WebSVN – DevTools – Blame – /dpkg_management/trunk/src/sbin/savePkgToS3.sh

Rev	Author	Line No.	Line
4542	dpurdie	1	`#!/bin/bash`
		2	`# This script will quarantine a package-vesrion into S3 storage`
		3	`# The target bucket is: auawsaddp001`
		4	`#`
		5	`# The package vesrion will be tar-zipped`
		6	`# without the dpkg_archive prefix`
		7	`#`
		8	`# The resulatant tar-zip will be transferred to S3`
		9	`#`
		10	`# Reduced redundancy is used`
		11	`#`
		12	`# Credentials: s3_dpkg user`
		13	`#`
		14	`# Usage: ./savePkg /PathTo/pkgName/pkgVersion`
		15	`#`
		16	`function doHelp {`
		17	`cat <<endOfHelp`
		18	`Command: savePkgToS3`
		19
		20	`This program will tar-zip a dpkg_archive Package/Version and store it`
		21	`into an Amazon S3 bucket in a subdirectory called 'Quarantine'`
		22
		23	`Options`
		24	`-h, --help - Display this message`
		25	`-v, --verbose - Increase verbosity`
		26	`-b, --bucket=name - Specifies the name of the target bucket`
		27	`-p, --path=PVPath - Specifies the path to the Package-Version to save`
		28	`-k, --key=keyVar - Name of the EnvVar that conains the AWS key`
		29	`Default is AWSKEY`
		30	`-s, --secret=secretVar - Name of the EnvVar that conains the AWS secret`
		31	`Default is AWSSECRET`
		32	`endOfHelp`
		33	`}`
		34
		35	`#`
		36	`# Init defaults`
		37	`#`
		38	`ProgName=savePkgtoS3`
		39	`awsKeyVar=AWSKEY`
		40	`awsSecretVar=AWSSECRET`
		41	`verbose=0`
		42
		43	# Note that we use `"$@"' to let each command-line parameter expand to a
		44	# separate word. The quotes around `$@' are essential!
		45	# We need TEMP as the `eval set --' would nuke the return value of getopt.
		46	`TEMP=$( getopt -n ${ProgName} -o vhb:p:k:s: --long verbose,help,bucket:,path:,key:,secret: -- "$@" )`
		47
		48	`if [ $? != 0 ] ; then echo "Terminating..." >&2 ; exit 1 ; fi`
		49
		50	# Note the quotes around `$TEMP': they are essential!
		51	`eval set -- "$TEMP"`
		52
		53	`while true ; do`
		54	`case "$1" in`
		55	`-h\|--help) doHelp; exit 0;;`
		56	`-v\|--verbose) let verbose++; shift 1;;`
		57	`-b\|--bucket) bucket="$2" ; shift 2 ;;`
		58	`-p\|--path) dpkgPath="$2" ; shift 2 ;;`
		59	`-k\|--key) awsKeyVar="$2" ; shift 2 ;;`
		60	`-s\|--secret) awsSecretVar="$2" ; shift 2 ;;`
		61	`--) shift ; break ;;`
		62	`*) echo "Internal error!" ; exit 1 ;;`
		63	`esac`
		64	`done`
		65
		66	`if [ $verbose -gt 1 ] ; then`
		67	`echo bucket :$bucket`
		68	`echo dpkgPath :$dpkgPath`
		69	`echo awsKeyVar :$awsKeyVar`
		70	`echo awsSecretVar:$awsSecretVar`
		71
		72	`echo "Remaining arguments:"`
		73	for arg do echo '--> '"\`$arg'" ; done
		74	`fi`
		75
		76	`: ${bucket:?No Bucket Specified}`
		77	`: ${dpkgPath:?No Package Version Path}`
		78	`: ${awsKeyVar:?No AWS Key specified}`
		79	`: ${awsSecretVar:?No AWS Secret specified}`
		80
		81	`#`
		82	`# The KEY and the Secret are passed via EnvVars`
		83	`# The name of the vars are passed on the command line`
		84	`#`
		85	`aws_access_key_id=${!awsKeyVar}`
		86	`aws_secret_access_key=${!awsSecretVar}`
		87
		88	`: ${aws_access_key_id:?No AWS Key found}`
		89	`: ${aws_secret_access_key:?No AWS Secret found}`
		90
		91	`if [ $verbose -gt 1 ] ; then`
		92	`echo aws_access_key_id:$aws_access_key_id`
		93	`echo aws_secret_access_key:$aws_secret_access_key`
		94	`fi`
		95
		96	`#`
		97	`# Determine`
		98	`# dpkgPath - Cleanup the user arg`
		99	`# pkgBase - Base of the package`
		100	`# pkgName - Package Name`
		101	`# pkgVer - Package Version`
		102	`#`
		103
		104	`dpkgPath=${dpkgPath%/}`
		105
		106	`pkgBase=${dpkgPath%/*}`
		107	`pkgBase=${pkgBase%/*}`
		108
		109	`pkgVer=${dpkgPath##*/}`
		110
		111	`pkgName=${dpkgPath%/*}`
		112	`pkgName=${pkgName##*/}`
		113
		114	`if [ $verbose -gt 1 ] ; then`
		115	`echo pkgBase:$pkgBase`
		116	`echo pkgName:pkgName`
		117	`echo pkgVer:$pkgVer`
		118	`fi`
		119
		120	`if [ ! -d $dpkgPath ] ; then`
		121	`echo "Error: PVPath does not address a directory"`
		122	`exit 1`
		123	`fi`
		124
		125	`#`
		126	`# Create the output file name`
		127	`# Format: Quarantined/PkgName_PkgVersion.tgz`
		128
		129	`file="Quarantined/${pkgName}_${pkgVer}.tgz"`
		130
		131	`# Basic transfer requirements`
		132	`resource="/${bucket}/${file}"`
		133	`contentType="application/x-compressed-tar"`
		134
		135	`# Added bits`
		136	`acl="authenticated-read"`
		137	`metaData="Quarantined Package"`
		138	`storageType="REDUCED_REDUNDANCY"`
		139
		140
		141	`# Calculate the signature.`
		142	`dateValue=$(date -R)`
		143	`stringToSign="PUT\n\n${contentType}\n${dateValue}\nx-amz-acl:${acl}\nx-amz-meta-reason:${metaData}\nx-amz-storage-class:${storageType}\n${resource}"`
		144	`signature=$(`
		145	`echo -en "${stringToSign}" \|`
		146	`openssl sha1 -hmac "${aws_secret_access_key}" -binary \|`
		147	`base64`
		148	`)`
		149
		150	`#echo dateValue: ${dateValue}`
		151	`#echo stringToSign: ${stringToSign}`
		152	`#echo signature: ${signature}`
		153	`#exit 1`
		154
		155	`# PUT!`
		156	`if [ 1 ] ; then`
5810	dpurdie	157	`tmpTar=$( mktemp )`
		158	`[ $verbose -gt 0 ] && set -x`
		159	`[ $verbose -gt 0 ] && echo "Compress $pkgName/$pkgVer to file $tmpTar"`
		160	`tar -czf $tmpTar -C "$pkgBase" "$pkgName/$pkgVer"`
		161
		162	`[ $verbose -gt 0 ] && echo "Transfer $pkgName/$pkgVer to bucket $bucket"`
		163	`curlVerbose=-s`
		164	`[ $verbose -gt 0 ] && curlVerbose=--verbose`
		165
		166	`curl $curlVerbose \`
4542	dpurdie	167	`-X PUT \`
5810	dpurdie	168	`-T $tmpTar \`
4542	dpurdie	169	`--insecure \`
		170	`-H "Host: ${bucket}.s3.amazonaws.com" \`
		171	`-H "Date: ${dateValue}" \`
		172	`-H "Content-Type: ${contentType}" \`
		173	`-H "Authorization: AWS ${aws_access_key_id}:${signature}" \`
		174	`-H "x-amz-acl: ${acl}" \`
		175	`-H "x-amz-meta-reason: ${metaData}" \`
		176	`-H "x-amz-storage-class: ${storageType}" \`
		177	`"https://${bucket}.s3.amazonaws.com/${file}"`
5810	dpurdie	178	`set +x`
4542	dpurdie	179	`fi`
4648	dpurdie	180	`[ $verbose -gt 0 ] && echo "Transfer complete"`
5810	dpurdie	181	`rm -rf $tmpTar`
4542	dpurdie	182
		183	`#############################################################`
		184	`# Fetch file info, just to be sure that the file got there`
		185	`# Get data about the file`
		186	`#`
4648	dpurdie	187	`# Have seen that some files (large) do not appear immediately`
		188	`# Solution: Try a few times`
		189	`#`
4542	dpurdie	190	`# Calculate the HEAD signature.`
		191	`# Note the need for a triple \n`
		192	`# Is that because there is no contentType ?`
		193	`#`
5811	dpurdie	194	`dateValue=$(date -R)`
4542	dpurdie	195	`stringToSign="HEAD\n\n\n${dateValue}\n${resource}"`
		196	`signature=$(`
		197	`echo -en "${stringToSign}" \|`
		198	`openssl sha1 -hmac "${aws_secret_access_key}" -binary \|`
		199	`base64`
		200	`)`
		201
		202	`#set -x`
4648	dpurdie	203	`fileTest=0`
		204	`for ii in $( seq 1 10 ); do`
		205	`[ $verbose -gt 0 ] && echo "Testing file presence ($ii): ${file}"`
		206	`results=$(curl -I -X HEAD \`
5812	dpurdie	207	`-s \`
4648	dpurdie	208	`--insecure \`
		209	`-H "Host: ${bucket}.s3.amazonaws.com" \`
		210	`-H "Date: ${dateValue}" \`
		211	`-H "Authorization: AWS ${aws_access_key_id}:${signature}" \`
		212	`"https://${bucket}.s3.amazonaws.com/${file}" \`
		213	`)`
5811	dpurdie	214	`[ $verbose -gt 0 ] && echo "Testing file results: ${results}"`
4648	dpurdie	215	`if [[ "$results" =~ "HTTP/1.1 200 OK" ]]; then`
		216	`fileTest=1`
		217	`break`
		218	`fi`
		219	`echo "Test Fail: ${file}. Attempt: ${ii}"`
		220	`[ $verbose -gt 0 ] && echo "Test Failure. Wait and try again"`
		221	`sleep 5`
		222	`done`
4542	dpurdie	223
4648	dpurdie	224	`# Display results`
		225	`if [ $fileTest -gt 0 ]; then`
4542	dpurdie	226	`if [ $verbose -gt 0 ] ; then`
		227	`echo "${ProgName}: Transferred:$pkgName/$pkgVer"`
		228	`fi`
		229	`exit 0`
		230	`else`
		231	`echo "${ProgName}: Error cannot access $pkgName/$pkgVer in S3 bucket ${bucket}"`
		232	`exit 1`
		233	`fi`
5810	dpurdie	234
4542	dpurdie	235
		236
		237

Subversion Repositories DevTools

(root)/dpkg_management/trunk/src/sbin/savePkgToS3.sh – Rev 5812