dokku/dokku-postgres
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: properly handle use-iam flag. Closes dokku/dokku-redis#88

Browse Source
This commit is contained in:
Jose Diaz-Gonzalez
2018-04-23 17:11:50 -04:00
parent ba523dc5ac
commit 6a32161049
3 changed files with 21 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
common-functions
View File

@@ -113,17 +113,20 @@ service_backup() {
local AWS_SECRET_ACCESS_KEY_FILE="$BACKUP_CONFIG_ROOT/AWS_SECRET_ACCESS_KEY" local AWS_SECRET_ACCESS_KEY_FILE="$BACKUP_CONFIG_ROOT/AWS_SECRET_ACCESS_KEY"
local BACKUP_PARAMETERS="" local BACKUP_PARAMETERS=""
if [[ "$USE_IAM_OPTIONAL_FLAG" != "--use-iam" ]] && [[ "$USE_IAM_OPTIONAL_FLAG" != "-u" ]]; then if [[ -z "$USE_IAM_OPTIONAL_FLAG" ]]; then
[[ ! -f "$AWS_ACCESS_KEY_ID_FILE" ]] && dokku_log_fail "Missing AWS_ACCESS_KEY_ID file" [[ ! -f "$AWS_ACCESS_KEY_ID_FILE" ]] && dokku_log_fail "Missing AWS_ACCESS_KEY_ID file"
[[ ! -f "$AWS_SECRET_ACCESS_KEY_FILE" ]] && dokku_log_fail "Missing AWS_SECRET_ACCESS_KEY file" [[ ! -f "$AWS_SECRET_ACCESS_KEY_FILE" ]] && dokku_log_fail "Missing AWS_SECRET_ACCESS_KEY file"
BACKUP_PARAMETERS="$BACKUP_PARAMETERS -e AWS_ACCESS_KEY_ID=$(cat "$AWS_ACCESS_KEY_ID_FILE") -e AWS_SECRET_ACCESS_KEY=$(cat "$AWS_SECRET_ACCESS_KEY_FILE")" BACKUP_PARAMETERS="$BACKUP_PARAMETERS -e AWS_ACCESS_KEY_ID=$(cat "$AWS_ACCESS_KEY_ID_FILE") -e AWS_SECRET_ACCESS_KEY=$(cat "$AWS_SECRET_ACCESS_KEY_FILE")"
else elif [[ "$USE_IAM_OPTIONAL_FLAG" != "--use-iam" ]] && [[ "$USE_IAM_OPTIONAL_FLAG" != "-u" ]]; then
dokku_log_fail "Provide AWS credentials or use the --use-iam flag" dokku_log_fail "Provide AWS credentials or use the --use-iam flag"
fi fi
TMPDIR=$(mktemp -d) TMPDIR=$(mktemp -d)
trap 'rm -rf "$TMPDIR" > /dev/null' RETURN INT TERM EXIT trap 'rm -rf "$TMPDIR" > /dev/null' RETURN INT TERM EXIT
docker inspect "$ID" &> /dev/null || dokku_log_fail "Service container does not exist"
is_container_status "$ID" "Running" || dokku_log_fail "Service container is not running"
(service_export "$SERVICE" > "${TMPDIR}/export") (service_export "$SERVICE" > "${TMPDIR}/export")
# Build parameter list for s3backup tool # Build parameter list for s3backup tool
@@ -185,12 +188,16 @@ service_backup_deauth() {
service_backup_schedule() { service_backup_schedule() {
declare desc="schedules a backup of the service" declare desc="schedules a backup of the service"
declare SERVICE="$1" SCHEDULE="$2" BUCKET_NAME="$3" declare SERVICE="$1" SCHEDULE="$2" BUCKET_NAME="$3" USE_IAM_OPTIONAL_FLAG="$4"
local DOKKU_BIN="$(which dokku)" local DOKKU_BIN="$(which dokku)"
local CRON_FILE="/etc/cron.d/dokku-${PLUGIN_COMMAND_PREFIX}-${SERVICE}" local CRON_FILE="/etc/cron.d/dokku-${PLUGIN_COMMAND_PREFIX}-${SERVICE}"
local TMP_CRON_FILE="${PLUGIN_DATA_ROOT}/.TMP_CRON_FILE" local TMP_CRON_FILE="${PLUGIN_DATA_ROOT}/.TMP_CRON_FILE"
echo "${SCHEDULE} dokku ${DOKKU_BIN} ${PLUGIN_COMMAND_PREFIX}:backup ${SERVICE} ${BUCKET_NAME}" > "$TMP_CRON_FILE" if [[ -n "$USE_IAM_OPTIONAL_FLAG" ]] && [[ "$USE_IAM_OPTIONAL_FLAG" != "--use-iam" ]] && [[ "$USE_IAM_OPTIONAL_FLAG" != "-u" ]]; then
dokku_log_fail "Invalid flag provided, only '--use-iam' allowed"
fi
echo "${SCHEDULE} dokku ${DOKKU_BIN} ${PLUGIN_COMMAND_PREFIX}:backup ${SERVICE} ${BUCKET_NAME} ${USE_IAM_OPTIONAL_FLAG}" > "$TMP_CRON_FILE"
sudo /bin/mv "$TMP_CRON_FILE" "$CRON_FILE" sudo /bin/mv "$TMP_CRON_FILE" "$CRON_FILE"
sudo /bin/chown root:root "$CRON_FILE" sudo /bin/chown root:root "$CRON_FILE"
sudo /bin/chmod 644 "$CRON_FILE" sudo /bin/chmod 644 "$CRON_FILE"
@@ -241,8 +248,8 @@ service_enter() {
local SERVICE_ROOT="$PLUGIN_DATA_ROOT/$SERVICE" local SERVICE_ROOT="$PLUGIN_DATA_ROOT/$SERVICE"
local ID="$(cat "$SERVICE_ROOT/ID")" local ID="$(cat "$SERVICE_ROOT/ID")"
docker inspect "$ID" &> /dev/null || dokku_log_fail "Container does not exist" docker inspect "$ID" &> /dev/null || dokku_log_fail "Service container does not exist"
is_container_status "$ID" "Running" || dokku_log_fail "Container is not running" is_container_status "$ID" "Running" || dokku_log_fail "Service container is not running"
local EXEC_CMD="" local EXEC_CMD=""
has_tty && local DOKKU_RUN_OPTS+=" -i -t" has_tty && local DOKKU_RUN_OPTS+=" -i -t"
@@ -387,6 +394,7 @@ service_logs() {
DOKKU_LOGS_ARGS="--follow" DOKKU_LOGS_ARGS="--follow"
fi fi
docker inspect "$ID" &> /dev/null || dokku_log_fail "Service container does not exist"
is_container_status "$ID" "Running" || dokku_log_warn "Service logs may not be output as service is not running" is_container_status "$ID" "Running" || dokku_log_warn "Service logs may not be output as service is not running"
# shellcheck disable=SC2086 # shellcheck disable=SC2086

2
subcommands/backup
View File

@@ -7,7 +7,7 @@ source "$(dirname "$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)")/functions"
service-backup-cmd() { service-backup-cmd() {
#E backup the 'lolipop' service to the 'my-s3-bucket' bucket on AWS #E backup the 'lolipop' service to the 'my-s3-bucket' bucket on AWS
#E dokku $PLUGIN_COMMAND_PREFIX:backup lolipop my-s3-bucket --use-iam #E dokku $PLUGIN_COMMAND_PREFIX:backup lolipop my-s3-bucket --use-iam
#F -i|--use-iam, use the IAM profile associated with the current server #F -u|--use-iam, use the IAM profile associated with the current server
#A service, service to run command against #A service, service to run command against
#A bucket-name, name of the s3 bucket to upload backups to #A bucket-name, name of the s3 bucket to upload backups to
declare desc="creates a backup of the $PLUGIN_SERVICE service to an existing s3 bucket" declare desc="creates a backup of the $PLUGIN_SERVICE service to an existing s3 bucket"

9
subcommands/backup-schedule
View File

@@ -7,19 +7,22 @@ source "$(dirname "$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)")/functions"
service-backup-schedule-cmd() { service-backup-schedule-cmd() {
#E schedule a backup #E schedule a backup
#E > 'schedule' is a crontab expression, eg. "0 3 * * *" for each day at 3am #E > 'schedule' is a crontab expression, eg. "0 3 * * *" for each day at 3am
#E dokku $PLUGIN_COMMAND_PREFIX:backup-deauth lolipop "0 3 * * *" my-s3-bucket #E dokku $PLUGIN_COMMAND_PREFIX:backup-schedule lolipop "0 3 * * *" my-s3-bucket
#E schedule a backup and authenticate via iam
#E dokku $PLUGIN_COMMAND_PREFIX:backup-schedule lolipop "0 3 * * *" my-s3-bucket --use-iam
#F -u|--use-iam, use the IAM profile associated with the current server
#A service, service to run command against #A service, service to run command against
#A schedule, a cron schedule to run backups on #A schedule, a cron schedule to run backups on
#A bucket-name, name of the s3 bucket to upload backups to #A bucket-name, name of the s3 bucket to upload backups to
declare desc="schedules a backup of the $PLUGIN_SERVICE service" declare desc="schedules a backup of the $PLUGIN_SERVICE service"
local cmd="$PLUGIN_COMMAND_PREFIX:backup-schedule" argv=("$@"); [[ ${argv[0]} == "$cmd" ]] && shift 1 local cmd="$PLUGIN_COMMAND_PREFIX:backup-schedule" argv=("$@"); [[ ${argv[0]} == "$cmd" ]] && shift 1
declare SERVICE="$1" SCHEDULE="$2" BUCKET_NAME="$3" declare SERVICE="$1" SCHEDULE="$2" BUCKET_NAME="$3" USE_IAM_OPTIONAL_FLAG="$4"
[[ -z "$SERVICE" ]] && dokku_log_fail "Please specify a name for the service" [[ -z "$SERVICE" ]] && dokku_log_fail "Please specify a name for the service"
[[ -z "$SCHEDULE" ]] && dokku_log_fail "Please specify a schedule for the backup" [[ -z "$SCHEDULE" ]] && dokku_log_fail "Please specify a schedule for the backup"
[[ -z "$BUCKET_NAME" ]] && dokku_log_fail "Please specify an aws bucket for the backup" [[ -z "$BUCKET_NAME" ]] && dokku_log_fail "Please specify an aws bucket for the backup"
verify_service_name "$SERVICE" verify_service_name "$SERVICE"
service_backup_schedule "$SERVICE" "$SCHEDULE" "$BUCKET_NAME" service_backup_schedule "$SERVICE" "$SCHEDULE" "$BUCKET_NAME" "$USE_IAM_OPTIONAL_FLAG"
} }
service-backup-schedule-cmd "$@" service-backup-schedule-cmd "$@"