#!/bin/bash ### chmod +x deploy.sh SOURCE_TEMPLATE="cloudformation.yaml" OUTPUT_TEMPLATE="output.yaml" DEPENDENCIES=(mvn aws) declare -i var OPTIONS_FOUND OPTIONS_FOUND=0 while getopts ":s:b:p:r:a:" opt; do case $opt in s) STACK_NAME="$OPTARG" OPTIONS_FOUND+=1 ;; b) ARTEFACT_S3_BUCKET="$OPTARG" OPTIONS_FOUND+=1 ;; p) AWS_PROFILE="$OPTARG" OPTIONS_FOUND+=1 ;; r) AWS_REGION="$OPTARG" OPTIONS_FOUND+=1 ;; a) ACCOUNT_ID="$OPTARG" OPTIONS_FOUND+=1 ;; \?) echo "Invalid option -$OPTARG" >&2 exit 1 ;; :) echo "Option -$OPTARG requires an argument." >&2 exit 1 ;; esac done if ((OPTIONS_FOUND !=5)); then echo "Please make sure to pass all the required options \"-s -b -p -r -a\"" exit 1 fi unset OPTIONS_FOUND function check_dependencies_mac() { dependencies=$1 for name in ${dependencies[@]}; do [[ $(which $name 2>/dev/null) ]] || { echo -en "\n$name needs to be installed. Use 'brew install $name'";deps=1; } done [[ $deps -ne 1 ]] || { echo -en "\nInstall the above and rerun this script\n";exit 1; } } function check_dependencies_linux() { dependencies=$1 for name in ${dependencies[@]}; do [[ $(which $name 2>/dev/null) ]] || { echo -en "\n$name needs to be installed. Use 'sudo apt-get install $name'";deps=1; } done [[ $deps -ne 1 ]] || { echo -en "\nInstall the above and rerun this script\n";exit 1; } } ## Check dependencies by OS if [ "$(uname)" == "Darwin" ]; then check_dependencies_mac "${DEPENDENCIES[*]}" elif [ "$(expr substr $(uname -s) 1 5)" == "Linux" ]; then check_dependencies_linux "${DEPENDENCIES[*]}" else echo "Only Mac and Linux OS supported, exiting ..." exit 1 fi echo "Option -$OPTARG are good" echo "STACK_NAME=$STACK_NAME" echo "ARTEFACT_S3_BUCKET=$ARTEFACT_S3_BUCKET" echo "AWS_PROFILE=$AWS_PROFILE" echo "AWS_REGION=$AWS_REGION" echo "ACCOUNT_ID=$ACCOUNT_ID" echo "Building cloudformation package" #1. Build SAM aws cloudformation package --template-file ${SOURCE_TEMPLATE} \ --s3-bucket ${ARTEFACT_S3_BUCKET} \ --output-template-file ${OUTPUT_TEMPLATE} \ --profile ${AWS_PROFILE} \ --region ${AWS_REGION} &> /dev/null docker_cfnpackage_status=$? if [ ! -f ${OUTPUT_TEMPLATE} ];then echo "Error while generating the stack template" echo "Error Stacktrace $docker_cfnpackage_status" exit 1 fi #2. Deploy the CloudFormation Stack to the configured AWS Account from the generated template echo "Deploying cloudformation package" #Read properties params=$(cat ./malware_detection_deployment_scripts/parameters.properties) aws cloudformation deploy --template-file ${OUTPUT_TEMPLATE} \ --capabilities CAPABILITY_IAM \ --stack-name ${STACK_NAME} \ --region ${AWS_REGION} \ --parameter-overrides ${params} docker_cfndeploy_status=$? if [ $docker_cfndeploy_status != 0 ];then echo "Error while deploying" echo "Error Stacktrace $docker_cfndeploy_status" exit 1 fi echo "describe cloudformation stacks" aws cloudformation describe-stacks --stack-name ${STACK_NAME} \ --query "Stacks[0].Outputs" --output table \ --region ${AWS_REGION} docker_cfndescribe_status=$? if [ $docker_cfndescribe_status != 0 ];then echo "Describing cloudformation stacks" echo "Error Stacktrace $docker_cfndescribe_status" exit 1 fi #3. Build Malware Detection Image and Push to ECR echo "Build Malware Detection Image and Push to ECR" aws sts get-caller-identity aws ecr get-login-password --region ${AWS_REGION} | docker login --username AWS --password-stdin ${ACCOUNT_ID}.dkr.ecr.${AWS_REGION}.amazonaws.com docker_ecrlogin_status=$? if [ $docker_ecrlogin_status != 0 ];then echo "Ecr login error" echo "Error Stacktrace $docker_ecrlogin_status" exit 1 fi docker build -t ${STACK_NAME} . docker_build_status=$? if [ $docker_build_status != 0 ];then echo "Build error" echo "Error Stacktrace $docker_build_status" exit 1 fi REPO_NAME=`aws cloudformation describe-stacks --stack-name malware --query "Stacks[0].Outputs[-1].OutputValue" --output text` docker tag ${STACK_NAME}:latest ${ACCOUNT_ID}.dkr.ecr.${AWS_REGION}.amazonaws.com/${REPO_NAME}:latest docker_tag_status=$? if [ $docker_tag_status != 0 ];then echo "Tagging error" echo "Error Stacktrace $docker_tag_status" exit 1 fi docker push ${ACCOUNT_ID}.dkr.ecr.${AWS_REGION}.amazonaws.com/${REPO_NAME}:latest docker_push_status=$? if [ $docker_push_status != 0 ];then echo "Image push error" echo "Error Stacktrace $docker_push_status" exit 1 fi