random-robbie/deploy.sh

## deploy.sh
#!/bin/bash

# Configuration
LAMBDA_FUNCTION_NAME="lambda"
AWS_PROFILE="what-security"
REGION="us-east-1"  # Change if needed
MEMORY_SIZE=512
TIMEOUT=30
RUNTIME="python3.9"
ARCHITECTURE="x86_64"
ROLE_NAME="lambda-role"
MAX_RETRIES=30  # Maximum number of retries for state checks
RETRY_DELAY=10  # Delay between retries in seconds

# Colors for output
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
NC='\033[0m' # No Color

# Error handling function
error_exit() {
    echo -e "${RED}Error: $1${NC}" >&2
    exit 1
}

# Create temporary build directory
BUILD_DIR=$(mktemp -d)
echo "Created temporary build directory: $BUILD_DIR"

# Clean up on exit
trap 'rm -rf "$BUILD_DIR" "$BUILD_DIR/venv"' EXIT

# Setup Python virtual environment and install dependencies
echo -e "${YELLOW}Setting up Python virtual environment...${NC}"
python3 -m venv "$BUILD_DIR/venv" || error_exit "Failed to create virtual environment"
source "$BUILD_DIR/venv/bin/activate" || error_exit "Failed to activate virtual environment"

# Create requirements.txt
echo -e "${YELLOW}Creating requirements.txt...${NC}"
cat > "$BUILD_DIR/requirements.txt" << EOF
requests>=2.31.0
pycryptodome>=3.15.0
viewstate>=0.5.3
flask-unsign>=1.2.0
PyJWT>=2.8.0
django>=4.2.0
colorama>=0.4.6
EOF

# Install dependencies
echo -e "${YELLOW}Installing dependencies...${NC}"
python3 -m pip install --upgrade pip || error_exit "Failed to upgrade pip"
python3 -m pip install -r "$BUILD_DIR/requirements.txt" --target "$BUILD_DIR/package" || error_exit "Failed to install dependencies"

# Copy Lambda function code and badsecrets
echo -e "${YELLOW}Copying function code and badsecrets...${NC}"
cp lambda_function.py "$BUILD_DIR/package/" || error_exit "Failed to copy lambda_function.py"
cp -r badsecrets "$BUILD_DIR/package/" || error_exit "Failed to copy badsecrets directory"

# Create deployment package
echo -e "${YELLOW}Creating deployment package...${NC}"
cd "$BUILD_DIR/package" || error_exit "Failed to change to package directory"
zip -r ../deployment.zip . || error_exit "Failed to create deployment package"
cd ..

# Check for AWS CLI
if ! command -v aws &> /dev/null; then
    error_exit "AWS CLI is not installed. Please install it first."
fi

# Check AWS profile and region
echo -e "${YELLOW}Checking AWS profile and region...${NC}"
aws sts get-caller-identity --region $REGION --profile $AWS_PROFILE > /dev/null 2>&1 || \
    error_exit "AWS profile '$AWS_PROFILE' is not valid or not configured"

echo -e "${GREEN}Using AWS Profile: $AWS_PROFILE${NC}"
echo -e "${GREEN}Using Region: $REGION${NC}"

# Function to wait for Lambda function state to be Active
wait_for_lambda() {
    local retries=0
    echo "Waiting for Lambda function to be ready..."
    while [ $retries -lt $MAX_RETRIES ]; do
        STATUS=$(aws lambda get-function --function-name "$LAMBDA_FUNCTION_NAME" --region $REGION --profile $AWS_PROFILE --query 'Configuration.State' --output text 2>/dev/null)
        if [ "$STATUS" = "Active" ]; then
            echo "Lambda function is ready"
            return 0
        fi
        echo "Function state is $STATUS, waiting... (Attempt $((retries + 1))/$MAX_RETRIES)"
        sleep $RETRY_DELAY
        ((retries++))
    done
    return 1
}

# Check and create/update IAM role
echo "Checking IAM role..."
if aws iam get-role --role-name "$ROLE_NAME" --region $REGION --profile $AWS_PROFILE 2>/dev/null; then
    echo -e "${YELLOW}IAM role '$ROLE_NAME' already exists${NC}"
else
    echo "Creating new IAM role..."
    aws iam create-role \
        --role-name "$ROLE_NAME" \
        --assume-role-policy-document '{
            "Version": "2012-10-17",
            "Statement": [{
                "Action": "sts:AssumeRole",
                "Effect": "Allow",
                "Principal": {
                    "Service": "lambda.amazonaws.com"
                }
            }]
        }' \
        --region $REGION \
        --profile $AWS_PROFILE || error_exit "Failed to create IAM role"

    # Attach basic execution role
    aws iam attach-role-policy \
        --role-name "$ROLE_NAME" \
        --policy-arn "arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" \
        --region $REGION \
        --profile $AWS_PROFILE || error_exit "Failed to attach role policy"

    # Wait for role to propagate
    echo "Waiting for IAM role to propagate..."
    sleep 10
fi

# Get role ARN
ROLE_ARN=$(aws iam get-role --role-name "$ROLE_NAME" --region $REGION --query 'Role.Arn' --output text --profile $AWS_PROFILE) || \
    error_exit "Failed to get role ARN"

# Initial wait for any pending operations
if ! wait_for_lambda; then
    error_exit "Timed out waiting for Lambda function to be ready"
fi

# Check and create/update Lambda function
echo "Checking Lambda function..."
if aws lambda get-function --function-name "$LAMBDA_FUNCTION_NAME" --region $REGION --profile $AWS_PROFILE 2>/dev/null; then
    echo -e "${YELLOW}Updating existing Lambda function...${NC}"
    aws lambda update-function-code \
        --function-name "$LAMBDA_FUNCTION_NAME" \
        --zip-file fileb://deployment.zip \
        --region $REGION \
        --profile $AWS_PROFILE || error_exit "Failed to update Lambda function"
else
    echo "Creating new Lambda function..."
    aws lambda create-function \
        --function-name "$LAMBDA_FUNCTION_NAME" \
        --runtime "$RUNTIME" \
        --handler lambda_function.lambda_handler \
        --role "$ROLE_ARN" \
        --zip-file fileb://deployment.zip \
        --timeout $TIMEOUT \
        --memory-size $MEMORY_SIZE \
        --architectures "$ARCHITECTURE" \
        --region $REGION \
        --profile $AWS_PROFILE || error_exit "Failed to create Lambda function"
fi

# Wait for code update to complete
if ! wait_for_lambda; then
    error_exit "Timed out waiting for Lambda function code update to complete"
fi

# Update function configuration
echo "Updating Lambda function configuration..."
aws lambda update-function-configuration \
    --function-name "$LAMBDA_FUNCTION_NAME" \
    --timeout $TIMEOUT \
    --memory-size $MEMORY_SIZE \
    --region $REGION \
    --profile $AWS_PROFILE || error_exit "Failed to update Lambda configuration"

# Final wait for configuration update to complete
if ! wait_for_lambda; then
    error_exit "Timed out waiting for Lambda function configuration update to complete"
fi

# Clean up
deactivate

echo -e "${GREEN}Deployment completed successfully!${NC}"

# Display function ARN
echo -e "\n${GREEN}Lambda function ARN:${NC}"
aws lambda get-function \
    --function-name "$LAMBDA_FUNCTION_NAME" \
    --query 'Configuration.FunctionArn' \
    --output text \
    --region $REGION \
    --profile $AWS_PROFILE

# Print usage instructions
echo -e "\n${GREEN}Usage instructions:${NC}"
echo "To invoke the function:"
echo "aws lambda invoke --function-name $LAMBDA_FUNCTION_NAME --payload '{\"url\":\"https://example.com\"}' --cli-binary-format raw-in-base64-out --region $REGION --profile $AWS_PROFILE output.json"

# Print cleanup instructions
echo -e "\n${YELLOW}Cleanup instructions:${NC}"
echo "To remove all resources:"
echo "1. Delete Lambda function:"
echo "   aws lambda delete-function --function-name $LAMBDA_FUNCTION_NAME --region $REGION --profile $AWS_PROFILE"
echo "2. Delete IAM role:"
echo "   aws iam detach-role-policy --role-name $ROLE_NAME --policy-arn arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole --region $REGION --profile $AWS_PROFILE"
echo "   aws iam delete-role --role-name $ROLE_NAME --region $REGION --profile $AWS_PROFILE"
	#!/bin/bash

	# Configuration
	LAMBDA_FUNCTION_NAME="lambda"
	AWS_PROFILE="what-security"
	REGION="us-east-1" # Change if needed
	MEMORY_SIZE=512
	TIMEOUT=30
	RUNTIME="python3.9"
	ARCHITECTURE="x86_64"
	ROLE_NAME="lambda-role"
	MAX_RETRIES=30 # Maximum number of retries for state checks
	RETRY_DELAY=10 # Delay between retries in seconds

	# Colors for output
	RED='\033[0;31m'
	GREEN='\033[0;32m'
	YELLOW='\033[1;33m'
	NC='\033[0m' # No Color

	# Error handling function
	error_exit() {
	echo -e "${RED}Error: $1${NC}" >&2
	exit 1
	}

	# Create temporary build directory
	BUILD_DIR=$(mktemp -d)
	echo "Created temporary build directory: $BUILD_DIR"

	# Clean up on exit
	trap 'rm -rf "$BUILD_DIR" "$BUILD_DIR/venv"' EXIT

	# Setup Python virtual environment and install dependencies
	echo -e "${YELLOW}Setting up Python virtual environment...${NC}"
	python3 -m venv "$BUILD_DIR/venv" \|\| error_exit "Failed to create virtual environment"
	source "$BUILD_DIR/venv/bin/activate" \|\| error_exit "Failed to activate virtual environment"

	# Create requirements.txt
	echo -e "${YELLOW}Creating requirements.txt...${NC}"
	cat > "$BUILD_DIR/requirements.txt" << EOF
	requests>=2.31.0
	pycryptodome>=3.15.0
	viewstate>=0.5.3
	flask-unsign>=1.2.0
	PyJWT>=2.8.0
	django>=4.2.0
	colorama>=0.4.6
	EOF

	# Install dependencies
	echo -e "${YELLOW}Installing dependencies...${NC}"
	python3 -m pip install --upgrade pip \|\| error_exit "Failed to upgrade pip"
	python3 -m pip install -r "$BUILD_DIR/requirements.txt" --target "$BUILD_DIR/package" \|\| error_exit "Failed to install dependencies"

	# Copy Lambda function code and badsecrets
	echo -e "${YELLOW}Copying function code and badsecrets...${NC}"
	cp lambda_function.py "$BUILD_DIR/package/" \|\| error_exit "Failed to copy lambda_function.py"
	cp -r badsecrets "$BUILD_DIR/package/" \|\| error_exit "Failed to copy badsecrets directory"

	# Create deployment package
	echo -e "${YELLOW}Creating deployment package...${NC}"
	cd "$BUILD_DIR/package" \|\| error_exit "Failed to change to package directory"
	zip -r ../deployment.zip . \|\| error_exit "Failed to create deployment package"
	cd ..

	# Check for AWS CLI
	if ! command -v aws &> /dev/null; then
	error_exit "AWS CLI is not installed. Please install it first."
	fi

	# Check AWS profile and region
	echo -e "${YELLOW}Checking AWS profile and region...${NC}"
	aws sts get-caller-identity --region $REGION --profile $AWS_PROFILE > /dev/null 2>&1 \|\| \
	error_exit "AWS profile '$AWS_PROFILE' is not valid or not configured"

	echo -e "${GREEN}Using AWS Profile: $AWS_PROFILE${NC}"
	echo -e "${GREEN}Using Region: $REGION${NC}"

	# Function to wait for Lambda function state to be Active
	wait_for_lambda() {
	local retries=0
	echo "Waiting for Lambda function to be ready..."
	while [ $retries -lt $MAX_RETRIES ]; do
	STATUS=$(aws lambda get-function --function-name "$LAMBDA_FUNCTION_NAME" --region $REGION --profile $AWS_PROFILE --query 'Configuration.State' --output text 2>/dev/null)
	if [ "$STATUS" = "Active" ]; then
	echo "Lambda function is ready"
	return 0
	fi
	echo "Function state is $STATUS, waiting... (Attempt $((retries + 1))/$MAX_RETRIES)"
	sleep $RETRY_DELAY
	((retries++))
	done
	return 1
	}

	# Check and create/update IAM role
	echo "Checking IAM role..."
	if aws iam get-role --role-name "$ROLE_NAME" --region $REGION --profile $AWS_PROFILE 2>/dev/null; then
	echo -e "${YELLOW}IAM role '$ROLE_NAME' already exists${NC}"
	else
	echo "Creating new IAM role..."
	aws iam create-role \
	--role-name "$ROLE_NAME" \
	--assume-role-policy-document '{
	"Version": "2012-10-17",
	"Statement": [{
	"Action": "sts:AssumeRole",
	"Effect": "Allow",
	"Principal": {
	"Service": "lambda.amazonaws.com"
	}
	}]
	}' \
	--region $REGION \
	--profile $AWS_PROFILE \|\| error_exit "Failed to create IAM role"

	# Attach basic execution role
	aws iam attach-role-policy \
	--role-name "$ROLE_NAME" \
	--policy-arn "arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" \
	--region $REGION \
	--profile $AWS_PROFILE \|\| error_exit "Failed to attach role policy"

	# Wait for role to propagate
	echo "Waiting for IAM role to propagate..."
	sleep 10
	fi

	# Get role ARN
	ROLE_ARN=$(aws iam get-role --role-name "$ROLE_NAME" --region $REGION --query 'Role.Arn' --output text --profile $AWS_PROFILE) \|\| \
	error_exit "Failed to get role ARN"

	# Initial wait for any pending operations
	if ! wait_for_lambda; then
	error_exit "Timed out waiting for Lambda function to be ready"
	fi

	# Check and create/update Lambda function
	echo "Checking Lambda function..."
	if aws lambda get-function --function-name "$LAMBDA_FUNCTION_NAME" --region $REGION --profile $AWS_PROFILE 2>/dev/null; then
	echo -e "${YELLOW}Updating existing Lambda function...${NC}"
	aws lambda update-function-code \
	--function-name "$LAMBDA_FUNCTION_NAME" \
	--zip-file fileb://deployment.zip \
	--region $REGION \
	--profile $AWS_PROFILE \|\| error_exit "Failed to update Lambda function"
	else
	echo "Creating new Lambda function..."
	aws lambda create-function \
	--function-name "$LAMBDA_FUNCTION_NAME" \
	--runtime "$RUNTIME" \
	--handler lambda_function.lambda_handler \
	--role "$ROLE_ARN" \
	--zip-file fileb://deployment.zip \
	--timeout $TIMEOUT \
	--memory-size $MEMORY_SIZE \
	--architectures "$ARCHITECTURE" \
	--region $REGION \
	--profile $AWS_PROFILE \|\| error_exit "Failed to create Lambda function"
	fi

	# Wait for code update to complete
	if ! wait_for_lambda; then
	error_exit "Timed out waiting for Lambda function code update to complete"
	fi

	# Update function configuration
	echo "Updating Lambda function configuration..."
	aws lambda update-function-configuration \
	--function-name "$LAMBDA_FUNCTION_NAME" \
	--timeout $TIMEOUT \
	--memory-size $MEMORY_SIZE \
	--region $REGION \
	--profile $AWS_PROFILE \|\| error_exit "Failed to update Lambda configuration"

	# Final wait for configuration update to complete
	if ! wait_for_lambda; then
	error_exit "Timed out waiting for Lambda function configuration update to complete"
	fi

	# Clean up
	deactivate

	echo -e "${GREEN}Deployment completed successfully!${NC}"

	# Display function ARN
	echo -e "\n${GREEN}Lambda function ARN:${NC}"
	aws lambda get-function \
	--function-name "$LAMBDA_FUNCTION_NAME" \
	--query 'Configuration.FunctionArn' \
	--output text \
	--region $REGION \
	--profile $AWS_PROFILE

	# Print usage instructions
	echo -e "\n${GREEN}Usage instructions:${NC}"
	echo "To invoke the function:"
	echo "aws lambda invoke --function-name $LAMBDA_FUNCTION_NAME --payload '{\"url\":\"https://example.com\"}' --cli-binary-format raw-in-base64-out --region $REGION --profile $AWS_PROFILE output.json"

	# Print cleanup instructions
	echo -e "\n${YELLOW}Cleanup instructions:${NC}"
	echo "To remove all resources:"
	echo "1. Delete Lambda function:"
	echo " aws lambda delete-function --function-name $LAMBDA_FUNCTION_NAME --region $REGION --profile $AWS_PROFILE"
	echo "2. Delete IAM role:"
	echo " aws iam detach-role-policy --role-name $ROLE_NAME --policy-arn arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole --region $REGION --profile $AWS_PROFILE"
	echo " aws iam delete-role --role-name $ROLE_NAME --region $REGION --profile $AWS_PROFILE"