diff --git a/automation/cloudflared-sync.sh b/automation/cloudflared-sync.sh index 5237ce1..41f2f1d 100644 --- a/automation/cloudflared-sync.sh +++ b/automation/cloudflared-sync.sh @@ -1,86 +1,41 @@ -#!/bin/bash -set -e - -# đŸ“Ļ Install required tools (in pipeline step) -apk add --no-cache git bash curl yq jq - -echo "🔍 Scanning for apps with cname.yaml..." - -mkdir -p generated-values -rm -rf .tmp-repos -mkdir -p .tmp-repos - -# === REPO CONFIG === -SANDBOX_REPO_URL="https://git.dvirlabs.com/dvirlabs/sandbox.git" -INFRA_REPO_URL="https://${GIT_TOKEN}@git.dvirlabs.com/dvirlabs/infra.git" -SANDBOX_CLONE=".tmp-repos/sandbox" -INFRA_CLONE=".tmp-repos/infra" +# CONFIG +ORIGINAL_FILE="../infra/cloudflared/values.yaml" +MERGED_FILE="../infra/cloudflared/values.yaml" GENERATED_FILE="generated-values/cloudflared-values.yaml" -ORIGINAL_FILE="$INFRA_CLONE/manifests/cloudflared/values.yaml" -MERGED_FILE="$INFRA_CLONE/manifests/cloudflared/values.yaml" -# === STEP 1: Clone Repos === -echo "đŸ“Ļ Cloning sandbox..." -git clone --depth=1 "$SANDBOX_REPO_URL" "$SANDBOX_CLONE" +echo "🔁 Merging new entries into: $ORIGINAL_FILE" -echo "đŸ“Ļ Cloning infra..." -git clone --depth=1 "$INFRA_REPO_URL" "$INFRA_CLONE" +# Extract original ingress list +ORIGINAL_INGRESS=$(yq eval '.cloudflare.ingress' "$ORIGINAL_FILE") +TEMP_FILE=$(mktemp) -ls -l .tmp-repos/ +# Start a fresh ingress list +echo "$ORIGINAL_INGRESS" | yq eval '.' - > "$TEMP_FILE" -# === STEP 2: Generate ingress list from sandbox === -echo "⚙ī¸ Generating sandbox ingress list..." -cat < "$GENERATED_FILE" -ingress: [] -EOF +# Loop over new entries +yq eval '.ingress[]' "$GENERATED_FILE" | yq eval -o=json '.' - | jq -c '.[]' | while read -r new_entry; do + hostname=$(echo "$new_entry" | jq -r '.hostname') + service=$(echo "$new_entry" | jq -r '.service') -find "$SANDBOX_CLONE/manifests" -name cname.yaml | while read -r cname_file; do - app_name=$(basename "$(dirname "$cname_file")") - enabled=$(yq '.enabled' "$cname_file") + # Check if hostname already exists + exists=$(yq e ".cloudflare.ingress[] | select(.hostname == \"$hostname\")" "$ORIGINAL_FILE") - if [[ "$enabled" == "true" ]]; then - hostname=$(yq '.hostname' "$cname_file") - service="http://${app_name}.sandbox.svc.cluster.local:80" - echo "✅ Found $hostname → $service" - yq eval ".ingress += [{\"hostname\": \"$hostname\", \"service\": \"$service\"}]" -i "$GENERATED_FILE" + if [ -z "$exists" ]; then + echo "➕ Adding $hostname → $service" + # Append new entry + yq eval ". += [{\"hostname\": \"$hostname\", \"service\": \"$service\"}]" -i "$TEMP_FILE" + else + echo "⚠ī¸ $hostname already exists, skipping" fi done -echo "📄 Generated Ingress:" -cat "$GENERATED_FILE" +# Rebuild final values.yaml with updated ingress +yq eval ' + .cloudflare.ingress = load("'"$TEMP_FILE"'") | + .cloudflare.tunnelName = strenv(TUNNEL_NAME) | + .cloudflare.enableWarp = false | + .cloudflare.secretName = "cloudflared-creds" | + .cloudflared = load("'"$ORIGINAL_FILE"'") | .cloudflared +' "$ORIGINAL_FILE" > "$MERGED_FILE" -# === STEP 3: Merge into cloudflared values.yaml === -echo "🔁 Merging new entries into: $ORIGINAL_FILE" - -yq eval-all ' - select(fileIndex == 0) as $base | - select(fileIndex == 1) as $new | - $base * { - cloudflare: $base.cloudflare * { - ingress: ( - ($base.cloudflare.ingress + $new.ingress) - | unique_by(.hostname) - ) - } - } -' "$ORIGINAL_FILE" "$GENERATED_FILE" > "$MERGED_FILE" - -echo "✅ Final merged values.yaml:" -cat "$MERGED_FILE" - -# === STEP 4: Git push === -echo "📤 Pushing updated values.yaml to infra repo..." - -cd "$INFRA_CLONE" -git config user.name "woodpecker-bot" -git config user.email "ci@dvirlabs.com" -git remote set-url origin "https://${GIT_TOKEN}@git.dvirlabs.com/dvirlabs/infra.git" - -if ! git diff --quiet manifests/cloudflared/values.yaml; then - git add manifests/cloudflared/values.yaml - git commit -m "chore(cloudflared): auto-merge CNAME entries from sandbox" - git push origin HEAD - echo "✅ Changes pushed successfully." -else - echo "ℹī¸ No changes to commit." -fi +echo "✅ Patched values.yaml saved to: $MERGED_FILE" \ No newline at end of file