diff --git a/automation/cloudflared-sync.sh b/automation/cloudflared-sync.sh deleted file mode 100644 index e608f14..0000000 --- a/automation/cloudflared-sync.sh +++ /dev/null @@ -1,129 +0,0 @@ -#!/bin/bash -set -e - -# đŸ“Ļ Ensure apk installs: yq, jq, git, bash, curl -# Required for pipeline: alpine image + apk add --no-cache git bash curl yq jq - -apk add --no-cache git bash curl yq jq - -echo "🔍 Scanning for apps with cname.yaml..." - -mkdir -p generated-values -rm -rf .tmp-repos -mkdir -p .tmp-repos - -# === REPO CONFIG === -SANDBOX_REPO_URL="https://git.dvirlabs.com/dvirlabs/sandbox.git" -INFRA_REPO_URL="https://${GIT_TOKEN}@git.dvirlabs.com/dvirlabs/infra.git" -SANDBOX_CLONE=".tmp-repos/sandbox" -INFRA_CLONE=".tmp-repos/infra" -GENERATED_FILE="$(pwd)/generated-values/cloudflared-values.yaml" -ORIGINAL_FILE="$INFRA_CLONE/manifests/cloudflared/values.yaml" -MERGED_FILE="$INFRA_CLONE/manifests/cloudflared/values.yaml" - -# === STEP 1: Clone Repos === -echo "đŸ“Ļ Cloning sandbox-apps..." -git clone --depth=1 "$SANDBOX_REPO_URL" "$SANDBOX_CLONE" - -echo "đŸ“Ļ Cloning infra..." -git clone --depth=1 "$INFRA_REPO_URL" "$INFRA_CLONE" - -# === STEP 2: Extract Generated CNAMEs from sandbox === -echo "⚙ī¸ Generating sandbox ingress list..." -cat < "$GENERATED_FILE" -ingress: [] -EOF - -find "$SANDBOX_CLONE/manifests" -name cname.yaml | while read -r cname_file; do - app_name=$(basename "$(dirname "$cname_file")") - enabled=$(yq '.enabled' "$cname_file") - - if [[ "$enabled" == "true" ]]; then - hostname=$(yq '.hostname' "$cname_file") - service="http://${app_name}.sandbox.svc.cluster.local:80" - - echo "✅ Found $hostname → $service" - - yq eval ".ingress += [{\"hostname\": \"$hostname\", \"service\": \"$service\"}]" -i "$GENERATED_FILE" - fi -done - -echo "📄 Generated Ingress:" -cat "$GENERATED_FILE" - -# === STEP 3: Merge with existing cloudflared values === -echo "🔁 Merging new entries into: $ORIGINAL_FILE" - -TEMP_FILE=$(mktemp) -cp "$ORIGINAL_FILE" "$TEMP_FILE" - -# Loop through new entries and append only if hostname not exists -yq eval '.ingress' "$GENERATED_FILE" | yq -o=json | jq -c '.[]' | while read -r new_entry; do - hostname=$(echo "$new_entry" | jq -r '.hostname') - service=$(echo "$new_entry" | jq -r '.service') - - exists=$(yq e ".cloudflare.ingress[] | select(.hostname == \"$hostname\")" "$TEMP_FILE") - - if [ -z "$exists" ]; then - echo "➕ Adding $hostname → $service" - yq eval ".cloudflare.ingress += [{\"hostname\": \"$hostname\", \"service\": \"$service\"}]" -i "$TEMP_FILE" - else - echo "⚠ī¸ $hostname already exists, skipping" - fi -done - -# === STEP 4: Overwrite only ingress list and preserve all other fields === -echo "📝 Writing final merged values.yaml" -cp "$TEMP_FILE" "$MERGED_FILE" - -echo "✅ Final merged values.yaml:" -cat "$MERGED_FILE" - -# === STEP 5: Optional push to Git === -cd "$INFRA_CLONE" -git config user.name "woodpecker-bot" -git config user.email "ci@dvirlabs.com" -git remote set-url origin "https://${GIT_TOKEN}@git.dvirlabs.com/dvirlabs/infra.git" - -if ! git diff --quiet manifests/cloudflared/values.yaml; then - git add manifests/cloudflared/values.yaml - git commit -m "chore(cloudflared): auto-merge CNAME entries from sandbox" - git push origin HEAD - echo "✅ Changes pushed successfully." -else - echo "ℹī¸ No changes to commit." -fi - -# === STEP 5: Create CNAME records in Cloudflare === -echo "🌐 Creating CNAME records in Cloudflare..." -CLOUDFLARE_API="https://api.cloudflare.com/client/v4" -TARGET="b50bbf48-0a2f-47ce-b73e-336b6718318b.cfargotunnel.com" - -# Load required secrets -: "${CLOUDFLARE_API_TOKEN:?CLOUDFLARE_API_TOKEN not set}" -: "${CLOUDFLARE_ZONE_ID:?CLOUDFLARE_ZONE_ID not set}" - -# Check and create each CNAME -yq eval '.ingress' "$GENERATED_FILE" | yq eval -o=json '.' - | jq -c '.[]' | while read -r record; do - name=$(echo "$record" | jq -r '.hostname' | sed 's/\.dvirlabs\.com//') - - # Check if already exists - exists=$(curl -s -X GET "$CLOUDFLARE_API/zones/$CLOUDFLARE_ZONE_ID/dns_records?type=CNAME&name=$name.dvirlabs.com" \ - -H "Authorization: Bearer $CLOUDFLARE_API_TOKEN" -H "Content-Type: application/json" | jq '.result | length') - - if [ "$exists" -eq 0 ]; then - echo "➕ Creating CNAME: $name.dvirlabs.com → $TARGET" - curl -s -X POST "$CLOUDFLARE_API/zones/$CLOUDFLARE_ZONE_ID/dns_records" \ - -H "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \ - -H "Content-Type: application/json" \ - --data "{ - \"type\": \"CNAME\", - \"name\": \"$name\", - \"content\": \"$TARGET\", - \"ttl\": 1, - \"proxied\": true - }" > /dev/null - else - echo "⚠ī¸ CNAME for $name.dvirlabs.com already exists, skipping" - fi -done \ No newline at end of file diff --git a/cloudflared-sync/clone_repos.sh b/cloudflared-sync/clone_repos.sh new file mode 100644 index 0000000..0909ff5 --- /dev/null +++ b/cloudflared-sync/clone_repos.sh @@ -0,0 +1,7 @@ +#!/bin/bash + +echo "đŸ“Ļ Cloning sandbox-apps..." +git clone --depth=1 "$SANDBOX_REPO_URL" "$SANDBOX_CLONE" + +echo "đŸ“Ļ Cloning infra..." +git clone --depth=1 "$INFRA_REPO_URL" "$INFRA_CLONE" diff --git a/cloudflared-sync/commit_and_push.sh b/cloudflared-sync/commit_and_push.sh new file mode 100644 index 0000000..f04f779 --- /dev/null +++ b/cloudflared-sync/commit_and_push.sh @@ -0,0 +1,15 @@ +#!/bin/bash + +cd "$INFRA_CLONE" +git config user.name "woodpecker-bot" +git config user.email "ci@dvirlabs.com" +git remote set-url origin "$INFRA_REPO_URL" + +if ! git diff --quiet manifests/cloudflared/values.yaml; then + git add manifests/cloudflared/values.yaml + git commit -m "chore(cloudflared): auto-merge CNAME entries from sandbox" + git push origin HEAD + echo "✅ Changes pushed successfully." +else + echo "ℹī¸ No changes to commit." +fi diff --git a/cloudflared-sync/config.sh b/cloudflared-sync/config.sh new file mode 100644 index 0000000..3a1b4f2 --- /dev/null +++ b/cloudflared-sync/config.sh @@ -0,0 +1,20 @@ +#!/bin/bash + +set -e + +# Required tools +apk add --no-cache git bash curl yq jq + +# Repo Config +SANDBOX_REPO_URL="https://git.dvirlabs.com/dvirlabs/sandbox.git" +INFRA_REPO_URL="https://${GIT_TOKEN}@git.dvirlabs.com/dvirlabs/infra.git" + +SANDBOX_CLONE=".tmp-repos/sandbox" +INFRA_CLONE=".tmp-repos/infra" + +GENERATED_FILE="$(pwd)/generated-values/cloudflared-values.yaml" +ORIGINAL_FILE="$INFRA_CLONE/manifests/cloudflared/values.yaml" +MERGED_FILE="$INFRA_CLONE/manifests/cloudflared/values.yaml" + +CLOUDFLARE_API="https://api.cloudflare.com/client/v4" +TARGET="b50bbf48-0a2f-47ce-b73e-336b6718318b.cfargotunnel.com" diff --git a/cloudflared-sync/create_cnames.sh b/cloudflared-sync/create_cnames.sh new file mode 100644 index 0000000..e7018bc --- /dev/null +++ b/cloudflared-sync/create_cnames.sh @@ -0,0 +1,29 @@ +#!/bin/bash + +echo "🌐 Creating CNAME records in Cloudflare..." + +: "${CLOUDFLARE_API_TOKEN:?CLOUDFLARE_API_TOKEN not set}" +: "${CLOUDFLARE_ZONE_ID:?CLOUDFLARE_ZONE_ID not set}" + +yq eval '.ingress' "$GENERATED_FILE" | yq -o=json '.' | jq -c '.[]' | while read -r record; do + name=$(echo "$record" | jq -r '.hostname' | sed 's/\.dvirlabs\.com//') + + exists=$(curl -s -X GET "$CLOUDFLARE_API/zones/$CLOUDFLARE_ZONE_ID/dns_records?type=CNAME&name=$name.dvirlabs.com" \ + -H "Authorization: Bearer $CLOUDFLARE_API_TOKEN" -H "Content-Type: application/json" | jq '.result | length') + + if [ "$exists" -eq 0 ]; then + echo "➕ Creating CNAME: $name.dvirlabs.com → $TARGET" + curl -s -X POST "$CLOUDFLARE_API/zones/$CLOUDFLARE_ZONE_ID/dns_records" \ + -H "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \ + -H "Content-Type: application/json" \ + --data "{ + \"type\": \"CNAME\", + \"name\": \"$name\", + \"content\": \"$TARGET\", + \"ttl\": 1, + \"proxied\": true + }" > /dev/null + else + echo "⚠ī¸ CNAME for $name.dvirlabs.com already exists, skipping" + fi +done diff --git a/cloudflared-sync/generate_ingress.sh b/cloudflared-sync/generate_ingress.sh new file mode 100644 index 0000000..05fbc97 --- /dev/null +++ b/cloudflared-sync/generate_ingress.sh @@ -0,0 +1,18 @@ +#!/bin/bash + +echo "⚙ī¸ Generating sandbox ingress list..." +mkdir -p generated-values +cat < "$GENERATED_FILE" +ingress: [] +EOF + +find "$SANDBOX_CLONE/manifests" -name cname.yaml | while read -r cname_file; do + app_name=$(basename "$(dirname "$cname_file")") + enabled=$(yq '.enabled' "$cname_file") + if [[ "$enabled" == "true" ]]; then + hostname=$(yq '.hostname' "$cname_file") + service="http://${app_name}.sandbox.svc.cluster.local:80" + echo "✅ Found $hostname → $service" + yq eval ".ingress += [{\"hostname\": \"$hostname\", \"service\": \"$service\"}]" -i "$GENERATED_FILE" + fi +done diff --git a/cloudflared-sync/main.sh b/cloudflared-sync/main.sh new file mode 100644 index 0000000..de3f7e7 --- /dev/null +++ b/cloudflared-sync/main.sh @@ -0,0 +1,13 @@ +#!/bin/bash +set -e + +source ./config.sh + +rm -rf .tmp-repos +mkdir -p .tmp-repos + +./clone_repos.sh +./generate_ingress.sh +./merge_values.sh +./commit_and_push.sh +./create_cnames.sh diff --git a/cloudflared-sync/merge_values.sh b/cloudflared-sync/merge_values.sh new file mode 100644 index 0000000..8810ecc --- /dev/null +++ b/cloudflared-sync/merge_values.sh @@ -0,0 +1,19 @@ +#!/bin/bash + +echo "🔁 Merging new entries into: $ORIGINAL_FILE" +TEMP_FILE=$(mktemp) +cp "$ORIGINAL_FILE" "$TEMP_FILE" + +yq eval '.ingress' "$GENERATED_FILE" | yq -o=json | jq -c '.[]' | while read -r new_entry; do + hostname=$(echo "$new_entry" | jq -r '.hostname') + service=$(echo "$new_entry" | jq -r '.service') + exists=$(yq e ".cloudflare.ingress[] | select(.hostname == \"$hostname\")" "$TEMP_FILE") + if [ -z "$exists" ]; then + echo "➕ Adding $hostname → $service" + yq eval ".cloudflare.ingress += [{\"hostname\": \"$hostname\", \"service\": \"$service\"}]" -i "$TEMP_FILE" + else + echo "⚠ī¸ $hostname already exists, skipping" + fi +done + +cp "$TEMP_FILE" "$MERGED_FILE"