Scan multiple repositories
This commit is contained in:
parent
8c951298be
commit
44d9b3e80b
@ -2,8 +2,6 @@
|
|||||||
set -e
|
set -e
|
||||||
|
|
||||||
# 📦 Ensure apk installs: yq, jq, git, bash, curl
|
# 📦 Ensure apk installs: yq, jq, git, bash, curl
|
||||||
# Required for pipeline: alpine image + apk add --no-cache git bash curl yq jq
|
|
||||||
|
|
||||||
apk add --no-cache git bash curl yq jq
|
apk add --no-cache git bash curl yq jq
|
||||||
|
|
||||||
echo "🔍 Scanning for apps with cname.yaml..."
|
echo "🔍 Scanning for apps with cname.yaml..."
|
||||||
@ -13,41 +11,52 @@ rm -rf .tmp-repos
|
|||||||
mkdir -p .tmp-repos
|
mkdir -p .tmp-repos
|
||||||
|
|
||||||
# === REPO CONFIG ===
|
# === REPO CONFIG ===
|
||||||
SANDBOX_REPO_URL="https://git.dvirlabs.com/dvirlabs/sandbox.git"
|
REPOS=(
|
||||||
|
"sandbox|https://git.dvirlabs.com/dvirlabs/sandbox.git"
|
||||||
|
"dev-tools|https://git.dvirlabs.com/dvirlabs/dev-tools.git"
|
||||||
|
)
|
||||||
|
|
||||||
INFRA_REPO_URL="https://${GIT_TOKEN}@git.dvirlabs.com/dvirlabs/infra.git"
|
INFRA_REPO_URL="https://${GIT_TOKEN}@git.dvirlabs.com/dvirlabs/infra.git"
|
||||||
SANDBOX_CLONE=".tmp-repos/sandbox"
|
|
||||||
INFRA_CLONE=".tmp-repos/infra"
|
INFRA_CLONE=".tmp-repos/infra"
|
||||||
GENERATED_FILE="$(pwd)/generated-values/cloudflared-values.yaml"
|
GENERATED_FILE="$(pwd)/generated-values/cloudflared-values.yaml"
|
||||||
ORIGINAL_FILE="$INFRA_CLONE/manifests/cloudflared/values.yaml"
|
ORIGINAL_FILE="$INFRA_CLONE/manifests/cloudflared/values.yaml"
|
||||||
MERGED_FILE="$INFRA_CLONE/manifests/cloudflared/values.yaml"
|
MERGED_FILE="$INFRA_CLONE/manifests/cloudflared/values.yaml"
|
||||||
|
|
||||||
# === STEP 1: Clone Repos ===
|
# === STEP 1: Clone Repos ===
|
||||||
echo "📦 Cloning sandbox-apps..."
|
echo "📦 Cloning target app repos..."
|
||||||
git clone --depth=1 "$SANDBOX_REPO_URL" "$SANDBOX_CLONE"
|
for entry in "${REPOS[@]}"; do
|
||||||
|
SECTION_NAME="${entry%%|*}"
|
||||||
|
REPO_URL="${entry##*|}"
|
||||||
|
REPO_DIR=".tmp-repos/$SECTION_NAME"
|
||||||
|
git clone --depth=1 "$REPO_URL" "$REPO_DIR"
|
||||||
|
done
|
||||||
|
|
||||||
echo "📦 Cloning infra..."
|
echo "📦 Cloning infra repo..."
|
||||||
git clone --depth=1 "$INFRA_REPO_URL" "$INFRA_CLONE"
|
git clone --depth=1 "$INFRA_REPO_URL" "$INFRA_CLONE"
|
||||||
|
|
||||||
ls -l .tmp-repos/
|
ls -l .tmp-repos/
|
||||||
|
|
||||||
# === STEP 2: Extract Generated CNAMEs from sandbox ===
|
# === STEP 2: Extract CNAMEs from all repos ===
|
||||||
echo "⚙️ Generating sandbox ingress list..."
|
echo "⚙️ Generating merged ingress list..."
|
||||||
cat <<EOF > "$GENERATED_FILE"
|
echo "ingress: []" > "$GENERATED_FILE"
|
||||||
ingress: []
|
|
||||||
EOF
|
|
||||||
|
|
||||||
find "$SANDBOX_CLONE/manifests" -name cname.yaml | while read -r cname_file; do
|
for entry in "${REPOS[@]}"; do
|
||||||
|
SECTION_NAME="${entry%%|*}"
|
||||||
|
REPO_DIR=".tmp-repos/$SECTION_NAME"
|
||||||
|
|
||||||
|
find "$REPO_DIR/manifests" -name cname.yaml | while read -r cname_file; do
|
||||||
app_name=$(basename "$(dirname "$cname_file")")
|
app_name=$(basename "$(dirname "$cname_file")")
|
||||||
enabled=$(yq '.enabled' "$cname_file")
|
enabled=$(yq '.enabled' "$cname_file")
|
||||||
|
|
||||||
if [[ "$enabled" == "true" ]]; then
|
if [[ "$enabled" == "true" ]]; then
|
||||||
hostname=$(yq '.hostname' "$cname_file")
|
hostname=$(yq '.hostname' "$cname_file")
|
||||||
service="http://${app_name}.sandbox.svc.cluster.local:80"
|
service="http://${app_name}.${SECTION_NAME}.svc.cluster.local:80"
|
||||||
|
|
||||||
echo "✅ Found $hostname → $service"
|
echo "✅ Found $hostname → $service in $SECTION_NAME"
|
||||||
|
|
||||||
yq eval ".ingress += [{\"hostname\": \"$hostname\", \"service\": \"$service\"}]" -i "$GENERATED_FILE"
|
yq eval ".ingress += [{\"hostname\": \"$hostname\", \"service\": \"$service\", \"_section\": \"$SECTION_NAME\"}]" -i "$GENERATED_FILE"
|
||||||
fi
|
fi
|
||||||
|
done
|
||||||
done
|
done
|
||||||
|
|
||||||
echo "📄 Generated Ingress:"
|
echo "📄 Generated Ingress:"
|
||||||
@ -59,7 +68,6 @@ echo "🔁 Merging new entries into: $ORIGINAL_FILE"
|
|||||||
TEMP_FILE=$(mktemp)
|
TEMP_FILE=$(mktemp)
|
||||||
cp "$ORIGINAL_FILE" "$TEMP_FILE"
|
cp "$ORIGINAL_FILE" "$TEMP_FILE"
|
||||||
|
|
||||||
# Loop through new entries and append only if hostname not exists
|
|
||||||
yq eval '.ingress' "$GENERATED_FILE" | yq -o=json | jq -c '.[]' | while read -r new_entry; do
|
yq eval '.ingress' "$GENERATED_FILE" | yq -o=json | jq -c '.[]' | while read -r new_entry; do
|
||||||
hostname=$(echo "$new_entry" | jq -r '.hostname')
|
hostname=$(echo "$new_entry" | jq -r '.hostname')
|
||||||
service=$(echo "$new_entry" | jq -r '.service')
|
service=$(echo "$new_entry" | jq -r '.service')
|
||||||
@ -89,14 +97,14 @@ git remote set-url origin "https://${GIT_TOKEN}@git.dvirlabs.com/dvirlabs/infra.
|
|||||||
|
|
||||||
if ! git diff --quiet manifests/cloudflared/values.yaml; then
|
if ! git diff --quiet manifests/cloudflared/values.yaml; then
|
||||||
git add manifests/cloudflared/values.yaml
|
git add manifests/cloudflared/values.yaml
|
||||||
git commit -m "chore(cloudflared): auto-merge CNAME entries from sandbox"
|
git commit -m "chore(cloudflared): auto-merge CNAME entries from all repos"
|
||||||
git push origin HEAD
|
git push origin HEAD
|
||||||
echo "✅ Changes pushed successfully."
|
echo "✅ Changes pushed successfully."
|
||||||
else
|
else
|
||||||
echo "ℹ️ No changes to commit."
|
echo "ℹ️ No changes to commit."
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# === STEP 5: Create CNAME records in Cloudflare ===
|
# === STEP 6: Create CNAME records in Cloudflare ===
|
||||||
ls -l
|
ls -l
|
||||||
pwd
|
pwd
|
||||||
ls -l "$GENERATED_FILE"
|
ls -l "$GENERATED_FILE"
|
||||||
@ -104,15 +112,12 @@ echo "🌐 Creating CNAME records in Cloudflare..."
|
|||||||
CLOUDFLARE_API="https://api.cloudflare.com/client/v4"
|
CLOUDFLARE_API="https://api.cloudflare.com/client/v4"
|
||||||
TARGET="b50bbf48-0a2f-47ce-b73e-336b6718318b.cfargotunnel.com"
|
TARGET="b50bbf48-0a2f-47ce-b73e-336b6718318b.cfargotunnel.com"
|
||||||
|
|
||||||
# Load required secrets
|
|
||||||
: "${CLOUDFLARE_API_TOKEN:?CLOUDFLARE_API_TOKEN not set}"
|
: "${CLOUDFLARE_API_TOKEN:?CLOUDFLARE_API_TOKEN not set}"
|
||||||
: "${CLOUDFLARE_ZONE_ID:?CLOUDFLARE_ZONE_ID not set}"
|
: "${CLOUDFLARE_ZONE_ID:?CLOUDFLARE_ZONE_ID not set}"
|
||||||
|
|
||||||
# Check and create each CNAME
|
yq eval '.ingress' "$GENERATED_FILE" | yq -o=json | jq -c '.[]' | while read -r record; do
|
||||||
yq eval '.ingress' "$GENERATED_FILE" | yq eval -o=json '.' - | jq -c '.[]' | while read -r record; do
|
|
||||||
name=$(echo "$record" | jq -r '.hostname' | sed 's/\.dvirlabs\.com//')
|
name=$(echo "$record" | jq -r '.hostname' | sed 's/\.dvirlabs\.com//')
|
||||||
|
|
||||||
# Check if already exists
|
|
||||||
exists=$(curl -s -X GET "$CLOUDFLARE_API/zones/$CLOUDFLARE_ZONE_ID/dns_records?type=CNAME&name=$name.dvirlabs.com" \
|
exists=$(curl -s -X GET "$CLOUDFLARE_API/zones/$CLOUDFLARE_ZONE_ID/dns_records?type=CNAME&name=$name.dvirlabs.com" \
|
||||||
-H "Authorization: Bearer $CLOUDFLARE_API_TOKEN" -H "Content-Type: application/json" | jq '.result | length')
|
-H "Authorization: Bearer $CLOUDFLARE_API_TOKEN" -H "Content-Type: application/json" | jq '.result | length')
|
||||||
|
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user