Skip to content

academicmerit/binfra

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

12 Commits
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

binfra

bash infrastructure lib with concise functions:

# NAME=VALUE ...

vpc::create
rds::create
fargate::create-cluster
fargate::create-execution-role

fargate::create-app $APP \
    $IMAGE \
    $PORT \
    $HEALTH_PATH \
    "$ENV_VARS" \
    "$SECRETS"

This will get $APP exposed to https://$ENV-$APP.$PROJECT.$COMPANY_DOMAIN_NAME

Layers

AWS layers supported at the moment:

    R53
   /   \
ELB     APIGW
 |        |    
Fargate  SAM*
 |
ECS  RDS
 |  /
 | /
VPC     \  |
 |       SSM
EC2    --IAM

Original AWS SAM CLI is concise enough, so no lib/aws/sam exists in binfra, but lib/aws/expose provides function suitable for SAM + API Gateway integration:

expose::create-api-gw-domain-name \
    $ENV-$SAM_APP.$PROJECT.$COMPANY_DOMAIN_NAME \
    $SAM_STACK_NAME

Install

binfra requires import and shellcheck:

sudo bash -c "
curl -sfLS https://import.pw > /usr/local/bin/import
chmod +x /usr/local/bin/import
snap install --channel=edge shellcheck || {
    echo 'Please do https://github.com/koalaman/shellcheck#installing'
}
"

Please:

  • Make sure aws command is available in your project,
    e.g. add awscli to requirements-local.txt of your project
    and pip install -r requirements-local.txt
  • Copy bin/install template to your project
  • Update bin/install with your project-specific values
  • chmod a+x bin/install
  • Run bin/install dev to install dev environment of your project into AWS cloud

Uninstall

bash

  • To avoid bash issues, we will use the next tools and ideas
  • Bash Strict Mode
    • We avoid -o pipefail because it breaks very useful things like list-items | grep -q item || create-item
  • ShellCheck, added to bin/test
  • Read Bash cheatsheet
  • How to return values from functions:
    • return 0 means success
    • return 1 raises an error
    • Simple functions that have no logging echo-s or third-party stdout inside can return a value via stdout, e.g. VALUE=$(ssm::rand-str)
    • More complex functions follow the bultin read NAME NAME... syntax to assign return values to given NAMEs: expose::create-lb LB_SECGROUP_ID TARGET_GROUP_ARN...
  • To avoid "$QUOTING" "$EVERY" "$VARIABLE" we exclude ShellCheck warnings related to SC2086 and apply the alternative:
    • Disable globbing by using set -f, so that PASSWORD=te?t* would not expand to test1.sh test2.py from the current dir
      • This doesn't affect valuable [[ $HAYSTACK == *NEEDLE* ]]
      • Globbing can be temporary enabled with set +f when needed and then disabled again
    • Disable word splitting by space, but keep tab and newline in IFS (Internal Field Separator list), as we use them in places like:
      • while read -r NAME VALUE from aws --output text which is tab-separated
      • for SECRET in $SECRETS which is a newline-separated list that is way simpler to use than "${ARRAYS[@]}"
  • We avoid using shfmt formatter (unlike python's black) because:
    • shfmt is not easily installable - additional issue for CI/CD
    • It has non-configurable decision to make the code less readable by adding ;-s in few cases:
      # `if` as designed by bash authors:
      if $CONDITION
      then $ACTION
      fi
      
      # `if` as formatted by shfmt:
      if $CONDITION; then
      $ACTION
      fi
  • We avoid using Google's Shell Style Guide because it is focused on making the style compatible with other languages at Google, even when it breaks natural bash style, just like shfmt does above
    • However, we adopt some good ideas like separating lib names with :: to make it clear which lib the function belongs to

About

bash infrastructure lib with concise functions

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Contributors 3

  •  
  •  
  •  

Languages