Created
July 26, 2018 13:13
-
-
Save bushong1/f76aa222110d4ab0c9cdd402f09abe45 to your computer and use it in GitHub Desktop.
Docker Entrypoint to pull in ParameterStore variables and S3 Buckets
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash -e | |
| # Usage: | |
| # 1) Build the AWS CLI into your container | |
| # 2) Set your region, or pass env into the container | |
| export AWS_DEFAULT_REGION=us-east-1 | |
| function usage () { | |
| echo "Usage: Container must be run with the following environment variables: | |
| FOO: does foo | |
| BAR: does bar | |
| " | |
| } | |
| function getparameterstore () { | |
| ENV_NAME=$1 | |
| PARAMETER_STORE_NAME=$2 | |
| echo "Getting parameter ENV_NAME=${ENV_NAME}, PARAMETER_STORE_NAME=${PARAMETER_STORE_NAME}" | |
| echo "Testing pulling data from ParameterStore..." | |
| aws ssm get-parameter --name "${PARAMETER_STORE_NAME}" > /dev/null && echo "Success ${PARAMETER_STORE_NAME}" || ( echo "FATAL: Could not retrieve ParameterStore value '${PARAMETER_STORE_NAME}'"; exit 10; ) | |
| export $ENV_NAME=$(aws ssm get-parameter --name "${PARAMETER_STORE_NAME}" | jq .Parameter.Value -r) | |
| if [ -z "${!ENV_NAME}" ]; then | |
| echo "FATAL: Could not retrieve ParameterStore value '${PARAMETER_STORE_NAME}'" | |
| exit 15 | |
| else | |
| echo "Successfully loaded ${ENV_NAME}" | |
| fi | |
| } | |
| function get_dotenv_s3 () { | |
| if [ -z "${DOTENV_S3_PATH}" ] || | |
| [ -z "${AWS_ENVIRONMENT}" ]; then | |
| echo "FATAL: Must set all environment variables before this container can be launched. Exiting." | |
| usage | |
| exit 20 | |
| fi | |
| echo "Beginning sync of s3://${DOTENV_S3_PATH}..." | |
| aws s3 cp "s3://${DOTENV_S3_PATH}" . --recursive || ( echo "FATAL: Could not sync files from S3"; exit 30; ) | |
| echo "Completed S3 File sync." | |
| } | |
| # application specific configuration | |
| if aws sts get-caller-identity > /dev/null 2>&1; then | |
| # We're using aws, pull some env vars from parameter store | |
| echo "Entrypoint: running in AWS" | |
| ## Get Parameters from Parameter Store | |
| #getparameterstore <env_name> <parameter_store_name> | |
| ##TODO: Replace these examples: | |
| getparameterstore SECRET_KEY_BASE "${SERVICE_NAME}-secret_key_base" #passing in SERVICE_NAME to the container | |
| getparameterstore DB_PASSWORD "${AWS_ENVIRONMENT}-${SERVICE_NAME}-secret_key_base" #passing in both AWS_ENVIRONMENT and SERVICE_NAME into the container | |
| ## Sync an S3 Bucket from $DOTENV_S3_PATH to pwd | |
| #get_dotenv_s3 | |
| else | |
| echo "Entrypoint: NOT running in AWS" | |
| # Ensure we have all our needed env vars when not using Parameter Store | |
| if [ -z "${SECRET_KEY_BASE}" ] || | |
| [ -z "${DB_PASSWORD}" ] | |
| then | |
| echo "FATAL: Must set all environment variables before this container can be launched. Exiting." | |
| usage | |
| exit 40 | |
| fi | |
| fi |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment