diff options
| author | Christian Pointner <equinox@spreadspace.org> | 2018-12-08 21:11:19 +0100 |
|---|---|---|
| committer | Christian Pointner <equinox@spreadspace.org> | 2018-12-08 21:11:19 +0100 |
| commit | 57cc6098cf6315b0c2fee544c94d43d2a47bbfa4 (patch) | |
| tree | 3f8031db65b81c69a2c619c66d1fdcf546542c8d /common/utils.sh | |
| parent | vault readme is outdated (diff) | |
further improve script helpers
Diffstat (limited to 'common/utils.sh')
| -rw-r--r-- | common/utils.sh | 93 |
1 files changed, 90 insertions, 3 deletions
diff --git a/common/utils.sh b/common/utils.sh index 119305de..3e31c568 100644 --- a/common/utils.sh +++ b/common/utils.sh @@ -1,21 +1,108 @@ -## this contains several helper functions +## this file contains several helper functions, please source it to make use of them -get_ansible_variable() { +print_error() { + echo -e "\033[1;31mERROR:\033[1;0m $1" +} + +print_success() { + echo -e "\033[1;32mSuccess:\033[1;0m $1" +} + +print_info() { + echo -e "\033[1;37mInfo:\033[1;0m $1" +} + +########################### +## varibales from ansible hosts + +ansible_variable__get() { local _var_name="$1" local _hosts="$2" local _result=$(env ANSIBLE_STDOUT_CALLBACK="json" ansible "$_hosts" -m debug -a "var=$_var_name" | \ jq -r ".plays[].tasks[].hosts[].$_var_name" | sort | uniq) if [ $? -ne 0 ] || [ -z "$_result" ]; then + print_error "failed to get value of variable '$_var_name' for host(s) '$_hosts'" return 1 fi local _num_results=$(echo "$_result" | wc -l) if [ $_num_results -ne 1 ]; then - echo "ERROR: the vairable '$_var_name' is not unique for the given hosts '$_hosts', got values: $(echo $_result | xargs | sed 's/ /, /g')" + print_error "the vairable '$_var_name' is not unique for the given hosts '$_hosts', got values: $(echo $_result | xargs | sed 's/ /, /g')" return 2 fi eval "$_var_name"='$(echo "$_result")' return 0 } + + +########################### +## vault environment handling + +vault_environment__get() { + echo "${ANSIBLE_VAULT_IDENTITY_LIST}" | tr ',' '\n' | awk -F '@' '{ print($1) }' | sed '/^$/d' +} + +vault_environment__set() { + unset ANSIBLE_VAULT_IDENTITY_LIST + for e in "$@"; do + vault_environment__activate $e || return 1 + done +} + +vault_environment__activate() { + if [ -z "$1" ]; then + print_error "please specify an environment" + return 2 + fi + + if [ ! -f "gpg/get-vault-pass-$1" ]; then + print_error "failed to activate environment: '$1' .. could not find password file 'gpg/get-vault-pass-$1'" + return 1 + fi + + for e in $(vault_environment__get); do + if [ "$1" = "$e" ]; then + print_info "environment '$1' is already active" + return 0 # environment is already activated + fi + done + + if [ -z "${ANSIBLE_VAULT_IDENTITY_LIST}" ]; then + export ANSIBLE_VAULT_IDENTITY_LIST="$1@gpg/get-vault-pass-$1" + else + export ANSIBLE_VAULT_IDENTITY_LIST="${ANSIBLE_VAULT_IDENTITY_LIST},$1@gpg/get-vault-pass-$1" + fi + print_success "environment '$1' is now active" + return 0 +} + +vault_environment__deactivate() { + local new_list + + if [ -z "$1" ]; then + print_error "please specify an environment" + return 2 + fi + + new_list="" + for e in $(vault_environment__get); do + if [ "$1" != "$e" ]; then + if [ -z "$new_list" ]; then + new_list="$e@gpg/get-vault-pass-$e" + else + new_list="$new_list,$e@gpg/get-vault-pass-$e" + fi + fi + done + + if [ -z "$new_list" ]; then + unset ANSIBLE_VAULT_IDENTITY_LIST + else + export ANSIBLE_VAULT_IDENTITY_LIST="$new_list" + fi + + print_success "environment '$1' is now deactivated" + return 0 +} |