This repository was archived by the owner on Jan 15, 2021. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathsync
executable file
·73 lines (58 loc) · 3.23 KB
/
sync
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
#!/usr/bin/env bash
# Fail the whole script if any command fails
set -e
# Extract Settings
REGION="$(echo "${PLUGIN_SETTINGS}" | jq -r '.region //= "us-east-1" | .region')"
BUCKET="$(echo "${PLUGIN_SETTINGS}" | jq -r '.bucket //= "" | .bucket')"
SOURCE="$(echo "${PLUGIN_SETTINGS}" | jq -r '.source //= "." | .source')"
TARGET="$(echo "${PLUGIN_SETTINGS}" | jq -r '.target //= "/" | .target')"
DELETE="$(echo "${PLUGIN_SETTINGS}" | jq -r '.delete //= "false" | .delete')"
CACHE_CONTROL="$(echo "${PLUGIN_SETTINGS}" | jq -r '.cache_control //= "" | .cache_control')"
EXCLUDE="$(echo "${PLUGIN_SETTINGS}" | jq -r '.exclude //= "" | .exclude')"
INCLUDE="$(echo "${PLUGIN_SETTINGS}" | jq -r '.include //= "" | .include')"
ACL="$(echo "${PLUGIN_SETTINGS}" | jq -r '.acl //= "" | .acl')"
SSE="$(echo "${PLUGIN_SETTINGS}" | jq -r '.sse //= "" | .sse')"
ERRORS_ONLY="$(echo "${PLUGIN_SETTINGS}" | jq -r '.only_show_errors //= "false" | .only_show_errors')"
AWS_ACCESS_KEY_ID="$(echo "${PLUGIN_SETTINGS}" | jq -r '.aws_access_key_id //= "" | .aws_access_key_id')"
AWS_SECRET_ACCESS_KEY="$(echo "${PLUGIN_SETTINGS}" | jq -r '.aws_secret_access_key //= "" | .aws_secret_access_key')"
AWS_ASSUME_ROLE="$(echo "${PLUGIN_SETTINGS}" | jq -r '.aws_assume_role //= "" | .aws_assume_role')"
CLOUDFRONT_ID="$(echo "${PLUGIN_SETTINGS}" | jq -r '.cloudfront_distribution_id //= "" | .cloudfront_distribution_id')"
if [ -z "${BUCKET}" ]; then
echo "FATAL: Missing S3 Bucket Name"
exit 1
fi
if [ "${TARGET:0:1}" != "/" ]; then
# Fix the target if it is not absolute
TARGET="/${TARGET}"
fi
# Prepare command-line options needed for aws s3 sync
declare -a OPTIONS
[ -n "${CACHE_CONTROL}" ] && OPTIONS+=(--metadata-directive REPLACE --cache-control "'${CACHE_CONTROL}'")
[ -n "${EXCLUDE}" ] && OPTIONS+=(--exclude "'${EXCLUDE}'")
[ -n "${INCLUDE}" ] && OPTIONS+=(--include "'${INCLUDE}'")
[ -n "${ACL}" ] && OPTIONS+=(--acl "${ACL}")
[ -n "${SSE}" ] && OPTIONS+=(--sse "${SSE}")
[ "${DELETE}" == true ] && OPTIONS+=(--delete)
[ "${ERRORS_ONLY}" == true ] && OPTIONS+=(--only-show-errors)
# Export the credentials (if provided) for the AWS CLI
if [ -n "${AWS_ACCESS_KEY_ID}" ] && [ -n "${AWS_SECRET_ACCESS_KEY}" ]; then
export AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY
fi
if [ -n "${AWS_ASSUME_ROLE}" ]; then
# Assume the role provided, and override credentials (if provided)
CREDENTIALS=$(set -x; aws sts assume-role \
--role-arn ${AWS_ASSUME_ROLE} \
--role-session-name drone-s3-sync)
export AWS_ACCESS_KEY_ID=$(echo "${CREDENTIALS}" | jq -r '.Credentials.AccessKeyId')
export AWS_SECRET_ACCESS_KEY=$(echo "${CREDENTIALS}" | jq -r '.Credentials.SecretAccessKey')
export AWS_SESSION_TOKEN=$(echo "${CREDENTIALS}" | jq -r '.Credentials.SessionToken')
fi
# Output the only the following command to STDOUT as well as run it
( set -x
aws s3 sync --region "${REGION}" "${SOURCE}" "s3://${BUCKET}${TARGET%/}/" "${OPTIONS[@]}" )
# If a CloudFront Distribution ID is set, also set an invalidation to the root
# of the target we've been provided
if [ -n "${CLOUDFRONT_ID}" ]; then
( set -x
aws cloudfront create-invalidation --region "${REGION}" --distribution-id "${CLOUDFRONT_ID}" --paths "${TARGET%/}/*" )
fi