Last active
November 28, 2023 16:01
-
-
Save rcmelendez/f6f2da1f95e9bd3ae3767240ab9b25d3 to your computer and use it in GitHub Desktop.
Bash shell script that performs requests using the Devo Provisioning API.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env bash | |
# | |
# Bash shell script that performs requests using the Devo Provisioning API. | |
# | |
# Tested on Linux (CentOS/Ubuntu) and macOS. | |
# | |
# | |
# Version: 1.1.1 | |
# Author: Roberto Meléndez [Cambridge, USA] | |
# API Doc: https://docs.devo.com/space/latest/177864705/Provisioning+API | |
# Released: June 9, 2021 | |
# Updated: November 28, 2023 | |
set -euo pipefail | |
####################################### | |
# USER SETTINGS | |
# | |
# Uncomment if DEVO_API_KEY and/or DEVO_API_SECRET variables are not already defined in | |
# your shell startup file (e.g. .zshrc, .bashrc, etc) | |
# declare -r DEVO_API_KEY=YOUR-API-KEY | |
# declare -r DEVO_API_SECRET=YOUR-API-SECRET | |
# Endpoint | |
# Available regions: us, eu, ca, apac, sasr | |
declare -r DEVO_CLOUD=us | |
declare -r BASE_URL=https://api-${DEVO_CLOUD}.devo.com/probio | |
# Domain & Reseller | |
declare -r DOMAIN=roberto | |
# Leave it blank if this is not a reseller | |
declare -r RESELLER= | |
if [[ -n "${RESELLER}" ]]; then | |
DEVO_DOMAIN="${DOMAIN}@${RESELLER}" | |
else | |
DEVO_DOMAIN=${DOMAIN} | |
fi | |
# Use correct header for resellers | |
DEVO_API_KEY_HEADER='x-logtrust-domain-apikey' | |
[[ "${DEVO_DOMAIN}" =~ "@" ]] && DEVO_API_KEY_HEADER='x-logtrust-reseller-apikey' | |
# User | |
#declare -r USER=roberto@example.com | |
# HTTP method (GET, POST, PUT, or DELETE) | |
declare -r METHOD=GET | |
# Probio operation | |
declare -r OPERATION=/domain/${DEVO_DOMAIN}/roles | |
# Use double quotes if the String has spaces | |
#declare -r OPERATION="/domain/${DEVO_DOMAIN}/roles/Devo Users" | |
# Body | |
# Empty value if using GET | |
declare -r DATA='' | |
# Example body that creates a new role | |
#declare -r DATA='{"name": "Devo Users", "description": "Devo Users role created via Provisioning API", "policies": ["*"]}' | |
####################################### | |
# Concatenate full API endpoint URL | |
declare -r API_ENDPOINT="${BASE_URL}${OPERATION}" | |
# Get current epoch in miliseconds | |
declare -i timestamp | |
timestamp=$(echo "$(date +%s) * 1000" | bc) | |
# Concatenate DEVO_API_KEY + DATA + timestamp (order is important) | |
declare -r MESSAGE="${DEVO_API_KEY}${DATA}${timestamp}" | |
# Generate HMAC signature | |
# awk is needed to remove "(stdin)= " on Linux | |
signature=$(echo -n "${MESSAGE}" | openssl dgst -sha256 -hmac "${DEVO_API_SECRET}" | awk '{ print $NF }') | |
# RESULTS | |
# Show HTTP method and API operation | |
echo "${METHOD} ${OPERATION}" | |
CURL_CMD=$(curl -s -w "%{time_total}" -X ${METHOD} "${API_ENDPOINT}" \ | |
-H "Content-Type: application/json" \ | |
-H "cache-control: no-cache" \ | |
-H "${DEVO_API_KEY_HEADER}: ${DEVO_API_KEY}" \ | |
-H "x-logtrust-timestamp: ${timestamp}" \ | |
-H "x-logtrust-sign: ${signature}" \ | |
-d "${DATA}") | |
# Pretty print the JSON output if jq is installed | |
if [[ -x "$(command -v jq)" ]]; then | |
echo "${CURL_CMD}" | jq '.' | |
else | |
echo "${CURL_CMD}" | |
fi |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment