jasonlancaster/check-all-pantheon-sites.sh

## check-all-pantheon-sites.sh
#!/bin/bash
# exec on cmd line running ./check-all-pantheon-sites.sh
#
# Script will run through terminus output for pantheon live sites you access to and
# will report on modules requiring security updates. The awk process in each ends up
# limiting output to only things that require security updates.
#
# This is the kind of script that could email you nightly or you can just run when
# you perform routine updates. If emailing, you'd want to suppress output for sites
# that don't have any updates so that's TBD if we work on this more.
#
# Author: Jason Lancaster <jlancaster@lmdagency.com>

set -e
SEP="####################################################"

#################################
# TIME TO DO Drupal only ...
#################################

# Stash list of all Pantheon sites that match a drupal framework and not frozen and have active paid-for plans
PANTHEON_SITES="$(/usr/local/bin/terminus org:site:list lmd --format=table --fields=name,framework,frozen,plan_name | awk '{if (($2 != "wordpress") && ($3 == "false") && ($4 != "Sandbox") ) { print $1} }')"

# Loop through each site in the list
while read -r PANTHEON_SITE_NAME; do
    echo -e "$SEP"
    echo -e "# $PANTHEON_SITE_NAME.live security updates:"
    echo -e "$SEP"
    /usr/local/bin/drush @pantheon.$PANTHEON_SITE_NAME.live ups --format=table --fields=name,status --check-disabled --security-only --pipe < /dev/null | awk '{ if ($2 == 1) { print " " $1 }}'
    echo -e "\n\n"
done <<< "$PANTHEON_SITES"


#################################
# TIME TO DO WP ... notice we filter on just WP now
#################################

# Stash list of all Pantheon sites that match a drupal framework and not frozen and have active paid-for plans
PANTHEON_SITES="$(/usr/local/bin/terminus org:site:list lmd --format=table --fields=name,framework,frozen,plan_name | awk '{if (($2 == "wordpress") && ($3 == "false") && ($4 != "Sandbox") ) { print $1} }')"

# Set array for storage since STDIN messes with looping
declare -a PANTHEON_SITE_ARRAY
while read -r PANTHEON_SITE_NAME; do
		PANTHEON_SITE_ARRAY+=($PANTHEON_SITE_NAME)
done <<< "$PANTHEON_SITES"

for SITE in "${PANTHEON_SITE_ARRAY[@]}"
do
    echo -e "$SEP"
    echo -e "# $SITE.live security updates:"
    echo -e "$SEP"
    terminus wp $SITE.dev -- launchcheck plugins --format=json 2> /dev/null | grep -Eo "\d+ known vulnerabilities" | grep -v "0 known vulnerabilities" || true
    echo -e "\n\n"
done
	#!/bin/bash
	# exec on cmd line running ./check-all-pantheon-sites.sh
	#
	# Script will run through terminus output for pantheon live sites you access to and
	# will report on modules requiring security updates. The awk process in each ends up
	# limiting output to only things that require security updates.
	#
	# This is the kind of script that could email you nightly or you can just run when
	# you perform routine updates. If emailing, you'd want to suppress output for sites
	# that don't have any updates so that's TBD if we work on this more.
	#
	# Author: Jason Lancaster <jlancaster@lmdagency.com>

	set -e
	SEP="####################################################"

	#################################
	# TIME TO DO Drupal only ...
	#################################

	# Stash list of all Pantheon sites that match a drupal framework and not frozen and have active paid-for plans
	PANTHEON_SITES="$(/usr/local/bin/terminus org:site:list lmd --format=table --fields=name,framework,frozen,plan_name \| awk '{if (($2 != "wordpress") && ($3 == "false") && ($4 != "Sandbox") ) { print $1} }')"

	# Loop through each site in the list
	while read -r PANTHEON_SITE_NAME; do
	echo -e "$SEP"
	echo -e "# $PANTHEON_SITE_NAME.live security updates:"
	echo -e "$SEP"
	/usr/local/bin/drush @pantheon.$PANTHEON_SITE_NAME.live ups --format=table --fields=name,status --check-disabled --security-only --pipe < /dev/null \| awk '{ if ($2 == 1) { print " " $1 }}'
	echo -e "\n\n"
	done <<< "$PANTHEON_SITES"


	#################################
	# TIME TO DO WP ... notice we filter on just WP now
	#################################

	# Stash list of all Pantheon sites that match a drupal framework and not frozen and have active paid-for plans
	PANTHEON_SITES="$(/usr/local/bin/terminus org:site:list lmd --format=table --fields=name,framework,frozen,plan_name \| awk '{if (($2 == "wordpress") && ($3 == "false") && ($4 != "Sandbox") ) { print $1} }')"

	# Set array for storage since STDIN messes with looping
	declare -a PANTHEON_SITE_ARRAY
	while read -r PANTHEON_SITE_NAME; do
	PANTHEON_SITE_ARRAY+=($PANTHEON_SITE_NAME)
	done <<< "$PANTHEON_SITES"

	for SITE in "${PANTHEON_SITE_ARRAY[@]}"
	do
	echo -e "$SEP"
	echo -e "# $SITE.live security updates:"
	echo -e "$SEP"
	terminus wp $SITE.dev -- launchcheck plugins --format=json 2> /dev/null \| grep -Eo "\d+ known vulnerabilities" \| grep -v "0 known vulnerabilities" \|\| true
	echo -e "\n\n"
	done