abra/abra
2021-03-18 19:45:30 +01:00

1903 lines
59 KiB
Bash
Executable File

#!/usr/bin/env bash
GIT_URL="https://git.autonomic.zone/coop-cloud/"
ABRA_DIR="${ABRA_DIR:-$HOME/.abra}"
ABRA_VERSION="0.6.0"
ABRA_BACKUP_DIR="${ABRA_BACKUP_DIR:-$ABRA_DIR/backups}"
ABRA_VENDOR_DIR="$ABRA_DIR/vendor"
YQ="$ABRA_VENDOR_DIR/yq"
#######################################
# Global help
#######################################
DOC="
The cooperative cloud utility belt 🎩🐇
Usage:
abra [options] app (list|ls) [--status] [--server=<server>] [--type=<type>]
abra [options] app new [--server=<server>] [--domain=<domain>] [--app-name=<app_name>] [--pass] [--secrets] <type>
abra [options] app <app> backup (<service>|--all)
abra [options] app <app> deploy [--update] [--force]
abra [options] app <app> check
abra [options] app <app> config
abra [options] app <app> cp <src> <dst>
abra [options] app <app> logs [<service>]
abra [options] app <app> ps
abra [options] app <app> restore (<service>|--all)
abra [options] app <app> (rm|delete) [--force] [--volumes] [--secrets]
abra [options] app <app> restore <service> [<backup file>]
abra [options] app <app> run [--no-tty] [--user=<user>] <service> <args>...
abra [options] app <app> rollback <service>
abra [options] app <app> secret generate (<secret> <version>|--all) [<cmd>] [--pass]
abra [options] app <app> secret insert <secret> <version> <data> [--pass]
abra [options] app <app> secret (rm|delete) (<secret>|--all) [--pass] [--force]
abra [options] app <app> undeploy [--force]
abra [options] app <app> <command> [<args>...]
abra [options] server add <host> [<user>] [<port>]
abra [options] server new <provider>
abra [options] server (list|ls)
abra [options] server <host> rm
abra [options] server <host> init
abra [options] server <host> apps [--status]
abra [options] upgrade [--dev]
abra [options] version
abra [options] help [<subcommands>...]
abra [options]
Options:
-e, --env=<path> Environment variables to load
-h, --help Show this message and exit
-s, --stack=<stack> Name of the target stack
-C, --skip-check Don't verify app variables
-U, --skip-update Don't pull latest app definitions
-v, --verbose Show INFO messages
-d, --debug Show DEBUG messages
-b, --branch=<branch> Git branch to use while cloning app repos
See 'abra help <subcommands>...' to read about a specific subcommand.
"
# docopt parser below, refresh this parser with `docopt.sh abra`
# shellcheck disable=2016,1075,2154
docopt() { parse() { if ${DOCOPT_DOC_CHECK:-true}; then local doc_hash
if doc_hash=$(printf "%s" "$DOC" | (sha256sum 2>/dev/null || shasum -a 256)); then
if [[ ${doc_hash:0:5} != "$digest" ]]; then
stderr "The current usage doc (${doc_hash:0:5}) does not match \
what the parser was generated with (${digest})
Run \`docopt.sh\` to refresh the parser."; _return 70; fi; fi; fi
local root_idx=$1; shift; argv=("$@"); parsed_params=(); parsed_values=()
left=(); testdepth=0; local arg; while [[ ${#argv[@]} -gt 0 ]]; do
if [[ ${argv[0]} = "--" ]]; then for arg in "${argv[@]}"; do
parsed_params+=('a'); parsed_values+=("$arg"); done; break
elif [[ ${argv[0]} = --* ]]; then parse_long
elif [[ ${argv[0]} = -* && ${argv[0]} != "-" ]]; then parse_shorts
elif ${DOCOPT_OPTIONS_FIRST:-false}; then for arg in "${argv[@]}"; do
parsed_params+=('a'); parsed_values+=("$arg"); done; break; else
parsed_params+=('a'); parsed_values+=("${argv[0]}"); argv=("${argv[@]:1}"); fi
done; local idx; if ${DOCOPT_ADD_HELP:-true}; then
for idx in "${parsed_params[@]}"; do [[ $idx = 'a' ]] && continue
if [[ ${shorts[$idx]} = "-h" || ${longs[$idx]} = "--help" ]]; then
stdout "$trimmed_doc"; _return 0; fi; done; fi
if [[ ${DOCOPT_PROGRAM_VERSION:-false} != 'false' ]]; then
for idx in "${parsed_params[@]}"; do [[ $idx = 'a' ]] && continue
if [[ ${longs[$idx]} = "--version" ]]; then stdout "$DOCOPT_PROGRAM_VERSION"
_return 0; fi; done; fi; local i=0; while [[ $i -lt ${#parsed_params[@]} ]]; do
left+=("$i"); ((i++)) || true; done
if ! required "$root_idx" || [ ${#left[@]} -gt 0 ]; then error; fi; return 0; }
parse_shorts() { local token=${argv[0]}; local value; argv=("${argv[@]:1}")
[[ $token = -* && $token != --* ]] || _return 88; local remaining=${token#-}
while [[ -n $remaining ]]; do local short="-${remaining:0:1}"
remaining="${remaining:1}"; local i=0; local similar=(); local match=false
for o in "${shorts[@]}"; do if [[ $o = "$short" ]]; then similar+=("$short")
[[ $match = false ]] && match=$i; fi; ((i++)) || true; done
if [[ ${#similar[@]} -gt 1 ]]; then
error "${short} is specified ambiguously ${#similar[@]} times"
elif [[ ${#similar[@]} -lt 1 ]]; then match=${#shorts[@]}; value=true
shorts+=("$short"); longs+=(''); argcounts+=(0); else value=false
if [[ ${argcounts[$match]} -ne 0 ]]; then if [[ $remaining = '' ]]; then
if [[ ${#argv[@]} -eq 0 || ${argv[0]} = '--' ]]; then
error "${short} requires argument"; fi; value=${argv[0]}; argv=("${argv[@]:1}")
else value=$remaining; remaining=''; fi; fi; if [[ $value = false ]]; then
value=true; fi; fi; parsed_params+=("$match"); parsed_values+=("$value"); done
}; parse_long() { local token=${argv[0]}; local long=${token%%=*}
local value=${token#*=}; local argcount; argv=("${argv[@]:1}")
[[ $token = --* ]] || _return 88; if [[ $token = *=* ]]; then eq='='; else eq=''
value=false; fi; local i=0; local similar=(); local match=false
for o in "${longs[@]}"; do if [[ $o = "$long" ]]; then similar+=("$long")
[[ $match = false ]] && match=$i; fi; ((i++)) || true; done
if [[ $match = false ]]; then i=0; for o in "${longs[@]}"; do
if [[ $o = $long* ]]; then similar+=("$long"); [[ $match = false ]] && match=$i
fi; ((i++)) || true; done; fi; if [[ ${#similar[@]} -gt 1 ]]; then
error "${long} is not a unique prefix: ${similar[*]}?"
elif [[ ${#similar[@]} -lt 1 ]]; then
[[ $eq = '=' ]] && argcount=1 || argcount=0; match=${#shorts[@]}
[[ $argcount -eq 0 ]] && value=true; shorts+=(''); longs+=("$long")
argcounts+=("$argcount"); else if [[ ${argcounts[$match]} -eq 0 ]]; then
if [[ $value != false ]]; then
error "${longs[$match]} must not have an argument"; fi
elif [[ $value = false ]]; then
if [[ ${#argv[@]} -eq 0 || ${argv[0]} = '--' ]]; then
error "${long} requires argument"; fi; value=${argv[0]}; argv=("${argv[@]:1}")
fi; if [[ $value = false ]]; then value=true; fi; fi; parsed_params+=("$match")
parsed_values+=("$value"); }; required() { local initial_left=("${left[@]}")
local node_idx; ((testdepth++)) || true; for node_idx in "$@"; do
if ! "node_$node_idx"; then left=("${initial_left[@]}"); ((testdepth--)) || true
return 1; fi; done; if [[ $((--testdepth)) -eq 0 ]]; then
left=("${initial_left[@]}"); for node_idx in "$@"; do "node_$node_idx"; done; fi
return 0; }; either() { local initial_left=("${left[@]}"); local best_match_idx
local match_count; local node_idx; ((testdepth++)) || true
for node_idx in "$@"; do if "node_$node_idx"; then
if [[ -z $match_count || ${#left[@]} -lt $match_count ]]; then
best_match_idx=$node_idx; match_count=${#left[@]}; fi; fi
left=("${initial_left[@]}"); done; ((testdepth--)) || true
if [[ -n $best_match_idx ]]; then "node_$best_match_idx"; return 0; fi
left=("${initial_left[@]}"); return 1; }; optional() { local node_idx
for node_idx in "$@"; do "node_$node_idx"; done; return 0; }; oneormore() {
local i=0; local prev=${#left[@]}; while "node_$1"; do ((i++)) || true
[[ $prev -eq ${#left[@]} ]] && break; prev=${#left[@]}; done
if [[ $i -ge 1 ]]; then return 0; fi; return 1; }; _command() { local i
local name=${2:-$1}; for i in "${!left[@]}"; do local l=${left[$i]}
if [[ ${parsed_params[$l]} = 'a' ]]; then
if [[ ${parsed_values[$l]} != "$name" ]]; then return 1; fi
left=("${left[@]:0:$i}" "${left[@]:((i+1))}")
[[ $testdepth -gt 0 ]] && return 0; if [[ $3 = true ]]; then
eval "((var_$1++)) || true"; else eval "var_$1=true"; fi; return 0; fi; done
return 1; }; switch() { local i; for i in "${!left[@]}"; do local l=${left[$i]}
if [[ ${parsed_params[$l]} = "$2" ]]; then
left=("${left[@]:0:$i}" "${left[@]:((i+1))}")
[[ $testdepth -gt 0 ]] && return 0; if [[ $3 = true ]]; then
eval "((var_$1++))" || true; else eval "var_$1=true"; fi; return 0; fi; done
return 1; }; value() { local i; for i in "${!left[@]}"; do local l=${left[$i]}
if [[ ${parsed_params[$l]} = "$2" ]]; then
left=("${left[@]:0:$i}" "${left[@]:((i+1))}")
[[ $testdepth -gt 0 ]] && return 0; local value
value=$(printf -- "%q" "${parsed_values[$l]}"); if [[ $3 = true ]]; then
eval "var_$1+=($value)"; else eval "var_$1=$value"; fi; return 0; fi; done
return 1; }; stdout() { printf -- "cat <<'EOM'\n%s\nEOM\n" "$1"; }; stderr() {
printf -- "cat <<'EOM' >&2\n%s\nEOM\n" "$1"; }; error() {
[[ -n $1 ]] && stderr "$1"; stderr "$usage"; _return 1; }; _return() {
printf -- "exit %d\n" "$1"; exit "$1"; }; set -e; trimmed_doc=${DOC:1:2037}
usage=${DOC:40:1501}; digest=a1dde
shorts=(-U -e -h -s -v -b -d -C '' '' '' '' '' '' '' '' '' '' '' '' '' '')
longs=(--skip-update --env --help --stack --verbose --branch --debug --skip-check --status --server --type --domain --app-name --pass --secrets --all --update --force --volumes --no-tty --user --dev)
argcounts=(0 1 0 1 0 1 0 0 0 1 1 1 1 0 0 0 0 0 0 0 1 0); node_0(){
switch __skip_update 0; }; node_1(){ value __env 1; }; node_2(){ switch __help 2
}; node_3(){ value __stack 3; }; node_4(){ switch __verbose 4; }; node_5(){
value __branch 5; }; node_6(){ switch __debug 6; }; node_7(){
switch __skip_check 7; }; node_8(){ switch __status 8; }; node_9(){
value __server 9; }; node_10(){ value __type 10; }; node_11(){ value __domain 11
}; node_12(){ value __app_name 12; }; node_13(){ switch __pass 13; }; node_14(){
switch __secrets 14; }; node_15(){ switch __all 15; }; node_16(){
switch __update 16; }; node_17(){ switch __force 17; }; node_18(){
switch __volumes 18; }; node_19(){ switch __no_tty 19; }; node_20(){
value __user 20; }; node_21(){ switch __dev 21; }; node_22(){ value _type_ a; }
node_23(){ value _app_ a; }; node_24(){ value _service_ a; }; node_25(){
value _src_ a; }; node_26(){ value _dst_ a; }; node_27(){ value _backup_file_ a
}; node_28(){ value _args_ a true; }; node_29(){ value _secret_ a; }; node_30(){
value _version_ a; }; node_31(){ value _cmd_ a; }; node_32(){ value _data_ a; }
node_33(){ value _command_ a; }; node_34(){ value _host_ a; }; node_35(){
value _user_ a; }; node_36(){ value _port_ a; }; node_37(){ value _provider_ a
}; node_38(){ value _subcommands_ a true; }; node_39(){ _command app; }
node_40(){ _command list; }; node_41(){ _command ls; }; node_42(){ _command new
}; node_43(){ _command backup; }; node_44(){ _command deploy; }; node_45(){
_command check; }; node_46(){ _command config; }; node_47(){ _command cp; }
node_48(){ _command logs; }; node_49(){ _command ps; }; node_50(){
_command restore; }; node_51(){ _command rm; }; node_52(){ _command delete; }
node_53(){ _command run; }; node_54(){ _command rollback; }; node_55(){
_command secret; }; node_56(){ _command generate; }; node_57(){ _command insert
}; node_58(){ _command undeploy; }; node_59(){ _command server; }; node_60(){
_command add; }; node_61(){ _command init; }; node_62(){ _command apps; }
node_63(){ _command upgrade; }; node_64(){ _command version; }; node_65(){
_command help; }; node_66(){ optional 0 1 2 3 4 5 6 7; }; node_67(){ optional 66
}; node_68(){ either 40 41; }; node_69(){ required 68; }; node_70(){ optional 8
}; node_71(){ optional 9; }; node_72(){ optional 10; }; node_73(){
required 67 39 69 70 71 72; }; node_74(){ optional 11; }; node_75(){ optional 12
}; node_76(){ optional 13; }; node_77(){ optional 14; }; node_78(){
required 67 39 42 71 74 75 76 77 22; }; node_79(){ either 24 15; }; node_80(){
required 79; }; node_81(){ required 67 39 23 43 80; }; node_82(){ optional 16; }
node_83(){ optional 17; }; node_84(){ required 67 39 23 44 82 83; }; node_85(){
required 67 39 23 45; }; node_86(){ required 67 39 23 46; }; node_87(){
required 67 39 23 47 25 26; }; node_88(){ optional 24; }; node_89(){
required 67 39 23 48 88; }; node_90(){ required 67 39 23 49; }; node_91(){
required 67 39 23 50 80; }; node_92(){ either 51 52; }; node_93(){ required 92
}; node_94(){ optional 18; }; node_95(){ required 67 39 23 93 83 94 77; }
node_96(){ optional 27; }; node_97(){ required 67 39 23 50 24 96; }; node_98(){
optional 19; }; node_99(){ optional 20; }; node_100(){ oneormore 28; }
node_101(){ required 67 39 23 53 98 99 24 100; }; node_102(){
required 67 39 23 54 24; }; node_103(){ required 29 30; }; node_104(){
either 103 15; }; node_105(){ required 104; }; node_106(){ optional 31; }
node_107(){ required 67 39 23 55 56 105 106 76; }; node_108(){
required 67 39 23 55 57 29 30 32 76; }; node_109(){ either 29 15; }; node_110(){
required 109; }; node_111(){ required 67 39 23 55 93 110 76 83; }; node_112(){
required 67 39 23 58 83; }; node_113(){ optional 100; }; node_114(){
required 67 39 23 33 113; }; node_115(){ optional 35; }; node_116(){ optional 36
}; node_117(){ required 67 59 60 34 115 116; }; node_118(){ required 67 59 42 37
}; node_119(){ required 67 59 69; }; node_120(){ required 67 59 34 51; }
node_121(){ required 67 59 34 61; }; node_122(){ required 67 59 34 62 70; }
node_123(){ optional 21; }; node_124(){ required 67 63 123; }; node_125(){
required 67 64; }; node_126(){ oneormore 38; }; node_127(){ optional 126; }
node_128(){ required 67 65 127; }; node_129(){ required 67; }; node_130(){
either 73 78 81 84 85 86 87 89 90 91 95 97 101 102 107 108 111 112 114 117 118 119 120 121 122 124 125 128 129
}; node_131(){ required 130; }; cat <<<' docopt_exit() {
[[ -n $1 ]] && printf "%s\n" "$1" >&2; printf "%s\n" "${DOC:40:1501}" >&2
exit 1; }'; unset var___skip_update var___env var___help var___stack \
var___verbose var___branch var___debug var___skip_check var___status \
var___server var___type var___domain var___app_name var___pass var___secrets \
var___all var___update var___force var___volumes var___no_tty var___user \
var___dev var__type_ var__app_ var__service_ var__src_ var__dst_ \
var__backup_file_ var__args_ var__secret_ var__version_ var__cmd_ var__data_ \
var__command_ var__host_ var__user_ var__port_ var__provider_ \
var__subcommands_ var_app var_list var_ls var_new var_backup var_deploy \
var_check var_config var_cp var_logs var_ps var_restore var_rm var_delete \
var_run var_rollback var_secret var_generate var_insert var_undeploy \
var_server var_add var_init var_apps var_upgrade var_version var_help
parse 131 "$@"; local prefix=${DOCOPT_PREFIX:-''}
unset "${prefix}__skip_update" "${prefix}__env" "${prefix}__help" \
"${prefix}__stack" "${prefix}__verbose" "${prefix}__branch" "${prefix}__debug" \
"${prefix}__skip_check" "${prefix}__status" "${prefix}__server" \
"${prefix}__type" "${prefix}__domain" "${prefix}__app_name" "${prefix}__pass" \
"${prefix}__secrets" "${prefix}__all" "${prefix}__update" "${prefix}__force" \
"${prefix}__volumes" "${prefix}__no_tty" "${prefix}__user" "${prefix}__dev" \
"${prefix}_type_" "${prefix}_app_" "${prefix}_service_" "${prefix}_src_" \
"${prefix}_dst_" "${prefix}_backup_file_" "${prefix}_args_" \
"${prefix}_secret_" "${prefix}_version_" "${prefix}_cmd_" "${prefix}_data_" \
"${prefix}_command_" "${prefix}_host_" "${prefix}_user_" "${prefix}_port_" \
"${prefix}_provider_" "${prefix}_subcommands_" "${prefix}app" "${prefix}list" \
"${prefix}ls" "${prefix}new" "${prefix}backup" "${prefix}deploy" \
"${prefix}check" "${prefix}config" "${prefix}cp" "${prefix}logs" "${prefix}ps" \
"${prefix}restore" "${prefix}rm" "${prefix}delete" "${prefix}run" \
"${prefix}rollback" "${prefix}secret" "${prefix}generate" "${prefix}insert" \
"${prefix}undeploy" "${prefix}server" "${prefix}add" "${prefix}init" \
"${prefix}apps" "${prefix}upgrade" "${prefix}version" "${prefix}help"
eval "${prefix}"'__skip_update=${var___skip_update:-false}'
eval "${prefix}"'__env=${var___env:-}'
eval "${prefix}"'__help=${var___help:-false}'
eval "${prefix}"'__stack=${var___stack:-}'
eval "${prefix}"'__verbose=${var___verbose:-false}'
eval "${prefix}"'__branch=${var___branch:-}'
eval "${prefix}"'__debug=${var___debug:-false}'
eval "${prefix}"'__skip_check=${var___skip_check:-false}'
eval "${prefix}"'__status=${var___status:-false}'
eval "${prefix}"'__server=${var___server:-}'
eval "${prefix}"'__type=${var___type:-}'
eval "${prefix}"'__domain=${var___domain:-}'
eval "${prefix}"'__app_name=${var___app_name:-}'
eval "${prefix}"'__pass=${var___pass:-false}'
eval "${prefix}"'__secrets=${var___secrets:-false}'
eval "${prefix}"'__all=${var___all:-false}'
eval "${prefix}"'__update=${var___update:-false}'
eval "${prefix}"'__force=${var___force:-false}'
eval "${prefix}"'__volumes=${var___volumes:-false}'
eval "${prefix}"'__no_tty=${var___no_tty:-false}'
eval "${prefix}"'__user=${var___user:-}'
eval "${prefix}"'__dev=${var___dev:-false}'
eval "${prefix}"'_type_=${var__type_:-}'; eval "${prefix}"'_app_=${var__app_:-}'
eval "${prefix}"'_service_=${var__service_:-}'
eval "${prefix}"'_src_=${var__src_:-}'; eval "${prefix}"'_dst_=${var__dst_:-}'
eval "${prefix}"'_backup_file_=${var__backup_file_:-}'
if declare -p var__args_ >/dev/null 2>&1; then
eval "${prefix}"'_args_=("${var__args_[@]}")'; else eval "${prefix}"'_args_=()'
fi; eval "${prefix}"'_secret_=${var__secret_:-}'
eval "${prefix}"'_version_=${var__version_:-}'
eval "${prefix}"'_cmd_=${var__cmd_:-}'; eval "${prefix}"'_data_=${var__data_:-}'
eval "${prefix}"'_command_=${var__command_:-}'
eval "${prefix}"'_host_=${var__host_:-}'
eval "${prefix}"'_user_=${var__user_:-}'
eval "${prefix}"'_port_=${var__port_:-}'
eval "${prefix}"'_provider_=${var__provider_:-}'
if declare -p var__subcommands_ >/dev/null 2>&1; then
eval "${prefix}"'_subcommands_=("${var__subcommands_[@]}")'; else
eval "${prefix}"'_subcommands_=()'; fi; eval "${prefix}"'app=${var_app:-false}'
eval "${prefix}"'list=${var_list:-false}'; eval "${prefix}"'ls=${var_ls:-false}'
eval "${prefix}"'new=${var_new:-false}'
eval "${prefix}"'backup=${var_backup:-false}'
eval "${prefix}"'deploy=${var_deploy:-false}'
eval "${prefix}"'check=${var_check:-false}'
eval "${prefix}"'config=${var_config:-false}'
eval "${prefix}"'cp=${var_cp:-false}'; eval "${prefix}"'logs=${var_logs:-false}'
eval "${prefix}"'ps=${var_ps:-false}'
eval "${prefix}"'restore=${var_restore:-false}'
eval "${prefix}"'rm=${var_rm:-false}'
eval "${prefix}"'delete=${var_delete:-false}'
eval "${prefix}"'run=${var_run:-false}'
eval "${prefix}"'rollback=${var_rollback:-false}'
eval "${prefix}"'secret=${var_secret:-false}'
eval "${prefix}"'generate=${var_generate:-false}'
eval "${prefix}"'insert=${var_insert:-false}'
eval "${prefix}"'undeploy=${var_undeploy:-false}'
eval "${prefix}"'server=${var_server:-false}'
eval "${prefix}"'add=${var_add:-false}'
eval "${prefix}"'init=${var_init:-false}'
eval "${prefix}"'apps=${var_apps:-false}'
eval "${prefix}"'upgrade=${var_upgrade:-false}'
eval "${prefix}"'version=${var_version:-false}'
eval "${prefix}"'help=${var_help:-false}'; local docopt_i=1
[[ $BASH_VERSION =~ ^4.3 ]] && docopt_i=2; for ((;docopt_i>0;docopt_i--)); do
declare -p "${prefix}__skip_update" "${prefix}__env" "${prefix}__help" \
"${prefix}__stack" "${prefix}__verbose" "${prefix}__branch" "${prefix}__debug" \
"${prefix}__skip_check" "${prefix}__status" "${prefix}__server" \
"${prefix}__type" "${prefix}__domain" "${prefix}__app_name" "${prefix}__pass" \
"${prefix}__secrets" "${prefix}__all" "${prefix}__update" "${prefix}__force" \
"${prefix}__volumes" "${prefix}__no_tty" "${prefix}__user" "${prefix}__dev" \
"${prefix}_type_" "${prefix}_app_" "${prefix}_service_" "${prefix}_src_" \
"${prefix}_dst_" "${prefix}_backup_file_" "${prefix}_args_" \
"${prefix}_secret_" "${prefix}_version_" "${prefix}_cmd_" "${prefix}_data_" \
"${prefix}_command_" "${prefix}_host_" "${prefix}_user_" "${prefix}_port_" \
"${prefix}_provider_" "${prefix}_subcommands_" "${prefix}app" "${prefix}list" \
"${prefix}ls" "${prefix}new" "${prefix}backup" "${prefix}deploy" \
"${prefix}check" "${prefix}config" "${prefix}cp" "${prefix}logs" "${prefix}ps" \
"${prefix}restore" "${prefix}rm" "${prefix}delete" "${prefix}run" \
"${prefix}rollback" "${prefix}secret" "${prefix}generate" "${prefix}insert" \
"${prefix}undeploy" "${prefix}server" "${prefix}add" "${prefix}init" \
"${prefix}apps" "${prefix}upgrade" "${prefix}version" "${prefix}help"; done; }
# docopt parser above, complete command for generating this parser is `docopt.sh abra`
PROGRAM_NAME=$(basename "$0")
#######################################
# Helpers
#######################################
###### Utility functions
error() {
echo "$(tput setaf 1)ERROR: $*$(tput sgr0)"
exit 1
}
warning() {
echo "$(tput setaf 3)WARNING: $*$(tput sgr0)"
}
success() {
echo "$(tput setaf 2)SUCCESS: $*$(tput sgr0)"
}
info() {
if [ "$abra___verbose" = "false" ] && [ "$abra___debug" = "false" ]; then
return
fi
echo "$(tput setaf 4)INFO: $*$(tput sgr0)"
}
debug() {
if [ "$abra___debug" = "false" ]; then
return
fi
echo "$(tput setaf 13)DEBUG: $*$(tput sgr0)"
}
# 3wc: temporarily disable debug and verbose
silence() {
# FIXME 3wc: required otherwise we get debug output in the password
_abra___debug="$abra___debug"
_abra___verbose="$abra___verbose"
abra___verbose="false"
abra___debug="false"
}
unsilence() {
# FIXME 3wc: required otherwise we get debug output in the password
abra___verbose="$_abra___verbose"
abra___debug="$_abra___debug"
}
###### Default settings
if [ -z "$COMPOSE_FILE" ]; then
COMPOSE_FILE="compose.yml"
fi
###### Safety checks
require_bash_4() {
# we're using things like `mapfile` which require bash 4+
if ! bash -c '[[ $BASH_VERSION > 4.0 ]]'; then
error "bash version '$BASH_VERSION' is too old, 4 or newer required"
fi
}
require_pwqgen() {
if ! type pwqgen > /dev/null 2>&1; then
error "pwqgen program is not installed"
fi
}
require_wget() {
if ! type wget > /dev/null 2>&1; then
error "wget program is not installed"
fi
}
require_abra_dir() {
mkdir -p "$ABRA_DIR"
}
require_vendor_dir() {
mkdir -p "$ABRA_VENDOR_DIR"
}
require_consent_for_update() {
if [ "$CONSENT_TO_UPDATE" = "false" ]; then
error "A new app state will be deployed! Please use --update to consent"
fi
}
require_app_latest() {
APP="$1"
APP_DIR="$ABRA_DIR/apps/$APP"
BRANCH="${abra___branch:-master}"
debug "Checking for type '$APP'"
if [ ! -d "$APP_DIR" ]; then
warning "The app type '$APP' was not found, fetching via Git"
if ! git clone --branch "$BRANCH" "$GIT_URL/$APP.git" "$ABRA_DIR/apps/$APP" > /dev/null 2>&1 ; then
error "Could not retrieve app type '$APP', this app type doesn't exist?"
fi
success "Fetched app configuration via Git (branch: $BRANCH)"
fi
debug "Using $APP_DIR"
if [ "$abra___skip_update" = "false" ]; then
debug "Pulling latest '$APP' definition via git"
(cd "$APP_DIR" && git pull > /dev/null 2>&1)
fi
}
require_yq() {
require_vendor_dir
require_wget
YQ_VERSION="4.6.1"
YQ_BINARY="yq_linux_amd64"
YQ_RELEASE_URL="https://github.com/mikefarah/yq/releases/download/v${YQ_VERSION}/${YQ_BINARY}"
if [ -f "$YQ" ]; then
debug "yq is already vendored"
return
fi
case $(uname -m) in
x86_64)
warning "Attempting to download the yq binary into $ABRA_VENDOR_DIR"
wget -q "$YQ_RELEASE_URL" && chmod +x "$YQ_BINARY" && mv "$YQ_BINARY" "$YQ"
success "yq is now vendored ☮"
;;
*)
error "Unable to automatically vendor yq, you'll have to manually manage this\n
Please see https://mikefarah.gitbook.io/yq/#install and place the yq binary in the $YQ path"
;;
esac
}
# FIXME 3wc: update or remove
if [ -z "$ABRA_ENV" ] && [ -f .env ] && type direnv > /dev/null 2>&1 && ! direnv status | grep -q 'Found RC allowed true'; then
error "direnv is blocked, run direnv allow"
fi
###### Run-time loading
load_abra_sh() {
if [ -f abra.sh ]; then
# shellcheck disable=SC1091
source abra.sh
info "Loading abra.sh"
fi
if [ -n "$abra__app_" ]; then
require_app_latest "$TYPE"
fi
if [ -f "$APP_DIR/abra.sh" ]; then
info "Loading $APP_DIR/abra.sh"
# shellcheck disable=SC1090,SC1091
source "$APP_DIR/abra.sh"
fi
}
output_version_summary() {
echo " Versions:"
CONSENT_TO_UPDATE=$abra___update
FORCE_DEPLOY=$abra___force
local -a IS_AN_UPDATE="false"
local -a UNABLE_TO_DETECT="false"
local -a UNDEPLOYED_STATE="false"
local -a CHECKED_SERVICES # array
if ! docker stack ls --format "{{ .Name }}" | grep -q "$STACK_NAME"; then
UNDEPLOYED_STATE="true"
fi
IFS=':' read -ra COMPOSE_FILES <<< "$COMPOSE_FILE"
for COMPOSE in "${COMPOSE_FILES[@]}"; do
SERVICES=$($YQ e '.services | keys | .[]' "${APP_DIR}/${COMPOSE}")
for SERVICE in $SERVICES; do
if [[ ${CHECKED_SERVICES[*]} =~ ${SERVICE} ]]; then
debug "already inspected ${STACK_NAME}_${SERVICE} for versions, skipping..."
continue
fi
filter="{{index .Spec.Labels \"coop-cloud.$STACK_NAME.$SERVICE.version\" }}"
label=$(docker service inspect -f "$filter" "${STACK_NAME}_${SERVICE}" 2>/dev/null)
live_version=$(echo "$label" | cut -d- -f1)
live_digest=$(echo "$label" | cut -d- -f2)
if [ -n "$live_version" ] && [ -n "$live_digest" ]; then
image=$($YQ e ".services.${SERVICE}.image" "${APP_DIR}/${COMPOSE}" | cut -d':' -f1)
echo " ${STACK_NAME}_${SERVICE} (${image}):"
echo " deployed: $(tput setaf 2)$live_version ($live_digest)$(tput sgr0)"
app_version_lookup="ABRA_TYPE_${SERVICE^^}_VERSION"
app_version=${!app_version_lookup}
app_digest_lookup="ABRA_TYPE_${SERVICE^^}_DIGEST"
app_digest=${!app_digest_lookup}
if [ "$live_version" != "$app_version" ] || [ "$live_digest" != "$app_digest" ]; then
IS_AN_UPDATE="true"
echo " to de deployed: $(tput setaf 1)$app_version ($app_digest)$(tput sgr0)"
fi
else
if [[ $UNDEPLOYED_STATE == "true" ]]; then
image=$($YQ e ".services.${SERVICE}.image" "${APP_DIR}/${COMPOSE}" | cut -d':' -f1)
echo " ${STACK_NAME}_${SERVICE} (${image}):"
echo " undeployed!"
else
warning "Unable to detect deployed version of ${STACK_NAME}_${SERVICE}, please proceed with caution"
UNABLE_TO_DETECT="true"
fi
fi
CHECKED_SERVICES+=("$SERVICE")
done
done
if [[ $IS_AN_UPDATE == "true" ]] && [[ $FORCE_DEPLOY != "true" ]]; then
require_consent_for_update
else
if [[ ! $UNABLE_TO_DETECT == "true" ]] && [[ $FORCE_DEPLOY != "true" ]] && [[ ! $UNDEPLOYED_STATE == "true" ]]; then
success "Nothing to deploy, you're on latest (use --force to re-deploy anyway)"
exit 0
fi
fi
}
###### FIXME 3wc: name this section
get_servers() {
shopt -s nullglob dotglob
# shellcheck disable=SC2206
SERVERS=($ABRA_DIR/servers/*)
shopt -u nullglob dotglob
}
get_app_secrets() {
# FIXME 3wc: requires bash 4, use for loop instead
mapfile -t PASSWORDS < <(grep "SECRET.*VERSION.*" "$ENV_FILE")
}
load_instance() {
APP="$abra__app_"
# load all files matching "$APP.env" into ENV_FILES array
mapfile -t ENV_FILES < <(find -L "$ABRA_DIR" -name "$APP.env")
# FIXME 3wc: requires bash 4, use for loop instead
case "${#ENV_FILES[@]}" in
1 ) ;;
0 ) error "Can't find app '$APP'"; return;;
* ) error "Found $APP in multiple servers: ${ENV_FILES[*]}"; return;;
esac
ENV_FILE="${ENV_FILES[0]}"
debug "Selected ENV_FILE $ENV_FILE"
if [ ! -f "$ENV_FILE" ]; then
error "Can't open ENV_FILE '$ENV_FILE'"
fi
# split up the path by "/"
IFS='/' read -r -a PARTS <<< "$ENV_FILE"
SERVER="${PARTS[-2]}"
export STACK_NAME="${APP//./_}"
debug "Using ${STACK_NAME} as the STACK_NAME var"
}
load_instance_env() {
# 3wc: using set -a means we don't need `export` in the env files
set -a
# shellcheck disable=SC1090
source "$ENV_FILE"
set +a
debug "Loaded variables from $ENV_FILE"
if [ -z "$TYPE" ]; then
error "TYPE not set, maybe $ENV_FILE is using an old format?"
fi
APP_DIR="$ABRA_DIR/apps/$TYPE"
export DOCKER_CONTEXT="$SERVER"
info "Setting DOCKER_CONTEXT=$DOCKER_CONTEXT"
export DOMAIN
}
load_context() {
# Load current context from env or Docker
if [ -z "$DOCKER_CONTEXT" ]; then
warning "\$DOCKER_CONTEXT not set, (slowly) looking it up"
# shellcheck disable=SC2063
DOCKER_CONTEXT=$(docker context ls | grep '*' | cut -d' ' -f1)
# make sure grep doesn't parse this, we want a literal '*'
fi
}
prompt_confirm() {
read -rp "Continue? (y/[n])? " choice
case "$choice" in
y|Y ) return ;;
* ) exit;;
esac
}
parse_secret() {
SECRET="$1"
if [[ "$SECRET" == *"length"* ]]; then
# shellcheck disable=SC2001
abra__length_="$(echo "$SECRET" | sed -e 's/.*[^0-9]\([0-9]\+\)[^0-9]*$/\1/')"
else
# Note(decentral1se): unset this so that a length value from another secret
# definition does not get passed on to another secret generation flow
unset abra__length_
fi
abra__secret_="${SECRET%_VERSION=*}" # strip _VERSION=v1
abra__secret_="${abra__secret_#SECRET_}" # strip SECRET_
abra__secret_="${abra__secret_,,}" # lowercase
abra__version_="$(echo "$SECRET" | sed -n 's/.*\(v[0-9]\).*/\1/p')"
if [[ -n "$abra__length_" ]]; then
echo "Generating $abra__secret_, version: $abra__version_, length: $abra__length_"
else
echo "Generating $abra__secret_, version: $abra__version_"
fi
sub_app_secret_generate
}
stack_logs (){
# Note(decentral1se): see https://github.com/moby/moby/issues/31458#issuecomment-617871046
STACK="$1"
services=$(docker stack services "${STACK}" --format "{{.ID}}")
# shellcheck disable=SC2154
trap 'jobs=$(jobs -p) && test -n "$jobs" && kill $jobs' EXIT
for item in ${services//\\n/$'\n'}; do
docker service logs -f -t --tail 10 "$item" &
done
sleep infinity
}
auto_gen_secrets (){
get_app_secrets
if [ "${#PASSWORDS[@]}" -eq 0 ]; then
error "No secrets found in $ENV_FILE"
fi
for PASSWORD in "${PASSWORDS[@]}"; do
parse_secret "$PASSWORD"
done
}
#######################################
# abra app ..
#######################################
###### .. app ls
help_app_ls (){
help_app_list
}
sub_app_ls (){
sub_app_list
}
help_app_list (){
echo "abra [options] app (list|ls) [--status] [--server=<server>] [--type=<type>]
List your exciting apps.
OPTIONS
--status Show whether apps are deployed (warning! slow!)
--server=<server> Only show apps on a specific server
--type=<type> Only show apps of the given type
POWERED BY (for --status)
docker stack ls"
}
sub_app_list (){
SERVER="$abra___server"
if [ -z "$SERVER" ]; then
SERVER='*'
fi
shopt -s nullglob dotglob
# shellcheck disable=SC2206
ENV_FILES=($ABRA_DIR/servers/$SERVER/*.env)
shopt -u nullglob dotglob
STATUS="$( [[ $abra___status == "true" ]] && echo "Y" )"
if [ -n "$STATUS" ]; then
if [ "$SERVER" = "*" ]; then
get_servers
else
SERVERS=( "$SERVER" )
fi
local -a DEPLOYED_APPS # array
local -a CHECKED_SERVERS # array
warning "Loading status from ${#SERVERS[@]} server(s), patience advised.."
for SERVER in "${SERVERS[@]}"; do
SERVER="${SERVER##*/}" # basename
mapfile -t SERVER_APPS < <(DOCKER_CONTEXT="$SERVER" docker stack ls --format '{{ .Name }}' 2>/dev/null)
# add $SERVER~ to the start of each DEPLOYED_APPS
DEPLOYED_APPS+=("${SERVER_APPS[@]/#/$SERVER~}")
done
fi
# FIXME 3wc: doesn't take into account --type filtering
printf "%s lovely apps:\n\n" "${#ENV_FILES[@]}"
for i in "${!ENV_FILES[@]}"; do
# Output header inside the loop, so it's included in the pipe to `column`
if [ "$i" == 0 ]; then
printf " DOMAIN\tTYPE\tSERVER%s%s\n" "${STATUS:+ }" "${STATUS:+STATUS}"
printf " --\t--\t--%s\n" "${STATUS:+ --}"
fi
local ENV_FILE="${ENV_FILES[$i]}" APP_STACK_NAME
IFS='/' read -r -a PARTS <<< "$ENV_FILE"
FILE="${PARTS[-1]}"
SERVER="${PARTS[-2]}"
DOMAIN="${FILE%.env}"
set -a
# shellcheck disable=SC1090
TYPE="$(source "$ENV_FILE" && echo "$TYPE")"
# shellcheck disable=SC1090
APP_STACK_NAME="$(source "$ENV_FILE" && echo "$STACK_NAME")"
set +a
if [ "$abra___type" != "" ] && [ "$abra___type" != "$TYPE" ]; then
continue
fi
if [ -z "$APP_STACK_NAME" ]; then
APP_STACK_NAME="${DOMAIN//./_}"
fi
if [ -n "$STATUS" ]; then
APP_STATUS=$( printf '%s\n' "${DEPLOYED_APPS[@]}" | grep -qP "^${SERVER}~${APP_STACK_NAME}$" && echo "deployed" || echo "inactive")
if [[ "$APP_STATUS" == "inactive" ]] && [[ ! ${CHECKED_SERVERS[*]} =~ ${SERVER} ]]; then
CHECKED_SERVERS+=("$SERVER")
if ! docker context inspect "$SERVER" > /dev/null 2>&1; then
APP_STATUS="unknown"
fi
fi
fi
printf " %s\t%s\t%s%s\n" "$DOMAIN" "$TYPE" "$SERVER" "${STATUS:+ }${APP_STATUS}"
done | column -s' ' -t
# Align table `-t` based on tab characters -s`^V<Tab>`
}
###### .. app new
help_app_new (){
echo "abra [options] app new [--app-name=<app_name>] [--server=<server>] [--domain=<domain>] [--pass] [--secrets] <type>
Create a new app of <type> (e.g. wordpress or custom-html).
OPTIONS
--server=<server> Specify which server to use (default: prompt)
--domain=<domain> Set the domain name (default: prompt)
--app-name=<app-name> Set the app name (default: prompt)
--secrets Auto-generate secrets (default: no)
--pass Store generated secrets in pass (default: no)"
}
sub_app_new (){
shopt -s extglob
require_abra_dir
get_servers
# decentral1se: we are overloading the use of the word "app" in the
# command-line interface to mean two things -- in the code, we differentiate
# between them as $APP ("an instance of an app") and $TYPE ("a kind of app")
TYPE=$abra__type_
SERVER=$abra___server
DOMAIN=$abra___domain
APP_NAME=$abra___app_name
require_app_latest "$TYPE"
if [ -z "$SERVER" ]; then
echo "Where would you like to put $TYPE?"
select SERVER_ITEM in "${SERVERS[@]##*/}"; do
if [ 1 -le "$REPLY" ] && [ "$REPLY" -le ${#SERVERS[@]} ]; then
SERVER="$SERVER_ITEM"
success "Selected server ${SERVER}"
break
fi
done
fi
SERVER="$ABRA_DIR/servers/$SERVER"
if [ ! -d "$SERVER" ]; then
error "Server '$SERVER' not found"
fi
APP_DIR="$ABRA_DIR/apps/$TYPE"
if [ -z "$DOMAIN" ]; then
read -rp "Domain name: " DOMAIN
fi
if [ -z "$APP_NAME" ]; then
# e.g.:
# TYPE=custom-html, DOMAIN=foo.bar-baz.com
# -> custom_html_foo_bar_baz_com
DEFAULT_NAME="${TYPE/-/_}_${DOMAIN//+([.-])/_}"
# truncate to 45 chars (see below)
DEFAULT_NAME="${DEFAULT_NAME:0:45}"
# and remove trailing _
DEFAULT_NAME="${DEFAULT_NAME%%_}"
read -rp "App name [$DEFAULT_NAME]: " APP_NAME
if [ -z "$APP_NAME" ]; then
APP_NAME="$DEFAULT_NAME"
fi
fi
if [ ${#APP_NAME} -gt 45 ]; then
# 3wc: Docker won't create secret names > 64 characters -- setting a
# 45-character limit here is enough for all our secrets so far.
error "$APP_NAME cannot be longer than 45 characters in length"
fi
ENV_FILE="$SERVER/$APP_NAME.env"
if [ -f "$ENV_FILE" ]; then
error "$ENV_FILE already exists"
fi
cp "$APP_DIR/.env.sample" "$ENV_FILE"
sed -i "s/$TYPE\.example\.com/$DOMAIN/g" "$ENV_FILE"
sed -i "s/example\.com/$DOMAIN/g" "$ENV_FILE"
abra__app_="$APP_NAME"
get_app_secrets
if [ "$abra___secrets" == "true" ]; then
if [ "${#PASSWORDS[@]}" -eq 0 ]; then
warning "--secrets provided but no secrets found"
fi
auto_gen_secrets
fi
echo "$(tput setaf 4)Your new '$TYPE' is ready for action:$(tput sgr0)"
echo " $(tput setaf 3)Customise the configuration:"
echo " abra app $APP_NAME config$(tput sgr0)"
echo " $(tput setaf 2)Deploy it:"
echo " abra app $APP_NAME deploy$(tput sgr0)"
}
###### .. app backup
sub_app_backup (){
require_app_latest "$TYPE"
# Add _<service> if it's defined
FUNCTION="abra_backup${abra__service_:+_}$abra__service_"
if ! type "$FUNCTION" > /dev/null 2>&1; then
error "'$TYPE' doesn't know how to do ${abra__service_}${abra__service_:+ }backups."\
"See $GIT_URL$TYPE/issues/"
fi
mkdir -p "$ABRA_DIR/backups"
$FUNCTION
}
###### .. app restore
sub_app_restore (){
require_app_latest "$TYPE"
FUNCTION="abra_restore_$abra__service_"
if ! type "$FUNCTION" > /dev/null 2>&1; then
error "'$TYPE' doesn't know how to restore '${abra__service_}' backups."\
"See $GIT_URL$TYPE/issues/"
fi
$FUNCTION "$abra__backup_file_"
}
###### backup utility functions
# Usage: _abra_backup_dir service:/path/to/src
_abra_backup_dir() {
{
abra__src_="$1"
abra__dst_="-"
}
# shellcheck disable=SC2154
FILENAME="$ABRA_BACKUP_DIR/${abra__app_}_$(basename "$1")_$(date +%F).tar.gz"
debug "Copying '$1' to '$FILENAME'"
silence
sub_app_cp | gzip > "$FILENAME"
success "Backed up '$1' to $FILENAME"
unsilence
}
_abra_backup_db_prep() {
# shellcheck disable=SC2034
abra__service_="$1"
# 3wc: necessary because $abra__service_ won't be set if we're coming from
# `abra_backup`, i.e. `abra app ... backup --all`
# What's the name of the Docker secret? Default to db_root_password
DB_PASSWORD_NAME=${4:-db_root_password}
debug "Looking up secret '$DB_PASSWORD_NAME'"
silence
DB_PASSWORD="$(sub_app_run cat "/run/secrets/$DB_PASSWORD_NAME")"
unsilence
# 3wc: strip newline \r from variable
DB_PASSWORD="${DB_PASSWORD//$'\015'}"
# shellcheck disable=SC2154
FILENAME="$ABRA_BACKUP_DIR/${abra__app_}_$(date +%F).sql.gz"
}
# usage: _abra_backup_postgres <service> <database> [<user> <secret name>]
_abra_backup_postgres() {
_abra_backup_db_prep "$@"
debug "Running pg_dump to '$FILENAME'"
silence
# shellcheck disable=SC2034
PGPASSWORD="$DB_PASSWORD"
sub_app_run pg_dump -U "${3:-postgres}" "$2" | gzip > "$FILENAME"
unsilence
success "Backed up '$abra__service_:$2' to '$FILENAME'"
}
_abra_backup_mysql() {
_abra_backup_db_prep "$@"
silence
# shellcheck disable=SC2086
sub_app_run mysqldump -u root -p"${DB_PASSWORD}" "$2" | gzip > "$FILENAME"
unsilence
success "Backed up '$abra__service_:$2' to $FILENAME"
}
###### .. app deploy
help_app_deploy (){
echo "abra [options] app <app> deploy [--update]
Deploy app <app> to the configured server.
OPTIONS
--update Consent to deploying an updated app version
POWERED BY
docker stack deploy -c compose.yml <app>"
}
sub_app_deploy (){
require_yq
require_app_latest "$TYPE"
FORCE_DEPLOY=$abra___force
echo "Deployment overview:"
echo " Server: $(tput setaf 4)${SERVER}$(tput sgr0)"
if [ "${COMPOSE_FILE/:/}" == "${COMPOSE_FILE}" ]; then
echo " Compose: $(tput setaf 3)${APP_DIR}/${COMPOSE_FILE}$(tput sgr0)"
else
echo " Compose: $(tput setaf 3)${APP_DIR}/"
IFS=':' read -ra COMPOSE_FILES <<< "$COMPOSE_FILE"
for COMPOSE in "${COMPOSE_FILES[@]}"; do
echo " - ${COMPOSE}"
done
tput sgr0
fi
if [ -n "$DOMAIN" ]; then
echo " Domain: $(tput setaf 2)${DOMAIN}$(tput sgr0)"
fi
echo " Stack: $(tput setaf 3)${STACK_NAME}$(tput sgr0)"
output_version_summary
if [[ $FORCE_DEPLOY != "true" ]]; then
prompt_confirm
fi
APP=$(basename "$APP_DIR")
(
(cd "$APP_DIR" || error "\$APP_DIR '$APP_DIR' not found")
# shellcheck disable=SC2086
if (cd "$APP_DIR" && docker stack deploy -c ${COMPOSE_FILE//:/ -c } "$STACK_NAME"); then
if [ -n "$DOMAIN" ]; then
success "Yay! App should be available at https://${DOMAIN}"
else
success "Yay! That worked. No \$DOMAIN defined, check status by running \"abra app ${STACK_NAME} ps\""
fi
else
error "Oh no! Something went wrong 😕 Check errors above"
fi
)
}
###### .. app <app> undeploy
help_app_undeploy (){
echo "abra [options] app <app> undeploy
Opposite of \`app <app> deploy\`; deactivate an app without deleting anything. If
you want to completely delete an app, then you're looking for \`app <app> rm\`.
POWERED BY
docker stack rm <app>"
}
sub_app_undeploy (){
FORCE_UNDEPLOY=$abra___force
warning "About to un-deploy $STACK_NAME from $SERVER"
if [[ $FORCE_UNDEPLOY != "true" ]]; then
prompt_confirm
fi
docker stack rm "$STACK_NAME"
}
###### .. app config
help_app_config (){
echo "abra [options] app <app> config
Open the app configuration in \$EDITOR."
}
sub_app_config (){
if [ -z "$EDITOR" ]; then
warning "\$EDITOR not set; which text editor would you like to use?"
EDITORS_ALL=(vi vim nano pico emacs)
declare -a EDITORS_AVAILABLE
for EDITOR in "${EDITORS_ALL[@]}"; do
if type "$EDITOR" > /dev/null 2>&1; then
EDITORS_AVAILABLE+=("$EDITOR")
fi
done
if [ ${#EDITORS_AVAILABLE[@]} = 0 ]; then
error "No text editors found! Are you using a magnetised needle? 🤪"
fi
select EDITOR in "${EDITORS_AVAILABLE[@]}"; do
if [ 1 -le "$REPLY" ] && [ "$REPLY" -le ${#EDITORS_AVAILABLE[@]} ]; then
SERVER="$EDITOR"
success "Using '${EDITOR}'; Add 'export EDITOR=${EDITOR}' to your ~/.bashrc to set as default"
break
fi
done
fi
$EDITOR "$ENV_FILE"
}
###### .. app check
help_app_check (){
echo "abra [options] app <app> check
Make sure that all an app's required variables are set."
}
sub_app_check (){
if [ "$abra___skip_check" = "true" ]; then
return 0
fi
APP_ENV=$(grep -v '^#' "$ENV_FILE" | cut -d' ' -f2 | cut -d'=' -f1 | sort -u)
STACK_ENV=$(grep -v '^#' "$APP_DIR/.env.sample" | cut -d' ' -f2 | cut -d'=' -f1 | sort -u)
debug "APP_ENV: $APP_ENV"
debug "STACK_ENV: $STACK_ENV"
# Only show "1", items in STACK_ENV which aren't in APP_ENV
MISSING_VARS=$(comm -23 <(echo "$STACK_ENV") <(echo "$APP_ENV"))
if [ -z "$MISSING_VARS" ]; then
success "Yay! All the necessary basic variables are defined"
return 0
fi
error "Found missing variables: $MISSING_VARS"
}
###### .. app ps
help_app_ps (){
echo "abra [options] app <app> ps
Show <app>'s running containers.
POWERED BY
docker stack ps <app>"
}
sub_app_ps (){
docker stack ps "$STACK_NAME"
}
###### .. app delete
help_app_rm (){
help_app_delete
}
sub_app_rm (){
sub_app_delete
}
help_app_delete (){
echo "abra [options] app <app> (rm|delete) [--force]
Delete <app> completely (\"hard delete\"). All local configuration,
volumes and secrets can be removed with this command.
OPTIONS
--force Live dangerously; skip prompt for confirmation
--volumes Delete all storage volumes
--secrets Delete all secrets
POWERED BY
docker volume ls / docker volume rm
docker secret ls / docker secret rm
"
}
sub_app_delete (){
if [ "$abra___force" != "true" ]; then
warning "About to delete $ENV_FILE"
prompt_confirm
fi
rm "$ENV_FILE"
if [ "$abra___volumes" = "true" ]; then
volumes="$(docker volume ls --filter "name=${STACK_NAME}" --quiet)"
if [ "$abra___force" != "true" ] && [ "$abra___volumes" = "true" ]; then
# shellcheck disable=SC2086
warning "SCARY: About to remove all volumes associated with ${STACK_NAME}: $(echo $volumes | tr -d '\n')"
prompt_confirm
fi
docker volume rm --force "$volumes"
fi
if [ "$abra___secrets" = "true" ]; then
secrets="$(docker secret ls --filter "name=${STACK_NAME}" --quiet)"
if [ "$abra___force" != "true" ] && [ "$abra___secrets" = "true" ]; then
# shellcheck disable=SC2086
warning "SCARY: About to remove all secrets associated with ${STACK_NAME}: $(echo $secrets | tr -d '\n')"
prompt_confirm
fi
docker secret rm "$secrets"
fi
}
###### .. app secret insert
help_app_secret_insert (){
echo "abra [options] app <app> secret insert <secret> <version> <data> [--pass]
Store <data> as a Docker secret called <secret>_<version>.
OPTIONS
--pass Save the secret in \`pass\` as well
POWERED BY
docker secret insert"
}
sub_app_secret_insert() {
SECRET="$abra__secret_"
VERSION="$abra__version_"
PW="$abra__data_"
STORE_WITH_PASS="$abra___pass"
if [ -z "$SECRET" ] || [ -z "$VERSION" ] || [ -z "$PW" ]; then
error "Required arguments missing"
fi
# shellcheck disable=SC2059
printf "$PW" | docker secret create "${STACK_NAME}_${SECRET}_${VERSION}" - > /dev/null
if [ "$STORE_WITH_PASS" == "true" ] && type pass > /dev/null 2>&1; then
echo "$PW" | pass insert "hosts/$DOCKER_CONTEXT/${STACK_NAME}/${SECRET}" -m > /dev/null
success "pass: hosts/$DOCKER_CONTEXT/${STACK_NAME}/${SECRET}"
fi
}
###### .. app secret delete
help_app_secret_rm (){
help_app_secret_delete
}
sub_app_secret_rm(){
sub_app_secret_delete
}
help_app_secret_delete (){
echo "abra [options] app <app> secret (delete|rm) (<secret>|--all) [--pass] [--force]
Remove <app>'s Docker secret <secret>.
OPTIONS
--pass Remove secret(s) from \`pass\` as well
--all Delete all secrets for <app>
--force Live dangerously; skip prompt for confirmation
POWERED BY
docker secret rm
docker secret ls (for --all)"
}
sub_app_secret_delete(){
# if --all is provided then $abra__secret_ will be blank and this will work
# auto-magically
NAMES=$(docker secret ls --filter "name=${STACK_NAME}_${abra__secret_}" --format "{{.Name}}")
if [ -z "$NAMES" ]; then
error "Could not find any secrets under ${STACK_NAME}_${abra__secret_}"
fi
if [ "$abra___force" != "true" ]; then
warning "About to delete $(echo "$NAMES" | paste -d "")"
prompt_confirm
fi
for NAME in ${NAMES}; do
docker secret rm "$NAME" > /dev/null
# as above, no need to test for --all, cos if abra__secret_ is blank it'll
# Just Work anyway
if [ "$abra___pass" == "true" ] && type pass > /dev/null 2>&1; then
pass rm -r "hosts/$DOCKER_CONTEXT/${STACK_NAME}/${abra__secret_}" > /dev/null \
&& success "pass rm'd: hosts/$DOCKER_CONTEXT/${STACK_NAME}/${abra__secret_}"
fi
done
}
###### .. app secret generate
help_app_secret_generate (){
echo "abra [options] app <app> secret generate (<secret> <version>|--all) [<cmd>] [--pass]
Generate <secret>_<version> for <app> and store as a Docker secret.
OPTIONS
<secret> Generate a single secret
<version> Specify secret version (for single secret)
--all Auto-generate all secrets
<cmd> Run <cmd> to generate secret (default: pwqgen)
--pass Save generated secrets in \`pass\`
POWERED BY
docker secret insert"
}
sub_app_secret_generate(){
SECRET="$abra__secret_"
VERSION="$abra__version_"
LENGTH="$abra__length_"
if [ "$abra___all" == "true" ]; then
# Note(decentral1se): we need to reset the flag here to avoid the infinite
# recursion of auto_gen_secrets which calls this function itself
abra___all="false"
auto_gen_secrets
return
fi
if [[ -n "$LENGTH" ]]; then
require_pwgen
PWGEN=${abra__cmd_:-pwgen -s "$LENGTH" 1}
else
require_pwqgen
PWGEN="${abra__cmd_:-pwqgen}"
fi
echo "SECRET: $SECRET, VERSION $VERSION, PW $PW, ALL $abra___all"
if [ -z "$SECRET" ] || [ -z "$VERSION" ] && [ "$abra___all" == "false" ]; then
error "Required arguments missing"
fi
PW=$($PWGEN|tr -d "\n")
success "Password: $PW"
# TODO 3wc: this is a little janky, might be better to make a
# util_secret_insert function which this and sub_secret_insert can call
abra__data_="$PW"
sub_app_secret_insert
warning "These generated secrets are now stored as encrypted data on your server"
warning "Please take a moment to make sure you have saved a copy of the passwords"
warning "Abra is not able to show the password values in plain text again"
warning "See https://docs.docker.com/engine/swarm/secrets/ for more on secrets"
}
###### .. app run
help_app_run (){
echo "abra [options] app <app> run [--no-tty] [--user=<user>] <service> <args>...
Run <args>... (often something like 'bash' or 'sh') in <app>'s <service>
container.
OPTIONS
--no-tty Don't allocate a TTY; sometimes running \`mysql\` enjoys this
--user=<user> Run as the UNIX user <user>, e.g. for running Wordpress-CLI
as www-data
EXAMPLES
abra wordpress_foo_bar run app bash
POWERED BY
CONTAINER_ID=\$(docker container ls -f ...)
docker exec \$CONTAINER_ID ..."
}
sub_app_run(){
if [ -n "$abra___user" ]; then
RUN_USER="-u $abra___user"
fi
if [ "$abra___no_tty" = "true" ]; then
ARGS="-i"
else
ARGS="-it"
fi
CONTAINER=$(docker container ls --format "table {{.ID}},{{.Names}}" \
| grep "${STACK_NAME}_${abra__service_}" | head -n1 | cut -d',' -f1)
if [ -z "$CONTAINER" ]; then
error "Can't find a container for ${STACK_NAME}_${abra__service_}"
exit
fi
debug "Using container ID ${CONTAINER}"
# 3wc: we want the "splitting" that shellcheck warns us about, so that -u and
# $RUN_USER aren't treated as a single argument:
# shellcheck disable=SC2086
docker exec $RUN_USER $ARGS "$CONTAINER" "$@"
return
}
###### .. app rollback
help_app_rollback (){
echo "abra [options] app <app> rollback <service>
Rollback a deployed app service to a previous version.
EXAMPLES
abra app wordpress rollback app
POWERED BY
CONTAINER_ID=\$(docker container ls -f ...)
docker service rollback \$CONTAINER_ID ..."
}
sub_app_rollback(){
SERVICE="${abra__service_}"
docker service rollback "${STACK_NAME}_${SERVICE}"
}
###### .. app logs
help_app_logs (){
echo "abra [options] app <app> logs [<service>]
Show logs for <app>.
OPTIONS
<service> Only show logs for a specific service (default: combine all
services)
EXAMPLES
abra wordpress_foo_bar logs app
POWERED BY
docker service logs"
}
sub_app_logs (){
SERVICE="${abra__service_}"
if [ -z "$SERVICE" ]; then
stack_logs "${STACK_NAME}"
return
fi
shift
if [ $# -eq 0 ]; then
LOGS_ARGS="\
--follow \
--tail 20 \
--no-trunc \
--details \
--timestamps"
else
# shellcheck disable=SC2124
LOGS_ARGS=$@
fi
# shellcheck disable=SC2086
docker service logs "${STACK_NAME}_${SERVICE}" $LOGS_ARGS
}
###### .. app cp
help_app_cp (){
echo "abra [options] app <app> cp <src> <dst>
Copy files to or from a running container.
One of <src> or <dst> must have the format <service>:<path>.
Copying multiple files is possible using \`tar\`, see EXAMPLES.
If <dst> is a file then it will be over-written, if it is a folder then <src>
will be copied into it.
EXAMPLES
abra app customhtml_foo_bar_com cp index.html app:/usr/share/nginx/html/
tar cf - wp-content | abra app wordpress_bar_bat_com cp - app:/var/www/html/
POWERED BY
CONTAINER_ID=\$(docker container ls -f ...)
docker cp \$CONTAINER_ID:<src> <dst>
docker cp \$CONTAINER_ID:<dst> <src>"
}
sub_app_cp() {
SOURCE="${abra__src_}"
DEST="${abra__dst_}"
# Get the service name from either SOURCE or DEST
SERVICE=$(echo "$SOURCE" | grep -o '^[^:]\+:' || echo "$DEST" | grep -o '^[^:]\+:')
SERVICE=$(echo "$SERVICE" | tr -d ':')
if [ -z "$SERVICE" ]; then
echo "Usage: $PROGRAM_NAME cp SERVICE:SRC_PATH DEST_PATH"
echo " $PROGRAM_NAME cp SRC_PATH SERVICE:DEST_PATH"
echo ""
error "Can't find SERVICE in either SRC or DEST"
fi
CONTAINER=$(docker container ls --format "table {{.ID}},{{.Names}}" \
| grep "${STACK_NAME}_${SERVICE}" | cut -d',' -f1)
if [ -z "$CONTAINER" ]; then
error "Can't find a container for ${STACK_NAME}_${SERVICE}"
exit
fi
debug "Using container ID ${CONTAINER}"
# Replace $SERVICE with $CONTAINER in the original args
CP_ARGS=$(echo "$SOURCE $DEST" | sed "s/$SERVICE:/$CONTAINER:/")
# FIXME 3wc: this might cause problems for filenames with spaces..
# shellcheck disable=SC2086
docker cp ${CP_ARGS}
}
#######################################
# abra server ..
#######################################
###### .. server ls
help_server_ls (){
help_server_list
}
sub_server_ls() {
sub_server_list
}
help_server_list (){
echo "abra [options] server (list|ls)
List locally-defined servers."
}
sub_server_list() {
get_servers
warning "Loading status from ${#SERVERS[@]} server(s), patience advised.."
printf "%s servers:\n\n" "${#SERVERS[@]}"
local -a idx=0
for SERVER in "${SERVERS[@]}"; do
if [[ "$idx" == 0 ]]; then
printf " NAME\tCONNECTION\n"
printf " --\t--\t\n"
fi
name="${SERVER##*/}"
host=$(docker context inspect "$name" -f "{{.Endpoints.docker.Host}}" 2>/dev/null)
printf " %s\t%s\n" "$name" "${host:-UNKNOWN}"
idx+=1
done | column -s' ' -t
}
###### .. server init
help_server_init (){
echo "abra [options] server init
Set up a server for Docker swarm joy. This initialisation explicitly chooses
for the \"single host swarm\" mode which uses the default IPv4 address as the
advertising address. This can be re-configured later for more advanced use
cases.
POWERED BY
docker swarm init
docker network create ..."
}
sub_server_init() {
export DOCKER_CONTEXT="${abra__host_}"
load_context
# Note(decentral1se): it sucks to use Google DNS but it seems like a reliable method
# for determining the default IPv4 address especially nowadays
# when there are often multiple internal addresses assigned to eth0
default_ipv4="$(ip route get 8.8.8.8 | head -1 | awk '{print $7}')"
if [ "$abra___debug" = "true" ]; then
DOCKER_ENDPOINT=$(docker context inspect "$DOCKER_CONTEXT" -f "{{.Endpoints.docker.Host}}" 2>/dev/null)
debug "Connecting to $DOCKER_CONTEXT via SSH ($DOCKER_ENDPOINT)"
fi
docker swarm init --advertise-addr "$default_ipv4" || true
docker network create --driver=overlay proxy --scope swarm || true
}
###### .. server add
help_server_add (){
echo "abra [options] server add <host> [<user>] [<port>]
Add a server, reachable on <host>.
OPTIONS
<user>, <port> SSH connection details
POWERED BY
docker context create ..."
}
sub_server_add() {
require_abra_dir
HOST="$abra__host_"
USERNAME="$abra__user_"
PORT="$abra__port_"
if [ -n "$PORT" ]; then
PORT=":$PORT"
fi
if [ -n "$USERNAME" ]; then
USERNAME="$USERNAME@"
fi
docker context create "$HOST" \
--docker "host=ssh://$USERNAME$HOST$PORT" \
|| true
mkdir -p "$ABRA_DIR/servers/$HOST"
}
###### .. server new
help_server_new (){
echo "abra [options] server new <provider>
Use a provider plugin to create an actual new server resource (VPS or
otherwise) which can then be used to house a new Co-op Cloud installation.
OPTIONS
<provider> Provider plugin for creating new server (choices: hetzner)"
}
sub_server_new() {
require_abra_dir
PROVIDER="$abra__provider_"
BRANCH="${abra___branch:-master}"
if [ "$PROVIDER" != "hetzner" ]; then
error "Unknown provider plugin 'abra-${PROVIDER}'"
fi
if [ ! -d "$ABRA_DIR/plugins/abra-$PROVIDER" ]; then
warning "The 'abra-$PROVIDER' plugin was not found, fetching via Git"
if ! git clone --branch "$BRANCH" "$GIT_URL/abra-$PROVIDER.git" "$ABRA_DIR/plugins/abra-$PROVIDER" > /dev/null 2>&1 ; then
error "Could not retrieve the abra-$PROVIDER plugin, does it exist?"
fi
success "Fetched abra-$PROVIDER plugin via Git (branch: $BRANCH)"
fi
# shellcheck disable=SC1090
source "$ABRA_DIR/plugins/abra-$PROVIDER/abra-$PROVIDER"
}
###### .. server delete
help_server_rm (){
help_server_delete
}
sub_server_rm() {
sub_server_delete
}
help_server_delete (){
echo "abra [options] server <host> delete
Remove server <host>
POWERED BY
docker context rm ..."
}
sub_server_delete() {
docker context rm "$abra__host_"
}
###### .. server <host> apps
help_server_apps (){
echo "abra [options] server <host> apps [--status]
Alias for \`abra app ls --server=<host>.
OPTIONS
--status Show whether apps are deployed (warning! slow!)
POWERED BY (for --status)
docker stack ls"
}
sub_server_apps() {
abra___server="$abra__host_"
sub_app_list
}
#######################################
# Misc commands
#######################################
###### .. upgrade
help_upgrade (){
echo "abra [options] upgrade [--dev]
Upgrade abra itself, using the online installer script.
OPTIONS
--dev Upgrade to the latest development version (HEAD)"
}
sub_upgrade() {
if [[ "$abra___dev" == "true" ]]; then
curl https://install.abra.autonomic.zone | bash -s -- --dev
else
curl https://install.abra.autonomic.zone | bash
fi
}
###### .. version
help_version (){
echo "abra [options] version
Show the installed version of abra."
}
sub_version() {
if [ -L "$0" ] && [ -e "$0" ]; then
ABRA_SRC=$(readlink "$0")
ABRA_DIGEST=$(cd "${ABRA_SRC%/*}" && git rev-parse --short HEAD)
fi
echo "$ABRA_VERSION${ABRA_DIGEST:+-}${ABRA_DIGEST}"
}
###### .. help
help_help (){
echo "HEEEEEELP! 😱"
}
sub_help() {
SUBCOMMAND=$(IFS="_"; echo "${abra__subcommands_[*]}")
if [ -z "$SUBCOMMAND" ]; then
printf "%s" "$DOC"
exit
fi
HELP_CMD="help_${SUBCOMMAND}"
if type "$HELP_CMD" > /dev/null 2>&1; then
"$HELP_CMD"
else
HELP_COMMANDS=$(declare -Ff | grep 'help_' | cut -d' ' -f3 | sed 's/_/ /g')
error "No help found for '$abra__subcommands_'
Try one of these:
${HELP_COMMANDS//help /}"
fi
}
#######################################
# cheeky docker aliases
#######################################
###### .. stack <args>...
sub_stack() {
# shellcheck disable=SC2068
docker stack $@
}
###### .. volume <args>...
sub_volume() {
# shellcheck disable=SC2068
docker volume $@
}
###### .. network <args>...
sub_network() {
# shellcheck disable=SC2068
docker network $@
}
#######################################
# Main
#######################################
abra() {
require_bash_4
# TODO (3wc): we either need to do this, or add 'shellcheck disable' all over
# the place to handle the dynamically-defined vars
declare abra___stack abra___env abra__command_ abra__args_ \
abra__secret_ abra__version_ abra__data_ abra___user abra__host_ \
abra__type_ abra__port_ abra__user_ abra__service_ abra__src_ abra__dst_ \
abra___server abra___domain abra___force abra___pass \
abra___secrets abra___status abra___no_tty abra___app_name \
abra__subcommands_ abra___skip_update abra___skip_check \
abra__backup_file_ abra___verbose abra___debug abra___help \
abra___branch abra___volumes abra__provider_ abra___type \
abra___dev abra___update
if ! type tput > /dev/null 2>&1; then
tput() {
echo -n
}
fi
DOCOPT_PREFIX=abra_
DOCOPT_ADD_HELP=false
eval "$(docopt "$@")"
# --stack <stack>
STACK_NAME=$abra___stack
# --env <env>
if [ -n "$abra___env" ]; then
set -a
# shellcheck disable=SC1090
source "$abra___env" || error "Unable to load env from '$abra___env'"
set +a
fi
if [ -n "$abra__app_" ]; then
load_instance
load_instance_env
fi
load_abra_sh
# Search for sub_* functions, and check if any of them matches enabled
# arguments (i.e. is a command and is specified)
for SUBCOMMAND in $(declare -Ff | grep 'sub_' | cut -d' ' -f3 | sort -r); do
IFS='_' read -r -a PARTS <<< "$SUBCOMMAND"
for PART in "${PARTS[@]:1}"; do
# TODO 3wc: probably a better way to check if a variable is defined..
VAR=$(eval "echo \$abra_$PART")
if [ ! "$VAR" == "true" ]; then
continue 2
fi
done
abra__command_=$(IFS="_"; echo "${PARTS[*]:1}")
break
done
if [ "$abra___help" = "true" ]; then
if [ -z "$abra__command_" ]; then
# shellcheck disable=SC2059
printf "$DOC"
exit
elif type "help_${abra__command_}" > /dev/null 2>&1; then
"help_${abra__command_}"
exit
else
error "No help for '$abra__command_'"
fi
fi
# Use abra__command_ in case `command` is provided (i.e. `volume` or `stack`)
CMD="sub_${abra__command_}"
if type "$CMD" > /dev/null 2>&1; then
# shellcheck disable=SC2086
"$CMD" ${abra__args_[*]}
else
docopt_exit
fi
}
abra "$@"