.functions

#!/usr/bin/env bash

# Create a new directory and enter it
function mkd() {
	mkdir -p "$@" && cd "$_";
}

# Change working directory to the top-most Finder window location
function cdf() { # short for `cdfinder`
	cd "$(osascript -e 'tell app "Finder" to POSIX path of (insertion location as alias)')";
}

# Create a .tar.gz archive, using `zopfli`, `pigz` or `gzip` for compression
function targz() {
	local tmpFile="${@%/}.tar";
	tar -cvf "${tmpFile}" --exclude=".DS_Store" "${@}" || return 1;

	size=$(
		stat -f"%z" "${tmpFile}" 2> /dev/null; # macOS `stat`
		stat -c"%s" "${tmpFile}" 2> /dev/null;  # GNU `stat`
	);

	local cmd="";
	if (( size < 52428800 )) && hash zopfli 2> /dev/null; then
		# the .tar file is smaller than 50 MB and Zopfli is available; use it
		cmd="zopfli";
	else
		if hash pigz 2> /dev/null; then
			cmd="pigz";
		else
			cmd="gzip";
		fi;
	fi;

	echo "Compressing .tar ($((size / 1000)) kB) using \`${cmd}\`…";
	"${cmd}" -v "${tmpFile}" || return 1;
	[ -f "${tmpFile}" ] && rm "${tmpFile}";

	zippedSize=$(
		stat -f"%z" "${tmpFile}.gz" 2> /dev/null; # macOS `stat`
		stat -c"%s" "${tmpFile}.gz" 2> /dev/null; # GNU `stat`
	);

	echo "${tmpFile}.gz ($((zippedSize / 1000)) kB) created successfully.";
}

# Determine size of a file or total size of a directory
function fs() {
	if du -b /dev/null > /dev/null 2>&1; then
		local arg=-sbh;
	else
		local arg=-sh;
	fi
	if [[ -n "$@" ]]; then
		du $arg -- "$@";
	else
		du $arg .[^.]* ./*;
	fi;
}

# Use Git’s colored diff when available
hash git &>/dev/null;
if [ $? -eq 0 ]; then
	function diff() {
		git diff --no-index --color-words "$@";
	}
fi;

# Create a data URL from a file
function dataurl() {
	local mimeType=$(file -b --mime-type "$1");
	if [[ $mimeType == text/* ]]; then
		mimeType="${mimeType};charset=utf-8";
	fi
	echo "data:${mimeType};base64,$(openssl base64 -in "$1" | tr -d '\n')";
}

# Start an HTTP server from a directory, optionally specifying the port
function server() {
	local port="${1:-8000}";
	sleep 1 && open "http://localhost:${port}/" &
	# Set the default Content-Type to `text/plain` instead of `application/octet-stream`
	# And serve everything as UTF-8 (although not technically correct, this doesn’t break anything for binary files)
	python -c $'import SimpleHTTPServer;\nmap = SimpleHTTPServer.SimpleHTTPRequestHandler.extensions_map;\nmap[""] = "text/plain";\nfor key, value in map.items():\n\tmap[key] = value + ";charset=UTF-8";\nSimpleHTTPServer.test();' "$port";
}

# Start a PHP server from a directory, optionally specifying the port
# (Requires PHP 5.4.0+.)
function phpserver() {
	local port="${1:-4000}";
	local ip=$(ipconfig getifaddr en1);
	sleep 1 && open "http://${ip}:${port}/" &
	php -S "${ip}:${port}";
}

# Compare original and gzipped file size
function gz() {
	local origsize=$(wc -c < "$1");
	local gzipsize=$(gzip -c "$1" | wc -c);
	local ratio=$(echo "$gzipsize * 100 / $origsize" | bc -l);
	printf "orig: %d bytes\n" "$origsize";
	printf "gzip: %d bytes (%2.2f%%)\n" "$gzipsize" "$ratio";
}

# Run `dig` and display the most useful info
function digga() {
	dig +nocmd "$1" any +multiline +noall +answer;
}

# Show all the names (CNs and SANs) listed in the SSL certificate
# for a given domain
function getcertnames() {
	if [ -z "${1}" ]; then
		echo "ERROR: No domain specified.";
		return 1;
	fi;

	local domain="${1}";
	echo "Testing ${domain}…";
	echo ""; # newline

	local tmp=$(echo -e "GET / HTTP/1.0\nEOT" \
		| openssl s_client -connect "${domain}:443" -servername "${domain}" 2>&1);

	if [[ "${tmp}" = *"-----BEGIN CERTIFICATE-----"* ]]; then
		local certText=$(echo "${tmp}" \
			| openssl x509 -text -certopt "no_aux, no_header, no_issuer, no_pubkey, \
			no_serial, no_sigdump, no_signame, no_validity, no_version");
		echo "Common Name:";
		echo ""; # newline
		echo "${certText}" | grep "Subject:" | sed -e "s/^.*CN=//" | sed -e "s/\/emailAddress=.*//";
		echo ""; # newline
		echo "Subject Alternative Name(s):";
		echo ""; # newline
		echo "${certText}" | grep -A 1 "Subject Alternative Name:" \
			| sed -e "2s/DNS://g" -e "s/ //g" | tr "," "\n" | tail -n +2;
		return 0;
	else
		echo "ERROR: Certificate not found.";
		return 1;
	fi;
}

# Normalize `open` across Linux, macOS, and Windows.
# This is needed to make the `o` function (see below) cross-platform.
if [ ! $(uname -s) = 'Darwin' ]; then
	if grep -q Microsoft /proc/version; then
		# Ubuntu on Windows using the Linux subsystem
		alias open='explorer.exe';
	else
		alias open='xdg-open';
	fi
fi

# `o` with no arguments opens the current directory, otherwise opens the given
# location
function o() {
	if [ $# -eq 0 ]; then
		open .;
	else
		open "$@";
	fi;
}

# `tre` is a shorthand for `tree` with hidden files and color enabled, ignoring
# the `.git` directory, listing directories first. The output gets piped into
# `less` with options to preserve color and line numbers, unless the output is
# small enough for one screen.
function tre() {
	tree -aC -I '.git|node_modules|bower_components' --dirsfirst "$@" | less -FRNX;
}

function unset_aws_creds(){
  unset AWS_SESSION_TOKEN
  unset AWS_SECURITY_TOKEN
  unset AWS_SECRET_ACCESS_KEY
  unset AWS_ACCESS_KEY_ID
  unset AWS_DEFAULT_PROFILE
  unset ASSUMED_ROLE
};

# set_aws_assumerole uses assume-role script, brew install assume-role
function set_aws_assumerole(){
  if [[ -z "${1}" ]]
    then
      PS3='Select aws assume role profile to use: ';
      vars=($(cat ~/.aws/config | awk -F'[][]' '{print $2}' | grep -oP 'assumerole-\K.*'));
      echo "Execute \"set_aws_assumerole\" to assume another role";
      select opt in "${vars[@]}" ""Quit
        do
          if [[ "$opt" = "Quit" ]]; then
            echo done;
            break;
          elif [[ "${vars[*]}" == *"$opt"* ]]; then
            if [[ -z "${opt}" ]]; then
              clear;
              echo "Incorrect input. Exiting...";
              break;
            fi

            role="assumerole-${opt}";
            echo "Assuming role named: ${role}";
            eval $(assume-role ${role});
            account_aliases=$(aws iam list-account-aliases --query 'AccountAliases' --output text);
            account_id=$(aws sts get-caller-identity --query 'Account' --output text);
            echo "Assumed role in AccountID: ${account_id} AccountAlias: ${account_aliases}";
            break;
          else
           clear;
           echo bad option;
          fi
      done
    else
      echo "Assuming role named: ${1}";
      eval $(assume-role ${1});
      account_aliases=$(aws iam list-account-aliases --query 'AccountAliases' --output text);
      account_id=$(aws sts get-caller-identity --query 'Account' --output text);
      echo "Assumed role in AccountID: ${account_id} AccountAlias: ${account_aliases}";
  fi
};

function set_aws_pro(){
  if [[ -z "${1}" ]]
    then
      unset_aws_creds
      PS3='Select aws profile to use: '
      vars=($(cat ~/.aws/credentials | grep '\[*\]'| egrep -o '[^][]+'))
      echo "Execute \"set_aws_pro profile\" to switch account";
      select opt in "${vars[@]}" ""Quit
        do
          if [[ "$opt" = "Quit" ]]; then
            echo done
            break
          elif [[ "${vars[*]}" == *"$opt"* ]]; then
            if [[ -z "${opt}" ]]; then
              clear;
              echo "Incorrect input. Exiting...";
              break;
            fi

            export AWS_DEFAULT_PROFILE=$opt;
            aws configure list;
            break
          else
           clear
           echo bad option
          fi
      done
    else
      export AWS_DEFAULT_PROFILE=$1;
      echo "Current profile is:";
      aws configure list;
  fi
};

# set_aws_assumerole uses assume-role script, brew install assume-role
function set_okta_aws_assumerole(){
  PS3='Select aws assume role profile to use: ';
  vars=($(cat ~/.aws/config | awk -F'[][]' '{print $2}' | grep -oP 'okta-\K.*'));
  echo "Execute \"set_okta_aws_assumerole\" to assume another role";
  select opt in "${vars[@]}" ""Quit
    do
      # export AWS_SESSION_TTL=8h
      if [[ "${opt}" = "Quit" ]]; then
        echo done;
        break;
      elif [[ "${vars[*]}" == *"${opt}"* ]]; then
        if [[ -z "${opt}" ]]; then
          clear;
          echo "Incorrect input. Exiting...";
          break;
        fi

        role="okta-${opt}";
        echo "Assuming role named: ${role}";
        creds=$(aws-okta exec "${role}" -- sh -c set | grep \^AWS)

        AWS_ACCESS_KEY_ID=$(echo "${creds}" | grep \^AWS_ACCESS_KEY_ID=)
        AWS_SECRET_ACCESS_KEY=$(echo "${creds}" | grep \^AWS_SECRET_ACCESS_KEY=)
        AWS_SECURITY_TOKEN=$(echo "${creds}" | grep \^AWS_SECURITY_TOKEN=)
        AWS_SESSION_TOKEN=$(echo "${creds}" | grep \^AWS_SESSION_TOKEN=)

        export ${AWS_ACCESS_KEY_ID}
        export ${AWS_SECRET_ACCESS_KEY}
        export ${AWS_SECURITY_TOKEN}
        export ${AWS_SESSION_TOKEN}

        account_aliases=$(aws iam list-account-aliases --query 'AccountAliases' --output text);
        account_id=$(aws sts get-caller-identity --query 'Account' --output text);
        echo "Assumed role in AccountID: ${account_id} AccountAlias: ${account_aliases}";
        break;
      else
        clear;
        echo "Incorrect input. Exiting...";
        break;
      fi
    done
};

# Recursively scan through provided directory and cat all files. Used in autocomplete ssh
recursive_scan() {
  find ${1}/* -type f | sort -u | xargs -r cat | grep "^Host " | awk '{print $2}'
};

# Git clone using specific ssh key
function git_clone_with_sshkey(){
  if [ -n "$1" ] && [ -n "$2" ] #$1 is the private key $2 is the git repo
  then
    GIT_SSH_COMMAND="ssh -i $(pwd)/$1 -F /dev/null" git clone $2
  fi
};

function ke(){
  if [[ -z "${1}" ]]
    then
      PS3='Select KUBECONFIG to export: '
      vars=($(ls -l ~/.kube/kubeconfigs.d/kubeconfig* | grep -o 'kubeconfig.*' | cut -f2- -d-))
      echo "Execute \"ke \" to export kubeconfig";
      select opt in "${vars[@]}" ""Quit
        do
          if [[ "${opt}" = "Quit" ]]; then
            echo done
            break
          elif [[ "${vars[*]}" == *"${opt}"* ]]; then
            export KUBECONFIG=~/.kube/kubeconfigs.d/kubeconfig-${opt};
            kubectl cluster-info
            break
          else
           clear
           echo bad option
          fi
      done
    else
      export KUBECONFIG=${1};
      kubectl cluster-info
  fi
};

function kc(){
  if [[ -z "${1}" ]]
    then
      PS3='Select kubernetes context: '
      vars=($(kubectl config get-contexts | awk 'FNR > 1 {print $2}'))
      echo "Execute \"kc \" to set kubernetes context";
      select opt in "${vars[@]}" ""Quit
        do
          if [[ "${opt}" = "Quit" ]]; then
            echo done
            break
          elif [[ "${vars[*]}" == *"${opt}"* ]]; then
            unset KUBECONFIG
            kubectl config unset current-context
            kubectl config use-context "${opt}"
            kubectl cluster-info
            break
          else
           clear
           echo bad option
          fi
      done
    else
      kubectl cluster-info
  fi
};

# Convert p7b extention file to cer and ca
function convert_p7b_to_cer_ca(){
  P7B="${1}"
  CER="${1%.p7b}.cer"
  CA="${1%.p7b}.ca"

  openssl pkcs7 \
    -print_certs \
    -inform der \
    -in "$P7B" | awk -v CER="$CER" -v CA="$CA" 'BEGIN {
      printf "" > CER
      printf "" > CA
    }
    {
      if (incert) {
        if (cert==1) printf "%s\n",$0 >> CER
        else printf "%s\n",$0 >> CA
        if ($0 == "-----END CERTIFICATE-----") {
          incert=0
          # End of cert
        }
      } else if ($0 == "-----BEGIN CERTIFICATE-----") {
        echo "----START"
        incert=1
        cert++
        if (cert==1) printf "%s\n",$0 >> CER
        else printf "%s\n",$0 >> CA
      }
    }'
};

clone () {
  local SOURCE="${1}";
  local REPO=$(echo "${1//*\//}" | sed -E 's#(\.git|/)$##');
  local TARGET_PARENT_DIR="${2:-.}";
  local TARGET_DIR="${TARGET_PARENT_DIR}/${REPO}";
  local CURRENT_BRANCH DOMAIN;
  if [[ $(echo "${SOURCE}" | grep -o '[:@/]*' | wc -l) -lt 2 ]]; then
    printf "No domain for ${SOURCE}. Iterating providers...\n\n";
    for DOMAIN in git@github.com: git@bitbucket.com:;
    do
      if clone "${DOMAIN}${SOURCE}" "${TARGET_PARENT_DIR}"; then
          return 0;
      fi;
      echo;
    done;
    return 1;
  else
    printf "${SOURCE} | ";
    local CURRENT_BRANCH;
    git clone --depth 1 "${SOURCE}" "${TARGET_DIR}" && cd "${_}" && CURRENT_BRANCH=$(git rev-parse --abbrev-ref HEAD) && git branch --set-upstream-to=origin/"${CURRENT_BRANCH}" "${CURRENT_BRANCH}" && git config remote.origin.fetch "+refs/heads/*:refs/remotes/origin/*";
    local STATUS=$?;
    [[ "${STATUS}" == 0 ]] && echo "Cloned from ${SOURCE}";
    return ${STATUS};
  fi
};

function akstage() {
  prodedge=$(dig ${1} | grep -m 1 'edgekey.net' | awk '{print $5}')
  stagedge=$(echo "${prodedge}" | sed 's|.edgekey.net.|.edgekey-staging.net|')
  echo "Staging edge: ${stagedge}"
  stagip=$(ping -c 1 ${stagedge} | egrep -om 1 '([0-9]+)\.([0-9]+)\.([0-9]+)\.([0-9]+)')
  echo "Add the following line to your /etc/hosts file"
  tput bold
  echo -e "${stagip} \t ${1} \n"
  tput sgr0
  echo "***REMEMBER TO REMOVE THIS LINE WHEN YOU ARE FINISHED TESTING***"
};

_akamai_cli_bash_autocomplete() {
  local cur opts base
  COMPREPLY=()
  cur="${COMP_WORDS[COMP_CWORD]}"
  opts=$( ${COMP_WORDS[@]:0:$COMP_CWORD} --generate-auto-complete )
  COMPREPLY=( $(compgen -W "${opts}" -- ${cur}) )
  return 0
}

function encode_string_base64() {
  if [ -n "$1" ]
  then
    echo -n "$1" | base64;
  else
    echo "Pass in a string";
  fi
};

function chrome() {
  local site=""
  if [[ -f "$(pwd)/$1" ]]; then
    site="$(pwd)/$1"
  elif [[ "$1" =~ "^http" ]]; then
    site="$1"
  else
    site="http://$1"
  fi
  /usr/bin/open -a "/Applications/Google Chrome.app" "$site";
};

function oktakubeload() {
  ## function to check kube default-configs against ~/.kube then load the specific ENV kubeconfig.
  ## NB. Ensure your authorised config files have been copied from default-config to ~/.kube
  #
  # Usage: oktakubeload {ENV} {dash}
  # the 2nd variable dash is optional and will display URL/token for dashboard

  ENV=${1}
  KubePath=~/.kube/okta_config.d
  KubeConf=kubeconfig-${ENV}-okta

  ## Ensure you only allow prod|staging|dev|devcontent|stagecontent|prodcontent environments to be specified
  if [[ ${ENV} == "" ]]
  then
    printf "ERROR: No env passed\n"
    printf "USAGE: oktakubeload {ENV} {dash}\n"
    return 1 2> /dev/null
  else
    case ${ENV} in
      prod|staging|dev|devcontent|stagecontent|prodcontent)
        export KUBECONFIG=${KubePath}/${KubeConf}
        ;;
      *)
        printf "ERROR: Config environment doesn't exist\n"
        return 2
        ;;
    esac
  fi

  # print out cluster info
  kubectl cluster-info

  if [[ ${2} == dash ]]
  then
    printf "Browse to this url:\n\n"
    tput sgr0
    printf "http://localhost:8001/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy/\n\n"
    tput bold
    printf "In the browser select Token and paste in the token shown below:\n\n"
    tput sgr0
    printf "$(cat ${KUBECONFIG} | grep id-token: | awk '{print $2}') \n\n"
    kubectl proxy
  fi
};

function fingerprint_ssh_key() {
  # argument ${1} takes in private key and generates fingerprints in different formats
  #
  local key_dir=${1}
  printf "Fingerprints: \n"
  ssh-keygen -lf /dev/stdin <<< $( ssh-keygen -f ${key_dir} -y )
  printf "If you created your key pair using third-party tool: \n"
  openssl rsa -in ${key_dir} -pubout -outform DER | openssl md5 -c
  printf "If you created your key pair using AWS: \n"
  openssl pkcs8 -in ${key_dir} -inform PEM -outform DER -topk8 -nocrypt | openssl sha1 -c
}

function okta_aws_shell() {
  # Launch OKTA AWS Bash shell for $1 account
  export OLDPS=${PS1}
  if [[ -z ${1} ]]
    then
      aws-okta list
      printf "\nAccount to login to => "
      read AWSACC
    else
      AWSACC=${1}
  fi

  export PS1="OKTA-SHELL_${AWSACC} => "
  aws-okta exec ${AWSACC} -- bash
  export PS1=${OLDPS}
}

function okta_aws_console() {
  # Login to AWS console for provided account
  if [[ -z ${1} ]]
    then
      aws-okta list
      printf "\nAccount to login to => "
      read AWSACC
    else
      AWSACC=${1}
  fi

  open -n /Applications/Google\ Chrome.app --args --incognito $(aws-okta login ${AWSACC} --stdout)
}