Last active
November 18, 2019 19:57
-
-
Save jasonlancaster/51cc5b5611c1a72fd02f61c8c998083c to your computer and use it in GitHub Desktop.
Run through terminus output for pantheon live sites you access to and report on any security updates
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# exec on cmd line running ./check-all-pantheon-sites.sh | |
# | |
# Script will run through terminus output for pantheon live sites you access to and | |
# will report on modules requiring security updates. The awk process in each ends up | |
# limiting output to only things that require security updates. | |
# | |
# This is the kind of script that could email you nightly or you can just run when | |
# you perform routine updates. If emailing, you'd want to suppress output for sites | |
# that don't have any updates so that's TBD if we work on this more. | |
# | |
# Author: Jason Lancaster <jlancaster@lmdagency.com> | |
set -e | |
SEP="####################################################" | |
################################# | |
# TIME TO DO Drupal only ... | |
################################# | |
# Stash list of all Pantheon sites that match a drupal framework and not frozen and have active paid-for plans | |
PANTHEON_SITES="$(/usr/local/bin/terminus org:site:list lmd --format=table --fields=name,framework,frozen,plan_name | awk '{if (($2 != "wordpress") && ($3 == "false") && ($4 != "Sandbox") ) { print $1} }')" | |
# Loop through each site in the list | |
while read -r PANTHEON_SITE_NAME; do | |
echo -e "$SEP" | |
echo -e "# $PANTHEON_SITE_NAME.live security updates:" | |
echo -e "$SEP" | |
/usr/local/bin/drush @pantheon.$PANTHEON_SITE_NAME.live ups --format=table --fields=name,status --check-disabled --security-only --pipe < /dev/null | awk '{ if ($2 == 1) { print " " $1 }}' | |
echo -e "\n\n" | |
done <<< "$PANTHEON_SITES" | |
################################# | |
# TIME TO DO WP ... notice we filter on just WP now | |
################################# | |
# Stash list of all Pantheon sites that match a drupal framework and not frozen and have active paid-for plans | |
PANTHEON_SITES="$(/usr/local/bin/terminus org:site:list lmd --format=table --fields=name,framework,frozen,plan_name | awk '{if (($2 == "wordpress") && ($3 == "false") && ($4 != "Sandbox") ) { print $1} }')" | |
# Set array for storage since STDIN messes with looping | |
declare -a PANTHEON_SITE_ARRAY | |
while read -r PANTHEON_SITE_NAME; do | |
PANTHEON_SITE_ARRAY+=($PANTHEON_SITE_NAME) | |
done <<< "$PANTHEON_SITES" | |
for SITE in "${PANTHEON_SITE_ARRAY[@]}" | |
do | |
echo -e "$SEP" | |
echo -e "# $SITE.live security updates:" | |
echo -e "$SEP" | |
terminus wp $SITE.dev -- launchcheck plugins --format=json 2> /dev/null | grep -Eo "\d+ known vulnerabilities" | grep -v "0 known vulnerabilities" || true | |
echo -e "\n\n" | |
done |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment