-
Notifications
You must be signed in to change notification settings - Fork 2
/
psql.sh
executable file
·85 lines (71 loc) · 2.28 KB
/
psql.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
#!/usr/bin/env bash
set -o errexit -o nounset -o pipefail
readonly repo="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
function main {
export ENV="$1"
shift
local -r SERVICE="organisaatio"
init_cloud_base_virtualenv
copy_mfa_token_to_clipboard
if [ "${ENV}" = "hahtuva" ]; then
export PROFILE="oph-dev"
tunnel_port="6691"
db_hostname="${SERVICE}.db.hahtuvaopintopolku.fi"
elif [ "${ENV}" = "untuva" ]; then
export PROFILE="oph-dev"
tunnel_port="6692"
db_hostname="${SERVICE}.db.untuvaopintopolku.fi"
elif [ "${ENV}" = "pallero" ]; then
export PROFILE="oph-dev"
tunnel_port="6693"
db_hostname="${SERVICE}.db.testiopintopolku.fi"
elif [ "${ENV}" = "sade" ]; then
export PROFILE="oph-prod"
tunnel_port="6694"
db_hostname="${SERVICE}.db.opintopolku.fi"
fi
db_username="app"
db_password="$( get_parameter "/${ENV}/postgresqls/${SERVICE}/app-user-password" )"
start_tunnel "${tunnel_port}:${db_hostname}:5432"
PGPASSWORD="${db_password}" psql --host localhost --port "${tunnel_port}" --username "${db_username}" --dbname "${SERVICE}" "$@"
}
function get_parameter {
local -r parameter_name="$1"
aws ssm get-parameter \
--name "${parameter_name}" \
--with-decryption \
--region eu-west-1 \
--profile "${PROFILE}" \
--query "Parameter.Value" \
--output text
}
function start_tunnel {
local -r tunnel="$1"
info "Starting SSH tunnel"
# SSH keeps the connection and tunnel open until both the command executed is finished and all connections through
# the tunnel are closed. Therefore as long as we have the psql connection open, the tunnel will stay open and close
# automatically when all connections are closed.
ssh -f -L "${tunnel}" "${ENV}-bastion" sleep 10
}
function init_cloud_base_virtualenv {
pushd "$repo/../cloud-base"
info "Pulling latest cloud-base"
git pull --rebase
. oph-venv/bin/activate
pip install --requirement requirements.txt > /dev/null
popd
}
function copy_mfa_token_to_clipboard {
info "Copying MFA token to clipboard"
op item get "AWS OPH" --otp | pbcopy
}
function info {
log "INFO" "$1"
}
function log {
local -r level="$1"
local -r message="$2"
local -r timestamp=$(date +"%Y-%m-%d %H:%M:%S")
>&2 echo -e "${timestamp} ${level} ${message}"
}
main "$@"