bivqe8Ft

· 5 years ago · Mar 18, 2020, 07:32 AM
1#!/usr/bin/env bash
2
3echo '***************************************'
4
5echo "accessKey: $1"
6echo "secretKey: $2"
7echo "namespace: $3"
8echo "jobname_type: $4"
9echo "buildNumber: $5"
10echo "path: $6"
11
12echo '***************************************'
13
14echo ''
15 
16
17readonly AWS_ACCESS_KEY_ID=$1
18readonly AWS_SECRET_ACCESS_KEY=$2
19readonly AWS_SERVICE='s3'
20readonly AWS_REGION='eu-central-1'
21readonly AWS_S3_BUCKET_NAME='s3-artifactory-jenkins-'$3
22
23
24echo ''
25
26echo '***************************************'
27echo AWS_S3_BUCKET_NAME
28echo ${AWS_S3_BUCKET_NAME}
29echo '***************************************'
30
31echo ''
32
33readonly AWS_SERVICE_ENDPOINT_URL="\
34${AWS_S3_BUCKET_NAME}.${AWS_SERVICE}.amazonaws.com"
35# Create an SHA-256 hash in hexadecimal.
36# Usage:
37#   hash_sha256 <string>
38function hash_sha256 {
39  printf "${1}" | openssl dgst -sha256 | sed 's/^.* //'
40}
41# Create an SHA-256 hmac in hexadecimal.
42# Usage:
43#   hmac_sha256 <key> <data>
44function hmac_sha256 {
45  key="$1"
46  data="$2"
47  printf "${data}" | openssl dgst -sha256 -mac HMAC -macopt "${key}" | \
48      sed 's/^.* //'
49}
50readonly CURRENT_DATE_DAY="$(date -u '+%Y%m%d')"
51readonly CURRENT_DATE_TIME="$(date -u '+%H%M%S')"
52readonly CURRENT_DATE_ISO8601="${CURRENT_DATE_DAY}T${CURRENT_DATE_TIME}Z"
53readonly HTTP_REQUEST_METHOD='GET'
54readonly HTTP_REQUEST_PAYLOAD=''
55readonly HTTP_REQUEST_PAYLOAD_HASH="$(printf "${HTTP_REQUEST_PAYLOAD}" | \
56    openssl dgst -sha256 | sed 's/^.* //')"
57readonly HTTP_CANONICAL_REQUEST_URI='/'$4'/'$5'/artifacts/ROOT.war'
58
59echo '***************************************'
60echo HTTP_CANONICAL_REQUEST_URI
61echo ${HTTP_CANONICAL_REQUEST_URI}
62echo '***************************************'
63
64echo ''
65
66readonly HTTP_CANONICAL_REQUEST_QUERY_STRING=''
67readonly HTTP_REQUEST_CONTENT_TYPE='application/x-www-form-urlencoded'
68readonly HTTP_CANONICAL_REQUEST_HEADERS="\
69content-type:${HTTP_REQUEST_CONTENT_TYPE}
70host:${AWS_SERVICE_ENDPOINT_URL}
71x-amz-content-sha256:${HTTP_REQUEST_PAYLOAD_HASH}
72x-amz-date:${CURRENT_DATE_ISO8601}"
73# Note: The signed headers must match the canonical request headers.
74readonly HTTP_REQUEST_SIGNED_HEADERS="\
75content-type;host;x-amz-content-sha256;x-amz-date"
76readonly HTTP_CANONICAL_REQUEST="\
77${HTTP_REQUEST_METHOD}
78${HTTP_CANONICAL_REQUEST_URI}
79${HTTP_CANONICAL_REQUEST_QUERY_STRING}
80${HTTP_CANONICAL_REQUEST_HEADERS}\n
81${HTTP_REQUEST_SIGNED_HEADERS}
82${HTTP_REQUEST_PAYLOAD_HASH}"
83
84
85# Create the signature.
86# Usage:
87#   create_signature
88function create_signature {
89  stringToSign="AWS4-HMAC-SHA256
90${CURRENT_DATE_ISO8601}
91${CURRENT_DATE_DAY}/${AWS_REGION}/${AWS_SERVICE}/aws4_request
92$(hash_sha256 "${HTTP_CANONICAL_REQUEST}")"
93  dateKey=$(hmac_sha256 key:"AWS4${AWS_SECRET_ACCESS_KEY}" \
94      "${CURRENT_DATE_DAY}")
95  regionKey=$(hmac_sha256 hexkey:"${dateKey}" "${AWS_REGION}")
96  serviceKey=$(hmac_sha256 hexkey:"${regionKey}" "${AWS_SERVICE}")
97  signingKey=$(hmac_sha256 hexkey:"${serviceKey}" "aws4_request")
98  printf "${stringToSign}" | openssl dgst -sha256 -mac HMAC -macopt \
99      hexkey:"${signingKey}" | awk '{print $2}'
100}
101readonly SIGNATURE="$(create_signature)"
102
103readonly HTTP_REQUEST_AUTHORIZATION_HEADER="\
104AWS4-HMAC-SHA256 Credential=${AWS_ACCESS_KEY_ID}/${CURRENT_DATE_DAY}/\
105${AWS_REGION}/${AWS_SERVICE}/aws4_request, \
106SignedHeaders=${HTTP_REQUEST_SIGNED_HEADERS};x-amz-date, Signature=${SIGNATURE}"
107curl -X "${HTTP_REQUEST_METHOD}" -v \
108    "https://${AWS_SERVICE_ENDPOINT_URL}${HTTP_CANONICAL_REQUEST_URI}" \
109    -H "Authorization: ${HTTP_REQUEST_AUTHORIZATION_HEADER}" \
110    -H "content-type: ${HTTP_REQUEST_CONTENT_TYPE}" \
111    -H "x-amz-content-sha256: ${HTTP_REQUEST_PAYLOAD_HASH}" \
112    -H "x-amz-date: ${CURRENT_DATE_ISO8601}" \
113    -o $