sync-s3

#!/bin/bash
set -euo pipefail

run() {
    echo >&2 "+ $*"
    "$@"
}

usage() {
    cat >&2 <<EOM
usage: $(basename "$0") [options] FOLDER <up|down|delete-local>

S3 sync up or down for S3 FOLDER.

Perform a dry run by default. Pass --real to perform a real run.

FOLDER may be one of:
    login-gov-secrets
    login-gov-secrets-test
    login-gov.secrets.894947205914-us-west-2
    login-gov.app-secrets.555546682965-us-west-2
    login-gov.app-secrets.894947205914-us-west-2

Options:

    -h, --help  Display this help message
    --real      Actually upload/download files rather than dry run
    --delete    Also delete missing files from target

For example:

    # dry run download
    $(basename "$0") login-gov-secrets down

    # real run upload
    $(basename "$0") login-gov-secrets up --real

    # real run download and delete removed files
    $(basename "$0") --real --delete login-gov.secrets.894947205914-us-west-2 down

    # delete all local files
    $(basename "$0") --real login-gov-secrets delete-local

EOM
}

set_acct_for_folder() {
    case "$1" in
        login-gov-secrets|login-gov-secrets-test)
            echo "AWS_PROFILE=login.gov"
            export AWS_PROFILE=login.gov
            ;;
        login-gov.*secrets.555546682965-*)
            echo "AWS_PROFILE=login.gov"
            export AWS_PROFILE=login.gov
            ;;
        login-gov.*secrets.894947205914-*)
            echo "AWS_PROFILE=identitysandbox.gov"
            export AWS_PROFILE=identitysandbox.gov
            ;;
        *)
            echo >&2 "Unknown S3 bucket '$1'"
            return 1
            ;;
    esac
}

run_sync() {
    local opts
    opts='--sse aws:kms'
    if [ -z "$REALRUN" ]; then
        opts+=' --dryrun'
    fi
    if [ -n "$DELETE" ]; then
        opts+=' --delete'
    fi
    # shellcheck disable=SC2086
    run aws s3 sync $opts "$@"
}

sync_down() {
    local folder
    folder="$1"
    set_acct_for_folder "$folder"
    run_sync "s3://$folder/" "$folder/"
}

sync_up() {
    local folder
    folder="$1"
    set_acct_for_folder "$folder"
    run_sync "$folder/" "s3://$folder/"
}

delete_local() {
    local folder
    folder="$1"
    if [ -n "$REALRUN" ]; then
        run find "$folder" -type f
        echo 'Will delete all of the above files locally!'
        read -r -p 'Press enter to continue...'
        run find "$folder" -type f -print0 | run xargs -0 rm -v
    else
        echo "DRY RUN (add --real to delete these files)"
        run find "$folder" -type f
        echo "DRY RUN (add --real to delete these files)"
    fi
}

# main FOLDER CMD
main() {
    folder="${1%%/}" # $1, with trailing / removed
    shift

    cmd="$1"
    shift

    if [ $# -gt 0 ]; then
        usage
        exit 1
    fi

    case "$cmd" in
        up)
            sync_up "$folder"
            ;;
        up-real)
            REALRUN=1
            sync_up "$folder"
            ;;
        down)
            sync_down "$folder"
            ;;
        down-real)
            REALRUN=1
            sync_down "$folder"
            ;;
        delete-local)
            delete_local "$folder"
            ;;
        *)
            echo >&2 "Unknown command $cmd"
            exit 2
            ;;
    esac
}

REALRUN=
DELETE=

opts=()
args=()

# Split up options and arguments regardless of position
for arg in "$@"; do
    if [[ $arg == -* ]]; then
        opts+=("$arg")
    else
        args+=("$arg")
    fi
done

# Parse opts
for opt in "${opts[@]-}"; do
    case "$opt" in
        --real)
            REALRUN=1
            ;;
        --delete)
            DELETE=1
            ;;
        -h|--help)
            usage
            exit
            ;;
        '')
            # nop
            ;;
        *)
            echo >&2 "Unknown option '$opt'"
            exit 1
            ;;
    esac
done

if [ "${#args[@]}" -lt 2 ]; then
    usage
    exit 1
fi

main "${args[@]}"