Initial commit

2019-12-31 16:09:39 +01:00
commit 4e7f244190
108 changed files with 17296 additions and 0 deletions
--- a/aws/scripts/deploy/deploy-stack.sh
+++ b/aws/scripts/deploy/deploy-stack.sh
@@ -0,0 +1,43 @@
+#!/bin/bash
+
+# Parse parameters
+while [[ "$#" -gt 0 ]]; do case $1 in
+  --template-file) TEMPLATE_FILE="$2"; shift;;
+  --stack-name) STACK_NAME="$2"; shift;;
+  --profile) PROFILE="$2"; shift;;
+  --capabilities) CAPABILITY_IAM="$2"; shift;;
+  --role-arn) ROLE_ARN="$2";shift;;
+  --session) SESSION="$2";shift;;
+  --region) REGION="$2";shift;;
+  *) echo "Unknown parameter passed: $1"; exit 1;;
+esac; shift; done
+
+# Verify parameters
+if [ -z "$TEMPLATE_FILE" ]; then echo "Template file is not set."; exit 1; fi;
+if [ -z "$STACK_NAME" ]; then echo "Template file is not set."; exit 1; fi;
+if [ -z "$PROFILE" ]; then echo "Profile is not set."; exit 1; fi;
+if [ -z "$ROLE_ARN" ]; then echo "Role ARN is not set."; exit 1; fi;
+if [ -z "$SESSION" ]; then echo "Role session is not set."; exit 1; fi;
+
+
+echo Validating stack "$STACK_NAME"
+aws cloudformation validate-template \
+    --template-body file://$TEMPLATE_FILE \
+    --profile $PROFILE
+
+ROLE_PROFILE=$STACK_NAME
+
+echo Assuming role
+bash "${BASH_SOURCE%/*}/../configure/create-role-profile.sh" \
+    --role-profile $ROLE_PROFILE --user-profile $PROFILE \
+    --role-arn $ROLE_ARN \
+    --session $SESSION \
+    --region $REGION
+
+echo Deploying stack "$TEMPLATE_FILE"
+aws cloudformation deploy \
+    --template-file $TEMPLATE_FILE \
+    --stack-name $STACK_NAME \
+    ${CAPABILITY_IAM:+ --capabilities $CAPABILITY_IAM} \
+    --no-fail-on-empty-changeset \
+    --profile $ROLE_PROFILE
--- a/aws/scripts/deploy/deploy-to-s3.sh
+++ b/aws/scripts/deploy/deploy-to-s3.sh
@@ -0,0 +1,47 @@
+#!/bin/bash
+
+# Parse parameters
+while [[ "$#" -gt 0 ]]; do case $1 in
+  --folder) FOLDER="$2"; shift;;
+  --web-stack-name) WEB_STACK_NAME="$2"; shift;;
+  --web-stack-s3-name-output-name) WEB_STACK_S3_NAME_OUTPUT_NAME="$2"; shift;;
+  --storage-class) STORAGE_CLASS="$2"; shift;;
+  --profile) PROFILE="$2"; shift;;
+  --role-arn) ROLE_ARN="$2";shift;;
+  --session) SESSION="$2";shift;;
+  --region) REGION="$2";shift;;
+  *) echo "Unknown parameter passed: $1"; exit 1;;
+esac; shift; done
+
+# Verify parameters
+if [ -z "$FOLDER" ]; then echo "Folder is not set."; exit 1; fi;
+if [ -z "$PROFILE" ]; then echo "Profile is not set."; exit 1; fi;
+if [ -z "$ROLE_ARN" ]; then echo "Role ARN is not set."; exit 1; fi;
+if [ -z "$SESSION" ]; then echo "Role session is not set."; exit 1; fi;
+if [ -z "$WEB_STACK_NAME" ]; then echo "Web stack name is not set."; exit 1; fi;
+if [ -z "$WEB_STACK_S3_NAME_OUTPUT_NAME" ]; then echo "S3 name output name is not set."; exit 1; fi;
+if [ -z "$STORAGE_CLASS" ]; then echo "S3 object storage class is not set."; exit 1; fi;
+
+echo Assuming role
+ROLE_PROFILE=deploy-s3
+bash "${BASH_SOURCE%/*}/../configure/create-role-profile.sh" \
+    --role-profile $ROLE_PROFILE --user-profile $PROFILE \
+    --role-arn $ROLE_ARN \
+    --session $SESSION \
+    --region $REGION
+
+echo Getting S3 bucket name from stack "$WEB_STACK_NAME" with output "$WEB_STACK_S3_NAME_OUTPUT_NAME"
+S3_BUCKET_NAME=$(aws cloudformation describe-stacks \
+            --stack-name $WEB_STACK_NAME \
+            --query "Stacks[0].Outputs[?OutputKey=='$WEB_STACK_S3_NAME_OUTPUT_NAME'].OutputValue" \
+            --output text \
+            --profile $ROLE_PROFILE)
+if [ -z "$S3_BUCKET_NAME" ]; then echo "Could not read S3 bucket name"; exit 1; fi;
+echo ::add-mask::$S3_BUCKET_NAME # Just being extra cautious
+
+echo Syncing folder to S3
+
+aws s3 sync $FOLDER s3://$S3_BUCKET_NAME \
+    --storage-class $STORAGE_CLASS  \
+    --no-progress --follow-symlinks --delete \
+    --profile $ROLE_PROFILE
--- a/aws/scripts/deploy/invalidate-cloudfront-cache.sh
+++ b/aws/scripts/deploy/invalidate-cloudfront-cache.sh
@@ -0,0 +1,45 @@
+#!/bin/bash
+
+# Parse parameters
+while [[ "$#" -gt 0 ]]; do case $1 in
+  --paths) PATHS="$2"; shift;;
+  --web-stack-name) WEB_STACK_NAME="$2"; shift;;
+  --web-stack-cloudfront-arn-output-name) WEB_STACK_CLOUDFRONT_ARN_OUTPUT_NAME="$2"; shift;;
+  --profile) PROFILE="$2"; shift;;
+  --role-arn) ROLE_ARN="$2";shift;;
+  --session) SESSION="$2";shift;;
+  --region) REGION="$2";shift;;
+  *) echo "Unknown parameter passed: $1"; exit 1;;
+esac; shift; done
+
+# Verify parameters
+if [ -z "$PATHS" ]; then echo "Paths is not set."; exit 1; fi;
+if [ -z "$PROFILE" ]; then echo "Profile is not set."; exit 1; fi;
+if [ -z "$ROLE_ARN" ]; then echo "Role ARN is not set."; exit 1; fi;
+if [ -z "$SESSION" ]; then echo "Role session is not set."; exit 1; fi;
+if [ -z "$WEB_STACK_NAME" ]; then echo "Web stack name is not set."; exit 1; fi;
+if [ -z "$WEB_STACK_CLOUDFRONT_ARN_OUTPUT_NAME" ]; then echo "CloudFront ARN output name is not set."; exit 1; fi;
+
+
+echo Assuming role
+ROLE_PROFILE=invalidate-cloudfront
+bash "${BASH_SOURCE%/*}/../configure/create-role-profile.sh" \
+    --role-profile $ROLE_PROFILE --user-profile $PROFILE \
+    --role-arn $ROLE_ARN \
+    --session $SESSION \
+    --region $REGION
+
+echo Getting CloudFront ARN from stack "$WEB_STACK_NAME" with output "$WEB_STACK_CLOUDFRONT_ARN_OUTPUT_NAME"
+CLOUDFRONT_ARN=$(aws cloudformation describe-stacks \
+            --stack-name $WEB_STACK_NAME \
+            --query "Stacks[0].Outputs[?OutputKey=='$WEB_STACK_CLOUDFRONT_ARN_OUTPUT_NAME'].OutputValue" \
+            --output text \
+            --profile $ROLE_PROFILE)
+if [ -z "$CLOUDFRONT_ARN" ]; then echo "Could not read CloudFront ARN"; exit 1; fi;
+echo :add-mask::$CLOUDFRONT_ARN
+
+echo Syncing folder to S3
+aws cloudfront create-invalidation \
+    --paths $PATHS \
+    --distribution-id $CLOUDFRONT_ARN \
+    --profile $ROLE_PROFILE