dvirlabs/apps-gitops
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
apps-gitops/automation/cloudflared-sync.sh
dvirlabs dc784141df Debug
2025-06-22 23:12:01 +03:00

148 lines
4.9 KiB
Bash
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

#!/bin/bash
set -e
apk add --no-cache git bash curl yq jq
echo "🔍 Scanning for apps with cname.yaml..."
mkdir -p generated-values
rm -rf .tmp-repos
mkdir -p .tmp-repos
SANDBOX_REPO_URL="https://git.dvirlabs.com/dvirlabs/sandbox.git"
INFRA_REPO_URL="https://${GIT_TOKEN}@git.dvirlabs.com/dvirlabs/infra.git"
SANDBOX_CLONE=".tmp-repos/sandbox"
INFRA_CLONE=".tmp-repos/infra"
GENERATED_FILE="generated-values/cloudflared-values.yaml"
ORIGINAL_FILE="$INFRA_CLONE/manifests/cloudflared/values.yaml"
MERGED_FILE="$INFRA_CLONE/manifests/cloudflared/values.yaml"
echo "Debug"
ls -l
ls -l generated-values
pwd
pwd $GENERATED_FILE
echo "📦 Cloning repos..."
git clone --depth=1 "$SANDBOX_REPO_URL" "$SANDBOX_CLONE"
git clone --depth=1 "$INFRA_REPO_URL" "$INFRA_CLONE"
echo "⚙️ Generating ingress entries..."
cat <<EOF > "$GENERATED_FILE"
ingress: []
EOF
find "$SANDBOX_CLONE/manifests" -name cname.yaml | while read -r cname_file; do
app_dir=$(dirname "$cname_file")
app_name=$(basename "$app_dir")
namespace=$(basename "$(dirname "$app_dir")")
enabled=$(yq '.enabled' "$cname_file")
if [[ "$enabled" == "true" ]]; then
hostname=$(yq '.hostname' "$cname_file")
service="http://${app_name}.${namespace}.svc.cluster.local:80"
echo "$hostname$service"
yq eval ".ingress += [{\"hostname\": \"$hostname\", \"service\": \"$service\", \"namespace\": \"$namespace\"}]" -i "$GENERATED_FILE"
fi
done
echo "📄 Ingress generated:"
cat "$GENERATED_FILE"
# === Merge new ingress into cloudflare.ingress ===
echo "🔁 Merging new entries..."
TEMP_FILE=$(mktemp)
cp "$ORIGINAL_FILE" "$TEMP_FILE"
existing_json=$(yq e -o=json '.cloudflare.ingress' "$TEMP_FILE" 2>/dev/null || echo "[]")
echo "$existing_json" > /tmp/existing.json
yq eval '.ingress' "$GENERATED_FILE" | yq -o=json | jq -c '.[]' | while read -r new_entry; do
hostname=$(echo "$new_entry" | jq -r '.hostname')
service=$(echo "$new_entry" | jq -r '.service')
namespace=$(echo "$new_entry" | jq -r '.namespace')
exists=$(jq --arg hostname "$hostname" '.[] | select(.hostname == $hostname)' /tmp/existing.json)
if [ -z "$exists" ]; then
echo " Adding $hostname"
yq e ".cloudflare.ingress += [{\"hostname\": \"$hostname\", \"service\": \"$service\", \"namespace\": \"$namespace\"}]" -i "$TEMP_FILE"
else
echo "⚠️ $hostname already exists, skipping"
fi
done
# === Format ingress list ===
echo "🧼 Regrouping by namespace..."
FINAL_FILE=$(mktemp)
yq e 'del(.cloudflare.ingress)' "$TEMP_FILE" > "$FINAL_FILE"
echo " ingress:" >> "$FINAL_FILE"
yq e '.cloudflare.ingress' "$TEMP_FILE" | yq -o=json | jq -s 'group_by(.namespace)[]' | while read -r group; do
namespace=$(echo "$group" | jq -r '.[0].namespace')
echo " # ############ $namespace ############" >> "$FINAL_FILE"
echo "$group" | jq -c '.[]' | while read -r item; do
hostname=$(echo "$item" | jq -r '.hostname')
service=$(echo "$item" | jq -r '.service')
echo " - hostname: $hostname" >> "$FINAL_FILE"
echo " service: $service" >> "$FINAL_FILE"
done
done
# Merge back under cloudflare.ingress
FINAL_MERGED=$(mktemp)
yq e 'del(.cloudflare.ingress)' "$TEMP_FILE" > "$FINAL_MERGED"
cat "$FINAL_FILE" >> "$FINAL_MERGED"
cp "$FINAL_MERGED" "$MERGED_FILE"
echo "✅ Final values.yaml:"
cat "$MERGED_FILE"
# === Git commit/push ===
cd "$INFRA_CLONE"
git config user.name "woodpecker-bot"
git config user.email "ci@dvirlabs.com"
git remote set-url origin "https://${GIT_TOKEN}@git.dvirlabs.com/dvirlabs/infra.git"
if ! git diff --quiet manifests/cloudflared/values.yaml; then
git add manifests/cloudflared/values.yaml
git commit -m "chore(cloudflared): auto-merge & group ingress"
git push origin HEAD
else
echo " No changes to commit."
fi
# === Cloudflare CNAME ===
echo "🌐 Creating CNAME records..."
CLOUDFLARE_API="https://api.cloudflare.com/client/v4"
TARGET="b50bbf48-0a2f-47ce-b73e-336b6718318b.cfargotunnel.com"
: "${CLOUDFLARE_API_TOKEN:?CLOUDFLARE_API_TOKEN not set}"
: "${CLOUDFLARE_ZONE_ID:?CLOUDFLARE_ZONE_ID not set}"
yq eval '.ingress' "$GENERATED_FILE" | yq -o=json | jq -c '.[]' | while read -r record; do
name=$(echo "$record" | jq -r '.hostname' | sed 's/\.dvirlabs\.com//')
exists=$(curl -s -X GET "$CLOUDFLARE_API/zones/$CLOUDFLARE_ZONE_ID/dns_records?type=CNAME&name=$name.dvirlabs.com" \
-H "Authorization: Bearer $CLOUDFLARE_API_TOKEN" -H "Content-Type: application/json" | jq '.result | length')
if [ "$exists" -eq 0 ]; then
echo " Creating $name.dvirlabs.com → $TARGET"
curl -s -X POST "$CLOUDFLARE_API/zones/$CLOUDFLARE_ZONE_ID/dns_records" \
-H "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \
-H "Content-Type: application/json" \
--data "{
\"type\": \"CNAME\",
\"name\": \"$name\",
\"content\": \"$TARGET\",
\"ttl\": 1,
\"proxied\": true
}" > /dev/null
else
echo "⚠️ $name.dvirlabs.com already exists"
fi
done
Reference in New Issue View Git Blame Copy Permalink