diff --git a/stdlib/aws/elb/elb.cue b/stdlib/aws/elb/elb.cue index b1bda016..37b612ab 100644 --- a/stdlib/aws/elb/elb.cue +++ b/stdlib/aws/elb/elb.cue @@ -1,6 +1,7 @@ package elb import ( + "dagger.io/dagger/op" "dagger.io/aws" ) @@ -36,36 +37,36 @@ import ( "-eo", "pipefail", #""" - if [ -s "$VHOST" ]; then - # We passed a vhost as input, try to recycle priority from previously allocated vhost - priority=$(aws elbv2 describe-rules \ - --listener-arn "$LISTENER_ARN" | \ - jq -r --arg vhost "$VHOST" '.Rules[] | select(.Conditions[].HostHeaderConfig.Values[] == $VHOST) | .Priority') + if [ -s "$VHOST" ]; then + # We passed a vhost as input, try to recycle priority from previously allocated vhost + priority=$(aws elbv2 describe-rules \ + --listener-arn "$LISTENER_ARN" | \ + jq -r --arg vhost "$VHOST" '.Rules[] | select(.Conditions[].HostHeaderConfig.Values[] == $VHOST) | .Priority') + + if [ -n "${priority}" ]; then + echo -n "${priority}" > /priority + exit 0 + fi + fi - if [ -n "${priority}" ]; then - echo -n "${priority}" > /priority - exit 0 - fi - fi - - # Grab a priority random from 1-50k and check if available, retry 10 times if none available - priority=0 - for i in {1..10} - do - p=$(shuf -i 1-50000 -n 1) - # Find the next priority available that we can allocate - aws elbv2 describe-rules \ - --listener-arn "$LISTENER_ARN" \ - | jq -e "select(.Rules[].Priority == \"${p}\") | true" && continue - priority="${p}" - break - done - if [ "${priority}" -lt 1 ]; then - echo "Error: cannot determine a Rule priority" - exit 1 - fi - echo -n "${priority}" > /priority - """#, + # Grab a priority random from 1-50k and check if available, retry 10 times if none available + priority=0 + for i in {1..10} + do + p=$(shuf -i 1-50000 -n 1) + # Find the next priority available that we can allocate + aws elbv2 describe-rules \ + --listener-arn "$LISTENER_ARN" \ + | jq -e "select(.Rules[].Priority == \"${p}\") | true" && continue + priority="${p}" + break + done + if [ "${priority}" -lt 1 ]; then + echo "Error: cannot determine a Rule priority" + exit 1 + fi + echo -n "${priority}" > /priority + """#, ] env: { LISTENER_ARN: listenerArn diff --git a/stdlib/aws/rds/rds.cue b/stdlib/aws/rds/rds.cue index 089d214e..d8fde56f 100644 --- a/stdlib/aws/rds/rds.cue +++ b/stdlib/aws/rds/rds.cue @@ -1,8 +1,8 @@ package rds import ( + "dagger.io/dagger/op" "encoding/json" - "dagger.io/dagger" "dagger.io/aws" ) @@ -41,27 +41,27 @@ import ( "-eo", "pipefail", #""" - echo "dbType: $DB_TYPE" - - sql="CREATE DATABASE \`"$NAME" \`" - if [ "$DB_TYPE" = postgres ]; then - sql="CREATE DATABASE \""$NAME"\"" - fi - - echo "$NAME" >> /db_created - - aws rds-data execute-statement \ - --resource-arn "$DB_ARN" \ - --secret-arn "$SECRET_ARN" \ - --sql "$sql" \ - --database "$DB_TYPE" \ - --no-include-result-metadata \ - |& tee /tmp/out - exit_code=${PIPESTATUS[0]} - if [ $exit_code -ne 0 ]; then - grep -q "database exists\|already exists" /tmp/out || exit $exit_code - fi - """#, + echo "dbType: $DB_TYPE" + + sql="CREATE DATABASE \`"$NAME" \`" + if [ "$DB_TYPE" = postgres ]; then + sql="CREATE DATABASE \""$NAME"\"" + fi + + echo "$NAME" >> /db_created + + aws rds-data execute-statement \ + --resource-arn "$DB_ARN" \ + --secret-arn "$SECRET_ARN" \ + --sql "$sql" \ + --database "$DB_TYPE" \ + --no-include-result-metadata \ + |& tee /tmp/out + exit_code=${PIPESTATUS[0]} + if [ $exit_code -ne 0 ]; then + grep -q "database exists\|already exists" /tmp/out || exit $exit_code + fi + """#, ] env: { NAME: name @@ -84,10 +84,10 @@ import ( config: aws.#Config // Username - username: dagger.#Secret @dagger(input) + username: string @dagger(input) // Password - password: dagger.#Secret @dagger(input) + password: string @dagger(input) // ARN of the database instance dbArn: string @dagger(input) @@ -119,60 +119,60 @@ import ( "-eo", "pipefail", #""" - echo "dbType: $DB_TYPE" - - sql="CREATE USER '"$USERNAME"'@'%' IDENTIFIED BY '"$PASSWORD"'" - if [ "$DB_TYPE" = postgres ]; then - sql="CREATE USER \""$USERNAME"\" WITH PASSWORD '"$PASSWORD"'" - fi - - echo "$USERNAME" >> /username - - aws rds-data execute-statement \ - --resource-arn "$DB_ARN" \ - --secret-arn "$SECRET_ARN" \ - --sql "$sql" \ - --database "$DB_TYPE" \ - --no-include-result-metadata \ - |& tee tmp/out - exit_code=${PIPESTATUS[0]} - if [ $exit_code -ne 0 ]; then - grep -q "Operation CREATE USER failed for\|ERROR" tmp/out || exit $exit_code - fi - - sql="SET PASSWORD FOR '"$USERNAME"'@'%' = PASSWORD('"$PASSWORD"')" - if [ "$DB_TYPE" = postgres ]; then - sql="ALTER ROLE \""$USERNAME"\" WITH PASSWORD '"$PASSWORD"'" - fi - - aws rds-data execute-statement \ - --resource-arn "$DB_ARN" \ - --secret-arn "$SECRET_ARN" \ - --sql "$sql" \ - --database "$DB_TYPE" \ - --no-include-result-metadata - - sql="GRANT ALL ON \`"$GRAND_DATABASE"\`.* to '"$USERNAME"'@'%'" - if [ "$DB_TYPE" = postgres ]; then - sql="GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO \""$USERNAME"\"; GRANT ALL PRIVILEGES ON DATABASE \""$GRAND_DATABASE"\" to \""$USERNAME"\"; GRANT ALL PRIVILEGES ON ALL SEQUENCES IN SCHEMA public TO \""$USERNAME"\"; ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL PRIVILEGES ON TABLES TO \""$USERNAME"\"; ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL PRIVILEGES ON SEQUENCES TO \""$USERNAME"\"; GRANT USAGE ON SCHEMA public TO \""$USERNAME"\";" - fi - - if [ -s "$GRAND_DATABASE ]; then - aws rds-data execute-statement \ - --resource-arn "$DB_ARN" \ - --secret-arn "$SECRET_ARN" \ - --sql "$sql" \ - --database "$DB_TYPE" \ - --no-include-result-metadata - fi - """#, + echo "dbType: $DB_TYPE" + + sql="CREATE USER '"$USERNAME"'@'%' IDENTIFIED BY '"$PASSWORD"'" + if [ "$DB_TYPE" = postgres ]; then + sql="CREATE USER \""$USERNAME"\" WITH PASSWORD '"$PASSWORD"'" + fi + + echo "$USERNAME" >> /username + + aws rds-data execute-statement \ + --resource-arn "$DB_ARN" \ + --secret-arn "$SECRET_ARN" \ + --sql "$sql" \ + --database "$DB_TYPE" \ + --no-include-result-metadata \ + |& tee tmp/out + exit_code=${PIPESTATUS[0]} + if [ $exit_code -ne 0 ]; then + grep -q "Operation CREATE USER failed for\|ERROR" tmp/out || exit $exit_code + fi + + sql="SET PASSWORD FOR '"$USERNAME"'@'%' = PASSWORD('"$PASSWORD"')" + if [ "$DB_TYPE" = postgres ]; then + sql="ALTER ROLE \""$USERNAME"\" WITH PASSWORD '"$PASSWORD"'" + fi + + aws rds-data execute-statement \ + --resource-arn "$DB_ARN" \ + --secret-arn "$SECRET_ARN" \ + --sql "$sql" \ + --database "$DB_TYPE" \ + --no-include-result-metadata + + sql="GRANT ALL ON \`"$GRAND_DATABASE"\`.* to '"$USERNAME"'@'%'" + if [ "$DB_TYPE" = postgres ]; then + sql="GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO \""$USERNAME"\"; GRANT ALL PRIVILEGES ON DATABASE \""$GRAND_DATABASE"\" to \""$USERNAME"\"; GRANT ALL PRIVILEGES ON ALL SEQUENCES IN SCHEMA public TO \""$USERNAME"\"; ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL PRIVILEGES ON TABLES TO \""$USERNAME"\"; ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL PRIVILEGES ON SEQUENCES TO \""$USERNAME"\"; GRANT USAGE ON SCHEMA public TO \""$USERNAME"\";" + fi + + if [ -s "$GRAND_DATABASE ]; then + aws rds-data execute-statement \ + --resource-arn "$DB_ARN" \ + --secret-arn "$SECRET_ARN" \ + --sql "$sql" \ + --database "$DB_TYPE" \ + --no-include-result-metadata + fi + """#, ] env: { - USERNAME: unsername + USERNAME: username PASSWORD: password DB_ARN: dbArn SECRET_ARN: secretArn - GRAND_DATABASE: grandDatabase + GRAND_DATABASE: grantDatabase DB_TYPE: dbType } }, @@ -222,11 +222,11 @@ import ( "-eo", "pipefail", #""" - data=$(aws rds describe-db-clusters --filters "Name=db-cluster-id,Values=$DB_URN" ) - echo "$data" | jq -r '.DBClusters[].Endpoint' > /tmp/out - echo "$data" | jq -r '.DBClusters[].Port' >> /tmp/out - cat /tmp/out | jq -sR 'split("\n") | {hostname: .[0], port: (.[1] | tonumber)}' > /out - """#, + data=$(aws rds describe-db-clusters --filters "Name=db-cluster-id,Values=$DB_URN" ) + echo "$data" | jq -r '.DBClusters[].Endpoint' > /tmp/out + echo "$data" | jq -r '.DBClusters[].Port' >> /tmp/out + cat /tmp/out | jq -sR 'split("\n") | {hostname: .[0], port: (.[1] | tonumber)}' > /out + """#, ] env: DB_ARN: dbArn },