blob: 4ab435dc53ccdf643371966293ec28a1a6aa16c3 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
|
#!/usr/bin/env bash
# SPDX-license-identifier: Apache-2.0
##############################################################################
# Copyright (c) 2018 Orange and others.
#
# All rights reserved. This program and the accompanying materials
# are made available under the terms of the Apache License, Version 2.0
# which accompanies this distribution, and is available at
# http://www.apache.org/licenses/LICENSE-2.0
##############################################################################
##
# Bug report function
##
submit_bug_report() {
SHELL_VERBOSE=${SHELL_VERBOSE:-}
local lc="$BASH_COMMAND" rc=$?
echo ""
echo "---------------------------------------------------------------------"
step_line "Crash on command"
echo
echo $lc
echo
step_line "Exit code"
echo
echo $rc
if [ ! -z ${SHELL_VERBOSE} ]; then
echo
step_line "Environment variables"
echo
env | grep -v artifacts_bin \
| sort \
| sed 's/^/export /' \
| sed 's/PASSWORD=.*/PASSWORD=***HIDDEN***/' \
| sed 's/artifacts_bin=.*/artifacts_bin=***HIDDEN***/'
fi
echo "---------------------------------------------------------------------"
step_banner "Clean"
${TOOLS_FOLDER}/clean.sh
echo "---------------------------------------------------------------------"
}
##
# Pretty print
##
step_banner() {
echo ""
echo "====================================================================="
echo "${RUN_SCRIPT}"
date
echo "$*"
echo "====================================================================="
echo ""
}
step_line() {
echo ">>> ${*}"
}
error_line() {
echo "!!! ${*}"
}
##
# Test A CI var is required
##
check_ci_var() {
var_name=$1
if [ -z "${!var_name}" ]; then
error_line
error_line "Variable \$${var_name} must be defined"
error_line "Please set it in your gitlab project (Settings / CI-CD / variables page)"
error_line
exit
fi
}
##
# Warn if run as root
##
no_root_needed() {
step_line "Check if we are root"
if [[ $(whoami) == "root" ]]; then
echo "WARNING: This script should not be run as root!"
echo "Elevated privileges are aquired automatically when necessary"
echo "Waiting 10s to give you a chance to stop the script (Ctrl-C)"
for x in $(seq 10 -1 1); do echo -n "$x..."; sleep 1; done
fi
}
##
# Ensure root folder is not world readable
##
ansible_prepare(){
step_line "Set local folder not writable to others"
chmod 600 ${ROOT_FOLDER}
}
##
# SSH Options
##
ssh_opt(){
SSH_OPT=''
if [ -e ${ROOT_FOLDER}/vars/vaulted_ssh_credentials.yml ]; then
SSH_OPT="${SSH_OPT} -F ${ROOT_FOLDER}/ssh_config"
fi
echo ${SSH_OPT}
}
##
# Vault Options
##
vault_opt(){
VAULT_OPT=''
if [ -n "${ANSIBLE_VAULT_PASSWORD}" ]; then
VAULT_OPT="--vault-password-file ${ROOT_FOLDER}/.vault"
fi
echo ${VAULT_OPT}
}
##
# Get Ansible SSH Options
##
ansible_ssh_opt(){
ANSIBLE_SSH_ARGS="-C -o ControlMaster=auto -o ControlPersist=60s"
if [ -n "${ANSIBLE_VAULT_PASSWORD}" ]; then
ANSIBLE_SSH_ARGS="${ANSIBLE_SSH_ARGS} $(ssh_opt)"
fi
echo ${ANSIBLE_SSH_ARGS}
}
##
# Cat file that may be vaulted
##
cat_file(){
FILE=$1
if [ -e ${ROOT_FOLDER}/.vault ] \
&& $(grep '^\$ANSIBLE_VAULT;1\..;AES256' ${FILE} > /dev/null); then
ansible-vault view --vault-password-file=${ROOT_FOLDER}/.vault ${FILE}
else
cat ${FILE}
fi
}
|
