dvirlabs/apps-gitops
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
apps-gitops/automation/cloudflared/cloudflared-sync.sh
dvirlabs 86762f076f Update script
2025-06-27 19:17:06 +03:00

142 lines
4.7 KiB
Bash
Raw Permalink Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

#!/bin/bash
set -e
# 📦 Ensure apk installs: yq, jq, git, bash, curl
apk add --no-cache git bash curl yq jq
echo "🔍 Scanning for apps with cname.yaml..."
mkdir -p generated-values
rm -rf .tmp-repos
mkdir -p .tmp-repos
# === REPO CONFIG ===
REPOS=(
"sandbox|https://git.dvirlabs.com/dvirlabs/sandbox.git"
"dev-tools|https://git.dvirlabs.com/dvirlabs/dev-tools.git"
"my-apps|https://git.dvirlabs.com/dvirlabs/my-apps.git"
"observability-stack|https://git.dvirlabs.com/dvirlabs/observability-stack.git"
)
INFRA_REPO_URL="https://${GIT_TOKEN}@git.dvirlabs.com/dvirlabs/infra.git"
INFRA_CLONE=".tmp-repos/infra"
GENERATED_FILE="$(pwd)/generated-values/cloudflared-values.yaml"
ORIGINAL_FILE="$INFRA_CLONE/manifests/cloudflared/values.yaml"
MERGED_FILE="$INFRA_CLONE/manifests/cloudflared/values.yaml"
# === STEP 1: Clone Repos ===
echo "📦 Cloning target app repos..."
for entry in "${REPOS[@]}"; do
SECTION_NAME="${entry%%|*}"
REPO_URL="${entry##*|}"
REPO_DIR=".tmp-repos/$SECTION_NAME"
git clone --depth=1 "$REPO_URL" "$REPO_DIR"
done
echo "📦 Cloning infra repo..."
git clone --depth=1 "$INFRA_REPO_URL" "$INFRA_CLONE"
ls -l .tmp-repos/
# === STEP 2: Extract CNAMEs from all repos ===
echo "⚙️ Generating merged ingress list..."
echo "ingress: []" > "$GENERATED_FILE"
for entry in "${REPOS[@]}"; do
SECTION_NAME="${entry%%|*}"
REPO_DIR=".tmp-repos/$SECTION_NAME"
find "$REPO_DIR/manifests" -name cname.yaml | while read -r cname_file; do
app_name=$(basename "$(dirname "$cname_file")")
enabled=$(yq '.enabled' "$cname_file")
if [[ "$enabled" == "true" ]]; then
hostname=$(yq '.hostname' "$cname_file")
service="http://${app_name}.${SECTION_NAME}.svc.cluster.local:80"
echo "✅ Found $hostname$service in $SECTION_NAME"
yq eval ".ingress += [{\"hostname\": \"$hostname\", \"service\": \"$service\", \"_section\": \"$SECTION_NAME\"}]" -i "$GENERATED_FILE"
fi
done
done
echo "📄 Generated Ingress:"
cat "$GENERATED_FILE"
# === STEP 3: Merge with existing cloudflared values ===
echo "🔁 Merging new entries into: $ORIGINAL_FILE"
TEMP_FILE=$(mktemp)
cp "$ORIGINAL_FILE" "$TEMP_FILE"
yq eval '.ingress' "$GENERATED_FILE" | yq -o=json | jq -c '.[]' | while read -r new_entry; do
hostname=$(echo "$new_entry" | jq -r '.hostname')
service=$(echo "$new_entry" | jq -r '.service')
exists=$(yq e ".cloudflare.ingress[] | select(.hostname == \"$hostname\")" "$TEMP_FILE")
if [ -z "$exists" ]; then
echo " Adding $hostname$service"
yq eval ".cloudflare.ingress += [{\"hostname\": \"$hostname\", \"service\": \"$service\"}]" -i "$TEMP_FILE"
else
echo "⚠️ $hostname already exists, skipping"
fi
done
# === STEP 4: Overwrite only ingress list and preserve all other fields ===
echo "📝 Writing final merged values.yaml"
cp "$TEMP_FILE" "$MERGED_FILE"
echo "✅ Final merged values.yaml:"
cat "$MERGED_FILE"
# === STEP 5: Optional push to Git ===
cd "$INFRA_CLONE"
git config user.name "woodpecker-bot"
git config user.email "ci@dvirlabs.com"
git remote set-url origin "https://${GIT_TOKEN}@git.dvirlabs.com/dvirlabs/infra.git"
if ! git diff --quiet manifests/cloudflared/values.yaml; then
git add manifests/cloudflared/values.yaml
git commit -m "chore(cloudflared): auto-merge CNAME entries from all repos"
git push origin HEAD
echo "✅ Changes pushed successfully."
else
echo " No changes to commit."
fi
# === STEP 6: Create CNAME records in Cloudflare ===
ls -l
pwd
ls -l "$GENERATED_FILE"
echo "🌐 Creating CNAME records in Cloudflare..."
CLOUDFLARE_API="https://api.cloudflare.com/client/v4"
TARGET="b50bbf48-0a2f-47ce-b73e-336b6718318b.cfargotunnel.com"
: "${CLOUDFLARE_API_TOKEN:?CLOUDFLARE_API_TOKEN not set}"
: "${CLOUDFLARE_ZONE_ID:?CLOUDFLARE_ZONE_ID not set}"
yq eval '.ingress' "$GENERATED_FILE" | yq -o=json | jq -c '.[]' | while read -r record; do
name=$(echo "$record" | jq -r '.hostname' | sed 's/\.dvirlabs\.com//')
exists=$(curl -s -X GET "$CLOUDFLARE_API/zones/$CLOUDFLARE_ZONE_ID/dns_records?type=CNAME&name=$name.dvirlabs.com" \
-H "Authorization: Bearer $CLOUDFLARE_API_TOKEN" -H "Content-Type: application/json" | jq '.result | length')
if [ "$exists" -eq 0 ]; then
echo " Creating CNAME: $name.dvirlabs.com → $TARGET"
curl -s -X POST "$CLOUDFLARE_API/zones/$CLOUDFLARE_ZONE_ID/dns_records" \
-H "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \
-H "Content-Type: application/json" \
--data "{
\"type\": \"CNAME\",
\"name\": \"$name\",
\"content\": \"$TARGET\",
\"ttl\": 1,
\"proxied\": true
}" > /dev/null
else
echo "⚠️ CNAME for $name.dvirlabs.com already exists, skipping"
fi
done
Reference in New Issue View Git Blame Copy Permalink