build script for automating samuraiwtf builds

samurai_build-export.sh

#!/usr/bin/env bash
set -euo pipefail
# set -x


if [[ $# -ne 1 ]] ; then
	printf "Please pass at least 1 arguments: %s\n" "path to samurai src folder"
    exit 1
fi

##################################################
## variables

# the folder that holds the samuraiwtf src code to build off of
samurai_src_folder="${1}"

## AWS variables

# bucket to upload the ova to
s3_bucket='secureideas-tiny.si'

# folder path to upload the ova to under the specified bucket
s3_samurai_upload_path="${s3_bucket}/files"

##################################################

function prep(){

    # moving to the samurai src folder
    pushd "${samurai_src_folder}"

    # start the machine up to run some commands
    vagrant up

    ##################################################
    ## relative variables

    # grabbing uuid that vagrant stores
    exporting_vm_uuid="$(cat .vagrant/machines/samuraiwtf/virtualbox/id)"

    # grabbing name associated to uuid
    exporting_vm_name="$(vboxmanage list vms | grep "${exporting_vm_uuid}" | cut -d ' ' -f 1 | tr -d '"' )"

    # creating full path of the ova file that will get uploaded
    s3_samurai_upload_file="${s3_samurai_upload_path}/${exporting_vm_name}.ova"

    ##################################################

    # runs bleachbit commands for cleanup
    # https://secureideas.slack.com/archives/C6A8GS8LT/p1581042645059700
    vagrant ssh -c "sudo apt install -y bleachbit && curl -fsSL https://git.io/JvwB5 | bash"

}

function setup(){

    # stop the vm so we can export it
    vagrant halt

    # remove the vagrant shared folder
    vboxmanage sharedfolder remove "${exporting_vm_uuid}" --name vagrant 

    # export the vm
    vboxmanage export "${exporting_vm_uuid}" -o "${exporting_vm_name}.ova"

}

function aws_cmds(){

    # upload ova to the specified path and make publicly readable
    # NOTE: need following slash or else it will not upload to correct folder
    aws s3 \
      cp ./*.ova "s3://${s3_samurai_upload_path}/" \
      --acl public-read

    # update metadata of tiny.si/samurai to new path of ova, and make
    #   it publically readable
    aws s3api put-object \
      --content-type 'text/html' \
      --website-redirect-location "https://s3-us-west-2.amazonaws.com/${s3_samurai_upload_file}" \
      --acl public-read \
      --bucket secureideas-tiny.si \
      --key samurai 1> /dev/null

    # show metadata to allow user to validate metadata is right.
    aws s3api head-object \
      --bucket "${s3_bucket}" \
      --key samurai
}

function cleanup(){
    cleanup_cmd=''
    read -rp "Do you want to remove the exported vm?[Y/n] " remove_ova
    read -rp "Do you want to remove the vagrant box?[y/N] " remove_box

    case "${remove_ova}" in
        Y|y|"")
            cleanup_cmd+='rm ./*.ova'
        ;;
    esac

    case "${remove_box}" in
        Y|y)
            cleanup_append
            cleanup_cmd+='vagrant destroy'
        ;;
    esac

    printf 'cleanup cmd is: %s\n' "${cleanup_cmd}"
    eval "${cleanup_cmd}"

}

function cleanup_append(){

    if [[ -n "${cleanup_cmd}" ]] ; then
        cleanup_cmd+=' && '
    fi

}

function base(){

    prep
    setup

    # delete ova in s3 bucket
    printf 'In case there is an upload failure use this command to remove the object:\naws s3 rm  "s3://%s"\n' "${s3_samurai_upload_file}"

    aws_cmds
    cleanup
    popd

}

base "${@}"