-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathdo.sh
executable file
·120 lines (107 loc) · 3.51 KB
/
do.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
#!/bin/bash
set -euo pipefail
### Configuration
AWS_NUKE_VERSION=$(cat aws-nuke-version)
export AWS_NUKE_VERSION
export AWS_NUKE_EXE=./bin/aws-nuke
export AWS_NUKE_WAIT_SECONDS=3 # aws-nuke minimum is 3 seconds
export AWS_NUKE_MAX_RETRIES=10
### Functions
function specify_version () {
OS_ID="$(uname -a)"
MACOS_ALIAS=Darwin
if [[ $OS_ID == *"$MACOS_ALIAS"* ]]; then
export OS=darwin
else
export OS=linux
fi
export ARCH=amd64
export AWS_NUKE_FILE=aws-nuke-v$AWS_NUKE_VERSION-$OS-$ARCH
export AWS_NUKE_URL=https://github.com/rebuy-de/aws-nuke/releases/download/v$AWS_NUKE_VERSION/$AWS_NUKE_FILE.tar.gz
}
function require_config () {
if [ ! "${AWS_NUKE_CONFIG:-}" ]; then
echo "Specify a configuration file."
exit 1
fi
}
function set_timestamp () {
if [ ! "${TIMESTAMP:-}" ]; then
TIMESTAMP=$(date -u +"%Y%m%dT%H%M%SZ")
export TIMESTAMP
fi
}
### Main
if [ ! "${1:-}" ]; then
echo "Specify a subcommand."
exit 1
fi
if [ "${2:-}" ]; then
export AWS_NUKE_CONFIG=./config/aws-nuke/"$2".yml
fi
if [ "${3:-}" ]; then
export TIMESTAMP=$3
fi
case $1 in
info)
./$AWS_NUKE_EXE version
;;
clean)
[ -d "bin" ] && rm -r bin
[ -d "log" ] && rm -r log
[ -d "tmp" ] && rm -r tmp
;;
dryrun)
require_config
./$AWS_NUKE_EXE --config "$AWS_NUKE_CONFIG"
;;
nuke)
require_config
./$AWS_NUKE_EXE --config "$AWS_NUKE_CONFIG" --no-dry-run
;;
headless:dryrun)
require_config
set_timestamp
./$AWS_NUKE_EXE --config "$AWS_NUKE_CONFIG" --force --force-sleep $AWS_NUKE_WAIT_SECONDS --max-wait-retries $AWS_NUKE_MAX_RETRIES > log/aws-nuke-"$TIMESTAMP"-full.log 2>&1
;;
headless:nuke)
require_config
set_timestamp
./$AWS_NUKE_EXE --config "$AWS_NUKE_CONFIG" --force --force-sleep $AWS_NUKE_WAIT_SECONDS --max-wait-retries $AWS_NUKE_MAX_RETRIES --no-dry-run > log/aws-nuke-"$TIMESTAMP"-full.log 2>&1
;;
setup)
specify_version
[ -d "bin" ] || mkdir bin
[ -d "tmp" ] || mkdir tmp
if [ ! -x "$AWS_NUKE_EXE" ]; then
curl -L $AWS_NUKE_URL > ./tmp/$AWS_NUKE_FILE.tar.gz
tar xvzf ./tmp/$AWS_NUKE_FILE.tar.gz -C ./tmp
mv ./tmp/$AWS_NUKE_FILE $AWS_NUKE_EXE
chmod +x $AWS_NUKE_EXE
rm -r ./tmp
fi
[ -d "log" ] || mkdir log
;;
summarize)
set_timestamp
declare -A MARKERS
MARKERS[targets]="would remove"
MARKERS[deletions]="removed"
for MARKER in "${!MARKERS[@]}"
do
grep "${MARKERS[$MARKER]}" log/aws-nuke-"$TIMESTAMP"-full.log > log/aws-nuke-"$TIMESTAMP"-$MARKER.log || :
grep '\- S3Object \-\|\- DynamoDBTableItem \-' log/aws-nuke-"$TIMESTAMP"-$MARKER.log > log/aws-nuke-"$TIMESTAMP"-$MARKER-dataobj.log || :
grep -v '\- S3Object \-\|\- DynamoDBTableItem \-' log/aws-nuke-"$TIMESTAMP"-$MARKER.log > log/aws-nuke-"$TIMESTAMP"-$MARKER-nodataobj.log || :
grep '\- SSMParameter \-\|\- SecretsManagerSecret \-\|\- EC2KeyPair \-' log/aws-nuke-"$TIMESTAMP"-$MARKER-nodataobj.log > log/aws-nuke-"$TIMESTAMP"-$MARKER-secrets.log || :
grep -v '\- SSMParameter \-\|\- SecretsManagerSecret \-\|\- EC2KeyPair \-' log/aws-nuke-"$TIMESTAMP"-$MARKER-nodataobj.log > log/aws-nuke-"$TIMESTAMP"-$MARKER-notsecrets.log || :
grep '\- CloudFormationStack \-\|\- EC2InstanceECSCluster \-\|\- ECSCluster \-\|\- DynamoDBTable \-\|\- S3Bucket \-\|\- SNSTopic \-' log/aws-nuke-"$TIMESTAMP"-$MARKER-nodataobj.log > log/aws-nuke-"$TIMESTAMP"-$MARKER-keytargets.log || :
done
;;
timestamp)
set_timestamp
echo "$TIMESTAMP"
;;
*)
echo "$1 is not a valid command"
;;
esac