#!/bin/bash # Usage: # ./deploy-global-policy.sh -d|-r -c -t -s -o -g -w # Ex: ./manage_global_policy.sh -r -c 104.154.155.131 -t test-tls-prof -s https://api-manager-ui.apicman.gigahertz.local -o appsentinels -g catalog1 -w gw03 set -e # Default values ACTION="" CONTROLLER_URL="" TLS_PROFILE="" SERVER="" ORG="" CATALOG="" GATEWAY="" REQUEST_SOURCE="appsentinels-global-pre-proc.yaml" RESPONSE_SOURCE="appsentinels-global-post-proc.yaml" TEMP_REQUEST_FILE="appsentinels-pre-proc.yaml" TEMP_RESPONSE_FILE="appsentinels-post-proc.yaml" # Parse options while getopts "drc:t:s:o:g:w:" opt; do case $opt in d) ACTION="deploy" ;; r) ACTION="remove" ;; c) CONTROLLER_URL="$OPTARG" ;; t) TLS_PROFILE="$OPTARG" ;; s) SERVER="$OPTARG" ;; o) ORG="$OPTARG" ;; g) CATALOG="$OPTARG" ;; w) GATEWAY="$OPTARG" ;; *) echo "Invalid option: -$OPTARG" >&2 exit 1 ;; esac done # Replace placeholders in original files prepare_files() { sed "s/AS_CONTROLLER_URL/$CONTROLLER_URL/g; s/AS_TLS_CLIENT_PROFILE/$TLS_PROFILE/g" "$REQUEST_SOURCE" > "$TEMP_REQUEST_FILE" sed "s/AS_CONTROLLER_URL/$CONTROLLER_URL/g; s/AS_TLS_CLIENT_PROFILE/$TLS_PROFILE/g" "$RESPONSE_SOURCE" > "$TEMP_RESPONSE_FILE" } # Create hook YAML from policy URL create_hook_yaml() { local url=$1 local file=$2 echo -e "global_policy_url: >-\n $url" > "$file" } # Deploy global policies deploy() { prepare_files echo "Deploying global policies..." echo "Creating request policy and prehooks..." apic global-policies:create --catalog $CATALOG --configured-gateway-service $GATEWAY --org $ORG --server $SERVER --scope catalog $TEMP_REQUEST_FILE > temp preurl=$(cut -d " " -f 4 temp) echo $preurl create_hook_yaml "$preurl" GlobalPolicy.yaml apic global-policy-prehooks:create --catalog "$CATALOG" --configured-gateway-service "$GATEWAY" --org "$ORG" --server "$SERVER" --scope catalog GlobalPolicy.yaml echo "Creating response policy and posthooks..." apic global-policies:create --catalog $CATALOG --configured-gateway-service $GATEWAY --org $ORG --server $SERVER --scope catalog $TEMP_RESPONSE_FILE > temp1 posturl=$(cut -d " " -f 4 temp1) echo $posturl create_hook_yaml "$posturl" GlobalPolicy.yaml apic global-policy-posthooks:create --catalog $CATALOG --configured-gateway-service $GATEWAY --org $ORG --server $SERVER --scope catalog GlobalPolicy.yaml rm temp rm temp1 echo "Deployment complete." } # Remove global policies remove() { echo "Removing global policy hooks..." apic global-policy-prehooks:delete --catalog "$CATALOG" --configured-gateway-service "$GATEWAY" --org "$ORG" --server "$SERVER" --scope catalog apic global-policy-posthooks:delete --catalog "$CATALOG" --configured-gateway-service "$GATEWAY" --org "$ORG" --server "$SERVER" --scope catalog echo "Removing global policies..." apic global-policies:delete appsentinels-pre-proc:1.0.0 --server "$SERVER" --org "$ORG" --catalog "$CATALOG" --scope catalog --configured-gateway-service "$GATEWAY" apic global-policies:delete appsentinels-post-proc:1.0.0 --server "$SERVER" --org "$ORG" --catalog "$CATALOG" --scope catalog --configured-gateway-service "$GATEWAY" rm GlobalPolicy.yaml echo "Removal complete." } if [ "$ACTION" == "deploy" ]; then deploy elif [ "$ACTION" == "remove" ]; then remove else echo "Usage: $0 -d|-r -c -t -s -o -g -w " exit 1 fi