-
Notifications
You must be signed in to change notification settings - Fork 10
/
dra_utils.sh
463 lines (428 loc) · 16.3 KB
/
dra_utils.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
#!/bin/bash
#********************************************************************************
# Copyright 2014 IBM
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
#********************************************************************************
# uncomment the next line to debug this script
#set -x
debugme() {
[[ $DEBUG = 1 ]] && "$@" || :
}
###############################
# get project key #
###############################
# Register your project with DRA Application, and record the returned project key
get_dra_prject_key() {
if [ -n "${IDS_PROJECT_NAME}" ]; then
debugme echo -e "get DRA project key for projectName '${IDS_PROJECT_NAME}'"
else
debugme echo -e "Get DRA project key failed. ProjectName is missing."
return 1
fi
# set project.json and dra-response.info files
local PROJECT_FILE="project.json"
local RESPONSE_FILE="dra-response.info"
if [ -e "$PROJECT_FILE" ]; then
rm -f "$PROJECT_FILE"
fi
if [ -e "$RESPONSE_FILE" ]; then
rm -f "$RESPONSE_FILE"
fi
local PROJECT_FILE_INFO="{\"projectName\": \"${IDS_PROJECT_NAME}\"}"
echo -e "$PROJECT_FILE_INFO" > "$PROJECT_FILE"
# get project key
local DRA_URL="http://da.oneibmcloud.com/api/v1/project"
debugme echo -e "Fetching DRA project key for $IDS_PROJECT_NAME IDS project"
debugme echo -e $(cat "$PROJECT_FILE")
debugme echo -e "curl -k --silent -H "Content-Type: application/json" -X POST -d @$PROJECT_FILE $DRA_URL"
curl -k --silent -H "Content-Type: application/json" -X POST -d @$PROJECT_FILE $DRA_URL > "$RESPONSE_FILE"
local RC=$?
debugme echo -e $(cat "$RESPONSE_FILE")
rm -f "$PROJECT_FILE"
if [ $RC == 0 ] && [ $(grep -ci "projectkey" "$RESPONSE_FILE") -ne 0 ]; then
local PROJECT_KEY_INFO=$(cat "$RESPONSE_FILE")
export DRA_PROJECT_KEY=$(echo $PROJECT_KEY_INFO | sed 's/.*"projectkey":"//' | awk -F "\"" '{print $1}')
if [ -n "$DRA_PROJECT_KEY" ]; then
debugme echo -e "Successfully get the project key ${DRA_PROJECT_KEY}"
else
debugme echo -e "Failed to get project key"
return 1
fi
rm -f "$RESPONSE_FILE"
else
rm -f "$RESPONSE_FILE"
# unable to curl DRA project key, fail out
debugme echo -e "get DRA project key failed, could not get DRA project key, rc = $RC"
return 1
fi
return 0
}
###############################
# add criterial to DRA #
###############################
add_criterial_rule_to_dra() {
local CRITERIAL_FILE=$1
if [ -n "${CRITERIAL_FILE}" ]; then
debugme echo -e "Set criterial rule to DRA in file '${CRITERIAL_FILE}'"
else
debugme echo -e "Set criterial rule to DRA failed. Criterial rule file is missing."
return 1
fi
# set the criterial file
local RESPONSE_FILE="dra-response.info"
if [ -e "$RESPONSE_FILE" ]; then
rm -f "$RESPONSE_FILE"
fi
local DRA_ADD_CRITERIAL_URL="http://da.oneibmcloud.com/api/v1/criteria"
debugme echo -e "Fetching criterial rules to DRA for $CRITERIAL_FILE."
debugme echo -e "$(cat ${EXT_DIR}/$CRITERIAL_FILE)"
debugme echo -e "curl -k -H Content-Type:application/json -H projectKey:$DRA_PROJECT_KEY -X POST -d @${EXT_DIR}/$CRITERIAL_FILE $DRA_ADD_CRITERIAL_URL"
curl -k -H Content-Type:application/json -H projectKey:$DRA_PROJECT_KEY -X POST -d @${EXT_DIR}/$CRITERIAL_FILE $DRA_ADD_CRITERIAL_URL > "$RESPONSE_FILE"
local RC=$?
debugme echo -e $(cat "$RESPONSE_FILE")
echo ""
if [ $RC == 0 ]; then
local RESPONSE=$(cat "$RESPONSE_FILE")
if [ -n "$RESPONSE" ]; then
if [ $(echo "$RESPONSE" | grep -ci "SyntaxError") -ne 0 ] || [ $(echo "$RESPONSE" | grep -ci "Invalid") -ne 0 ]; then
return 1
else
debugme echo -e "Successfully sent the criterial rules file $CRITERIAL_FILE to DRA"
fi
fi
else
debugme echo -e "Failed to send criterial rule file $CRITERIAL_FILE to DRA."
return 1
fi
return 0
}
###############################
# add result to DRA #
###############################
add_result_rule_to_dra() {
local RESULT_FILE=$1
local EVENT_TYPE=$2
local CMD=""
if [ -z "${RESULT_FILE}" ]; then
debugme echo -e "Set result rule to DRA failed. Result rule file is missing."
return 1
fi
if [ -z "${EVENT_TYPE}" ]; then
debugme echo -e "Set result rule to DRA failed. Result event type is missing."
return 1
fi
debugme echo -e "Set result rule with eventType '${EVENT_TYPE}' to DRA in file '${RESULT_FILE}'"
DRILL_DOWN_URL_FILE="result_url"
if [ -e "$DRILL_DOWN_URL_FILE" ]; then
local DRILL_DOWN_URL=$(cat $DRILL_DOWN_URL_FILE)
CMD="-eventType=${EVENT_TYPE} -file=${RESULT_FILE} -drilldownUrl=${DRILL_DOWN_URL}"
else
CMD="-eventType=${EVENT_TYPE} -file=${RESULT_FILE}"
fi
debugme echo -e "Fetching result rules to DRA for $RESULT_FILE."
debugme echo -e "$(cat $RESULT_FILE)"
debugme echo -e "grunt CMD: grunt --gruntfile=node_modules/grunt-idra/idra.js $CMD"
local RESPONSE="$(grunt --gruntfile=node_modules/grunt-idra/idra.js $CMD)"
local RC=$?
debugme echo -e "$RESPONSE"
if [ $RC -ne 0 ]; then
debugme echo -e "Failed to execute grunt command for '${CMD}' with return error code ${RC}"
return 1
fi
if [ -n "$RESPONSE" ]; then
if [ $(echo "$RESPONSE" | grep -ci "SyntaxError") -ne 0 ] || [ $(echo "$RESPONSE" | grep -ci "Invalid") -ne 0 ]; then
return 1
else
debugme echo -e "Successfully sent the result rule file $CRITERIAL_FILE to DRA."
fi
fi
return 0
}
###############################
# Setup grunt idra #
###############################
setup_grunt_idra() {
debugme echo -e "npm install -g grunt"
npm install -g grunt &> /dev/null
RC=$?
if [ $RC -ne 0 ]; then
debugme echo -e "Failed to setup_grunt_idra. Could not install grunt"
return 1
fi
debugme echo -e "npm install -g grunt-cli"
npm install -g grunt-cli &> /dev/null
RC=$?
if [ $RC -ne 0 ]; then
debugme echo -e "Failed to setup_grunt_idra. Could not install grunt-cli"
return 1
fi
npm install grunt-idra &> /dev/null
RC=$?
if [ $RC -ne 0 ]; then
debugme echo -e "Failed to setup_grunt_idra. Could not install node grunt-idra"
return 1
fi
return 0
}
###############################
# Initialize iDRA plugin #
###############################
init_dra() {
# check -isDRAEnabled
debugme echo -e "grunt --gruntfile=node_modules/grunt-idra/idra.js -init=$DRA_PROJECT_KEY"
local RESPONSE="$(grunt --gruntfile=node_modules/grunt-idra/idra.js -init=$DRA_PROJECT_KEY)"
local RC=$?
debugme echo -e "$RESPONSE"
if [ $RC -ne 0 ]; then
debugme echo -e "Failed to init_dra. init DRA return error code ${RC}"
return 1
fi
if [ -n "$RESPONSE" ]; then
echo $RESPONSE | grep "successfully"
RC=$?
if [ $RC -eq 0 ]; then
return 0
else
return 1
fi
else
debugme echo -e "Failed to init_dra. init DRA return empty response"
return 1
fi
}
###############################
# check if the DRA is enabeld #
###############################
check_dra_enabled() {
# check -isDRAEnabled
local RESPONSE="$(grunt --gruntfile=node_modules/grunt-idra/idra.js -isDRAEnabled)"
local RC=$?
if [ $RC -ne 0 ]; then
debugme echo -e "Failed to setup_grunt_idra. Check for isDRAEnabled return error code ${RC}"
return 1
fi
if [ -n "$RESPONSE" ]; then
local ENABLED_RESPONSE=$(echo $RESPONSE | grep "enabled" | awk '{print $6}' | sed 's/.*"enabled"://' | sed 's/}//g')
if [ "$ENABLED_RESPONSE" == "true" ]; then
debugme echo -e "The DRA is enabled"
return 0
else
debugme echo -e "$RESPONSE"
debugme echo -e "The DRA is not enabled"
return 1
fi
else
debugme echo -e "Failed to setup_grunt_idra. Check for isDRAEnabled return empty response"
return 1
fi
}
###############################
# Setup DRA for build stage #
###############################
setup_dra_build(){
# setup the grunt idra
setup_grunt_idra
local RC=$?
if [ $RC -ne 0 ]; then
debugme echo -e "Failed to setup_dra_build. setup_grunt_idra return error code ${RC}"
return 1
fi
# run grunt-idra -init
init_dra
RC=$?
if [ $RC -ne 0 ]; then
debugme echo -e "$WARN" "Failed to init DRA with return error code ${RC}."
return 1
fi
# check -isDRAEnabled
check_dra_enabled
RC=$?
if [ $RC -ne 0 ]; then
debugme echo -e "Failed to setup_dra_build. check_dra_enabled return error code ${RC}"
return 1
fi
return 0
}
###############################
# Setup DRA for deploy stage #
###############################
setup_dra_deploy(){
local CRITERIA_NAME=$1
if [ -n "${CRITERIA_NAME}" ]; then
debugme echo -e "setup_dra_deploy for DRA for decision criteria name '${CRITERIA_NAME}'"
else
debugme echo -e "setup_dra_deploy failed. CRITERIA_NAME is missing."
return 1
fi
# setup the grunt idra
setup_grunt_idra
local RC=$?
if [ $RC -ne 0 ]; then
debugme echo -e "Failed to setup_dra_deploy. setup_grunt_idra return error code ${RC}"
return 1
fi
# set the decision criteria name
dra_grunt_decision "${CRITERIAL_NAME}"
if [ $RC -ne 0 ]; then
debugme echo -e "Failed to execute decision for criterial ${CRITERIAL_NAME} with return error code ${RC}."
return 1
fi
return 0
}
###############################
# Set Event Type to DRA #
###############################
set_event_type(){
local EVENT_TYPE=$1
if [ -n "${EVENT_TYPE}" ]; then
debugme echo -e "EVENT_TYPE is '${EVENT_TYPE}'"
else
debugme echo -e "EVENT_TYPE is missing."
return 1
fi
# set the decision criteria name
grunt --gruntfile=node_modules/grunt-idra/idra.js -eventType=$EVENT_TYPE
local RC=$?
if [ $RC -ne 0 ]; then
debugme echo -e "Failed to set event type ${EVENT_TYPE} with return error code ${RC}"
return 1
fi
return 0
}
########################################
# run DRA grunt decision command #
########################################
dra_grunt_decision(){
local CRITERIAL_NAME=$1
if [ -n "${CRITERIAL_NAME}" ]; then
debugme echo -e "dra_grunt_decision for criterial name '${CRITERIAL_NAME}'"
else
debugme echo -e "Failed to dra_grunt_decision. criterial name is missing."
return 1
fi
local CMD="-decision=${CRITERIAL_NAME}"
debugme echo -e "grunt CMD: grunt --gruntfile=node_modules/grunt-idra/idra.js $CMD"
local RESPONSE="$(grunt --gruntfile=node_modules/grunt-idra/idra.js $CMD)"
local RC=$?
debugme echo -e "$RESPONSE"
if [ $RC -ne 0 ]; then
debugme echo -e "Failed to execute grunt command for '${CMD}' with return error code ${RC}"
return 1
fi
if [ -n "$RESPONSE" ]; then
echo $RESPONSE | grep "decision"
RC=$?
if [ $RC -eq 0 ]; then
export DRA_DECISION=$(echo $RESPONSE | sed 's/.*"decision":"//' | awk -F "\"" '{print $1}')
export DRA_REPORT_URL=$(echo $RESPONSE | sed 's/.*Check the report at - //' | awk -F "[" '{print $1}')
if [ -n "$DRA_DECISION" ]; then
if [ "$DRA_DECISION" == "Proceed" ]; then
${EXT_DIR}/utilities/sendMessage.sh -l good -m "Check the <${DRA_REPORT_URL}|'${CRITERIAL_NAME} Deployment Risk Analytics Decision'> report with decision: '${DRA_DECISION}'."
return 0
elif [ "$DRA_DECISION" == "Stop - Advisory" ]; then
${EXT_DIR}/utilities/sendMessage.sh -l good -m "Check the <${DRA_REPORT_URL}|'${CRITERIAL_NAME} Deployment Risk Analytics Decision'> report with decision: '${DRA_DECISION}'."
return 1
elif [ "$DRA_DECISION" == "Stop" ]; then
${EXT_DIR}/utilities/sendMessage.sh -l bad -m "Check the <${DRA_REPORT_URL}|'${CRITERIAL_NAME} Deployment Risk Analytics Decision'> report with decision: '${DRA_DECISION}'."
return 2
else
debugme echo -e "Failed to get correct decision result. The DRA_DECISION is ${DRA_DECISION}"
return 3
fi
else
debugme echo -e "Failed to get decision result"
return 4
fi
else
debugme echo -e "Failed to get decision result"
return 5
fi
else
debugme echo -e "Response is empty"
return 6
fi
}
###############################
# Setup DRA #
###############################
setup_dra(){
local CRITERIAL_NAME=$1
if [ -n "${CRITERIAL_NAME}" ]; then
debugme echo -e "Setup DRA for criterial name '${CRITERIAL_NAME}'"
else
debugme echo -e "Failed to setup_dra. criterial name is missing."
return 1
fi
setup_grunt_idra
local RESULT=$?
if [ $RESULT -eq 0 ]; then
# get the DRA Project Key
get_dra_prject_key
RESULT=$?
if [ $RESULT -eq 0 ]; then
log_and_echo "DRA project key for projectName '${IDS_PROJECT_NAME}' is '${DRA_PROJECT_KEY}"
# grunt-idra -init
init_dra
RESULT=$?
if [ $RESULT -eq 0 ]; then
# check DRA is enabled
check_dra_enabled
RESULT=$?
if [ $RESULT -eq 0 ]; then
# delete criterial rule
debugme echo -e "Checking and deleting the previous criterial rule"
local DRA_ADD_CRITERIAL_URL="http://da.oneibmcloud.com/api/v1/criteria"
curl -k -H projectKey:$DRA_PROJECT_KEY -X DELETE $DRA_ADD_CRITERIAL_URL?name=$CRITERIAL_NAME
# add criterial for DRA
add_criterial_rule_to_dra "${CRITERIAL_NAME}.json"
RESULT=$?
if [ $RESULT -eq 0 ]; then
log_and_echo "DRA project key for projectName '${IDS_PROJECT_NAME}' is '${DRA_PROJECT_KEY}"
export DRA_ENABLED=0
return 0
else
log_and_echo "$WARN" "Failed to add DRA criterial file ${CRITERIAL_FILE} with return error code ${RESULT}. Could not Add Dynamic Risk Analytics."
return 2
fi
else
debugme echo -e "$WARN" "DRA is not enabled with return error code ${RESULT}. Could not Add Dynamic Risk Analytics."
return 1
fi
else
debugme echo -e "$WARN" "Failed to init DRA with return error code ${RESULT}. Could not Add Dynamic Risk Analytics."
return 1
fi
else
debugme echo -e "Failed to get DRA project key with return error code ${RESULT}. Could not Add Dynamic Risk Analytics."
return 1
fi
else
debugme echo -e "Failed to setup grunt_idra with return error code ${RESULT}. Could not Add Dynamic Risk Analytics."
return 1
fi
}
export -f get_dra_prject_key
export -f add_criterial_rule_to_dra
export -f setup_grunt_idra
export -f init_dra
export -f check_dra_enabled
export -f setup_dra_build
export -f setup_dra_deploy
export -f dra_grunt_decision
export -f setup_dra
export -f add_result_rule_to_dra
export -f set_event_type
export DRA_PROJECT_KEY
export DRA_ENABLED
export DRA_DECISION
export DRA_REPORT_URL