Untitled

mail@pastecode.io avatar
unknown
plain_text
6 months ago
6.2 kB
2
Indexable
Never
Code Browser
Code Search
 
Permissions
Workspaces
Version Sets
Code Reviews
Preferences
Home MegloPollerGLVPayload mainline generate_image.sh
MegloPollerGLVPayload 
Search in this package
 
Clone uri
public 
Source
Commits
Releases
Metrics
Permissions
CRUX Rules
Repository Info
CodeCommit Replicas
BRANCHES: 
Last Commit (see more)
 Christopher Johnson (johchrf)  2023-11-06 07:49:47 PST mainline Update cloudwatch, ssm, and codedeploy agents to work for different partitions 5442f611 Pipelines logo Track in pipelines
MegloPollerGLVPayload/mainline/generate_image.shRawDownloadHistoryEdit SHOW BLAME:  Older             Newer
#!/bin/bash

# this script likely isn't how we want to handle building different images. For now though this
# will let us build something for testing, the lab, and for inclusion in the IPCs provided by Hyve

# region is used for pulling down agents in advance of image building. Need to check if the agents
# are the same across regions
export REGION=us-east-1
export AWS_DEFAULT_REGION=$REGION

IMAGE_TYPE=""
POLLER_HOSTNAME=""

# obtain SSM Activation arguments using MegloPythonTools ssm_site_activation command
BAKE_IN_SSM_ACTIVATION=false
SSM_CODE=""
SSM_ID=""
SSM_REGION=""
SSM_ACTIVATION=""


usage="Usage: $0 -t <IMAGE_TYPE[vbox|lab6|lab7|corp-colo]> -n <POLLER_HOSTNAME> -s -c <SSM_CODE> -i <SSM_ID> -r <SSM_REGION>"

while getopts "h?t:n:sc:i:r:" opt
do
  case "$opt" in
    h|\?)
      echo "$usage"
      exit 1
      ;;
    t)
      IMAGE_TYPE=$OPTARG
      ;;
    n)
      POLLER_HOSTNAME=$OPTARG
      ;;
    s)
      BAKE_IN_SSM_ACTIVATION=true
      ;;
    c)
      SSM_CODE=$OPTARG
      ;;
    i)
      SSM_ID=$OPTARG
      ;;
    r)
      SSM_REGION=$OPTARG
      REGION=$OPTARG
      ;;
  esac
done


if [[ "$IMAGE_TYPE" == "" ]]; then
  echo $'\nMissing required param IMAGE_TYPE:\n-t <IMAGE_TYPE[vbox|lab6|lab7|corp-colo]>'
  echo "$usage"
  exit 1
fi

# it's really a distinction of corp vs vpc for determining NTP servers
# tie in as a basic usage test
if [ "$IMAGE_TYPE" = "lab6" ]; then
  export NTP_SERVERS="'10.50.32.5', '10.50.32.69', '10.50.32.133'"
elif [ "$IMAGE_TYPE" = "lab7" ]; then
  export NTP_SERVERS="'10.50.32.5', '10.50.32.69', '10.50.32.133'"
elif [ "$IMAGE_TYPE" = "iad77" ]; then
  export NTP_SERVERS="'10.50.32.5', '10.50.32.69', '10.50.32.133'"
elif [ "$IMAGE_TYPE" = "lhr65" ]; then
  export NTP_SERVERS="'10.50.32.5', '10.50.32.69', '10.50.32.133'"
elif [ "$IMAGE_TYPE" = "corp-colo" ]; then
  export NTP_SERVERS="ntp.corp.amazon.com"
elif [ "$IMAGE_TYPE" = "corp-colo-with-dhcp" ]; then
  export NTP_SERVERS="ntp.corp.amazon.com"
elif [ "$IMAGE_TYPE" = "vbox" ]; then
  export NTP_SERVERS="ntp.corp.amazon.com"
else
  echo "Invalid IMAGE_TYPE passed in: ${IMAGE_TYPE}"
  echo "$usage"
  exit 1
fi

export IMAGE_TYPE=$IMAGE_TYPE

if [[ "$POLLER_HOSTNAME" == "" ]]; then
  echo $'\nMissing required param POLLER_HOSTNAME:\n-n <POLLER_HOSTNAME>'
  echo "$usage"
  exit 1
fi

export POLLER_HOSTNAME=$POLLER_HOSTNAME

if [ "$BAKE_IN_SSM_ACTIVATION" = true ] ; then
  echo "Detected Bake in SSM Activation flag '-s'"
  if [[ "$SSM_CODE" == "" ]]; then
    echo $'\nMissing required param for baked in SSM Activation SSM_CODE:\n-c <SSM_CODE>'
    echo "$usage"
    exit 1
  fi
  if [[ "$SSM_ID" == "" ]]; then
    echo $'\nMissing required param for baked in SSM Activation SSM_ID:\n-i <SSM_ID>'
    echo "$usage"
    exit 1
  fi
  if [[ "$SSM_REGION" == "" ]]; then
    echo $'\nMissing required param for baked in SSM Activation SSM_REGION:\n-r <SSM_REGION>'
    echo "$usage"
    exit 1
  fi
  SSM_ACTIVATION="- echo \"yes\" | sudo amazon-ssm-agent -register -code \"${SSM_CODE}\" -id \"${SSM_ID}\" -region \"${SSM_REGION}\" \&\& sudo systemctl restart amazon-ssm-agent"
fi

export SSM_ACTIVATION=$SSM_ACTIVATION

if [ ! -e "./input/base.iso" ]; then
  echo "./input/base.iso is missing! Download image from GLV repo and retry"
  exit 1
fi

res=`aws secretsmanager get-secret-value --secret-id meglo/glv/localuser --query SecretString --output text`
export LOCAL_LOGIN_USERNAME=`echo $res | jq -r '.username'`
if [ "$LOCAL_LOGIN_USERNAME" = "" ]; then
  echo "Missing local login! Please ensure you have proper permissions to retrieve the user from secrets manager. Exiting."
  exit 1
fi
RAW_PASSWORD=`echo $res | jq -r '.passwordHash'`
# these hashed pwds have $ characters which mess with env variables & sed replacement in payload.yaml
# use eval to escape them and then export that variable
eval LOCAL_LOGIN_PASSWORD=\"${RAW_PASSWORD//\$/\\\$}\"
export LOCAL_LOGIN_PASSWORD

res=`aws secretsmanager get-secret-value --secret-id meglo/glv/remoteuser --query SecretString --output text`
export REMOTE_LOGIN_USERNAME=`echo $res | jq -r '.username'`
RAW_SSH_KEY=`echo $res | jq -r '.publicRSAKey'`
eval REMOTE_LOGIN_SSH_KEY=\"${RAW_SSH_KEY//\$/\\\$}\"
export REMOTE_LOGIN_SSH_KEY

# Get s3 endpoint endpoints to download the codedeploy, ssm and cloudwatch agents
res=`ripcli rip -r $REGION -s s3 -a endpoint`
export S3_ENDPOINT=$res

# copy our configs to build so we can mutate there
mkdir -p glv_image_build/configuration/glv/ubuntu
rm -rf glv_image_build/configuration/glv/ubuntu
cp -r configuration/glv/ubuntu glv_image_build/configuration/glv/

# pass a number of env variables for replacement from the payload.yaml file
docker run --env REGION \
  --env S3_ENDPOINT --env POLLER_HOSTNAME \
  --env REMOTE_LOGIN_USERNAME --env REMOTE_LOGIN_SSH_KEY \
  --env LOCAL_LOGIN_USERNAME --env LOCAL_LOGIN_PASSWORD \
  --env IMAGE_TYPE --env NTP_SERVERS \
  --env SSM_ACTIVATION \
  --privileged \
  -v $(pwd):/app \
  664776140435.dkr.ecr.us-west-2.amazonaws.com/galacticlaunchvehicle:latest \
  generate_image -b ./input/base.iso -d ./glv_image_build/meglo_glv_$IMAGE_TYPE.iso -p glv_image_build/configuration/glv/ubuntu/payload

echo ""
echo ""
echo "Generated ISO: $(pwd)/glv_image_build/meglo_glv_$IMAGE_TYPE.iso"
echo ""
Packages
Create Package
All packages for my team
Commit Notifications
RSS
Email
Need help?
Report a bug
Request a feature
Questions? Use #code-browser-interest on Slack
Code Browser Documentation
CRUX Documentation
Code Search Documentation
Browser Support Policy
Leave a Comment