From c14a7fc4ca253c81a1043ea18d9f5ec883e32561 Mon Sep 17 00:00:00 2001 From: CosmicAlpha Date: Sun, 23 Feb 2025 11:05:02 -0700 Subject: [PATCH] Add arguments --- modules/salt/files/bin/upgrade-packages.sh | 78 +++++++++++++++++++--- 1 file changed, 69 insertions(+), 9 deletions(-) diff --git a/modules/salt/files/bin/upgrade-packages.sh b/modules/salt/files/bin/upgrade-packages.sh index 9aae32711a..2639c5f9f5 100644 --- a/modules/salt/files/bin/upgrade-packages.sh +++ b/modules/salt/files/bin/upgrade-packages.sh @@ -1,24 +1,84 @@ #!/bin/bash -# Get a list of target servers -servers=$(sudo salt-ssh -E '.*' test.ping --out=json | jq -r 'keys[]') -# Loop through the servers and execute the upgrade command + +# Default flags +skip_confirm=false +dry_run=false +server_pattern='.*' # Default: Match all servers +include_kernel=false # Default: Exclude kernel updates + +# Trap SIGINT (CTRL+C) to exit the entire script +trap "echo -e '\nScript terminated by user'; exit 1" SIGINT + +# Parse command-line arguments +while [[ $# -gt 0 ]]; do + case "$1" in + --yes|-y) + skip_confirm=true + ;; + --dry-run|-d) + dry_run=true + ;; + --servers|-s) + shift + server_pattern="$1" + ;; + --include-kernel|-k) + include_kernel=true + ;; + *) + echo "Unknown option: $1" + exit 1 + ;; + esac + shift +done + +# Get a list of target servers based on the provided pattern +servers=$(sudo salt-ssh -E "$server_pattern" test.ping --out=json | jq -r 'keys[]') + +# Loop through the servers and check/execute the upgrade command for server in $servers; do hostname=$(echo $server | awk -F '.' '{print $1}') - echo "Upgrading packages on $hostname" - packages=$(sudo salt-ssh "$server" cmd.run 'apt-get -s dist-upgrade | grep "^Inst" | grep -i securi | grep -v "linux-image" | awk -F " " {"print $2"}' | awk '{printf "%s ", $2}') + echo "Checking packages for upgrade on $hostname..." + + # Get the list of security upgrades (excluding kernal upgrades unless the flag is specified) + if $include_kernel; then + packages=$(sudo salt-ssh "$server" cmd.run 'apt-get -s dist-upgrade | grep "^Inst" | grep -i securi | awk -F " " {"print $2"}' | awk '{printf "%s ", $2}') + else + packages=$(sudo salt-ssh "$server" cmd.run 'apt-get -s dist-upgrade | grep "^Inst" | grep -i securi | grep -v "linux-image" | awk -F " " {"print $2"}' | awk '{printf "%s ", $2}') + fi + if [ -z "${packages//[[:space:]]}" ]; then echo "No packages to upgrade on $hostname" else - # Create formatted list + # Create formatted package list packages_list=$(echo $packages | sed 's/ /, /g') packages_count=$(echo $packages | wc -w) + if [ $packages_count -gt 1 ]; then last_package=$(echo $packages_list | awk '{print $NF}') - packages_list=$(echo $packages_list | sed 's/ '$last_package'$/ and '$last_package'/') + packages_list=$(echo $packages_list | sed "s/ $last_package$/ and $last_package/") + fi + + # If dry-run mode is enabled, only display the list + if $dry_run; then + echo "[DRY RUN] Packages that would be upgraded on $hostname: $packages_list" + continue + fi + + # Prompt for confirmation unless --yes or -y is provided + if ! $skip_confirm; then + read -p "Upgrading packages $packages_list on $hostname; press enter to confirm or type 'skip' to skip this server... " user_input + if [[ "$user_input" == "skip" ]]; then + echo "Skipping upgrade on $hostname..." + continue + fi fi - read -p "Upgrading packages $packages_list on $hostname; press enter to confirm..." + + # Execute the upgrade command sudo salt-ssh "$server" cmd.run "apt-get -o Dpkg::Options::='--force-confold' install --only-upgrade $packages" - # Log the upgrade message + + # Log the packages that were upgraded logsalmsg "Upgraded packages $packages_list on $hostname" fi done