Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: template lagoon-env secret #397

Draft
wants to merge 1 commit into
base: main
Choose a base branch
from
Draft
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 1 addition & 3 deletions Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -78,13 +78,11 @@ RUN apk add -U --repository http://dl-cdn.alpinelinux.org/alpine/edge/testing au
&& apk upgrade --no-cache openssh openssh-keygen openssh-client-common openssh-client-default \
&& apk add --no-cache openssl curl jq parallel bash git py-pip skopeo \
&& git config --global user.email "lagoon@lagoon.io" && git config --global user.name lagoon \
&& pip install --break-system-packages shyaml yq
&& pip install --break-system-packages yq

RUN architecture=$(case $(uname -m) in x86_64 | amd64) echo "amd64" ;; aarch64 | arm64 | armv8) echo "arm64" ;; *) echo "amd64" ;; esac) \
&& curl -Lo /usr/bin/kubectl https://dl.k8s.io/release/$KUBECTL_VERSION/bin/linux/${architecture}/kubectl \
&& chmod +x /usr/bin/kubectl \
&& curl -Lo /usr/bin/yq3 https://github.com/mikefarah/yq/releases/download/3.3.2/yq_linux_${architecture} \
&& chmod +x /usr/bin/yq3 \
&& curl -Lo /usr/bin/yq https://github.com/mikefarah/yq/releases/download/v4.35.2/yq_linux_${architecture} \
&& chmod +x /usr/bin/yq \
&& curl -Lo /tmp/helm.tar.gz https://get.helm.sh/helm-${HELM_VERSION}-linux-${architecture}.tar.gz \
Expand Down
2 changes: 2 additions & 0 deletions cmd/root.go
Original file line number Diff line number Diff line change
Expand Up @@ -153,6 +153,8 @@ func init() {
"Ignore missing env_file files (true by default, subject to change).")
rootCmd.PersistentFlags().StringP("images", "", "",
"JSON representation of service:image reference")
rootCmd.PersistentFlags().StringP("dbaas-creds", "", "",
"JSON representation of dbaas credential references")
}

// initConfig reads in config file and ENV variables if set.
Expand Down
120 changes: 120 additions & 0 deletions cmd/template_lagoonenv.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,120 @@
package cmd

import (
"encoding/json"
"fmt"
"os"
"strings"

"github.com/spf13/cobra"
generator "github.com/uselagoon/build-deploy-tool/internal/generator"
"github.com/uselagoon/build-deploy-tool/internal/helpers"
servicestemplates "github.com/uselagoon/build-deploy-tool/internal/templating"
)

type DBaaSCredRefs []map[string]string

var lagoonEnvGeneration = &cobra.Command{
Use: "lagoon-env",
Aliases: []string{"le"},
Short: "Generate the lagoon-env secret template for a Lagoon build",
RunE: func(cmd *cobra.Command, args []string) error {
generator, err := generator.GenerateInput(*rootCmd, true)
if err != nil {
return err
}
routes, err := cmd.Flags().GetString("routes")
if err != nil {
return fmt.Errorf("error reading routes flag: %v", err)
}
secretName, err := cmd.Flags().GetString("secret-name")
if err != nil {
return fmt.Errorf("error reading secret-name flag: %v", err)
}
dbaasCreds, err := rootCmd.PersistentFlags().GetString("dbaas-creds")
if err != nil {
return fmt.Errorf("error reading dbaas creds flag: %v", err)
}
configMapVars, err := cmd.Flags().GetString("configmap-vars")
if err != nil {
return fmt.Errorf("error reading configmap variables flag: %v", err)
}
dbaasCredRefs, err := loadCredsFromFile(dbaasCreds)
if err != nil {
return err
}
cmVars := map[string]string{}
if err := json.Unmarshal([]byte(configMapVars), &cmVars); err != nil {
return fmt.Errorf("error unmarshalling lagoon-env configmap variables payload: %v", err)
}
generator.ConfigMapVars = cmVars
dbCreds := map[string]string{}
for _, v := range *dbaasCredRefs {
for k, v1 := range v {
dbCreds[k] = v1
}
}
generator.DBaaSVariables = dbCreds
return LagoonEnvTemplateGeneration(secretName, generator, routes)
},
}

func loadCredsFromFile(file string) (*DBaaSCredRefs, error) {
dbaasCredRefs := &DBaaSCredRefs{}
dbaasCredJSON, err := os.ReadFile(file)
if err != nil {
return nil, fmt.Errorf("couldn't read file %v: %v", file, err)
}
if err := json.Unmarshal(dbaasCredJSON, dbaasCredRefs); err != nil {
return nil, fmt.Errorf("error unmarshalling dbaas creds payload: %v", err)
}
return dbaasCredRefs, nil
}

// LagoonEnvTemplateGeneration .
func LagoonEnvTemplateGeneration(
name string,
g generator.GeneratorInput,
routes string,
) error {
lagoonBuild, err := generator.NewGenerator(
g,
)
if err != nil {
return err
}
savedTemplates := g.SavedTemplatesPath
// if the routes have been passed from the command line, use them instead. we do this since lagoon currently doesn't enforce route state to match
// what is in the `.lagoon.yml` file, so there may be items that exist in the cluster that don't exist in yaml
// eventually once route state enforcement is enforced, or the tool can reconcile what is in the cluster itself rather than in bash
// then this can be removed
// https://github.com/uselagoon/build-deploy-tool/blob/f527a89ad5efb46e19a2f59d9ff3ffbff541e2a2/legacy/build-deploy-docker-compose.sh#L1090
if routes != "" {
lagoonBuild.BuildValues.Routes = strings.Split(routes, ",")
}
cm, err := servicestemplates.GenerateLagoonEnvSecret(name, *lagoonBuild.BuildValues)
if err != nil {
return fmt.Errorf("couldn't generate template: %v", err)
}
templateBytes, err := servicestemplates.TemplateSecret(cm)
if err != nil {
return fmt.Errorf("couldn't generate template: %v", err)
}
if len(templateBytes) > 0 {
if g.Debug {
fmt.Printf("Templating lagoon-env secret %s\n", fmt.Sprintf("%s/%s-secret.yaml", savedTemplates, name))
}
helpers.WriteTemplateFile(fmt.Sprintf("%s/%s-secret.yaml", savedTemplates, name), templateBytes)
}
return nil
}

func init() {
templateCmd.AddCommand(lagoonEnvGeneration)
lagoonEnvGeneration.Flags().StringP("routes", "R", "",
"The routes from the environment")
lagoonEnvGeneration.Flags().StringP("secret-name", "S", "",
"The name of the secret")
lagoonEnvGeneration.Flags().StringP("configmap-vars", "N", "",
"Any variables from the legacy configmap that need to be retained")
}
Loading
Loading