From 0a4f8fb5b25c0e9c542ea0c56ee517c7d1fab68f Mon Sep 17 00:00:00 2001 From: dvirlabs Date: Sun, 22 Jun 2025 21:38:24 +0300 Subject: [PATCH] Add new app --- automation/cloudflared-sync.sh | 47 +++++++++++++++++++++++----------- 1 file changed, 32 insertions(+), 15 deletions(-) diff --git a/automation/cloudflared-sync.sh b/automation/cloudflared-sync.sh index 048e065..ade40b1 100644 --- a/automation/cloudflared-sync.sh +++ b/automation/cloudflared-sync.sh @@ -2,13 +2,15 @@ set -e # đŸ“Ļ Ensure apk installs: yq, jq, git, bash, curl +# Required for pipeline: alpine image + apk add --no-cache git bash curl yq jq + apk add --no-cache git bash curl yq jq echo "🔍 Scanning for apps with cname.yaml..." -# === SETUP === -rm -rf .tmp-repos generated-values -mkdir -p .tmp-repos generated-values +mkdir -p generated-values +rm -rf .tmp-repos +mkdir -p .tmp-repos # === REPO CONFIG === SANDBOX_REPO_URL="https://git.dvirlabs.com/dvirlabs/sandbox.git" @@ -26,7 +28,9 @@ git clone --depth=1 "$SANDBOX_REPO_URL" "$SANDBOX_CLONE" echo "đŸ“Ļ Cloning infra..." git clone --depth=1 "$INFRA_REPO_URL" "$INFRA_CLONE" -# === STEP 2: Extract Generated CNAMEs === +ls -l .tmp-repos/ + +# === STEP 2: Extract Generated CNAMEs from sandbox === echo "⚙ī¸ Generating sandbox ingress list..." cat < "$GENERATED_FILE" ingress: [] @@ -39,7 +43,9 @@ find "$SANDBOX_CLONE/manifests" -name cname.yaml | while read -r cname_file; do if [[ "$enabled" == "true" ]]; then hostname=$(yq '.hostname' "$cname_file") service="http://${app_name}.sandbox.svc.cluster.local:80" + echo "✅ Found $hostname → $service" + yq eval ".ingress += [{\"hostname\": \"$hostname\", \"service\": \"$service\"}]" -i "$GENERATED_FILE" fi done @@ -47,15 +53,19 @@ done echo "📄 Generated Ingress:" cat "$GENERATED_FILE" -# === STEP 3: Merge into values.yaml === -echo "🔁 Merging into: $MERGED_FILE" +# === STEP 3: Merge with existing cloudflared values === +echo "🔁 Merging new entries into: $ORIGINAL_FILE" + TEMP_FILE=$(mktemp) cp "$ORIGINAL_FILE" "$TEMP_FILE" -yq eval '.ingress' "$GENERATED_FILE" | yq -o=json | jq -c '.[]' | while read -r entry; do - hostname=$(echo "$entry" | jq -r '.hostname') - service=$(echo "$entry" | jq -r '.service') +# Loop through new entries and append only if hostname not exists +yq eval '.ingress' "$GENERATED_FILE" | yq -o=json | jq -c '.[]' | while read -r new_entry; do + hostname=$(echo "$new_entry" | jq -r '.hostname') + service=$(echo "$new_entry" | jq -r '.service') + exists=$(yq e ".cloudflare.ingress[] | select(.hostname == \"$hostname\")" "$TEMP_FILE") + if [ -z "$exists" ]; then echo "➕ Adding $hostname → $service" yq eval ".cloudflare.ingress += [{\"hostname\": \"$hostname\", \"service\": \"$service\"}]" -i "$TEMP_FILE" @@ -64,11 +74,14 @@ yq eval '.ingress' "$GENERATED_FILE" | yq -o=json | jq -c '.[]' | while read -r fi done +# === STEP 4: Overwrite only ingress list and preserve all other fields === +echo "📝 Writing final merged values.yaml" cp "$TEMP_FILE" "$MERGED_FILE" + echo "✅ Final merged values.yaml:" cat "$MERGED_FILE" -# === STEP 4: Git push === +# === STEP 5: Optional push to Git === cd "$INFRA_CLONE" git config user.name "woodpecker-bot" git config user.email "ci@dvirlabs.com" @@ -83,19 +96,22 @@ else echo "ℹī¸ No changes to commit." fi -# === STEP 5: Create CNAMEs in Cloudflare === +# === STEP 5: Create CNAME records in Cloudflare === echo "🌐 Creating CNAME records in Cloudflare..." CLOUDFLARE_API="https://api.cloudflare.com/client/v4" TARGET="b50bbf48-0a2f-47ce-b73e-336b6718318b.cfargotunnel.com" + +# Load required secrets : "${CLOUDFLARE_API_TOKEN:?CLOUDFLARE_API_TOKEN not set}" : "${CLOUDFLARE_ZONE_ID:?CLOUDFLARE_ZONE_ID not set}" -yq eval '.ingress' "$GENERATED_FILE" | yq -o=json | jq -c '.[]' | while read -r record; do +# Check and create each CNAME +yq eval '.ingress' "$GENERATED_FILE" | yq eval -o=json '.' - | jq -c '.[]' | while read -r record; do name=$(echo "$record" | jq -r '.hostname' | sed 's/\.dvirlabs\.com//') + # Check if already exists exists=$(curl -s -X GET "$CLOUDFLARE_API/zones/$CLOUDFLARE_ZONE_ID/dns_records?type=CNAME&name=$name.dvirlabs.com" \ - -H "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \ - -H "Content-Type: application/json" | jq '.result | length') + -H "Authorization: Bearer $CLOUDFLARE_API_TOKEN" -H "Content-Type: application/json" | jq '.result | length') if [ "$exists" -eq 0 ]; then echo "➕ Creating CNAME: $name.dvirlabs.com → $TARGET" @@ -110,6 +126,7 @@ yq eval '.ingress' "$GENERATED_FILE" | yq -o=json | jq -c '.[]' | while read -r \"proxied\": true }" > /dev/null else - echo "⚠ī¸ CNAME $name.dvirlabs.com already exists, skipping" + echo "⚠ī¸ CNAME for $name.dvirlabs.com already exists, skipping" fi done +