Add .. secret auto command

This commit is contained in:
3wc 2020-10-28 00:29:40 +02:00
parent b1e8ac4498
commit b6b80298c2

134
abra
View File

@ -19,6 +19,7 @@ Usage:
abra [options] app <domain> cp <src> <dst>
abra [options] app <domain> run [--user=<user>] <service> <args>...
abra [options] app <domain> run <service> <args>...
abra [options] app <domain> secret auto
abra [options] app <domain> secret generate <secret> <version> [<cmd>]
abra [options] app <domain> secret insert <secret> <version> <data>
abra [options] server add <host> [<user>] [<port>]
@ -137,62 +138,62 @@ eval "var_$1+=($value)"; else eval "var_$1=$value"; fi; return 0; fi; done
return 1; }; stdout() { printf -- "cat <<'EOM'\n%s\nEOM\n" "$1"; }; stderr() {
printf -- "cat <<'EOM' >&2\n%s\nEOM\n" "$1"; }; error() {
[[ -n $1 ]] && stderr "$1"; stderr "$usage"; _return 1; }; _return() {
printf -- "exit %d\n" "$1"; exit "$1"; }; set -e; trimmed_doc=${DOC:1:1104}
usage=${DOC:40:796}; digest=0e48b; shorts=(-v -e -h -s '' '' '')
longs=(--version --env --help --stack --server --domain --user)
argcounts=(0 1 0 1 1 1 1); node_0(){ switch __version 0; }; node_1(){
value __env 1; }; node_2(){ switch __help 2; }; node_3(){ value __stack 3; }
node_4(){ value __server 4; }; node_5(){ value __domain 5; }; node_6(){
value __user 6; }; node_7(){ value _app_ a; }; node_8(){ value _domain_ a; }
node_9(){ value _service_ a; }; node_10(){ value _src_ a; }; node_11(){
value _dst_ a; }; node_12(){ value _args_ a true; }; node_13(){ value _secret_ a
}; node_14(){ value _version_ a; }; node_15(){ value _cmd_ a; }; node_16(){
value _data_ a; }; node_17(){ value _host_ a; }; node_18(){ value _user_ a; }
node_19(){ value _port_ a; }; node_20(){ value _command_ a; }; node_21(){
_command app; }; node_22(){ _command new; }; node_23(){ _command list; }
node_24(){ _command ls; }; node_25(){ _command deploy; }; node_26(){
_command logs; }; node_27(){ _command multilogs; }; node_28(){ _command cp; }
node_29(){ _command run; }; node_30(){ _command secret; }; node_31(){
_command generate; }; node_32(){ _command insert; }; node_33(){ _command server
}; node_34(){ _command add; }; node_35(){ _command rm; }; node_36(){
_command use; }; node_37(){ _command init; }; node_38(){ _command upgrade; }
node_39(){ optional 0 1 2 3; }; node_40(){ optional 39; }; node_41(){
optional 4 5; }; node_42(){ required 40 21 22 41 7; }; node_43(){ either 23 24
}; node_44(){ required 43; }; node_45(){ required 40 21 44; }; node_46(){
required 40 21 8 25; }; node_47(){ optional 9; }; node_48(){
required 40 21 8 26 47; }; node_49(){ required 40 21 8 27; }; node_50(){
required 40 21 8 28 10 11; }; node_51(){ optional 6; }; node_52(){ oneormore 12
}; node_53(){ required 40 21 8 29 51 9 52; }; node_54(){
required 40 21 8 29 9 52; }; node_55(){ optional 15; }; node_56(){
required 40 21 8 30 31 13 14 55; }; node_57(){ required 40 21 8 30 32 13 14 16
}; node_58(){ optional 18; }; node_59(){ optional 19; }; node_60(){
required 40 33 34 17 58 59; }; node_61(){ required 40 33 44; }; node_62(){
required 40 33 35 17; }; node_63(){ required 40 33 36 17; }; node_64(){
required 40 33 37 17; }; node_65(){ required 40 38; }; node_66(){
required 40 20 52; }; node_67(){
either 42 45 46 48 49 50 53 54 56 57 60 61 62 63 64 65 66; }; node_68(){
required 67; }; cat <<<' docopt_exit() { [[ -n $1 ]] && printf "%s\n" "$1" >&2
printf "%s\n" "${DOC:40:796}" >&2; exit 1; }'; unset var___version var___env \
var___help var___stack var___server var___domain var___user var__app_ \
printf -- "exit %d\n" "$1"; exit "$1"; }; set -e; trimmed_doc=${DOC:1:1146}
usage=${DOC:40:838}; digest=3ff34; shorts=(-e -s -v -h '' '' '')
longs=(--env --stack --version --help --server --domain --user)
argcounts=(1 1 0 0 1 1 1); node_0(){ value __env 0; }; node_1(){ value __stack 1
}; node_2(){ switch __version 2; }; node_3(){ switch __help 3; }; node_4(){
value __server 4; }; node_5(){ value __domain 5; }; node_6(){ value __user 6; }
node_7(){ value _app_ a; }; node_8(){ value _domain_ a; }; node_9(){
value _service_ a; }; node_10(){ value _src_ a; }; node_11(){ value _dst_ a; }
node_12(){ value _args_ a true; }; node_13(){ value _secret_ a; }; node_14(){
value _version_ a; }; node_15(){ value _cmd_ a; }; node_16(){ value _data_ a; }
node_17(){ value _host_ a; }; node_18(){ value _user_ a; }; node_19(){
value _port_ a; }; node_20(){ value _command_ a; }; node_21(){ _command app; }
node_22(){ _command new; }; node_23(){ _command list; }; node_24(){ _command ls
}; node_25(){ _command deploy; }; node_26(){ _command logs; }; node_27(){
_command multilogs; }; node_28(){ _command cp; }; node_29(){ _command run; }
node_30(){ _command secret; }; node_31(){ _command auto; }; node_32(){
_command generate; }; node_33(){ _command insert; }; node_34(){ _command server
}; node_35(){ _command add; }; node_36(){ _command rm; }; node_37(){
_command use; }; node_38(){ _command init; }; node_39(){ _command upgrade; }
node_40(){ optional 0 1 2 3; }; node_41(){ optional 40; }; node_42(){
optional 4 5; }; node_43(){ required 41 21 22 42 7; }; node_44(){ either 23 24
}; node_45(){ required 44; }; node_46(){ required 41 21 45; }; node_47(){
required 41 21 8 25; }; node_48(){ optional 9; }; node_49(){
required 41 21 8 26 48; }; node_50(){ required 41 21 8 27; }; node_51(){
required 41 21 8 28 10 11; }; node_52(){ optional 6; }; node_53(){ oneormore 12
}; node_54(){ required 41 21 8 29 52 9 53; }; node_55(){
required 41 21 8 29 9 53; }; node_56(){ required 41 21 8 30 31; }; node_57(){
optional 15; }; node_58(){ required 41 21 8 30 32 13 14 57; }; node_59(){
required 41 21 8 30 33 13 14 16; }; node_60(){ optional 18; }; node_61(){
optional 19; }; node_62(){ required 41 34 35 17 60 61; }; node_63(){
required 41 34 45; }; node_64(){ required 41 34 36 17; }; node_65(){
required 41 34 37 17; }; node_66(){ required 41 34 38 17; }; node_67(){
required 41 39; }; node_68(){ required 41 20 53; }; node_69(){
either 43 46 47 49 50 51 54 55 56 58 59 62 63 64 65 66 67 68; }; node_70(){
required 69; }; cat <<<' docopt_exit() { [[ -n $1 ]] && printf "%s\n" "$1" >&2
printf "%s\n" "${DOC:40:838}" >&2; exit 1; }'; unset var___env var___stack \
var___version var___help var___server var___domain var___user var__app_ \
var__domain_ var__service_ var__src_ var__dst_ var__args_ var__secret_ \
var__version_ var__cmd_ var__data_ var__host_ var__user_ var__port_ \
var__command_ var_app var_new var_list var_ls var_deploy var_logs \
var_multilogs var_cp var_run var_secret var_generate var_insert var_server \
var_add var_rm var_use var_init var_upgrade; parse 68 "$@"
local prefix=${DOCOPT_PREFIX:-''}; unset "${prefix}__version" "${prefix}__env" \
"${prefix}__help" "${prefix}__stack" "${prefix}__server" "${prefix}__domain" \
var_multilogs var_cp var_run var_secret var_auto var_generate var_insert \
var_server var_add var_rm var_use var_init var_upgrade; parse 70 "$@"
local prefix=${DOCOPT_PREFIX:-''}; unset "${prefix}__env" "${prefix}__stack" \
"${prefix}__version" "${prefix}__help" "${prefix}__server" "${prefix}__domain" \
"${prefix}__user" "${prefix}_app_" "${prefix}_domain_" "${prefix}_service_" \
"${prefix}_src_" "${prefix}_dst_" "${prefix}_args_" "${prefix}_secret_" \
"${prefix}_version_" "${prefix}_cmd_" "${prefix}_data_" "${prefix}_host_" \
"${prefix}_user_" "${prefix}_port_" "${prefix}_command_" "${prefix}app" \
"${prefix}new" "${prefix}list" "${prefix}ls" "${prefix}deploy" "${prefix}logs" \
"${prefix}multilogs" "${prefix}cp" "${prefix}run" "${prefix}secret" \
"${prefix}generate" "${prefix}insert" "${prefix}server" "${prefix}add" \
"${prefix}rm" "${prefix}use" "${prefix}init" "${prefix}upgrade"
eval "${prefix}"'__version=${var___version:-false}'
"${prefix}auto" "${prefix}generate" "${prefix}insert" "${prefix}server" \
"${prefix}add" "${prefix}rm" "${prefix}use" "${prefix}init" "${prefix}upgrade"
eval "${prefix}"'__env=${var___env:-}'
eval "${prefix}"'__help=${var___help:-false}'
eval "${prefix}"'__stack=${var___stack:-}'
eval "${prefix}"'__version=${var___version:-false}'
eval "${prefix}"'__help=${var___help:-false}'
eval "${prefix}"'__server=${var___server:-}'
eval "${prefix}"'__domain=${var___domain:-}'
eval "${prefix}"'__user=${var___user:-}'; eval "${prefix}"'_app_=${var__app_:-}'
@ -215,6 +216,7 @@ eval "${prefix}"'logs=${var_logs:-false}'
eval "${prefix}"'multilogs=${var_multilogs:-false}'
eval "${prefix}"'cp=${var_cp:-false}'; eval "${prefix}"'run=${var_run:-false}'
eval "${prefix}"'secret=${var_secret:-false}'
eval "${prefix}"'auto=${var_auto:-false}'
eval "${prefix}"'generate=${var_generate:-false}'
eval "${prefix}"'insert=${var_insert:-false}'
eval "${prefix}"'server=${var_server:-false}'
@ -223,16 +225,17 @@ eval "${prefix}"'use=${var_use:-false}'
eval "${prefix}"'init=${var_init:-false}'
eval "${prefix}"'upgrade=${var_upgrade:-false}'; local docopt_i=1
[[ $BASH_VERSION =~ ^4.3 ]] && docopt_i=2; for ((;docopt_i>0;docopt_i--)); do
declare -p "${prefix}__version" "${prefix}__env" "${prefix}__help" \
"${prefix}__stack" "${prefix}__server" "${prefix}__domain" "${prefix}__user" \
declare -p "${prefix}__env" "${prefix}__stack" "${prefix}__version" \
"${prefix}__help" "${prefix}__server" "${prefix}__domain" "${prefix}__user" \
"${prefix}_app_" "${prefix}_domain_" "${prefix}_service_" "${prefix}_src_" \
"${prefix}_dst_" "${prefix}_args_" "${prefix}_secret_" "${prefix}_version_" \
"${prefix}_cmd_" "${prefix}_data_" "${prefix}_host_" "${prefix}_user_" \
"${prefix}_port_" "${prefix}_command_" "${prefix}app" "${prefix}new" \
"${prefix}list" "${prefix}ls" "${prefix}deploy" "${prefix}logs" \
"${prefix}multilogs" "${prefix}cp" "${prefix}run" "${prefix}secret" \
"${prefix}generate" "${prefix}insert" "${prefix}server" "${prefix}add" \
"${prefix}rm" "${prefix}use" "${prefix}init" "${prefix}upgrade"; done; }
"${prefix}auto" "${prefix}generate" "${prefix}insert" "${prefix}server" \
"${prefix}add" "${prefix}rm" "${prefix}use" "${prefix}init" "${prefix}upgrade"
done; }
# docopt parser above, complete command for generating this parser is `docopt.sh abra`
PROGRAM_NAME=$(basename "$0")
@ -307,6 +310,10 @@ get_servers() {
shopt -u nullglob dotglob
}
get_app_secrets() {
mapfile -t SECRETS < <(grep PASSWORD "$ENV_FILE" | cut -d' ' -f2)
}
load_instance() {
DOMAIN="$abra__domain_"
ENV_FILE=$(find ~/.abra -name "$DOMAIN.env")
@ -427,6 +434,17 @@ sub_app_new (){
cp "$APP_DIR/.envrc.sample" "$ENV_FILE"
sed -i "s/$APP\.example\.com/$DOMAIN/g" "$ENV_FILE"
abra__domain_="$DOMAIN"
get_app_secrets
if [ "${#SECRETS[@]}" -gt 0 ]; then
read -rp "Generate ${#SECRETS[@]} secrets? ([y]/n) " SECRETS_CONFIRM
if [ "$SECRETS_CONFIRM" != "n" ]; then
sub_app_secret_auto
fi
fi
echo "$(tput setaf 4)Your new '$APP' is ready for action:$(tput sgr0)"
echo " $(tput setaf 3)Customise the configuration:"
echo " $ENV_FILE$(tput sgr0)"
@ -524,6 +542,20 @@ sub_app_secret_generate(){
sub_app_secret_insert
}
sub_app_secret_auto(){
load_instance
load_instance_env
get_app_secrets
for SECRET in "${SECRETS[@]}"; do
abra__secret_="${SECRET%=*}" # strip =v1
abra__secret_="${abra__secret_%_VERSION}" # strip VERSION_
abra__secret_="${abra__secret_,,}" # lowercase
abra__version_="${SECRET#*=}"
sub_app_secret_generate
done
}
###### .. app <domain> run <args>...
sub_app_run(){
@ -637,9 +669,7 @@ sub_app_cp() {
sub_server_init() {
export DOCKER_CONTEXT="${abra__host_}"
if [ -n "$DOCKER_CONTEXT" ]; then
load_context
fi
load_context
docker swarm init || true
docker network create --driver=overlay proxy --scope swarm || true