forked from pingidentity/pingidentity-devops-getting-started
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathbash_profile_devops
577 lines (488 loc) · 19.2 KB
/
bash_profile_devops
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
echo "WARNING: bash_profile_devops has been deprecated.
################################################################################
# Ping Identity DevOps
#
# This bash_profile_devops alias file has been deprecated in lieu of the
# new 'bash_profile.ping-devops' alias file provided by the 'ping-devops' tool.
#
# INSTALLING ping-devops (and bash_profile.ping-devops)
# On Mac OSX (or Linux using brew)
# brew tap pingidentity/devops
# brew install ping-devops
#
# On Linux
# curl -sL https://bit.ly/ping-devops-install | bash
#
# CONFIG/SETUP
# 1. Remove source of 'bash_profile_devops' file from .bash_profile
# 2. ping-devops config
################################################################################
"
##############################################################################
# Aliases of commonly used docker commands and those related to the
# Ping Identity DevOps Program.
#
# Recommend that you source this file from your ~/.bash_profile or ~/.bashrc
# Just add following line without the preceeding comment
#
# . {path to this directory}/bash_profile_devops
#
##############################################################################
bold=$(tput bold)
normal=$(tput sgr0)
function pdo()
{
run cd ${PING_IDENTITY_DEVOPS_HOME}/$*
}
alias pdog="pdo pingidentity-devops-getting-started"
alias pdob="pdo pingidentity-docker-builds"
alias pdos="pdo pingidentity-server-profiles"
## dhelp
function dhelp ()
{
cat <<EOHELP
+----------------------------------------------------------------------------+
| ${bold}Ping Identity Docker Helper Aliases${normal} |
+----------------------------------------------------------------------------+
${bold}DevOps Information${normal}
-------------------------------------
denv - get devops details
${bold}Container${normal} ${bold}Image${normal}
------------------------------------- ----------------------------------
dce - execute commands (i.e. /bin/sh) dib - build
dci - inspect dii - inspect
dcl - list dil - list
dcr - remove forcefully dir - remove forcefully
dcp - prune dip - prune
dct - run top dit - tag
dcstop - stop diw - remove pingidentity images
dcstart - start
dck - stop
dlogs - tail logs
dsa - docker stop all
dra - docker remove all
${bold}Volume${normal} ${bold}Network${normal} ${bold}Service${normal}
------------------------ ------------------------ ------------------------
dvc - create dnc - create dsl - list
dvi - inspect dni - inspect dss - scale
dvl - list dnl - list dsr - remove
dvp - prune dnp - prune
dvr - remove dnr - remove
${bold}Docker Compose${normal}
------------------------
dpu - up (detached)
dpd - down
dpp - ps
dpl - logs (w/ -f)
${bold}Special${normal}
----------------------------------------------------------------------------
ddc - deep clean (cont, vol, net)
pingdownload - download product or license to ~/Downloads
pdog - cd to 'pingidentity-devops-getting-started' directory
pdob - cd to 'pingidentity-docker-builds' directory
pdos - cd to 'pingidentity-server-profiles' directory
----------------------------------------------------------------------------
EOHELP
}
## denv
function denv ()
{
sourcePingIdentityFiles
cat <<EOP1ENV
+-----------------------------------------------------------------------------------------+
| ${bold}Ping Identity DevOps Information${normal}
| ${bold}Sourced from ~/.pingidentity/devops${normal}
+-----------------------------------------------------------------------------------------+
| PING_IDENTITY_DEVOPS_USER: ${PING_IDENTITY_DEVOPS_USER}
| PING_IDENTITY_DEVOPS_KEY : ${PING_IDENTITY_DEVOPS_KEY}
|
| PING_IDENTITY_DEVOPS_HOME: ${PING_IDENTITY_DEVOPS_HOME}
| PING_IDENTITY_DEVOPS_TAG : ${PING_IDENTITY_DEVOPS_TAG}
+-----------------------------------------------------------------------------------------+
To update, run Ping Identity DevOps Setup
(found in your the pingidentity-devops-getting-started git repo)/setup
To use with 'docker run command'
docker run
...
--env-file ~/.pingidentity/devops
...
To use with '.yaml' file (use snippet below)
pingdirectory:
env_file:
- $HOME/.pingidentity/devops
+-----------------------------------------------------------------------------------------+
EOP1ENV
}
function run ()
{
#date
echo "Alias Expansion: ${bold}$*${normal}"
#time $*
$*
}
# PingDownload alias
alias pingdownload="docker run --rm -v ~/Downloads:/tmp pingidentity/pingdownloader"
# Docker
alias dps="run docker ps"
# Stop all running containers
dsa()
{
echo "Running command to: ${bold}Stop all running containers${normal}";
c=$(docker container ls -a -q)
if ! test -z $c ; then
docker container stop $(docker container ls -a -q)
else
echo "No containers found to stop"
fi
}
# Remove all stopped containers
dra()
{
echo "Running command to: ${bold}Remove all stopped containers${normal}";
c=$(docker container ls -a -q)
if ! test -z $c ; then
docker container rm $(docker container ls -a -q)
else
echo "No containers found to remove"
fi
}
alias dce="run docker container exec -it"
alias dci="run docker container inspect"
alias dcl="run docker container ls -a"
alias dcr="run docker container rm -f"
alias dcp="run docker container prune -f"
alias dcstop="run docker container stop"
alias dct="run docker container top"
alias dck="dcstop"
alias dcstart="run docker container start"
alias dlogs="run docker logs -f"
## image
alias dib="run docker image build"
alias dii="run docker image inspect"
alias dil="run docker images"
alias dir="run docker image rm -f"
alias dip="run docker image prune -f"
alias dit="run docker image tag"
# Remove all Ping Identity docker images
diw()
{
echo "Running command to: ${bold}Remove all Ping Identity Docker images${normal}";
dip;
i=$(docker images 'pingidentity/*' -q|sort|uniq);
if [ ! -z "${i}" ]; then
run docker image rm -f $(docker image ls "pingidentity/*");
else
echo "***No Ping Identity images present to remove***"
fi
}
# Remove all docker images
din()
{
echo "Running command to: ${bold}Remove all Docker images${normal}";
dip;
i=$( docker images --format '{{.ID}}' )
if [ ! -z "${i}" ]; then
run docker image rm ${i};
else
echo "***No images present to remove***"
fi
}
## volume
alias dvc="run docker volume create"
alias dvi="run docker volume inspect"
alias dvl="run docker volume ls"
alias dvp="run docker volume prune -f"
alias dvr="run docker volume rm"
## network
alias dnc="run docker network create"
alias dni="run docker network inspect"
alias dnl="run docker network ls"
alias dnp="run docker network prune -f"
alias dnr="run docker network rm"
## service
alias dsl="run docker service ls"
alias dss="run docker service scale"
alias dsr="run docker service rm"
## docker-compose
alias dpu="run docker-compose up -d"
alias dpd="run docker-compose down"
alias dpp="run docker-compose ps"
alias dpl="run docker-compose logs -f"
## logs
alias dlf="run docker logs -f"
## deep clean
alias ddc="dcp ; dvp ; dip; dnp"
## kenv
function kenv ()
{
sourcePingIdentityFiles
cat <<EOP1ENV
+-----------------------------------------------------------------------------------------+
| ${bold}Ping Identity DevOps Kubernetes Information${normal}
| ${bold}Sourced from ~/.pingidentity/devops${normal}
+-----------------------------------------------------------------------------------------+
| PING_IDENTITY_DEVOPS_USER: ${PING_IDENTITY_DEVOPS_USER}
| PING_IDENTITY_DEVOPS_KEY : ${PING_IDENTITY_DEVOPS_KEY}
+-----------------------------------------------------------------------------------------+
To use with a Kubernetes Secret devops-secret
k create secret generic devops-secret \\
--from-literal=PING_IDENTITY_DEVOPS_USER=${PING_IDENTITY_DEVOPS_USER} \\
--from-literal=PING_IDENTITY_DEVOPS_KEY=${PING_IDENTITY_DEVOPS_KEY}
+-----------------------------------------------------------------------------------------+
+-----------------------------------------------------------------------------------------+
| ${bold}Ping Identity AWS EKS Information${normal}
| ${bold}Sourced from ~/.pingidentity/aws-eks${normal}
+-----------------------------------------------------------------------------------------+
| PING_IDENTITY_AWS_IAM_USER : ${PING_IDENTITY_AWS_IAM_USER}
| PING_IDENTITY_AWS_REGION : ${PING_IDENTITY_AWS_REGION}
| PING_IDENTITY_K8S_CLUSTER_NAME : ${PING_IDENTITY_K8S_CLUSTER_NAME}
| PING_IDENTITY_K8S_CLUSTER_DOMAIN : ${PING_IDENTITY_K8S_CLUSTER_DOMAIN}
| PING_IDENTITY_K8S_NAMESPACE : ${PING_IDENTITY_K8S_NAMESPACE}
+-----------------------------------------------------------------------------------------+
+-----------------------------------------------------------------------------------------+
| ${bold}Current Kubernetes Context/Namespace${normal}
+-----------------------------------------------------------------------------------------+
| Current k8s Context : $(kubectl config current-context)
| Current k8s Namespace : $(kubectl config view --minify --output 'jsonpath={..namespace}')
+-----------------------------------------------------------------------------------------+
EOP1ENV
}
## khelp
function khelp ()
{
cat <<EOHELP
+----------------------------------------------------------------------------+
| ${bold}Ping Identity DevOps Kubernetes Aliases${normal} |
+----------------------------------------------------------------------------+
${bold}DevOps k8s Information${normal}
-------------------------------------
kenv - get kubernetes info
kubectx - get kubernetes context info
kubens - get kubernetes namespace info
${bold}General Info${normal}
-------------------------------------
kall - get k8s objects in namespace
kd, kdescribe - describe
${bold}Get${normal} ${bold}Describe${normal}
------------------------------------- ----------------------------------
kg, kget - get {type} kd, kdescribe - describe {type}
kgp - get pods kdp - describe pods
kgs - get services kds - describe services
kgi - get ingresses
kgn - get nodes kdn - describe nodes
${bold}Pods${normal} ${bold}Nodes${normal}
------------------------------------- ----------------------------------
kpe - execute commands (i.e. /bin/sh)
kpl - list knl - list
klogs - tail logs for a pod
${bold}Delete${normal}
-------------------------------------
knuke [option] - delete ${bold}all${normal} resources in a namespace, defaults to current namespace
${bold}Special${normal}
----------------------------------------------------------------------------
pingdownload - download product or license to ~/Downloads
----------------------------------------------------------------------------
EOHELP
}
#TODO: add:
# kdelpo - delete all pods in namespace
# kdelall [option]- delete all [option] (pods, deployments, services) in namespace
## kubernetes
function k () {
_kubeCTX=$(kubectl config current-context)
_kubeNS=$(kubectl config view --minify --output 'jsonpath={..namespace}')
echo "Alias Expansion: ${bold}kubectl $* -n ${_kubeNS}${normal}"
echo " k8s Context: ${bold}${_kubeCTX}${normal}"
echo " k8s Namespace: ${bold}${_kubeNS}${normal}"
echo "--------------------------------------"
kubectl $* -n ${_kubeNS}
}
## kubernetes general aliases
alias kall="k get all"
alias kget="k get"
alias kg="kget"
alias kgp="kg pods"
alias kgs="kg services"
alias kgi="kg ingresses"
alias kgn="kg nodes"
alias kdescribe="k describe"
alias kd="kdescribe"
alias kdp="kd pods"
alias kds="kd services"
alias kdn="kd nodes"
## kubernetes pod aliases
alias kpe="k exec -it"
alias kpl="k get pods"
alias klogs="k logs -f "
## kubernetes nodes aliases
alias knl="k get nodes"
function knuke() {
if ! test -z "${1}"; then
ns="${1}"
else
ns="$(kubectl get sa default -o jsonpath='{.metadata.namespace}')"
fi
echo "Are you sure you want to force-delete EVERYTHING in namespace: ${ns}. y/n"
read nuke
if test "${nuke}" = "y" || test "${nuke}" = "yes"; then
echo "${bold}deploy nuke${normal}";
kubectl delete pods,configmaps,secrets,jobs,cronjobs,statefulsets,deployments,persistentvolumeclaims,services,ingresses -n "$(kubectl get sa default -o jsonpath='{.metadata.namespace}')" --grace-period=0 --force --all
else
echo "crisis averted"
fi
}
function kdelpo() {
echo "Running command to: ${bold}Delete all pods${normal}";
kubectl delete pods --all --force --grace-period=0 -n "$(kubectl get sa default -o jsonpath='{.metadata.namespace}')"
}
function kdelall() {
echo "Running command to: ${bold}Delete all ${1}${normal}";
resource_types="pods|deployments|services|ingresses"
case "${1}" in
pods|deployments|services|ingresses)
kubectl delete ${1} --all --force --grace-period=0 -n "$(kubectl get sa default -o jsonpath='{.metadata.namespace}')"
;;
*)
echo "please pass a parameter: $resource_types"
;;
esac
}
##############################################################################
# Aliases of commonly used PingOne For Customer commands
##############################################################################
## p1help
function p1help ()
{
cat <<EOP1HELP
+----------------------------------------------------------------------------+
| ${bold}Ping One for Customer Helper Aliases${normal} |
+----------------------------------------------------------------------------+
${bold}Setup/Authentcation${normal}
-------------------------------------
p1env - get setup details
p1auth - get authentication token
${bold}Environment${normal} ${bold}Populations${normal}
------------------------------------- ----------------------------------
p1e - environment details p1p - population details
p1en - environment name p1pn - population name
p1pc - population user count
${bold}Users${normal} ${bold}Applications${normal}
------------------------------------- ----------------------------------
p1u - users details (first 100) p1a - aplication details
p1ui - users ids (first 100) p1an - aplication name
${bold}Generic Call${normal}
-------------------------------------
p14c - Generic Call (any URI after environments/env-guid)
Examples:
p14c /passwordPolicies # Get Password passwordPolicies
p14c /users?limit=5 # Get a page of 5 users
p14c /users | jq '._links.next.href' # Get the link for next page of users
EOP1HELP
}
## sourcePingIdentityFiles
function sourcePingIdentityFiles ()
{
test -f ~/.pingidentity/devops && \
. ~/.pingidentity/devops && \
export $(grep "^[A-Z]" ~/.pingidentity/devops | cut -d= -f1)
test -f ~/.pingidentity/aws-eks && \
. ~/.pingidentity/aws-eks && \
export $(grep "^[A-Z]" ~/.pingidentity/aws-eks | cut -d= -f1)
test -f ~/.pingidentity/p14c && \
. ~/.pingidentity/p14c && \
export $(grep "^[A-Z]" ~/.pingidentity/p14c | cut -d= -f1)
test -f ~/.pingidentity/p14c.access_token && \
. ~/.pingidentity/p14c.access_token && \
export $(grep "^[A-Z]" ~/.pingidentity/p14c.access_token | cut -d= -f1)
}
## p1env
function p1env ()
{
sourcePingIdentityFiles
cat <<EOP1ENV
+-----------------------------------------------------------------------------------------+
${bold}Ping One for Environment${normal}
${bold}Sourced from ~/.pingidentity/p14c.*${normal}
+-----------------------------------------------------------------------------------------+
Environment: ${PING_ONE_ENVIRONMENT_ID}
Population: ${PING_ONE_POPULATION_ID}
Application: ${PING_ONE_CLIENT_ID}
+-----------------------------------------------------------------------------------------+
Auth URL: ${PING_ONE_AUTH_URL}
API URL: ${PING_ONE_API_URL}
Auth Token: `grep "# Expires" ~/.pingidentity/p14c.access_token`
EOP1ENV
which pyjwt >/dev/null && pyjwt decode --no-verify ${PING_ONE_AUTH_TOKEN} | jq
echo "+-----------------------------------------------------------------------------------------+"
}
## _p14c
function _p14c()
{
_RESOURCE="$1"
_ATTR="$2"
_ID="$3"
sourcePingIdentityFiles
test -z "$PING_ONE_AUTH_TOKEN" && echo "No PingOne For Customer Auth Token found, please authenticate with 'p1auth'"
test -z "${_ATTR}" && _JQ_OPT="."
test ! -z "${_ATTR}" && _JQ_OPT="-r .${_ATTR}"
_URL="${PING_ONE_API_URL}"
case ${_RESOURCE} in
environments)
;;
populations)
_URL+="/populations/${PING_ONE_POPULATION_ID}"
;;
applications)
_URL+="/applications/${PING_ONE_CLIENT_ID}"
;;
users)
_URL+="/users"
;;
*)
_URL+="${_RESOURCE}"
;;
esac
test ! -z ${_ID} && _URL+="/${_ID}"
# echo "PingOne For Customer URL: ${bold}$_URL ${normal}"
curl -X GET -H "Authorization: Bearer $PING_ONE_AUTH_TOKEN" "${_URL}" \
2>/dev/null | jq $_JQ_OPT
}
function p1auth()
{
sourcePingIdentityFiles
_AUTH=$( curl -X POST $PING_ONE_AUTH_URL/as/token \
-H "Content-Type: application/x-www-form-urlencoded" \
-d "grant_type=client_credentials&client_id=${PING_ONE_CLIENT_ID}&client_secret=${PING_ONE_CLIENT_SECRET}" \
2> /dev/null )
_TOKEN=$( echo ${_AUTH} | jq -r '.access_token' )
_EXPIRES=$( echo ${_AUTH} | jq -r '.expires_in' )
echo "########################################################################
# Ping One Access Token
#
# Created: `date`
# Expires: `date -v+${_EXPIRES}S`
########################################################################
PING_ONE_AUTH_TOKEN=$_TOKEN" > ~/.pingidentity/p14c.access_token
. ~/.pingidentity/p14c.access_token
p1env
}
alias p1e="_p14c environments"
alias p1en="_p14c environments name"
alias p1p="_p14c populations"
alias p1pn="_p14c populations name"
alias p1pc="_p14c populations userCount"
alias p1a="_p14c applications"
alias p1an="_p14c applications name"
alias p1u="_p14c users"
alias p1ui="_p14c users _embedded.users[].id"
alias p14c="_p14c"
##############################################################################
# Aliases of commonly used PingIdentity For Customer commands
##############################################################################
get_value ()
{
# the following will preserve spaces in the printf
IFS="%%"
eval printf '%s' "\${${1}}"
unset IFS
}