forked from ausaccessfed/shibboleth-idp-installer
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathupdate_idp.sh
executable file
·121 lines (101 loc) · 2.98 KB
/
update_idp.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
#!/bin/bash
declare -a nodes
function git_update_details {
remote=`git config --get remote.origin.url`
current_branch=`git symbolic-ref -q --short HEAD`
echo -e "The process will also perform the following UPGRADES:\n"
echo " 1. Upgrade to the most recent version of the installer: "
echo " * The update will be retrieved from: ${remote}"
echo " * It will be based on the most recent release from: ${current_branch}"
echo ""
echo " 2. May add additional files to your Assets area to allow for advanced configuration"
echo ""
echo " 3. Upgrade, if necessary, to the most recently vetted versions of: "
echo " * Shibboleth IdP"
echo -e " * Jetty\n\n"
}
the_install_base=/opt
working_dir=$the_install_base/shibboleth-idp-installer/repository
cd $working_dir || exit
function get_nodes {
i=1
getting_nodes=false
for line in $(cat ansible_hosts)
do
if [ $line == "[idp-servers]" ]; then
getting_nodes=true
else
if [[ "$line" == [* ]]; then
getting_nodes=false
else
if ( $getting_nodes ); then
nodes[$i]=$line
fi
fi
fi
done
}
function server_patch () {
patch=`grep "server_patch:" host_vars/$1`
if [[ $patch == "server_patch: \"false\"" ]]; then
echo " Node: $1 will NOT be patched"
else
echo " Node: $1 will be patched"
fi
}
get_nodes
echo ${nodes[*]}
upgrade=false
while getopts ":u" opt; do
case $opt in
u) upgrade=true;;
esac
done
echo -e "\n-----\n"
echo -e "This process will perform the following UPDATES: \n"
echo " 1. Update underlying operating system packages to ensure any security issues are addressed"
echo ""
for x in ${nodes[*]}
do
server_patch $x
done
echo ""
echo " 2. Apply any configuration changes made within the assets directory for: "
echo " * Shibboleth IdP"
echo " * Jetty"
echo " * Apache HTTPD"
echo ""
echo -e " 3. RESTART all dependant processes.\n"
if [[ $upgrade = true ]]
then
git_update_details
fi
echo "You MUST have a tested rollback plan in place before continuing."
echo -e "\n-----\n"
read -r -p "Are you sure you wish to continue with the process as detailed above? [y/N] " response
response=${response,,}
if [[ $response =~ ^(yes|y)$ ]]
then
if [[ $upgrade = true ]]
then
echo -e "\nAttempting to update the AAF Installer respositry...\n"
git pull
retval=$?
if [ $retval -ne 0 ]
then
echo -e "\n ----"
echo -e " An ERROR occurred attempting to upgrade the local AAF Installer respoitory"
echo -e " This must be resolved before your upgrade can proceed!\n"
echo -e " Details of the issue are shown above."
echo -e " ----"
echo -e "\nNo changes have been made. Exiting."
exit 1
else
ansible-playbook -i ansible_hosts update.yml --extra-var="install_base=$the_install_base"
fi
fi
ansible-playbook -i ansible_hosts site.yml --force-handlers --extra-var="install_base=$the_install_base"
else
echo "No changes made, exiting."
exit 0
fi