From b2ae028461ae327385601e996e4e073a6f84bebf Mon Sep 17 00:00:00 2001 From: Anton Novikov Date: Wed, 18 Dec 2024 19:00:51 +0100 Subject: [PATCH 1/2] Implement aws-iam-config-postsync-hook.sh hook. --- bin/aws-iam-config-postsync-hook.sh | 39 +++++++++++++++++++++++++++++ 1 file changed, 39 insertions(+) create mode 100755 bin/aws-iam-config-postsync-hook.sh diff --git a/bin/aws-iam-config-postsync-hook.sh b/bin/aws-iam-config-postsync-hook.sh new file mode 100755 index 0000000..d28f1fa --- /dev/null +++ b/bin/aws-iam-config-postsync-hook.sh @@ -0,0 +1,39 @@ +#!/usr/bin/env bash + +set -e + +RELEASE_NAME="${1:-aws-iam-config}" +NAMESPACE="${2:-capa-system}" +LIMIT="${3:-120}" + +GO_TEMPLATE=' + {{- range .items }} + {{- if not .status }}0{{- end }} + {{- range .status.conditions }} + {{- if ne .status "True" }}0{{- end }} + {{- end }} + {{- end -}} +' + +COUNT=1 + +K8S_API_GROUP="iam.services.k8s.aws" +K8S_RESOURCES=("group" "instanceprofile" "openidconnectprovider" "role" "policy" "user") +K8S_RESOURCES=("${K8S_RESOURCES[@]/%/.${K8S_API_GROUP}}") # add ".${K8S_API_GROUP}" suffix to each array item +# shellcheck disable=SC2178 +K8S_RESOURCES="$(IFS=,; echo "${K8S_RESOURCES[*]}")" # join array by "," + +while true; do + STATUS="$(kubectl -n "${NAMESPACE}" get "${K8S_RESOURCES}" -l "app.kubernetes.io/instance=${RELEASE_NAME}" -o "go-template=${GO_TEMPLATE}")" + if [[ "${STATUS}" != "" && "${COUNT}" -le "${LIMIT}" ]]; then + sleep 1 + ((++COUNT)) + elif [[ "${COUNT}" -gt "${LIMIT}" ]]; then + >2& echo "Limit exceeded." + exit 1 + else + echo + kubectl -n "${NAMESPACE}" get "${K8S_RESOURCES}" -l "app.kubernetes.io/instance=${RELEASE_NAME}" + break + fi +done From 98456d6ef0c9248d9aae468d9379196d0b3b634e Mon Sep 17 00:00:00 2001 From: Anton Novikov Date: Wed, 18 Dec 2024 19:07:53 +0100 Subject: [PATCH 2/2] Remove all spellcheck for BC. --- bin/aws-iam-config-postsync-hook.sh | 1 - bin/k8s-upgrade/rotate-linkerd-certs.sh | 1 - 2 files changed, 2 deletions(-) diff --git a/bin/aws-iam-config-postsync-hook.sh b/bin/aws-iam-config-postsync-hook.sh index d28f1fa..f9b4698 100755 --- a/bin/aws-iam-config-postsync-hook.sh +++ b/bin/aws-iam-config-postsync-hook.sh @@ -20,7 +20,6 @@ COUNT=1 K8S_API_GROUP="iam.services.k8s.aws" K8S_RESOURCES=("group" "instanceprofile" "openidconnectprovider" "role" "policy" "user") K8S_RESOURCES=("${K8S_RESOURCES[@]/%/.${K8S_API_GROUP}}") # add ".${K8S_API_GROUP}" suffix to each array item -# shellcheck disable=SC2178 K8S_RESOURCES="$(IFS=,; echo "${K8S_RESOURCES[*]}")" # join array by "," while true; do diff --git a/bin/k8s-upgrade/rotate-linkerd-certs.sh b/bin/k8s-upgrade/rotate-linkerd-certs.sh index 25286d5..6fe065f 100755 --- a/bin/k8s-upgrade/rotate-linkerd-certs.sh +++ b/bin/k8s-upgrade/rotate-linkerd-certs.sh @@ -3,7 +3,6 @@ set -e function detect_linkerd() { - # shellcheck disable=SC2016 KODJIN_LINKERD_STATUS="$(kubectl get deployment --namespace=fhir-server --output=yaml | \ yq '.items[] | select(.spec.template.metadata.annotations."linkerd.io/inject" == "'"${1}"'") | .metadata | .name as $n | .namespace += "="+$n | .namespace')" }