updating image builder script

MilesSystems · Jan 25, 2025 · 2631534 · 2631534
1 parent 345a169
commit 2631534
Show file tree

Hide file tree

Showing 3 changed files with 170 additions and 143 deletions.
diff --git a/.github/assets/shell/createUpdateImageBuilder.sh b/.github/assets/shell/createUpdateImageBuilder.sh
@@ -0,0 +1,159 @@
+#!/bin/bash
+
+# Enable strict error handling
+set -eEBxuo pipefail
+shopt -s failglob
+
+# Assign variables from arguments
+DISTRIBUTION="$1"
+AWS_REGION="$2"
+ENVIRONMENT="$3"
+REPOSITORY_NICENAME="$4"
+IMAGE_BUILDER_SCRIPT_BUILD="$5"
+IMAGE_BUILDER_SCRIPT_VALIDATE="$6"
+ENCRYPTION_KEY="$7"
+SECRET_PAYLOAD_ENCRYPTED="$8"
+IMAGE_BUILDER_BASE_IMAGE_AMI="$9"
+INFRASTRUCTURE="${10}"
+
+# Ensure all required variables are provided
+if [[ -z "$DISTRIBUTION" || -z "$AWS_REGION" || -z "$ENVIRONMENT" || -z "$REPOSITORY_NICENAME" ]]; then
+  echo "Error: Missing required arguments." >&2
+  echo "Usage: $0 <distribution> <aws-region> <environment> <repository-nicename> <script-build> <script-validate> <encryption-key> <secret-payload-encrypted> <base-image-ami> <infrastructure>" >&2
+  exit 1
+fi
+
+if [[ "null" == "$DISTRIBUTION" ]]; then
+  echo "Step ID distribution failed."
+  exit 1
+fi
+
+echo "Checking if stack exists ..."
+
+STACK_NAME="imagebuilder-$ENVIRONMENT-$REPOSITORY_NICENAME"
+
+# Describe stacks and set action variables
+if ! aws cloudformation describe-stacks --region "$AWS_REGION" --stack-name "$STACK_NAME"; then
+  echo -e "\nStack does not exist, creating ..."
+  action="create-stack"
+  wait_action="stack-create-complete"
+else
+  echo -e "\nStack exists, attempting update ..."
+  action="update-stack"
+  wait_action="stack-update-complete"
+fi
+
+# Save scripts to files
+echo "$IMAGE_BUILDER_SCRIPT_BUILD" > ./imageBuilderScriptBuild
+echo "$IMAGE_BUILDER_SCRIPT_VALIDATE" > ./imageBuilderScriptValidate
+
+if [ -n "$SECRET_PAYLOAD_ENCRYPTED" ]; then
+  chmod +x ./.github/assets/shell/parseSecrets.sh
+  source ./.github/assets/shell/parseSecrets.sh \
+    "$ENCRYPTION_KEY" \
+    "$SECRET_PAYLOAD_ENCRYPTED" \
+    ./imageBuilderScriptBuild \
+    ./imageBuilderScriptValidate
+fi
+
+php ./.github/assets/php/createImageBuilderDataYaml.php ./imageBuilderScriptBuild ./imageBuilderScriptValidate
+
+printf "Build data:\n%s\n" "$(cat ./CloudFormation/imagebuilder.yaml)"
+
+# Get currently set variables and templates
+CURRENT_VERSION=$(aws cloudformation describe-stacks --region "$AWS_REGION" --stack-name "$STACK_NAME" --query "Stacks[0].Parameters[?ParameterKey=='RecipeVersion'].ParameterValue" --output text) || CURRENT_VERSION=""
+if [[ -z "$CURRENT_VERSION" ]]; then
+  CURRENT_VERSION="0.0.0"
+fi
+
+echo "Current version: $CURRENT_VERSION"
+
+template=$(aws cloudformation get-template --stack-name "$STACK_NAME" --query "TemplateBody" --output text 2>/dev/null) || template=""
+echo "$template" > /tmp/latest_template.yaml
+echo "Latest version template:"
+cat /tmp/latest_template.yaml
+
+parameters=$(aws cloudformation describe-stacks --region "$AWS_REGION" --stack-name "$STACK_NAME" --query "Stacks[0].Parameters" --output json 2>/dev/null) || parameters="[]"
+echo "$parameters" > /tmp/latest_parameters.json
+echo "Latest version parameters:"
+cat /tmp/latest_parameters.json
+
+PARAMETERS_FILE=$(php ./.github/assets/php/createAwsJsonParametersFile.php \
+  "--Name=$STACK_NAME" \
+  --InfrastructureConfigurationId="$INFRASTRUCTURE" \
+  --DistributionConfigurationId="$DISTRIBUTION" \
+  "--Ec2BaseImageAMI=$IMAGE_BUILDER_BASE_IMAGE_AMI" \
+  "--RecipeVersion=$CURRENT_VERSION" \
+  --Storage=30)
+
+# Check if the template and parameters are exactly the same
+if diff -q "$TEMPLATE_FILE" "$LATEST_TEMPLATE_FILE" > /dev/null \
+  && diff -q "$PARAMETERS_FILE" "$LATEST_PARAMETERS_FILE" > /dev/null; then
+    echo "No changes detected in template or parameters. Skipping stack update."
+    echo "needImageRebuild=false" >> $GITHUB_ENV
+    exit 0
+else
+    echo "Current parameters with version $CURRENT_VERSION:"
+    echo "$PARAMETERS_FILE"
+    echo "Changes detected. Proceeding with stack update..."
+fi
+
+if ! diff -q ./CloudFormation/imagebuilder.yaml /tmp/latest_template.yaml > /dev/null; then
+  echo "Latest version template differ, bumping version..."
+
+  YEAR=$(date +"%Y")
+  MONTH=$(date +"%m")
+  IFS='.' read -r major minor patch <<< "$CURRENT_VERSION"
+
+  if [[ "$major" == "$YEAR" && "$minor" == "$MONTH" ]]; then
+    patch=$((patch + 1))
+  else
+    patch=0
+  fi
+
+  major=$YEAR
+  minor=$MONTH
+  NEW_VERSION="${major}.${minor}.${patch}"
+
+  echo "Bumped version from $CURRENT_VERSION to $NEW_VERSION"
+  CURRENT_VERSION=$NEW_VERSION
+else
+  echo "Templates are identical, no version bump needed."
+fi
+
+echo "version=$CURRENT_VERSION" > IMAGE-BUILDER.txt
+
+PARAMETERS_FILE=$(php ./.github/assets/php/createAwsJsonParametersFile.php \
+  "--Name=$STACK_NAME" \
+  --InfrastructureConfigurationId="$INFRASTRUCTURE" \
+  --DistributionConfigurationId="$DISTRIBUTION" \
+  "--Ec2BaseImageAMI=$IMAGE_BUILDER_BASE_IMAGE_AMI" \
+  "--RecipeVersion=$CURRENT_VERSION" \
+  --Storage=30)
+
+echo "Current parameters file:"
+cat "$PARAMETERS_FILE"
+echo "End of parameters file."
+
+output=$(aws cloudformation $action \
+  --region "$AWS_REGION" \
+  --stack-name "$STACK_NAME" \
+  --template-body file://./CloudFormation/imagebuilder.yaml \
+  --parameters "file://$PARAMETERS_FILE" \
+  2>&1) || status=$?
+
+if [ "${status:-0}" -ne 0 ] && [[ $action == "update-stack" ]]; then
+  if [[ $output == *"ValidationError"* && $output == *"No updates"* ]]; then
+    echo "needImageRebuild=false"
+    echo -e "\nFinished create/update - no updates to be performed"
+    exit 0
+  else
+    echo "$output"
+    exit $status
+  fi
+fi
+
+echo "needImageRebuild=true"
+aws cloudformation wait "$wait_action" --region "$AWS_REGION" --stack-name "$STACK_NAME"
+
+echo "Finished create/update successfully!"
diff --git a/.github/workflows/aws.yml b/.github/workflows/aws.yml
@@ -1003,148 +1003,17 @@ jobs:
       - name: Create or update image builder
         id: imageBuilder
         run: |
-          
-          shopt -s failglob
-          set -eEBxuo pipefail
-          
-          if [[ "null" == "${{ steps.distribution.outputs.distribution }}" ]]
-          then
-            exit "Step id distribution failed."
-          fi
-          echo "Checking if stack exists ..."
-          
-          STACK_NAME="imagebuilder-${{ inputs.environment }}-${{ needs.CONSTANTS.outputs.repositoryNicename }}"
-          
-          # Describe stacks and set action variables
-          if ! aws cloudformation describe-stacks --region "${{ matrix.aws-region }}" --stack-name "$STACK_NAME"; then
-            echo -e "\nStack does not exist, creating ..."
-            action="create-stack"
-            wait_action="stack-create-complete"
-          else
-            echo -e "\nStack exists, attempting update ..."
-            action="update-stack"
-            wait_action="stack-update-complete"
-          fi
-          
-          cat > ./imageBuilderScriptBuild <<'IMAGE-BUILDER-BUILD-EOF'
-          ${{ inputs.imageBuilderScriptBuild }}
-          IMAGE-BUILDER-BUILD-EOF
-          
-          cat > ./imageBuilderScriptValidate <<'IMAGE-BUILDER-VALIDATE-EOF'
-          ${{ inputs.imageBuilderScriptValidate }}
-          IMAGE-BUILDER-VALIDATE-EOF
-          
-          if [ -n "${{ inputs.secretPayloadEncrypted }}" ]; then
-            chmod +x ./.github/assets/shell/parseSecrets.sh
-            source ./.github/assets/shell/parseSecrets.sh \
-              "${{ secrets.ENCRYPTION_KEY }}" \
-              "${{ inputs.secretPayloadEncrypted }}" \
-              ./imageBuilderScriptBuild \
-              ./imageBuilderScriptValidate
-          fi
-          
-          php ./.github/assets/php/createImageBuilderDataYaml.php ./imageBuilderScriptBuild ./imageBuilderScriptValidate
-          
-          printf "Build data:\n%s\n" "$( cat ./CloudFormation/imagebuilder.yaml )"
-          
-          template=$(aws cloudformation get-template --stack-name "$STACK_NAME" --query "TemplateBody" --output text 2>/dev/null) || template=""
-          
-          echo "$template" > /tmp/latest_template.yaml
-          
-          # Retrieve the current version and bump it
-          CURRENT_VERSION=$(aws cloudformation describe-stacks --region "${{ matrix.aws-region }}" --stack-name "$STACK_NAME" --query "Stacks[0].Parameters[?ParameterKey=='RecipeVersion'].ParameterValue" --output text) || CURRENT_VERSION=""
-          
-          # If CURRENT_VERSION is empty, set a default version
-          if [[ -z "$CURRENT_VERSION" ]]; then
-            CURRENT_VERSION="0.0.0"
-          fi
-          
-          # Compare the local template with the latest template
-          if ! diff -q -w ./CloudFormation/imagebuilder.yaml /tmp/latest_template.yaml > /dev/null; then
-            echo "Latest version template differ, bumping version..."
-          
-            sudo apt-get install colordiff
-          
-            set +e
-            colordiff  -y -w ./CloudFormation/imagebuilder.yaml /tmp/latest_template.yaml
-            set -e
-          
-            YEAR=$(date +"%Y")
-            MONTH=$(date +"%m")
-          
-            # Split the version into major, minor, and patch parts
-            IFS='.' read -r major minor patch <<< "$CURRENT_VERSION"
-          
-            # Check if the major and minor parts match the current year and month
-            if [[ "$major" == "$YEAR" && "$minor" == "$MONTH" ]]; then
-              # Increment the patch version
-              patch=$((patch + 1))
-            else
-              # Reset the patch version if the major or minor parts have changed
-              patch=0
-            fi
-          
-            # Set the major and minor parts to the current year and month
-            major=$YEAR
-            minor=$MONTH
-          
-            # Construct the new version string
-            NEW_VERSION="${major}.${minor}.${patch}"
-          
-            echo "Bumped version from $CURRENT_VERSION to $NEW_VERSION"
-            echo "new_version=$NEW_VERSION" >> $GITHUB_ENV
-            CURRENT_VERSION=$NEW_VERSION
-          else
-            echo "Templates are identical, no version bump needed."
-          fi
-
-          echo "version=$CURRENT_VERSION" >> IMAGE-BUILDER.txt
-
-          echo "Creating parameters file ($CURRENT_VERSION)..."
-          
-          PARAMETERS_FILE=$( php ./.github/assets/php/createAwsJsonParametersFile.php \
-                    "--Name=$STACK_NAME" \
-                    --InfrastructureConfigurationId=${{ env.infrastructure }} \
-                    --DistributionConfigurationId=${{ env.distribution }} \
-                    "--Ec2BaseImageAMI=${{ inputs.imageBuilderBaseImageAMI }}" \
-                    "--RecipeVersion=$CURRENT_VERSION" \
-                    --Storage=30 )
-          
-          echo "Parameters file:"
-          
-          cat $PARAMETERS_FILE
-          
-          echo "End of parameters file."
-          
-          # Create or update stack
-          set +e
-          output=$(aws cloudformation $action \
-              --region "${{ matrix.aws-region }}" \
-              --stack-name $STACK_NAME \
-              --template-body file://./CloudFormation/imagebuilder.yaml \
-              --parameters "file://$PARAMETERS_FILE" \
-            2>&1)
-          status=$?
-          set -e
-          
-          echo "$output"
-          
-          if [ $status -ne 0 ] && [[ $action == "update-stack" ]]; then
-            if [[ $output == *"ValidationError"* && $output == *"No updates"* ]]; then
-              echo "needImageRebuild=false" >> $GITHUB_ENV
-              echo -e "\nFinished create/update - no updates to be performed"
-              exit 0
-            else
-              exit $status
-            fi
-          fi
-          
-          echo "needImageRebuild=true" >> $GITHUB_ENV
-          echo "Waiting for stack to be $wait_action ..."
-          aws cloudformation wait $wait_action --region "${{ matrix.aws-region }}" --stack-name "$STACK_NAME"
-          
-          echo "Finished create/update successfully!"
-
+          source ./.github/assets/shell/createUpdateImageBuilder.sh \
+            "${{ matrix.distribution }}" \
+            "${{ matrix.aws-region }}" \
+            "${{ env.environment }}" \
+            "${{ inputs.repositoryNicename }}" \
+            "${{ inputs.imageBuilderScriptBuild }}" \
+            "${{ inputs.imageBuilderScriptValidate }}" \
+            "${{ secrets.encryptionKey }}" \
+            "${{ secrets.secretPayloadEncrypted }}" \
+            "${{ inputs.imageBuilderBaseImageAMI }}" \
+            "${{ env.infrastructure }}"
 
       - name: Start image pipeline execution
         id: image

diff --git a/.github/workflows/miles-systems-deployment.yml b/.github/workflows/miles-systems-deployment.yml
@@ -175,7 +175,6 @@ jobs:
             # @note preserved across restarts
             echo "fs.inotify.max_user_watches=2147483647" >> /etc/sysctl.conf sysctl -p
             
-            
             cp /etc/php-fpm.d/www.conf /etc/php-fpm.d/www.conf.default
             
             # PHP-FPM user change