diff --git a/ctctl b/ctctl index f31f69f..9445ca3 100755 --- a/ctctl +++ b/ctctl @@ -1,18 +1,18 @@ #!/usr/bin/env bash -trap ctctl_clean INT +trap ctctl_exit INT # Print current environnement ctctl_current_env(){ if [ -z "${CTCTL_DOMAIN}" ]; then echo "Unknown container domain" - kill -INT $$ + ctctl_exit fi echo "Cluster: ${CTCTL_DOMAIN}" if [ -z "${CTCTL_ENV}" ]; then echo "Unknown container environment" - kill -INT $$ + ctctl_exit fi echo "Namespace: ${CTCTL_ENV}" } @@ -54,7 +54,7 @@ ctctl_switch_env(){ if [ ! -e ~/.ctctl/${TARGET_DOM}/ctctl.conf ]; then echo "Env ${TARGET_DOM} doesn't exist" - kill -INT $$ + ctctl_exit fi # Clear any variable @@ -136,7 +136,7 @@ ctctl_check_nomad_token(){ ctctl_auth_env(){ if [ -z "${CTCTL_DOMAIN}" ]; then echo "Unknown environment" - kill -INT $$ + ctctl_exit fi NEED_LOGIN=1 @@ -157,7 +157,7 @@ ctctl_auth_env(){ fi if [ "${NEED_LOGIN}" = "1" ]; then echo "You're not connected on vault. Please enter your account password" - export VAULT_TOKEN=$(vault login -field=token ${VAULT_AUTH_CONFIG:--method=ldap username=${CTCTL_USER:-$(whoami | sed -r 's/\@.*//')}} || kill -INT $$) + export VAULT_TOKEN=$(vault login -field=token ${VAULT_AUTH_CONFIG:--method=ldap username=${CTCTL_USER:-$(whoami | sed -r 's/\@.*//')}} || ctctl_exit) echo "Logged on vault successfuly" else echo "Your vault token is valid" @@ -197,22 +197,22 @@ ctctl_auth_env(){ echo "Fecthing a Nomad token from vault" NOMAD_CREDS=$(vault read -format=json ${VAULT_PREFIX:-}nomad/creds/${NOMAD_ROLE}) export NOMAD_TOKEN=$(echo -n ${NOMAD_CREDS} | jq -r .data.secret_id) - export NOMAD_LEASE=$(echo -n ${NOMAD_CREDS} | jq -r .lease_id) + export NOMAD_VAULT_LEASE=$(echo -n ${NOMAD_CREDS} | jq -r .lease_id) unset NOMAD_CREDS else echo "Nomad token is valid, renewing lease" - vault lease renew ${NOMAD_LEASE} >/dev/null + vault lease renew ${NOMAD_VAULT_LEASE} >/dev/null fi # Check if we have a valid consul token already if [ "$(ctctl_check_consul_token)" != "1" ]; then echo "Fetching a Consul token from vault" CONSUL_CREDS=$(vault read -format=json ${VAULT_PREFIX:-}consul/creds/${CONSUL_ROLE}) export CONSUL_HTTP_TOKEN=$(echo -n ${CONSUL_CREDS} | jq -r .data.token) - export CONSUL_LEASE=$(echo -n ${CONSUL_CREDS} | jq -r .lease_id) + export CONSUL_VAULT_LEASE=$(echo -n ${CONSUL_CREDS} | jq -r .lease_id) unset CONSUL_CREDS else echo "Consul token is valid, renewing lease" - vault lease renew ${CONSUL_LEASE} >/dev/null + vault lease renew ${CONSUL_VAULT_LEASE} >/dev/null fi ctctl_load_config @@ -221,15 +221,15 @@ ctctl_auth_env(){ ctctl_renew_leases(){ # Renew vault token ([ -n "${VAULT_TOKEN}" ] && vault token renew >/dev/null &) - ([ -n "${NOMAD_LEASE}" ] && vault lease renew ${NOMAD_LEASE} >/dev/null &) - ([ -n "${CONSUL_LEASE}" ] && vault lease renew ${CONSUL_LEASE} >/dev/null &) + ([ -n "${NOMAD_VAULT_LEASE}" ] && vault lease renew ${NOMAD_VAULT_LEASE} >/dev/null &) + ([ -n "${CONSUL_VAULT_LEASE}" ] && vault lease renew ${CONSUL_VAULT_LEASE} >/dev/null &) } # Logout from the current env ctctl_logout_env(){ if [ -z "${CTCTL_DOMAIN}" ]; then echo "Unknown environment" - kill -INT $$ + ctctl_exit fi echo "Disconecting from ${CTCTL_DOMAIN} environment" vault token revoke -self @@ -260,14 +260,14 @@ ctctl_ls_build_docker_images(){ ctctl_load_policies(){ if [ "$(ctctl_check_env)" = "0" ]; then echo "Not currently in a valid env. Run ctctl (with no argument) and select your env first" - kill -INT $$ + ctctl_exit fi for DIR in ./output .; do if [ -d "${DIR}/vault/policies" ]; then if [ "$(ctctl_check_vault_token)" != "1" ]; then echo "No valid vault token. You have to authenticate first" - kill -INT $$ + ctctl_exit fi for PFILE in $(ls ${DIR}/vault/policies/*.hcl 2>/dev/null); do if [ "${DIR}" = "./output" -a -e "$(echo ${PFILE} | sed -E 's|^\./output/|./|')" ]; then @@ -283,9 +283,9 @@ ctctl_load_policies(){ done fi if [ -d "${DIR}/consul/policies" ]; then - if [ "$(check_consul_token)" != "1" ]; then + if [ "$(ctctl_check_consul_token)" != "1" ]; then echo "No valid consul token. You have to authenticate first" - kill -INT $$ + ctctl_exit fi CONSUL_CUR_POLICIES=$(consul acl policy list -format=json) for PFILE in $(ls ${DIR}/consul/policies/*.hcl 2>/dev/null); do @@ -311,7 +311,7 @@ ctctl_load_policies(){ if [ -d "${DIR}/nomad/policies" ]; then if [ "$(ctctl_check_nomad_token)" != "1" ]; then echo "No valid nomad token. You have to authenticate first" - kill -INT $$ + ctctl_exit fi for PFILE in $(ls ${DIR}nomad/policies/*.hcl 2>/dev/null); do PNAME=$(basename ${PFILE} .hcl) @@ -336,7 +336,7 @@ ctctl_load_consul_conf(){ if [ -d "${DIR}/consul/config" ]; then if [ "$(ctctl_check_consul_token)" != "1" ]; then echo "No valid consul token. You have to authenticate first" - kill -INT $$ + ctctl_exit fi # Note : service-defaults should be loaded before the others # but that should be the case @@ -383,7 +383,7 @@ ctctl_load_consul_conf(){ ctctl_build_required_images(){ for DOCKER_IMAGE in $(ctctl_ls_build_docker_images); do if ! docker manifest inspect ${DOCKER_IMAGE} > /dev/null 2>&1; then - build_image ${DOCKER_IMAGE} + ctctl_build_image ${DOCKER_IMAGE} else echo "Image ${DOCKER_IMAGE} already available" fi @@ -394,7 +394,7 @@ ctctl_build_required_images(){ ctctl_build_selected_images(){ local NO_CACHE=$1 for DOCKER_IMAGE in $(ctctl_ls_build_docker_images | fzf -m --header "Select images to build (space to select, then enter)"); do - build_image "${DOCKER_IMAGE}" ${NO_CACHE} + ctctl_build_image "${DOCKER_IMAGE}" ${NO_CACHE} done } @@ -427,7 +427,7 @@ ctctl_build_image(){ done if [ "${FOUND}" = "0" ]; then echo "Couldn't find Docker image directory" - kill -INT $$ + ctctl_exit fi unset DOCKER_BUILDKIT } @@ -568,10 +568,10 @@ ctctl_render_templates(){ # Do not render templates from dependencies, variables files and images (images will be handled later) GOMPLATE_BUNDLE_ARGS+=(--exclude .git* --exclude deps/** --exclude variables.yml --exclude images/** --exclude templates/**) # This is used for two things - # - Add the env.suffix to every files (except job files). This permit ctctl to simply infer the policy name from the file name + # - Add the consul.suffix to every files (except job files). This allows ctctl to simply infer the policy name from the file name # - Put job files in the current dir for conveniance, and everything else in the output dir GOMPLATE_BUNDLE_ARGS+=(--output-map) - GOMPLATE_BUNDLE_ARGS+=('[[ if (regexp.Match ".*\\.nomad(\\.hcl)?" .in) ]][[ .in ]][[ else ]]output/[[ .in | path.Dir ]]/[[ .in | path.Base | regexp.Replace "^([^\\.]+)\\.(.*)$" (printf "%s%s.%s" "$1" .ctx.env.suffix "$2") ]][[ end ]]') + GOMPLATE_BUNDLE_ARGS+=('[[ if (regexp.Match ".*\\.nomad(\\.hcl)?" .in) ]][[ .in ]][[ else ]]output/[[ .in | path.Dir ]]/[[ .in | path.Base | regexp.Replace "^([^\\.]+)\\.(.*)$" (printf "%s%s.%s" "$1" .ctx.consul.suffix "$2") ]][[ end ]]') echo @@ -682,11 +682,11 @@ ctctl_loki_logs(){ if [ -z "${LOKI_ADDR}" ]; then echo "You need to configure loki first (LOKI_ADDR, LOKI_USERNAME and LOKI_PASSWORD or LOKI_PWD_CMD)" - kill -INT $$ + ctctl_exit fi if [ -n "${LOKI_PWD_CMD}" ]; then - export LOKI_PASSWORD=$(${LOKI_PWD_CMD}) + export LOKI_PASSWORD=$(eval ${LOKI_PWD_CMD}) fi LOGCLI_CMD="logcli query --include-label=job --include-label=group --include-label=task" @@ -698,7 +698,7 @@ ctctl_loki_logs(){ ${LOGCLI_CMD} $@ else # Exclude connect-proxy logs as it's often not wanted - SELECTOR='{job=~"'$(ctctl_ls_jobs | sed -zE 's/\n/|/g' | sed -E 's/\s+//')'", task!~"connect-proxy-.+|tls-proxy|metrics-proxy"}' + SELECTOR='{job=~"'$(ctctl_ls_jobs | sed -zE 's/\n/|/g' | sed -E 's/\s+//' | sed -E 's/\|$//')'", task!~"connect-proxy-.+|tls-proxy|metrics-proxy"}' echo "Running ${LOGCLI_CMD} $@ ${SELECTOR}" ${LOGCLI_CMD} $@ "${SELECTOR}" fi @@ -754,9 +754,14 @@ ctctl_get_conf(){ # Return a space separated list of jobs the current dir ctctl_ls_jobs(){ local JOBS="" - for JOBFILE in $(find . -maxdepth 1 \( -name \*.nomad -o -name \*.nomad.hcl \)); do - echo $(nomad run -output ${JOBFILE} | jq -r '.Job.Name') - done + if [ $(find . -maxdepth 1 \( -name \*.nomad -o -name \*.nomad.hcl \) | wc -l) -gt 0 ]; then + for JOBFILE in $(find . -maxdepth 1 \( -name \*.nomad -o -name \*.nomad.hcl \)); do + echo $(nomad run -output ${JOBFILE} | jq -r '.Job.Name') + done + else + # If current dir has no job file, return all running jobs + nomad job status -short | grep -E '\s+running\s+' | cut -d' ' -f1 + fi unset JOB JOBFILE } @@ -831,21 +836,22 @@ ctctl_alloc_logs(){ else TASK=$(echo "${TASKS}" | fzf --header "Select desired task") fi - echo "Running nomad alloc logs -f -tail -n 50 ${ALLOC} ${TASK}" - nomad alloc logs -f -tail -n 50 ${ALLOC} ${TASK} + echo "Running nomad alloc logs -f ${ALLOC} ${TASK}" + nomad alloc logs -f ${ALLOC} ${TASK} unset ALLOCS ALLOC TASKS TASK } -ctctl_clean(){ +ctctl_exit(){ # Cleanup by unseting all functions for FUNC in $(declare -F | grep -E '^declare -f ctctl_' | sed -E 's/^declare -f //'); do unset -f ${FUNC} done # Remove trap on SIGINT trap - INT + kill -INT $$ } -export FZF_DEFAULT_OPTS=${FZF_DEFAULT_OPTS:-"--height=~10% --cycle --bind 'space:toggle' --marker='*'"} +export FZF_DEFAULT_OPTS=${CTCTL_FZF_DEFAULT_OPTS:-"--height=~25% --cycle --bind 'space:toggle' --marker='*'"} case $1 in current) @@ -924,4 +930,4 @@ case $1 in ;; esac -ctctl_clean +ctctl_exit