Merge branch 'master' of https://github.com/andrewlorien/bash-my-aws

Author: andrew

README.md

@@ -174,6 +174,7 @@ Put the following in your shell's startup file:
 
 ```Shell
 export PATH="$PATH:${BMA_HOME:-$HOME/.bash-my-aws}/bin"
+export BMA_COLUMNISE_ONLY_WHEN_TERMINAL_PRESENT=true
 source ${BMA_HOME:-$HOME/.bash-my-aws}/aliases
 
 # For ZSH users, uncomment the following two lines:

TODO.md

@@ -1,4 +1,5 @@
 # TODO
 
+- Only `add_to_path_if_missing()`
 - (aws-)backup-functions
 

aliases

@@ -77,6 +77,7 @@ alias buckets='${BMA_HOME:-$HOME/.bash-my-aws}/bin/bma buckets'
 alias cert-chain='${BMA_HOME:-$HOME/.bash-my-aws}/bin/bma cert-chain'
 alias cert-delete='${BMA_HOME:-$HOME/.bash-my-aws}/bin/bma cert-delete'
 alias cert-ificate='${BMA_HOME:-$HOME/.bash-my-aws}/bin/bma cert-ificate'
+alias cert-resource-record-valid='${BMA_HOME:-$HOME/.bash-my-aws}/bin/bma cert-resource-record-valid'
 alias cert-users='${BMA_HOME:-$HOME/.bash-my-aws}/bin/bma cert-users'
 alias cert-verify='${BMA_HOME:-$HOME/.bash-my-aws}/bin/bma cert-verify'
 alias certs='${BMA_HOME:-$HOME/.bash-my-aws}/bin/bma certs'
@@ -120,6 +121,7 @@ alias elbv2s='${BMA_HOME:-$HOME/.bash-my-aws}/bin/bma elbv2s'
 alias hosted-zone-a-records='${BMA_HOME:-$HOME/.bash-my-aws}/bin/bma hosted-zone-a-records'
 alias hosted-zone-ns-records='${BMA_HOME:-$HOME/.bash-my-aws}/bin/bma hosted-zone-ns-records'
 alias hosted-zones='${BMA_HOME:-$HOME/.bash-my-aws}/bin/bma hosted-zones'
+alias iam-access-key-rotate='${BMA_HOME:-$HOME/.bash-my-aws}/bin/bma iam-access-key-rotate'
 alias iam-role-principal='${BMA_HOME:-$HOME/.bash-my-aws}/bin/bma iam-role-principal'
 alias iam-roles='${BMA_HOME:-$HOME/.bash-my-aws}/bin/bma iam-roles'
 alias iam-users='${BMA_HOME:-$HOME/.bash-my-aws}/bin/bma iam-users'

bash_completion.sh

@@ -179,6 +179,7 @@ complete -F _bma_buckets_completion buckets
 complete -F _bma_certs_completion cert-chain
 complete -F _bma_certs_completion cert-delete
 complete -F _bma_certs_completion cert-ificate
+complete -F _bma_certs_completion cert-resource-record-valid
 complete -F _bma_certs_completion cert-users
 complete -F _bma_certs_completion cert-verify
 complete -F _bma_certs_completion certs

docs/command-reference.md

@@ -1319,6 +1319,16 @@ Return Cert Chain for ACM Cert(s)
     USAGE: cert-chain cert-arn [cert-arn]
 
 
+### cert-resource-record-valid
+
+cert-resource-record-valid - Check if a specified DNS resource record matches the expected value and includes input validation.
+
+Usage: cert-resource-record-valid <name> <type> <value>
+Perform the DNS query
+Print the output of the DNS query
+Check if the expected value is in the output
+
+
 ### cert-verify
 
 Verify ACM cert(s)
@@ -1678,6 +1688,10 @@ List IAM Users
     ecsInstanceRole                          AROAJFQ3WMZXESGIKW5YD  2017-03-09T05:31:39Z
 
 
+### iam-access-key-rotate
+
+
+
 ## image-commands
 
 

functions

@@ -77,6 +77,7 @@ buckets
 cert-chain
 cert-delete
 cert-ificate
+cert-resource-record-valid
 cert-users
 cert-verify
 certs
@@ -120,6 +121,7 @@ elbv2s
 hosted-zone-a-records
 hosted-zone-ns-records
 hosted-zones
+iam-access-key-rotate
 iam-role-principal
 iam-roles
 iam-users

lib/cert-functions

@@ -130,6 +130,36 @@ cert-chain() {
   done
 }
 
+cert-resource-record-valid() {
+
+  # cert-resource-record-valid - Check if a specified DNS resource record matches the expected value and includes input validation.
+  #
+  # Usage: cert-resource-record-valid <name> <type> <value>
+
+  [[ "$#" -lt 2 ]] && __bma_usage "<name> <value> [type]" && return 1
+
+  local name="$1"
+  local value="$2"
+  local type="${3:-CNAME}"
+
+  # Perform the DNS query
+  local output=$(dig +noall +answer "$name" "$type")
+
+  # Print the output of the DNS query
+  echo "Query output:"
+  echo "$output"
+
+  # Check if the expected value is in the output
+  if echo "$output" | grep -q "$value"; then
+      echo "The DNS record is valid."
+      return 0
+  else
+      echo "The DNS record is invalid or does not exist."
+      return 1
+  fi
+}
+
+
 # openssl verify -CAfile trusted-ca.crt -untrusted chain.crt cert.crt
 
 cert-verify() {

lib/extras/git/git-functions

@@ -0,0 +1,222 @@
+# git functions
+
+# Just some local things Mike uses (release early, release often)
+#
+# Worth a look:
+#
+# - git-ls-noticed: List files from git index (based on a gitinclude file)
+# - git-tarball-create: Creates a tarball based on a gitinclude (special gitginore) file
+# - git-repos: List all git repos (remote_url and git_dir)
+
+git-tarball-create() {
+
+    # git-tarball-create - Creates a tarball based on a single gitinclude file
+    #
+    # Usage: git-tarball-create <gitinclude_file>
+    #
+
+    local gitinclude_file="${1:-}"
+
+    # Verify gitinclude_file argument is provided
+    if [[ -z $gitinclude_file ]]; then
+        echo "Usage: tarball-create <gitinclude_file>" >&2
+        return 1
+    elif [[ ! -f $gitinclude_file ]]; then
+        # Verify gitinclude_file file exists
+        echo "Error: gitinclude file '$gitinclude_file' not found." >&2
+        return 1
+    fi
+
+    local last_commit_date="$(git log -1 --format=%cd --date=format:%Y-%m-%d)"
+    local git_repo_path="$(git rev-parse --show-toplevel)"
+    local git_repo_name="${git_repo_path##*/}"
+    local variant="$(basename "${gitinclude_file}")"
+    local release="${git_repo_name}-${variant}-${last_commit_date}"
+    local build_dir="${git_repo_path}/build"
+    local tarball="${build_dir}/${release}.tar.gz"
+
+    (
+        cd "${git_repo_path}" || exit
+        # Ensure the build directory exists
+        mkdir -p "$build_dir" || { echo "Failed to create build directory: $build_dir" >&2; return 1; }
+
+        # Use git to list files for inclusion in the tarball
+        if ! git-ls-noticed "$gitinclude_file" \
+        | tar \
+            --transform "flags=r;s,^,${release}/," \
+            -czf "${tarball}" -T -
+        then 
+            echo "Error: Failed to create tarball." >&2
+            return 1
+        fi
+    )
+
+    echo "Tarball created: ${tarball}"
+}
+
+git-archive() {
+
+    local last_commit_date="$(git log -1 --format=%cd --date=format:%Y-%m-%d)"
+    local git_repo_path="$(git rev-parse --show-toplevel)"
+    local git_repo_name="${git_repo_path##*/}"
+    local release="${git_repo_name}-${last_commit_date}"
+    local build_dir="${git_repo_path}/build"
+    local tarball="${build_dir}/${release}.tar.gz"
+    local label="$(basename $(git rev-parse --show-toplevel))-$(git log -1 --format=%cd --date=format:%Y-%m-%d)"
+
+    (
+        cd "${git_repo_path}" || exit
+
+        # Ensure the build directory exists
+        mkdir -p "$build_dir" || { echo "Failed to create build directory: $build_dir" >&2; return 1; }
+
+        git archive \
+        --prefix="${release}/"  \
+        --format=tar.gz      \
+        -o "${build_dir}/${release}.tar.gz" \
+        HEAD
+    )
+}
+
+git-remote-add-github() {
+    git remote add github "github.com_mbailey:mbailey/$(git-repo-name).git"
+    git branch -M master
+    git push -u github master
+}
+
+git-repo-name() {
+  basename "$(git rev-parse --show-toplevel)"
+}
+
+git-repos() {
+
+    local search_dirs="$(skim-stdin "$@")"
+    [[ -z $search_dirs ]] && search_dirs='.'
+    
+    # debug "$search_dirs"
+
+    # Find all .git directories under the specified directories
+    for search_dir in $search_dirs; do
+        find -L "$search_dir" -type d -name .git 2>/dev/null | while read -r git_dir; do
+            local repo_dir
+            repo_dir=$(dirname "$git_dir") # Get the repository directory by removing the .git part
+            local repo_url
+            repo_url=$(git -C "$repo_dir" config --get remote.origin.url) # Get the repository's remote URL
+            printf "%s\t%s\n" "$repo_url" "${repo_dir}" # Print the repository URL and directory path, separated by a tab
+        done \
+        | sort -k1,1 \
+        | bma columnise
+    done
+}
+
+git-ls-noticed() {
+    # This uses gitignore but flips the meaning. Any file matched here is allowed (instead of ignored).
+    #
+    # List files with:
+    #
+    #   git ls-files --ignored --cached --exclude-from=<path/to/this_file>
+    #
+    # How it works:
+    #
+    #     `--ignored`: Lists all files that are ignored by git
+    #     `--cached`: Lists all files that are staged for commit. (Required to use `--ignored`.)
+    #     `--exclude-from`: Use specified file as the ignore file (and ignore all others)
+    #
+    # Test with:
+    #
+    # diff <(git-ls-noticed path/to/.gitinclude/target)  <(tar-ls build/example-target-2024-04-17.tar.gz)
+
+    local gitinclude_file="${1:-}"
+
+    if [[ -z "$gitinclude_file" ]]; then
+        echo "Usage: git-ls-noticed <gitinclude_file>" >&2
+        return 1
+    elif [[ ! -f "$gitinclude_file" ]]; then
+        echo "Error: File '$gitinclude_file' not found." >&2
+        return 1
+    fi
+
+    # Convert the relative path to an absolute path
+    gitinclude_file="$(realpath "$gitinclude_file")"
+
+    # Ensure command is run within a git repository
+    local git_repo_path
+    if ! git_repo_path=$(git rev-parse --show-toplevel); then
+        echo "Error: Current directory is not within a git repository." >&2
+        return 1
+    fi
+
+    # Use subshell do directory change is not persistent
+    (
+        cd "${git_repo_path}" || return 1
+        # Use git to list files that are not ignored
+        git ls-files --ignored --cached --exclude-from="$gitinclude_file"
+    )
+}
+
+
+
+git-repo-dirs(){
+
+    # list dirs under a path that contain git repos
+
+    local search_dir="${1:-~/git}" # Use provided directory or default to current directory if not provided
+
+    git-repos "${search_dir}" | cut -f2 | xargs dirname | sort -u | rg -v .old | sed "s#$search_dir/##"
+}
+
+git-repos-save() {
+    (
+        cd ~/.mt/git
+        for dir in $(git-repo-dirs ~/git); do
+            echo $dir
+            mkdir -p $dir
+            git-repos ~/git/$dir | tee $dir/git-repos.txt
+        done
+    )
+}
+
+git-repo-create() {
+    local repo_name=$(basename "$1" .git) # Ensures repo_name is derived cleanly
+
+    # Prevent cloning into the same repository directory
+    if [ -d "$repo_name.git" ]; then
+        echo "A directory named '$repo_name.git' already exists. Exiting to avoid conflict."
+        return 1
+    fi
+
+    # Ensure all files are committed in $repo_name
+    (
+        cd "$repo_name" || return 1
+        if ! git diff --quiet; then
+            echo "Uncommitted changes found in '$repo_name'. Please commit all changes before proceeding."
+            return 1
+        fi
+    )
+
+    # Clone as bare repository
+    if ! git clone --bare "$1" "$repo_name.git"; then
+        echo "Cloning failed. Please check the repository path."
+        return 1
+    fi
+
+    # Secure copy to remote server
+    if ! scp -r "$repo_name.git" git:git; then
+        echo "Failed to copy repository to remote server."
+        return 1
+    fi
+
+    # clone it
+    git clone "git.failmode.com_m:git/${repo_name}" "${repo_name}.cloned-from-remote"
+
+    # Move old repo
+    mv "${repo_name}" "${repo_name}.cloned_to_remote"
+
+    # Move new repo
+    mv "${repo_name}.cloned-from-remote" "${repo_name}"
+
+    echo "Repository '$repo_name.git' successfully cloned, copied to remote server and cloned back."
+}
+
+
+