrets associated with ${STACK_NAME}: $(echo $secrets | tr -d '\n')" prompt_confirm fi docker secret rm "$secrets" fi } ###### .. app secret insert help_app_secret_insert (){ echo "abra [options] app secret insert [--pass] Store as a Docker secret called _. OPTIONS --pass Save the secret in \`pass\` as well POWERED BY docker secret insert" } sub_app_secret_insert() { SECRET="$abra__secret_" VERSION="$abra__version_" PW="$abra__data_" STORE_WITH_PASS="$abra___pass" if [ -z "$SECRET" ] || [ -z "$VERSION" ] || [ -z "$PW" ]; then error "Required arguments missing" fi # shellcheck disable=SC2059 printf "$PW" | docker secret create "${STACK_NAME}_${SECRET}_${VERSION}" - > /dev/null if [ "$STORE_WITH_PASS" == "true" ] && type pass > /dev/null 2>&1; then echo "$PW" | pass insert "hosts/$DOCKER_CONTEXT/${STACK_NAME}/${SECRET}" -m > /dev/null success "pass: hosts/$DOCKER_CONTEXT/${STACK_NAME}/${SECRET}" fi } ###### .. app secret delete help_app_secret_rm (){ help_app_secret_delete } sub_app_secret_rm(){ sub_app_secret_delete } help_app_secret_delete (){ echo "abra [options] app secret (delete|rm) (|--all) [--pass] [--force] Remove 's Docker secret . OPTIONS --pass Remove secret(s) from \`pass\` as well --all Delete all secrets for --force Live dangerously; skip prompt for confirmation POWERED BY docker secret rm docker secret ls (for --all)" } sub_app_secret_delete(){ # if --all is provided then $abra__secret_ will be blank and this will work # auto-magically NAMES=$(docker secret ls --filter "name=${STACK_NAME}_${abra__secret_}" --format "{{.Name}}") if [ -z "$NAMES" ]; then error "Could not find any secrets under ${STACK_NAME}_${abra__secret_}" fi if [ "$abra___force" != "true" ]; then warning "About to delete $(echo "$NAMES" | paste -d "")" prompt_confirm fi for NAME in ${NAMES}; do docker secret rm "$NAME" > /dev/null # as above, no need to test for --all, cos if abra__secret_ is blank it'll # Just Work anyway if [ "$abra___pass" == "true" ] && type pass > /dev/null 2>&1; then pass rm -r "hosts/$DOCKER_CONTEXT/${STACK_NAME}/${abra__secret_}" > /dev/null \ && success "pass rm'd: hosts/$DOCKER_CONTEXT/${STACK_NAME}/${abra__secret_}" fi done } ###### .. app secret generate help_app_secret_generate (){ echo "abra [options] app secret generate ( |--all) [] [--pass] Generate _ for and store as a Docker secret. OPTIONS Generate a single secret Specify secret version (for single secret) --all Auto-generate all secrets Run to generate secret (default: pwqgen) --pass Save generated secrets in \`pass\` POWERED BY docker secret insert" } sub_app_secret_generate(){ SECRET="$abra__secret_" VERSION="$abra__version_" LENGTH="$abra__length_" if [ "$abra___all" == "true" ]; then # Note(decentral1se): we need to reset the flag here to avoid the infinite # recursion of auto_gen_secrets which calls this function itself abra___all="false" auto_gen_secrets return fi if [[ -n "$LENGTH" ]]; then require_pwgen PWGEN=${abra__cmd_:-pwgen -s "$LENGTH" 1} else require_pwqgen PWGEN="${abra__cmd_:-pwqgen}" fi echo "SECRET: $SECRET, VERSION $VERSION, PW $PW, ALL $abra___all" if [ -z "$SECRET" ] || [ -z "$VERSION" ] && [ "$abra___all" == "false" ]; then error "Required arguments missing" fi PW=$($PWGEN|tr -d "\n") success "Password: $PW" # TODO 3wc: this is a little janky, might be better to make a # util_secret_insert function which this and sub_secret_insert can call abra__data_="$PW" sub_app_secret_insert warning "These generated secrets are now stored as encrypted data on your server" warning "Please take a moment to make sure you have saved a copy of the passwords" warning "Abra is not able to show the password values in plain text again" warning "See https://docs.docker.com/engine/swarm/secrets/ for more on secrets" } ###### .. app run help_app_run (){ echo "abra [options] app run [--no-tty] [--user=] ... Run ... (often something like 'bash' or 'sh') in 's container. OPTIONS --no-tty Don't allocate a TTY; sometimes running \`mysql\` enjoys this --user= Run as the UNIX user , e.g. for running Wordpress-CLI as www-data EXAMPLES abra wordpress_foo_bar run app bash POWERED BY CONTAINER_ID=\$(docker container ls -f ...) docker exec \$CONTAINER_ID ..." } sub_app_run(){ if [ -n "$abra___user" ]; then RUN_USER="-u $abra___user" fi if [ "$abra___no_tty" = "true" ]; then ARGS="-i" else ARGS="-it" fi CONTAINER=$(docker container ls --format "table {{.ID}},{{.Names}}" \ | grep "${STACK_NAME}_${abra__service_}" | head -n1 | cut -d',' -f1) if [ -z "$CONTAINER" ]; then error "Can't find a container for ${STACK_NAME}_${abra__service_}" exit fi debug "Using container ID ${CONTAINER}" # 3wc: we want the "splitting" that shellcheck warns us about, so that -u and # $RUN_USER aren't treated as a single argument: # shellcheck disable=SC2086 docker exec $RUN_USER $ARGS "$CONTAINER" "$@" return } ###### .. app rollback help_app_rollback (){ echo "abra [options] app rollback Rollback a deployed app service to a previous version. EXAMPLES abra app wordpress rollback app POWERED BY CONTAINER_ID=\$(docker container ls -f ...) docker service rollback \$CONTAINER_ID ..." } sub_app_rollback(){ SERVICE="${abra__service_}" docker service rollback "${STACK_NAME}_${SERVICE}" } ###### .. app logs help_app_logs (){ echo "abra [options] app logs [] Show logs for . OPTIONS Only show logs for a specific service (default: combine all services) EXAMPLES abra wordpress_foo_bar logs app POWERED BY docker service logs" } sub_app_logs (){ SERVICE="${abra__service_}" if [ -z "$SERVICE" ]; then stack_logs "${STACK_NAME}" return fi shift if [ $# -eq 0 ]; then LOGS_ARGS="\ --follow \ --tail 20 \ --no-trunc \ --details \ --timestamps" else # shellcheck disable=SC2124 LOGS_ARGS=$@ fi # shellcheck disable=SC2086 docker service logs "${STACK_NAME}_${SERVICE}" $LOGS_ARGS } ###### .. app cp help_app_cp (){ echo "abra [options] app cp Copy files to or from a running container. One of or must have the format :. Copying multiple files is possible using \`tar\`, see EXAMPLES. If is a file then it will be over-written, if it is a folder then will be copied into it. EXAMPLES abra app customhtml_foo_bar_com cp index.html app:/usr/share/nginx/html/ tar cf - wp-content | abra app wordpress_bar_bat_com cp - app:/var/www/html/ POWERED BY CONTAINER_ID=\$(docker container ls -f ...) docker cp \$CONTAINER_ID: docker cp \$CONTAINER_ID: " } sub_app_cp() { SOURCE="${abra__src_}" DEST="${abra__dst_}" # Get the service name from either SOURCE or DEST SERVICE=$(echo "$SOURCE" | grep -o '^[^:]\+:' || echo "$DEST" | grep -o '^[^:]\+:') SERVICE=$(echo "$SERVICE" | tr -d ':') if [ -z "$SERVICE" ]; then echo "Usage: $PROGRAM_NAME cp SERVICE:SRC_PATH DEST_PATH" echo " $PROGRAM_NAME cp SRC_PATH SERVICE:DEST_PATH" echo "" error "Can't find SERVICE in either SRC or DEST" fi CONTAINER=$(docker container ls --format "table {{.ID}},{{.Names}}" \ | grep "${STACK_NAME}_${SERVICE}" | cut -d',' -f1) if [ -z "$CONTAINER" ]; then error "Can't find a container for ${STACK_NAME}_${SERVICE}" exit fi debug "Using container ID ${CONTAINER}" # Replace $SERVICE with $CONTAINER in the original args CP_ARGS=$(echo "$SOURCE $DEST" | sed "s/$SERVICE:/$CONTAINER:/") # FIXME 3wc: this might cause problems for filenames with spaces.. # shellcheck disable=SC2086 docker cp ${CP_ARGS} } ####################################### # abra server .. ####################################### ###### .. server ls help_server_ls (){ help_server_list } sub_server_ls() { sub_server_list } help_server_list (){ echo "abra [options] server (list|ls) List locally-defined servers." } sub_server_list() { get_servers warning "Loading status from ${#SERVERS[@]} server(s), patience advised.." printf "%s servers:\n\n" "${#SERVERS[@]}" local -a idx=0 for SERVER in "${SERVERS[@]}"; do if [[ "$idx" == 0 ]]; then printf " NAME\tCONNECTION\n" printf " --\t--\t\n" fi name="${SERVER##*/}" host=$(docker context inspect "$name" -f "{{.Endpoints.docker.Host}}" 2>/dev/null) printf " %s\t%s\n" "$name" "${host:-UNKNOWN}" idx+=1 done | column -s' ' -t } ###### .. server init help_server_init (){ echo "abra [options] server init Set up a server for Docker swarm joy. This initialisation explicitly chooses for the \"single host swarm\" mode which uses the default IPv4 address as the advertising address. This can be re-configured later for more advanced use cases. POWERED BY docker swarm init docker network create ..." } sub_server_init() { export DOCKER_CONTEXT="${abra__host_}" load_context # Note(decentral1se): it sucks to use Google DNS but it seems like a reliable method # for determining the default IPv4 address especially nowadays # when there are often multiple internal addresses assigned to eth0 default_ipv4="$(ip route get 8.8.8.8 | head -1 | awk '{print $7}')" if [ "$abra___debug" = "true" ]; then DOCKER_ENDPOINT=$(docker context inspect "$DOCKER_CONTEXT" -f "{{.Endpoints.docker.Host}}" 2>/dev/null) debug "Connecting to $DOCKER_CONTEXT via SSH ($DOCKER_ENDPOINT)" fi docker swarm init --advertise-addr "$default_ipv4" || true docker network create --driver=overlay proxy --scope swarm || true } ###### .. server add help_server_add (){ echo "abra [options] server add [] [] Add a server, reachable on . OPTIONS , SSH connection details POWERED BY docker context create ..." } sub_server_add() { require_abra_dir HOST="$abra__host_" USERNAME="$abra__user_" PORT="$abra__port_" if [ -n "$PORT" ]; then PORT=":$PORT" fi if [ -n "$USERNAME" ]; then USERNAME="$USERNAME@" fi docker context create "$HOST" \ --docker "host=ssh://$USERNAME$HOST$PORT" \ || true mkdir -p "$ABRA_DIR/servers/$HOST" } ###### .. server new help_server_new (){ echo "abra [options] server new Use a provider plugin to create an actual new server resource (VPS or otherwise) which can then be used to house a new Co-op Cloud installation. OPTIONS Provider plugin for creating new server (choices: hetzner)" } sub_server_new() { require_abra_dir PROVIDER="$abra__provider_" BRANCH="${abra___branch:-master}" if [ "$PROVIDER" != "hetzner" ]; then error "Unknown provider plugin 'abra-${PROVIDER}'" fi if [ ! -d "$ABRA_DIR/plugins/abra-$PROVIDER" ]; then warning "The 'abra-$PROVIDER' plugin was not found, fetching via Git" if ! git clone --branch "$BRANCH" "$GIT_URL/abra-$PROVIDER.git" "$ABRA_DIR/plugins/abra-$PROVIDER" > /dev/null 2>&1 ; then error "Could not retrieve the abra-$PROVIDER plugin, does it exist?" fi success "Fetched abra-$PROVIDER plugin via Git (branch: $BRANCH)" fi # shellcheck disable=SC1090 source "$ABRA_DIR/plugins/abra-$PROVIDER/abra-$PROVIDER" } ###### .. server delete help_server_rm (){ help_server_delete } sub_server_rm() { sub_server_delete } help_server_delete (){ echo "abra [options] server delete Remove server POWERED BY docker context rm ..." } sub_server_delete() { docker context rm "$abra__host_" } ###### .. server apps help_server_apps (){ echo "abra [options] server apps [--status] Alias for \`abra app ls --server=. OPTIONS --status Show whether apps are deployed (warning! slow!) POWERED BY (for --status) docker stack ls" } sub_server_apps() { abra___server="$abra__host_" sub_app_list } ####################################### # Misc commands ####################################### ###### .. upgrade help_upgrade (){ echo "abra [options] upgrade [--dev] Upgrade abra itself, using the online installer script. OPTIONS --dev Upgrade to the latest development version (HEAD)" } sub_upgrade() { if [[ "$abra___dev" == "true" ]]; then curl https://install.abra.autonomic.zone | bash -s -- --dev else curl https://install.abra.autonomic.zone | bash fi } ###### .. version help_version (){ echo "abra [options] version Show the installed version of abra." } sub_version() { if [ -L "$0" ] && [ -e "$0" ]; then ABRA_SRC=$(readlink "$0") ABRA_DIGEST=$(cd "${ABRA_SRC%/*}" && git rev-parse --short HEAD) fi echo "$ABRA_VERSION${ABRA_DIGEST:+-}${ABRA_DIGEST}" } ###### .. help help_help (){ echo "HEEEEEELP! 😱" } sub_help() { SUBCOMMAND=$(IFS="_"; echo "${abra__subcommands_[*]}") if [ -z "$SUBCOMMAND" ]; then printf "%s" "$DOC" exit fi HELP_CMD="help_${SUBCOMMAND}" if type "$HELP_CMD" > /dev/null 2>&1; then "$HELP_CMD" else HELP_COMMANDS=$(declare -Ff | grep 'help_' | cut -d' ' -f3 | sed 's/_/ /g') error "No help found for '$abra__subcommands_' Try one of these: ${HELP_COMMANDS//help /}" fi } ####################################### # cheeky docker aliases ####################################### ###### .. stack ... sub_stack() { # shellcheck disable=SC2068 docker stack $@ } ###### .. volume ... sub_volume() { # shellcheck disable=SC2068 docker volume $@ } ###### .. network ... sub_network() { # shellcheck disable=SC2068 docker network $@ } ####################################### # Main ####################################### abra() { require_bash_4 # TODO (3wc): we either need to do this, or add 'shellcheck disable' all over # the place to handle the dynamically-defined vars declare abra___stack abra___env abra__command_ abra__args_ \ abra__secret_ abra__version_ abra__data_ abra___user abra__host_ \ abra__type_ abra__port_ abra__user_ abra__service_ abra__src_ abra__dst_ \ abra___server abra___domain abra___force abra___pass \ abra___secrets abra___status abra___no_tty abra___app_name \ abra__subcommands_ abra___skip_update abra___skip_check \ abra__backup_file_ abra___verbose abra___debug abra___help \ abra___branch abra___volumes abra__provider_ abra___type \ abra___dev abra___update if ! type tput > /dev/null 2>&1; then tput() { echo -n } fi DOCOPT_PREFIX=abra_ DOCOPT_ADD_HELP=false eval "$(docopt "$@")" # --stack STACK_NAME=$abra___stack # --env if [ -n "$abra___env" ]; then set -a # shellcheck disable=SC1090 source "$abra___env" || error "Unable to load env from '$abra___env'" set +a fi if [ -n "$abra__app_" ]; then load_instance load_instance_env fi load_abra_sh # Search for sub_* functions, and check if any of them matches enabled # arguments (i.e. is a command and is specified). The `awk / sort` sorts by # the number of occurrences of '_' in the function name, to ensure that # `abra app version` will be matched before `abra version`. SUBCOMMANDS=$(declare -Ff | grep 'sub_' | cut -d' ' -f3 | awk '{ print gsub("_","&"), $0 }' | sort -n -r | cut -d" " -f2-) for SUBCOMMAND in $SUBCOMMANDS; do IFS='_' read -r -a PARTS <<< "$SUBCOMMAND" for PART in "${PARTS[@]:1}"; do # TODO 3wc: probably a better way to check if a variable is defined.. VAR=$(eval "echo \$abra_$PART") if [ ! "$VAR" == "true" ]; then continue 2 fi done abra__command_=$(IFS="_"; echo "${PARTS[*]:1}") break done if [ "$abra___help" = "true" ]; then if [ -z "$abra__command_" ]; then # shellcheck disable=SC2059 printf "$DOC" exit elif type "help_${abra__command_}" > /dev/null 2>&1; then "help_${abra__command_}" exit else error "No help for '$abra__command_'" fi fi # Use abra__command_ in case `command` is provided (i.e. `volume` or `stack`) CMD="sub_${abra__command_}" if type "$CMD" > /dev/null 2>&1; then # shellcheck disable=SC2086 "$CMD" ${abra__args_[*]} else docopt_exit fi } abra "$@"