diff --git a/.gitignore b/.gitignore index ffd42789d7..96d5075f88 100644 --- a/.gitignore +++ b/.gitignore @@ -37,4 +37,6 @@ image/cli/mascli/gitops-mas-deploy.env.sh image/cli/mascli/fyre-dev.noble3.tgkc-env.sh image/cli/mascli/fyre-dev.noble3.tgkd-env.sh image/cli/mascli/gitops-mas-deploy-merged.sh -image/cli/mascli/tmp-suite-deprovision \ No newline at end of file +image/cli/mascli/tmp-suite-deprovision +image/cli/mascli/fyre-dev.noble3.tgke-env.sh +image/cli/mascli/tmp-mas-config diff --git a/image/cli/mascli/functions/gitops_db2u_jdbc_config b/image/cli/mascli/functions/gitops_db2u_jdbc_config deleted file mode 100644 index 24b79b377c..0000000000 --- a/image/cli/mascli/functions/gitops_db2u_jdbc_config +++ /dev/null @@ -1,407 +0,0 @@ -#!/usr/bin/env bash - -function gitops_db2u_jdbc_config_help() { - [[ -n "$1" ]] && echo_warning "$1" - reset_colors - cat << EOM -Usage: - mas gitops_db2u_jdbc_config [options] -Where ${COLOR_YELLOW}specified${TEXT_RESET} each option may also be defined by setting the appropriate environment variable. -When no options are specified on the command line, interactive-mode will be enabled by default. - -GitOps Configuration: - -d, --dir ${COLOR_YELLOW}GITOPS_WORKING_DIR${TEXT_RESET} Directory for GitOps repository - -g, --gitops-version ${COLOR_YELLOW}GITOPS_VERSION${TEXT_RESET} Version of ibm-mas/gitops to use - -a, --account-id ${COLOR_YELLOW}ACCOUNT_ID${TEXT_RESET} Account name that the cluster belongs to - -r, --region-id ${COLOR_YELLOW}CLUSTER_ID${TEXT_RESET} Region ID - -c, --cluster-id ${COLOR_YELLOW}CLUSTER_ID${TEXT_RESET} Cluster ID - -A, --argocd-check ${COLOR_YELLOW}ARGOCD_CHECK${TEXT_RESET} ArgoCD check flag, when set to true, will make ArgoCD calls - -IBM Maximo Application Suite: - -m, --mas-instance-id ${COLOR_YELLOW}MAS_INSTANCE_ID${TEXT_RESET} IBM Suite Maximo Application Suite Instance ID - --mas-app-id ${COLOR_YELLOW}MAS_APP_ID${TEXT_RESET} IBM Suite Maximo Application Suite App that will use this db2u instance - --mas-workspace-id ${COLOR_YELLOW}MAS_WORKSPACE_ID${TEXT_RESET} MAS WORKSPACE ID - -IBM DB2U: - --tls-version ${COLOR_YELLOW}TLS_VERSION${TEXT_RESET} TLS Version - --db2-ldap-username ${COLOR_YELLOW}DB2_LDAP_USERNAME${TEXT_RESET} DB2 LDAP Username to create - --db2-ldap-password ${COLOR_YELLOW}DB2_LDAP_PASSWORD${TEXT_RESET} DB2 LDAP Password to create - -IBM DB2U JDBC Configuration: - --mas-config-scope ${COLOR_YELLOW}MAS_CONFIG_SCOPE${TEXT_RESET} Supported values are 'system', 'ws', 'app', or 'wsapp' - -Secrets Manager: - --secrets-path ${COLOR_YELLOW}SECRETS_PATH${TEXT_RESET} Secrets Manager path - --secrets-key-seperator ${COLOR_YELLOW}SECRETS_KEY_SEPERATOR${TEXT_RESET} Secrets Manager key seperator string - -Automatic GitHub Push: - -P, --github-push ${COLOR_YELLOW}GITHUB_PUSH${TEXT_RESET} Enable automatic push to GitHub - -H, --github-host ${COLOR_YELLOW}GITHUB_HOST${TEXT_RESET} GitHub Hostname for your GitOps repository - -O, --github-org ${COLOR_YELLOW}GITHUB_ORG${TEXT_RESET} Github org for your GitOps repository - -R, --github-repo ${COLOR_YELLOW}GITHUB_REPO${TEXT_RESET} Github repo for your GitOps repository - -B, --git-branch ${COLOR_YELLOW}GIT_BRANCH${TEXT_RESET} Git branch to commit to of your GitOps repository - -M, --git-commit-msg ${COLOR_YELLOW}GIT_COMMIT_MSG${TEXT_RESET} Git commit message to use when committing to of your GitOps repository - -S , --github-ssh ${COLOR_YELLOW}GIT_SSH${TEXT_RESET} Git ssh key path - -Other Commands: - -h, --help Show this help message -EOM - [[ -n "$1" ]] && exit 1 || exit 0 -} - -function gitops_db2u_jdbc_config_noninteractive() { - GITOPS_WORKING_DIR=$PWD/working-dir - SECRETS_KEY_SEPERATOR="/" - GIT_COMMIT_MSG="gitops-db2u-jdbc-config commit" - export GITOPS_VERSION=${GITOPS_VERSION:-poc} - - # TODO: will need to add explicit args to pipeline when we start using this code to deploy to MCSP - export REGION=${REGION:-${SM_AWS_REGION}} - export CLUSTER_URL=${CLUSTER_URL:-"https://kubernetes.default.svc"} # use an in-cluster argocd worker (which fvtsaas does) - # alternatively for CLUSTER_URL, we could look it up from ArgoCD like this: - # export CLUSTER_URL - # argocd_get_cluster_url "${CLUSTER_ID}" "CLUSTER_URL" - - export ARGOCD_CHECK=${ARGOCD_CHECK:-"true"} - - while [[ $# -gt 0 ]] - do - key="$1" - shift - case $key in - # GitOps Configuration - -d|--dir) - export GITOPS_WORKING_DIR=$1 && shift - ;; - -g|--gitops-version) - export GITOPS_VERSION=$1 && shift - ;; - -a|--account-id) - export ACCOUNT_ID=$1 && shift - ;; - -c|--cluster-id) - export CLUSTER_ID=$1 && shift - ;; - -r|--region) - export REGION=$1 && shift - ;; - -u|--cluster-url) - export CLUSTER_URL=$1 && shift - ;; - -A|--argocd-check) - export ARGOCD_CHECK=$1 && shift - ;; - - # MAS - -m|--mas-instance-id) - export MAS_INSTANCE_ID=$1 && shift - ;; - -W|--mas-workspace-id) - export MAS_WORKSPACE_ID=$1 && shift - ;; - --mas-app-id) - export MAS_APP_ID=$1 && shift - ;; - --mas-config-scope) - export MAS_CONFIG_SCOPE=$1 && shift - ;; - - # Secrets Manager - --secrets-path) - export SECRETS_PATH=$1 && shift - ;; - --secrets-key-seperator) - export SECRETS_KEY_SEPERATOR=$1 && shift - ;; - - # DB2 - --tls-version ) - export TLS_VERSION=$1 && shift - ;; - --db2-ldap-username ) - export DB2_LDAP_USERNAME=$1 && shift - ;; - --db2-ldap-password ) - export DB2_LDAP_PASSWORD=$1 && shift - ;; - --db2-internal ) - export DB2_INTERNAL=$1 && shift - ;; - - # Automatic GitHub Push - -P|--github-push) - export GITHUB_PUSH=true - ;; - -H|--github-host) - export GITHUB_HOST=$1 && shift - ;; - -O|--github-org) - export GITHUB_ORG=$1 && shift - ;; - -R|--github-repo) - export GITHUB_REPO=$1 && shift - ;; - -B|--git-branch) - export GIT_BRANCH=$1 && shift - ;; - -M|--git-commit-msg) - export GIT_COMMIT_MSG=$1 && shift - ;; - -S|--github-ssh) - export GIT_SSH=$1 && shift - ;; - - # Other Commands - -h|--help) - gitops_db2u_jdbc_config_help - ;; - *) - # unknown option - echo -e "${COLOR_RED}Usage Error: Unsupported option \"${key}\"${COLOR_RESET}\n" - gitops_db2u_jdbc_config_help "Usage Error: Unsupported option \"${key}\" " - exit 1 - ;; - esac - done - - [[ -z "$SM_AWS_ACCESS_KEY_ID" ]] && gitops_db2u_jdbc_config_help "SM_AWS_ACCESS_KEY_ID is not set" - [[ -z "$SM_AWS_SECRET_ACCESS_KEY" ]] && gitops_db2u_jdbc_config_help "SM_AWS_SECRET_ACCESS_KEY is not set" - [[ -z "$SM_AWS_REGION" ]] && gitops_db2u_jdbc_config_help "SM_AWS_REGION is not set" - - [[ -z "$GITOPS_WORKING_DIR" ]] && gitops_db2u_jdbc_config_help "GITOPS_WORKING_DIR is not set" - [[ -z "$ACCOUNT_ID" ]] && gitops_db2u_jdbc_config_help "ACCOUNT_ID is not set" - [[ -z "$REGION" ]] && gitops_db2u_jdbc_config_help "REGION is not set" - [[ -z "$CLUSTER_ID" ]] && gitops_db2u_jdbc_config_help "CLUSTER_ID is not set" - - #MAS - [[ -z "$MAS_INSTANCE_ID" ]] && gitops_db2u_jdbc_config_help "MAS_INSTANCE_ID is not set" - [[ -z "$MAS_CONFIG_SCOPE" ]] && gitops_db2u_jdbc_config_help "MAS_CONFIG_SCOPE is not set" - if [[ "$MAS_CONFIG_SCOPE" == "wsapp" || "$MAS_CONFIG_SCOPE" == "ws" ]]; then - [[ -z "$MAS_WORKSPACE_ID" ]] && gitops_db2u_jdbc_config_help "MAS_WORKSPACE_ID is not set" - fi - [[ -z "$MAS_APP_ID" ]] && gitops_db2u_jdbc_config_help "MAS_APP_ID is not set" - - [[ -z "$DB2_LDAP_USERNAME" ]] && gitops_db2u_jdbc_config_help "DB2_LDAP_USERNAME is not set" - [[ -z "$DB2_LDAP_PASSWORD" ]] && gitops_db2u_jdbc_config_help "DB2_LDAP_PASSWORD is not set" - - if [[ "$GITHUB_PUSH" == "true" ]]; then - [[ -z "$GITHUB_HOST" ]] && gitops_db2u_jdbc_config_help "GITHUB_HOST is not set" - [[ -z "$GITHUB_ORG" ]] && gitops_db2u_jdbc_config_help "GITHUB_ORG is not set" - [[ -z "$GITHUB_REPO" ]] && gitops_db2u_jdbc_config_help "GITHUB_REPO is not set" - [[ -z "$GIT_BRANCH" ]] && gitops_db2u_jdbc_config_help "GIT_BRANCH is not set" - fi - -} - - -function gitops_db2u_jdbc_config() { - # Take the first parameter off (it will be create-gitops) - shift - if [[ $# -gt 0 ]]; then - gitops_db2u_jdbc_config_noninteractive "$@" - else - echo "Not supported yet" - exit 1 - gitops_db2u_jdbc_config_interactive - fi - - mkdir -p ${GITOPS_WORKING_DIR} - rm -rf $GITOPS_WORKING_DIR/$GITHUB_REPO - GITOPS_INSTANCE_DIR=${GITOPS_WORKING_DIR}/${GITHUB_REPO}/${ACCOUNT_ID}/${REGION}/${CLUSTER_ID}/${MAS_INSTANCE_ID} - - - #Defaults - if [[ -z $DB2_DBNAME ]]; then - export DB2_DBNAME=BLUDB - fi - export DB2_INSTANCE_NAME=db2wh-${MAS_INSTANCE_ID}-${MAS_APP_ID} - export DB2_NAMESPACE=db2u - export TLS_VERSION=${TLS_VERSION:-"TLSv1.2"} - # by default db2 internal is true, set it to false if db2 is external - export DB2_INTERNAL=${DB2_INTERNAL:-"true"} - - echo - reset_colors - echo_h2 "Review Settings " - - echo "${TEXT_DIM}" - echo_h2 "Target" " " - echo_reset_dim "Account ID ............................ ${COLOR_MAGENTA}${ACCOUNT_ID}" - echo_reset_dim "Region ................................ ${COLOR_MAGENTA}${REGION}" - echo_reset_dim "Cluster ID ............................ ${COLOR_MAGENTA}${CLUSTER_ID}" - echo_reset_dim "Config Directory ...................... ${COLOR_MAGENTA}${GITOPS_INSTANCE_DIR}" - echo_reset_dim "ArgoCD Check .......................... ${COLOR_MAGENTA}${ARGOCD_CHECK}" - - reset_colors - - echo "${TEXT_DIM}" - echo_h2 "GitOps Source" " " - echo_reset_dim "GitOps URL ............................ ${COLOR_MAGENTA}https://github.com/ibm-mas/gitops" - echo_reset_dim "GitOps Version ........................ ${COLOR_MAGENTA}${GITOPS_VERSION}" - reset_colors - - echo "${TEXT_DIM}" - if [[ "$GITHUB_PUSH" == "true" ]]; then - echo_h2 "GitOps Target" " " - echo_reset_dim "Automatic Push ........................ ${COLOR_GREEN}Enabled" - echo_reset_dim "Working Directory ..................... ${COLOR_MAGENTA}${GITOPS_WORKING_DIR}" - echo_reset_dim "Host .................................. ${COLOR_MAGENTA}${GITHUB_HOST}" - echo_reset_dim "Organization .......................... ${COLOR_MAGENTA}${GITHUB_ORG}" - echo_reset_dim "Repository ............................ ${COLOR_MAGENTA}${GITHUB_REPO}" - echo_reset_dim "Branch ................................ ${COLOR_MAGENTA}${GIT_BRANCH}" - else - echo_h2 "GitOps Target" " " - echo_reset_dim "Automatic Push ........................ ${COLOR_RED}Disabled" - echo_reset_dim "Working Directory ..................... ${COLOR_MAGENTA}${GITOPS_WORKING_DIR}" - fi - reset_colors - - echo "${TEXT_DIM}" - echo_h2 "Secrets Manager" " " - echo_reset_dim "Secrets Path ............................ ${COLOR_MAGENTA}${SECRETS_PATH}" - reset_colors - - echo "${TEXT_DIM}" - echo_h2 "IBM Maximo Application Suite" " " - echo_reset_dim "MAS Instance ID ......................... ${COLOR_MAGENTA}${MAS_INSTANCE_ID}" - echo_reset_dim "MAS_CONFIG_SCOPE ........................ ${COLOR_MAGENTA}${MAS_CONFIG_SCOPE}" - echo_reset_dim "MAS_WORKSPACE_ID ........................ ${COLOR_MAGENTA}${MAS_WORKSPACE_ID}" - echo_reset_dim "MAS_APP_ID .............................. ${COLOR_MAGENTA}${MAS_APP_ID}" - reset_colors - - echo "${TEXT_DIM}" - echo_h2 "DB2 Cluster Configuration" " " - echo_reset_dim "db2-instance-name ....................... ${COLOR_MAGENTA}${DB2_INSTANCE_NAME}" - echo_reset_dim "db2-dbname ............................. ${COLOR_MAGENTA}${DB2_DBNAME}" - echo_reset_dim "TLS_VERSION ............................. ${COLOR_MAGENTA}${TLS_VERSION}" - echo_reset_dim "DB2_LDAP_USERNAME ....................... ${COLOR_MAGENTA}${DB2_LDAP_USERNAME}" - echo_reset_dim "DB2_LDAP_PASSWORD ....................... ${COLOR_MAGENTA}${DB2_LDAP_PASSWORD:0:4}" - reset_colors - - - AVP_TYPE=aws # Support for IBM will be added later - sm_login - - - CURRENT_DIR=$PWD - TEMP_DIR=$CURRENT_DIR/tmp-db2u-jdbc-config - mkdir -p $TEMP_DIR - - - if [ -z $GIT_SSH ]; then - export GIT_SSH=false - fi - # Clone github target repo - # --------------------------------------------------------------------------- - if [ "$GITHUB_PUSH" == "true" ]; then - echo - echo_h2 "Cloning GitHub repo $GITHUB_ORG $GITHUB_REPO" - clone_target_git_repo $GITHUB_HOST $GITHUB_ORG $GITHUB_REPO $GIT_BRANCH $GITOPS_WORKING_DIR $GIT_SSH - fi - mkdir -p ${GITOPS_INSTANCE_DIR} - - - # Generate ArgoApps - # --------------------------------------------------------------------------- - echo - echo_h2 "Generating DB2U JDBC Configuraton" - - - echo - if [[ "$MAS_CONFIG_SCOPE" == "app" ]]; then - echo_reset_dim "${COLOR_RED} App-level JDBC configuration not supported yet" - exit 1 - elif [[ "$MAS_CONFIG_SCOPE" == "system" ]]; then - export SUITE_JDBCCFG_NAME="system.ibm-mas-jdbc-config" - export JDBCCFG_DIR="${GITOPS_INSTANCE_DIR}/configs" - export JDBCCFG_FILENAME="${SUITE_JDBCCFG_NAME}.yaml" - export JDBCCFG_TEMPLATE="$CLI_DIR/templates/gitops/appset-configs/cluster/instance/configs/ibm-mas-jdbc-config.yaml.j2" - elif [[ "$MAS_CONFIG_SCOPE" == "ws" ]]; then - echo_reset_dim "${COLOR_RED} Workspace-level JDBC configuration not supported yet" - exit 1 - elif [[ "$MAS_CONFIG_SCOPE" == "wsapp" ]]; then - export SUITE_JDBCCFG_NAME="wsapp.${MAS_WORKSPACE_ID}.${MAS_APP_ID}.ibm-mas-jdbc-config" - export JDBCCFG_DIR="${GITOPS_INSTANCE_DIR}/configs" - export JDBCCFG_FILENAME="${SUITE_JDBCCFG_NAME}.yaml" - export JDBCCFG_TEMPLATE="$CLI_DIR/templates/gitops/appset-configs/cluster/instance/configs/ibm-mas-jdbc-config.yaml.j2" - fi - - mkdir -p "${JDBCCFG_DIR}" - - - # Create a secret in SM containing the username/password for this specific DB2 database instance. - # A presync hook on the jdbccfg chart will take care of ensuring the user added to the database's LDAP registry - export DB2_CREDENTIALS_SECRET_ID=${ACCOUNT_ID}${SECRETS_KEY_SEPERATOR}${CLUSTER_ID}${SECRETS_KEY_SEPERATOR}${MAS_INSTANCE_ID}${SECRETS_KEY_SEPERATOR}db2${SECRETS_KEY_SEPERATOR}${DB2_INSTANCE_NAME}${SECRETS_KEY_SEPERATOR}credentials - echo_reset_dim "DB2_CREDENTIALS_SECRET_ID ......................... ${COLOR_MAGENTA}$DB2_CREDENTIALS_SECRET_ID" - sm_update_secret $DB2_CREDENTIALS_SECRET_ID "{ \"username\": \"$DB2_LDAP_USERNAME\", \"password\": \"$DB2_LDAP_PASSWORD\"}" - export SECRET_KEY_DB2_USERNAME=${DB2_CREDENTIALS_SECRET_ID}#username - export SECRET_KEY_DB2_PASSWORD=${DB2_CREDENTIALS_SECRET_ID}#password - - - # Fetch the CA and target port for the instance set by the postsync job in the ibm-db2u-database chart - # Note: these aren't really secrets, so we can safely fetch them here and embed them in the generated config file as plaintext. - # We just use SM as a means for passing this runtime-generated value from the cluster as a workaround for the fact that we cannot interact with the cluster directly here. - # See https://jsw.ibm.com/browse/MASCORE-1425 - export DB2_CONFIG_SECRET_ID=${ACCOUNT_ID}${SECRETS_KEY_SEPERATOR}${CLUSTER_ID}${SECRETS_KEY_SEPERATOR}${MAS_INSTANCE_ID}${SECRETS_KEY_SEPERATOR}db2${SECRETS_KEY_SEPERATOR}${DB2_INSTANCE_NAME}${SECRETS_KEY_SEPERATOR}config - export SECRET_KEY_DB2_CA_PEM=${DB2_CONFIG_SECRET_ID}#ca_b64 - export SECRET_KEY_DB2_TLS_SERVICEPORT=${DB2_CONFIG_SECRET_ID}#tls_serviceport - - echo_reset_dim "......................................... ${COLOR_MAGENTA}" - echo_reset_dim "" - echo_reset_dim "DB2_INSTANCE_NAME ....................... ${COLOR_MAGENTA}${DB2_INSTANCE_NAME}" - echo_reset_dim "DB2_NAMESPACE ........................... ${COLOR_MAGENTA}$DB2_NAMESPACE" - echo_reset_dim "DB2_DBNAME .............................. ${COLOR_MAGENTA}$DB2_DBNAME" - echo_reset_dim "TLS_VERSION ............................. ${COLOR_MAGENTA}$TLS_VERSION" - echo_reset_dim "SUITE_JDBCCFG_NAME ...................... ${COLOR_MAGENTA}$SUITE_JDBCCFG_NAME" - echo_reset_dim "JDBCCFG_DIR ............................. ${COLOR_MAGENTA}$JDBCCFG_DIR" - echo_reset_dim "JDBCCFG_FILENAME ........................ ${COLOR_MAGENTA}$JDBCCFG_FILENAME" - echo_reset_dim "......................................... ${COLOR_MAGENTA}" - echo_reset_dim "" - reset_colors - - - echo - echo_reset_dim "Generating DB2U JDBC Config file ${JDBCCFG_DIR}/${JDBCCFG_FILENAME}" - jinja -X .+ $JDBCCFG_TEMPLATE -o "${JDBCCFG_DIR}/${JDBCCFG_FILENAME}" - - # Commit and push to github target repo - # --------------------------------------------------------------------------- - if [ "$GITHUB_PUSH" == "true" ]; then - echo - echo_h2 "Commit and push changes to GitHub repo $GITHUB_ORG $GITHUB_REPO" - save_to_target_git_repo $GITHUB_HOST $GITHUB_ORG $GITHUB_REPO $GIT_BRANCH $GITOPS_INSTANCE_DIR "${GIT_COMMIT_MSG}" - - if [ "${ARGOCD_CHECK}" == "true" ]; then - argocd_login - - if [[ "$MAS_CONFIG_SCOPE" == "system" ]]; then - CLUSTER_ROOT_APP="cluster.${ACCOUNT_ID}.${REGION}.${CLUSTER_ID}" - INSTANCE_ROOT_APP="instance.${ACCOUNT_ID}.${REGION}.${CLUSTER_ID}.${MAS_INSTANCE_ID}" - JDBC_CONFIG_APP="${MAS_INSTANCE_ID}-jdbc-system.${ACCOUNT_ID}.${REGION}.${CLUSTER_ID}.${MAS_INSTANCE_ID}" - argocd_sync "${INSTANCE_ROOT_APP}" ## trigger the config appset to pick up the new config files - check_argo_app_synced "${INSTANCE_ROOT_APP}" "${CLUSTER_ROOT_APP}" # wait for the instance root app to sync - - argocd_hard_refresh "${JDBC_CONFIG_APP}" - check_argo_app_synced "${JDBC_CONFIG_APP}" "${INSTANCE_ROOT_APP}" - check_argo_app_healthy "${JDBC_CONFIG_APP}" "${INSTANCE_ROOT_APP}" - elif [[ "$MAS_CONFIG_SCOPE" == "wsapp" ]]; then - - CLUSTER_ROOT_APP="cluster.${ACCOUNT_ID}.${REGION}.${CLUSTER_ID}" - INSTANCE_ROOT_APP="instance.${ACCOUNT_ID}.${REGION}.${CLUSTER_ID}.${MAS_INSTANCE_ID}" - JDBC_CONFIG_APP="${MAS_INSTANCE_ID}-jdbc-wsapp-${MAS_WORKSPACE_ID}-${MAS_APP_ID}-configs.${ACCOUNT_ID}.${REGION}.${CLUSTER_ID}.${MAS_INSTANCE_ID}" - argocd_sync "${INSTANCE_ROOT_APP}" # trigger the config appset to pick up the new config files - check_argo_app_synced "${INSTANCE_ROOT_APP}" "${CLUSTER_ROOT_APP}" # wait for the instance root app to sync - - argocd_hard_refresh "${JDBC_CONFIG_APP}" - check_argo_app_synced "${JDBC_CONFIG_APP}" "${INSTANCE_ROOT_APP}" - check_argo_app_healthy "${JDBC_CONFIG_APP}" "${INSTANCE_ROOT_APP}" - fi - - fi - - fi - if [ "$GITHUB_PUSH" == "true" ]; then - remove_git_repo_clone $GITOPS_WORKING_DIR/$GITHUB_REPO - fi - exit 0 -} diff --git a/image/cli/mascli/functions/gitops_delete_kafka_config b/image/cli/mascli/functions/gitops_delete_kafka_config deleted file mode 100644 index 91f9b3c7be..0000000000 --- a/image/cli/mascli/functions/gitops_delete_kafka_config +++ /dev/null @@ -1,253 +0,0 @@ -#!/usr/bin/env bash - -function gitops_delete_kafka_config_help() { - [[ -n "$1" ]] && echo_warning "$1" - reset_colors - cat << EOM -Usage: - mas gitops_delete_kafka_config [options] -Where ${COLOR_YELLOW}specified${TEXT_RESET} each option may also be defined by setting the appropriate environment variable. -When no options are specified on the command line, interactive-mode will be enabled by default. - -Options: - -GitOps Configuration: - -d, --dir ${COLOR_YELLOW}GITOPS_WORKING_DIR${TEXT_RESET} Working directory for GitOps repository - -g, --gitops-version ${COLOR_YELLOW}GITOPS_VERSION${TEXT_RESET} Version of ibm-mas/gitops to use - -a, --account-id ${COLOR_YELLOW}ACCOUNT_ID${TEXT_RESET} Account name that the cluster belongs to - -r, --region-id ${COLOR_YELLOW}CLUSTER_ID${TEXT_RESET} Region ID - -c, --cluster-id ${COLOR_YELLOW}CLUSTER_ID${TEXT_RESET} Cluster ID - -m, --mas-instance-id ${COLOR_YELLOW}MAS_INSTANCE_ID${TEXT_RESET} IBM Suite Maximo Application Suite Instance ID - -A, --argocd-check ${COLOR_YELLOW}ARGOCD_CHECK${TEXT_RESET} ArgoCD check flag, when set to true will make ArgoCD calls - -Secrets Manager: - --secrets-path ${COLOR_YELLOW}SECRETS_PATH${TEXT_RESET} Secrets Manager path - --secrets-key-seperator ${COLOR_YELLOW}SECRETS_KEY_SEPERATOR${TEXT_RESET} Secrets Manager key seperator string - - -Automatic GitHub Push: - -P, --github-push ${COLOR_YELLOW}GITHUB_PUSH${TEXT_RESET} Enable automatic push to GitHub - -H, --github-host ${COLOR_YELLOW}GITHUB_HOST${TEXT_RESET} GitHub Hostname for your GitOps repository - -O, --github-org ${COLOR_YELLOW}GITHUB_ORG${TEXT_RESET} Github org for your GitOps repository - -R, --github-repo ${COLOR_YELLOW}GITHUB_REPO${TEXT_RESET} Github repo for your GitOps repository - -B, --git-branch ${COLOR_YELLOW}GIT_BRANCH${TEXT_RESET} Git branch to commit to of your GitOps repository - -M, --git-commit-msg ${COLOR_YELLOW}GIT_COMMIT_MSG${TEXT_RESET} Git commit message to use when committing to of your GitOps repository - -S , --github-ssh ${COLOR_YELLOW}GIT_SSH${TEXT_RESET} Git ssh key path - -Other Commands: - -h, --help Show this help message -EOM - [[ -n "$1" ]] && exit 1 || exit 0 -} - -function gitops_delete_kafka_config_noninteractive() { - GITOPS_WORKING_DIR=$PWD/working-dir - SECRETS_KEY_SEPERATOR="/" - GIT_COMMIT_MSG="gitops-delete-kafka-config commit" - export GITOPS_VERSION=${GITOPS_VERSION:-poc} - - export REGION=${REGION:-${SM_AWS_REGION}} - export ARGOCD_CHECK=${ARGOCD_CHECK:-"true"} - - while [[ $# -gt 0 ]] - do - key="$1" - shift - case $key in - -d|--dir) - export GITOPS_WORKING_DIR=$1 && shift - ;; - -g|--gitops-version) - export GITOPS_VERSION=$1 && shift - ;; - -a|--account-id) - export ACCOUNT_ID=$1 && shift - ;; - -c|--cluster-id) - export CLUSTER_ID=$1 && shift - ;; - -r|--region-id) - export REGION=$1 && shift - ;; - -m|--mas-instance-id) - export MAS_INSTANCE_ID=$1 && shift - ;; - -A|--argocd-check) - export ARGOCD_CHECK=$1 && shift - ;; - - # Secrets Manager - --secrets-path) - export SECRETS_PATH=$1 && shift - ;; - --secrets-key-seperator) - export SECRETS_KEY_SEPERATOR=$1 && shift - ;; - - # Automatic GitHub Push - -P|--github-push) - export GITHUB_PUSH=true - ;; - -H|--github-host) - export GITHUB_HOST=$1 && shift - ;; - -O|--github-org) - export GITHUB_ORG=$1 && shift - ;; - -R|--github-repo) - export GITHUB_REPO=$1 && shift - ;; - -B|--git-branch) - export GIT_BRANCH=$1 && shift - ;; - -M|--git-commit-msg) - export GIT_COMMIT_MSG=$1 && shift - ;; - -S|--github-ssh) - export GIT_SSH=$1 && shift - ;; - - -h|--help) - gitops_delete_kafka_config_help - ;; - *) - # unknown option - echo -e "${COLOR_RED}Usage Error: Unsupported option \"${key}\"${COLOR_RESET}\n" - gitops_delete_kafka_config_help "Usage Error: Unsupported option \"${key}\" " - exit 1 - ;; - esac - done - - [[ -z "$GITOPS_WORKING_DIR" ]] && gitops_delete_kafka_config_help "GITOPS_WORKING_DIR is not set" - [[ -z "$GITOPS_VERSION" ]] && gitops_delete_kafka_config_help "GITOPS_VERSION is not set" - [[ -z "$CLUSTER_ID" ]] && gitops_delete_kafka_config_help "CLUSTER_ID is not set" - [[ -z "$REGION" ]] && gitops_delete_kafka_config_help "REGION is not set" - [[ -z "$MAS_INSTANCE_ID" ]] && gitops_delete_kafka_config_help "MAS_INSTANCE_ID is not set" - [[ -z "$ACCOUNT_ID" ]] && gitops_delete_kafka_config_help "ACCOUNT_ID is not set" - if [[ "$GITHUB_PUSH" == "true" ]]; then - [[ -z "$GITHUB_HOST" ]] && gitops_delete_kafka_config_help "GITHUB_HOST is not set" - [[ -z "$GITHUB_ORG" ]] && gitops_delete_kafka_config_help "GITHUB_ORG is not set" - [[ -z "$GITHUB_REPO" ]] && gitops_delete_kafka_config_help "GITHUB_REPO is not set" - [[ -z "$GIT_BRANCH" ]] && gitops_delete_kafka_config_help "GIT_BRANCH is not set" - fi -} - -function gitops_delete_kafka_config() { - # Take the first parameter off (it will be create-gitops) - shift - if [[ $# -gt 0 ]]; then - gitops_delete_kafka_config_noninteractive "$@" - else - echo "Not supported yet" - exit 1 - gitops_delete_kafka_config_interactive - fi - - rm -rf ${GITOPS_WORKING_DIR} - mkdir -p ${GITOPS_WORKING_DIR} - GITOPS_INSTANCE_DIR=${GITOPS_WORKING_DIR}/${GITHUB_REPO}/${ACCOUNT_ID}/${REGION}/${CLUSTER_ID}/${MAS_INSTANCE_ID}/configs - - echo - reset_colors - echo_h2 "Review Settings" - - echo "${TEXT_DIM}" - echo_h2 "Target" " " - echo_reset_dim "Account ID ............................ ${COLOR_MAGENTA}${ACCOUNT_ID}" - echo_reset_dim "Region ID ............................. ${COLOR_MAGENTA}${REGION}" - echo_reset_dim "Cluster ID ............................ ${COLOR_MAGENTA}${CLUSTER_ID}" - echo_reset_dim "Application Directory ................. ${COLOR_MAGENTA}${GITOPS_INSTANCE_DIR}" - echo_reset_dim "ArgoCD Check .......................... ${COLOR_MAGENTA}${ARGOCD_CHECK}" - reset_colors - - echo "${TEXT_DIM}" - echo_h2 "Secrets Manager" " " - echo_reset_dim "Secrets Path .......................... ${COLOR_MAGENTA}${SECRETS_PATH}" - reset_colors - - echo "${TEXT_DIM}" - echo_h2 "GitOps Source" " " - echo_reset_dim "GitOps URL ............................ ${COLOR_MAGENTA}https://github.com/ibm-mas/gitops" - echo_reset_dim "GitOps Version ........................ ${COLOR_MAGENTA}${GITOPS_VERSION}" - reset_colors - - echo "${TEXT_DIM}" - if [[ "$GITHUB_PUSH" == "true" ]]; then - echo_h2 "GitOps Target" " " - echo_reset_dim "Automatic Push ........................ ${COLOR_GREEN}Enabled" - echo_reset_dim "Working Directory ..................... ${COLOR_MAGENTA}${GITOPS_WORKING_DIR}" - echo_reset_dim "Host .................................. ${COLOR_MAGENTA}${GITHUB_HOST}" - echo_reset_dim "Organization .......................... ${COLOR_MAGENTA}${GITHUB_ORG}" - echo_reset_dim "Repository ............................ ${COLOR_MAGENTA}${GITHUB_REPO}" - echo_reset_dim "Branch ................................ ${COLOR_MAGENTA}${GIT_BRANCH}" - else - echo_h2 "GitOps Target" " " - echo_reset_dim "Automatic Push ........................ ${COLOR_RED}Disabled" - echo_reset_dim "Working Directory ..................... ${COLOR_MAGENTA}${GITOPS_WORKING_DIR}" - fi - reset_colors - - echo "${TEXT_DIM}" - echo_h2 "IBM Maximo Application Suite" " " - echo_reset_dim "Instance ID ........................... ${COLOR_MAGENTA}${MAS_INSTANCE_ID}" - reset_colors - - - # Instance level Kafka secrets to delete - # --------------------------------------------------------------------------- - echo - echo_h2 "Configuring Instance level Kafka secrets to delete" - AVP_TYPE=aws # Support for IBM will be added later - sm_login - if [[ "$AVP_TYPE" == "aws" ]]; then - # kafka - export SECRET_PREFIX="AmazonMSK_" - fi - export AWS_MSK_SECRET=${SECRET_PREFIX}${ACCOUNT_ID}${SECRETS_KEY_SEPERATOR}${CLUSTER_ID}${SECRETS_KEY_SEPERATOR}${MAS_INSTANCE_ID}${SECRETS_KEY_SEPERATOR}kafka - - # Delete AWS MSK secret for this MAS Instance - # --------------------------------------------------------------------------- - echo -e "Deleting AWS MSK secret $AWS_MSK_SECRET" - sm_delete_secret $AWS_MSK_SECRET - - if [ -z $GIT_SSH ]; then - export GIT_SSH="false" - fi - - # Clone github target repo - # --------------------------------------------------------------------------- - if [ "$GITHUB_PUSH" == "true" ]; then - echo - echo_h2 "Cloning GitHub repo $GITHUB_ORG $GITHUB_REPO" - clone_target_git_repo $GITHUB_HOST $GITHUB_ORG $GITHUB_REPO $GIT_BRANCH $GITOPS_WORKING_DIR $GIT_SSH - fi - mkdir -p ${GITOPS_INSTANCE_DIR} - - # Delete ArgoApps - # --------------------------------------------------------------------------- - # Per MAS instance - rm ${GITOPS_INSTANCE_DIR}/system.ibm-mas-kafka-config.yaml - - # Commit and push to github target repo - # --------------------------------------------------------------------------- - if [ "$GITHUB_PUSH" == "true" ]; then - echo - echo_h2 "Commit and push changes to GitHub repo $GITHUB_ORG $GITHUB_REPO" - save_to_target_git_repo $GITHUB_HOST $GITHUB_ORG $GITHUB_REPO $GIT_BRANCH $GITOPS_INSTANCE_DIR "${GIT_COMMIT_MSG}" - remove_git_repo_clone $GITOPS_WORKING_DIR/$GITHUB_REPO - - if [ "${ARGOCD_CHECK}" == "true" ]; then - INSTANCE_ROOT_APP="instance.${ACCOUNT_ID}.${REGION}.${CLUSTER_ID}.${MAS_INSTANCE_ID}" - KAFKA_CONFIG_APP="system-kafka.${ACCOUNT_ID}.${REGION}.${CLUSTER_ID}.${MAS_INSTANCE_ID}" - - argocd_login - argocd_prune_sync "${INSTANCE_ROOT_APP}" ## trigger the config app set to notice the deletion of the config file - - check_argo_app_deleted ${KAFKA_CONFIG_APP} "mas" - fi - - fi - - -} diff --git a/image/cli/mascli/functions/gitops_deprovision_suite_config b/image/cli/mascli/functions/gitops_deprovision_suite_config deleted file mode 100644 index c0e5eb3b97..0000000000 --- a/image/cli/mascli/functions/gitops_deprovision_suite_config +++ /dev/null @@ -1,407 +0,0 @@ -#!/usr/bin/env bash - -function gitops_deprovision_suite_config_help() { - [[ -n "$1" ]] && echo_warning "$1" - reset_colors - cat << EOM -Usage: - mas gitops_deprovision_suite_config [options] -Where ${COLOR_YELLOW}specified${TEXT_RESET} each option may also be defined by setting the appropriate environment variable. -When no options are specified on the command line, interactive-mode will be enabled by default. - -Options: - -GitOps Configuration: - -d, --dir ${COLOR_YELLOW}GITOPS_WORKING_DIR${TEXT_RESET} Working directory for GitOps repository - -g, --gitops-version ${COLOR_YELLOW}GITOPS_VERSION${TEXT_RESET} Version of ibm-mas/gitops to use - -a, --account-id ${COLOR_YELLOW}ACCOUNT_ID${TEXT_RESET} Account name that the cluster belongs to - -r, --region-id ${COLOR_YELLOW}CLUSTER_ID${TEXT_RESET} Region ID - -c, --cluster-id ${COLOR_YELLOW}CLUSTER_ID${TEXT_RESET} Cluster ID - -m, --mas-instance-id ${COLOR_YELLOW}MAS_INSTANCE_ID${TEXT_RESET} IBM Suite Maximo Application Suite Instance ID - -f, --force-removal ${COLOR_YELLOW}FORCE_REMOVAL${TEXT_RESET} Force remove the ArgoCD Application, when deletion exceeds timeout - -A, --argocd-check ${COLOR_YELLOW}ARGOCD_CHECK${TEXT_RESET} ArgoCD check flag, when set to true will make ArgoCD calls - -Secrets Manager: - --secrets-path ${COLOR_YELLOW}SECRETS_PATH${TEXT_RESET} Secrets Manager path - --secrets-key-seperator ${COLOR_YELLOW}SECRETS_KEY_SEPERATOR${TEXT_RESET} Secrets Manager key seperator string - -Automatic GitHub Push: - -P, --github-push ${COLOR_YELLOW}GITHUB_PUSH${TEXT_RESET} Enable automatic push to GitHub - -H, --github-host ${COLOR_YELLOW}GITHUB_HOST${TEXT_RESET} GitHub Hostname for your GitOps repository - -O, --github-org ${COLOR_YELLOW}GITHUB_ORG${TEXT_RESET} Github org for your GitOps repository - -R, --github-repo ${COLOR_YELLOW}GITHUB_REPO${TEXT_RESET} Github repo for your GitOps repository - -B, --git-branch ${COLOR_YELLOW}GIT_BRANCH${TEXT_RESET} Git branch to commit to of your GitOps repository - -M, --git-commit-msg ${COLOR_YELLOW}GIT_COMMIT_MSG${TEXT_RESET} Git commit message to use when committing to of your GitOps repository - -S , --github-ssh ${COLOR_YELLOW}GIT_SSH${TEXT_RESET} Git ssh key path - -Other Commands: - -h, --help Show this help message -EOM - [[ -n "$1" ]] && exit 1 || exit 0 -} - -function gitops_deprovision_suite_config_noninteractive() { - GITOPS_WORKING_DIR=$PWD/working-dir - SECRETS_KEY_SEPERATOR="/" - GIT_COMMIT_MSG="gitops-deprovision-suite-config commit" - export GITOPS_VERSION=${GITOPS_VERSION:-poc} - - export REGION=${REGION:-${SM_AWS_REGION}} - export ARGOCD_CHECK=${ARGOCD_CHECK:-"true"} - - while [[ $# -gt 0 ]] - do - key="$1" - shift - case $key in - -d|--dir) - export GITOPS_WORKING_DIR=$1 && shift - ;; - -g|--gitops-version) - export GITOPS_VERSION=$1 && shift - ;; - -a|--account-id) - export ACCOUNT_ID=$1 && shift - ;; - -r|--region-id) - export REGION=$1 && shift - ;; - -c|--cluster-id) - export CLUSTER_ID=$1 && shift - ;; - -m|--mas-instance-id) - export MAS_INSTANCE_ID=$1 && shift - ;; - -f|--force-removal) - export FORCE_REMOVAL=$1 && shift - ;; - # Secrets Manager - --secrets-path) - export SECRETS_PATH=$1 && shift - ;; - --secrets-key-seperator) - export SECRETS_KEY_SEPERATOR=$1 && shift - ;; - -A|--argocd-check) - export ARGOCD_CHECK=$1 && shift - ;; - - # Automatic GitHub Push - -P|--github-push) - export GITHUB_PUSH=true - ;; - -H|--github-host) - export GITHUB_HOST=$1 && shift - ;; - -O|--github-org) - export GITHUB_ORG=$1 && shift - ;; - -R|--github-repo) - export GITHUB_REPO=$1 && shift - ;; - -B|--git-branch) - export GIT_BRANCH=$1 && shift - ;; - -M|--git-commit-msg) - export GIT_COMMIT_MSG=$1 && shift - ;; - -S|--github-ssh) - export GIT_SSH=$1 && shift - ;; - - -h|--help) - gitops_deprovision_suite_config_help - ;; - *) - # unknown option - echo -e "${COLOR_RED}Usage Error: Unsupported option \"${key}\"${COLOR_RESET}\n" - gitops_deprovision_suite_config_help "Usage Error: Unsupported option \"${key}\" " - exit 1 - ;; - esac - done - - [[ -z "$GITOPS_WORKING_DIR" ]] && gitops_deprovision_suite_config_help "GITOPS_WORKING_DIR is not set" - [[ -z "$GITOPS_VERSION" ]] && gitops_deprovision_suite_config_help "GITOPS_VERSION is not set" - [[ -z "$CLUSTER_ID" ]] && gitops_deprovision_suite_config_help "CLUSTER_ID is not set" - [[ -z "$REGION" ]] && gitops_deprovision_suite_config_help "REGION is not set" - [[ -z "$ACCOUNT_ID" ]] && gitops_deprovision_suite_config_help "ACCOUNT_ID is not set" - if [[ "$GITHUB_PUSH" == "true" ]]; then - [[ -z "$GITHUB_HOST" ]] && gitops_deprovision_suite_config_help "GITHUB_HOST is not set" - [[ -z "$GITHUB_ORG" ]] && gitops_deprovision_suite_config_help "GITHUB_ORG is not set" - [[ -z "$GITHUB_REPO" ]] && gitops_deprovision_suite_config_help "GITHUB_REPO is not set" - [[ -z "$GIT_BRANCH" ]] && gitops_deprovision_suite_config_help "GIT_BRANCH is not set" - fi -} - -function gitops_deprovision_suite_config() { - # Take the first parameter off (it will be create-gitops) - shift - if [[ $# -gt 0 ]]; then - gitops_deprovision_suite_config_noninteractive "$@" - else - echo "Not supported yet" - exit 1 - gitops_deprovision_suite_config_interactive - fi - - mkdir -p ${GITOPS_WORKING_DIR} - GITOPS_INSTANCE_DIR=${GITOPS_WORKING_DIR}/${GITHUB_REPO}/${ACCOUNT_ID}/${REGION}/${CLUSTER_ID}/${MAS_INSTANCE_ID}/configs - - echo - reset_colors - echo_h2 "Review Settings" - - echo "${TEXT_DIM}" - echo_h2 "Target" " " - echo_reset_dim "Account ID............................. ${COLOR_MAGENTA}${ACCOUNT_ID}" - echo_reset_dim "Region ID ............................. ${COLOR_MAGENTA}${REGION}" - echo_reset_dim "Cluster ID ............................ ${COLOR_MAGENTA}${CLUSTER_ID}" - echo_reset_dim "Application Directory ................. ${COLOR_MAGENTA}${GITOPS_INSTANCE_DIR}" - echo_reset_dim "Force Remove Application Flag ......... ${COLOR_MAGENTA}${FORCE_REMOVAL}" - echo_reset_dim "ArgoCD Check .......................... ${COLOR_MAGENTA}${ARGOCD_CHECK}" - reset_colors - - echo "${TEXT_DIM}" - echo_h2 "Secrets Manager" " " - echo_reset_dim "Secrets Path .......................... ${COLOR_MAGENTA}${SECRETS_PATH}" - reset_colors - - echo "${TEXT_DIM}" - echo_h2 "GitOps Source" " " - echo_reset_dim "GitOps URL ............................ ${COLOR_MAGENTA}https://github.com/ibm-mas/gitops" - echo_reset_dim "GitOps Version ........................ ${COLOR_MAGENTA}${GITOPS_VERSION}" - reset_colors - - echo "${TEXT_DIM}" - if [[ "$GITHUB_PUSH" == "true" ]]; then - echo_h2 "GitOps Target" " " - echo_reset_dim "Automatic Push ........................ ${COLOR_GREEN}Enabled" - echo_reset_dim "Working Directory ..................... ${COLOR_MAGENTA}${GITOPS_WORKING_DIR}" - echo_reset_dim "Host .................................. ${COLOR_MAGENTA}${GITHUB_HOST}" - echo_reset_dim "Organization .......................... ${COLOR_MAGENTA}${GITHUB_ORG}" - echo_reset_dim "Repository ............................ ${COLOR_MAGENTA}${GITHUB_REPO}" - echo_reset_dim "Branch ................................ ${COLOR_MAGENTA}${GIT_BRANCH}" - else - echo_h2 "GitOps Target" " " - echo_reset_dim "Automatic Push ........................ ${COLOR_RED}Disabled" - echo_reset_dim "Working Directory ..................... ${COLOR_MAGENTA}${GITOPS_WORKING_DIR}" - fi - reset_colors - - echo "${TEXT_DIM}" - echo_h2 "IBM Suite License Service" " " - echo_reset_dim "SLS URL .............................. ${COLOR_MAGENTA}https://sls.mas-${MAS_INSTANCE_ID}-sls.svc" - reset_colors - - echo "${TEXT_DIM}" - echo_h2 "IBM Maximo Application Suite" " " - echo_reset_dim "Instance ID ........................... ${COLOR_MAGENTA}${MAS_INSTANCE_ID}" - reset_colors - - # Get the cluster-level secrets used - # --------------------------------------------------------------------------- - CURRENT_DIR=$PWD - TEMP_DIR=$CURRENT_DIR/tmp-suite-config-deprovision - rm -rf $TEMP_DIR - mkdir -p $TEMP_DIR - - sm_login - - # Instance-level secrets to delete - # --------------------------------------------------------------------------- - export SECRET_NAME_SLS=${ACCOUNT_ID}${SECRETS_KEY_SEPERATOR}${CLUSTER_ID}${SECRETS_KEY_SEPERATOR}${MAS_INSTANCE_ID}${SECRETS_KEY_SEPERATOR}sls - - # Delete SLS Registration key for this MAS Instance - # --------------------------------------------------------------------------- - echo " Deleting $SECRET_NAME_SLS" - sm_delete_secret $SECRET_NAME_SLS - - if [ -z $GIT_SSH ]; then - export GIT_SSH="false" - fi - - - # Clone github target repo - # --------------------------------------------------------------------------- - if [ "$GITHUB_PUSH" == "true" ]; then - echo - echo_h2 "Cloning GitHub repo $GITHUB_ORG $GITHUB_REPO" - clone_target_git_repo $GITHUB_HOST $GITHUB_ORG $GITHUB_REPO $GIT_BRANCH $GITOPS_WORKING_DIR $GIT_SSH - fi - mkdir -p ${GITOPS_INSTANCE_DIR} - - - if [[ "$GITHUB_PUSH" == "true" && "${ARGOCD_CHECK}" == "true" ]]; then - argocd_login - fi - - - # Append the ;delete: true' flag iff the config file exists and the flag is not in there already - - # TODO: move this logic into a function for re-use - maybe even into gitops_utils for use in all the deprovision scripts - if [[ -f "${GITOPS_INSTANCE_DIR}/wsapp-masdev-manage.ibm-mas-jdbc-config.yaml" ]]; then - if [[ -z $(grep '^delete: true$' ${GITOPS_INSTANCE_DIR}/wsapp-masdev-manage.ibm-mas-jdbc-config.yaml) ]]; then - echo "Adding delete: true flag to config" - echo -e "\n\ndelete: true" >> ${GITOPS_INSTANCE_DIR}/wsapp-masdev-manage.ibm-mas-jdbc-config.yaml - - # Commit and push to github target repo - # --------------------------------------------------------------------------- - if [ "$GITHUB_PUSH" == "true" ]; then - echo - echo_h2 "Commit and push changes to GitHub repo $GITHUB_ORG $GITHUB_REPO" - save_to_target_git_repo $GITHUB_HOST $GITHUB_ORG $GITHUB_REPO $GIT_BRANCH $GITOPS_INSTANCE_DIR "${GIT_COMMIT_MSG}" - - if [ "${ARGOCD_CHECK}" == "true" ]; then - WSAPP_JDBC_CONFIG_APP="${MAS_INSTANCE_ID}-jdbc-wsapp-${MAS_WORKSPACE_ID}-${MAS_APP_ID}-configs.${ACCOUNT_ID}.${REGION}.${CLUSTER_ID}.${MAS_INSTANCE_ID}" - - argocd_sync "${WSAPP_JDBC_CONFIG_APP}" # Trigger the cleanup job to run - - # wait for it to finish syncing now the delete: true flag has been set - check_argo_app_synced "${WSAPP_JDBC_CONFIG_APP}" - # once synced, the CR will have been deleted and we can move on - fi - fi - fi - fi - - if [[ -f "${GITOPS_INSTANCE_DIR}/system.ibm-mas-jdbc-config.yaml" ]]; then - if [[ -z $(grep '^delete: true$' ${GITOPS_INSTANCE_DIR}/system.ibm-mas-jdbc-config.yaml) ]]; then - echo "Adding delete: true flag to config" - echo -e "\n\ndelete: true" >> ${GITOPS_INSTANCE_DIR}/system.ibm-mas-jdbc-config.yaml - - # Commit and push to github target repo - # --------------------------------------------------------------------------- - if [ "$GITHUB_PUSH" == "true" ]; then - echo - echo_h2 "Commit and push changes to GitHub repo $GITHUB_ORG $GITHUB_REPO" - save_to_target_git_repo $GITHUB_HOST $GITHUB_ORG $GITHUB_REPO $GIT_BRANCH $GITOPS_INSTANCE_DIR "${GIT_COMMIT_MSG}" - - if [ "${ARGOCD_CHECK}" == "true" ]; then - SYSTEM_JDBC_CONFIG_APP="${MAS_INSTANCE_ID}-jdbc-system.${ACCOUNT_ID}.${REGION}.${CLUSTER_ID}.${MAS_INSTANCE_ID}" - - argocd_sync "${SYSTEM_JDBC_CONFIG_APP}" # Trigger the cleanup job to run - - # wait for it to finish syncing now the delete: true flag has been set - check_argo_app_synced "${SYSTEM_JDBC_CONFIG_APP}" - # once synced, the CR will have been deleted and we can move on - fi - fi - fi - fi - - if [[ -f "${GITOPS_INSTANCE_DIR}/system.ibm-mas-sls-config.yaml" ]]; then - if [[ -z $(grep '^delete: true$' ${GITOPS_INSTANCE_DIR}/system.ibm-mas-sls-config.yaml) ]]; then - echo "Adding delete: true flag to config" - echo -e "\n\ndelete: true" >> ${GITOPS_INSTANCE_DIR}/system.ibm-mas-sls-config.yaml - - # Commit and push to github target repo - # --------------------------------------------------------------------------- - if [ "$GITHUB_PUSH" == "true" ]; then - echo - echo_h2 "Commit and push changes to GitHub repo $GITHUB_ORG $GITHUB_REPO" - save_to_target_git_repo $GITHUB_HOST $GITHUB_ORG $GITHUB_REPO $GIT_BRANCH $GITOPS_INSTANCE_DIR "${GIT_COMMIT_MSG}" - - if [ "${ARGOCD_CHECK}" == "true" ]; then - SLS_CONFIG_APP="${MAS_INSTANCE_ID}-sls-system.${ACCOUNT_ID}.${REGION}.${CLUSTER_ID}.${MAS_INSTANCE_ID}" - - argocd_sync "${SLS_CONFIG_APP}" # Trigger the cleanup job to run - - # wait for it to finish syncing now the delete: true flag has been set - check_argo_app_synced "${SLS_CONFIG_APP}" - # once synced, the CR will have been deleted and we can move on - fi - fi - fi - fi - - - if [[ -f "${GITOPS_INSTANCE_DIR}/system.ibm-mas-mongo-config.yaml" ]]; then - if [[ -z $(grep '^delete: true$' ${GITOPS_INSTANCE_DIR}/system.ibm-mas-mongo-config.yaml) ]]; then - echo "Adding delete: true flag to config" - echo -e "\n\ndelete: true" >> ${GITOPS_INSTANCE_DIR}/system.ibm-mas-mongo-config.yaml - - # Commit and push to github target repo - # --------------------------------------------------------------------------- - if [ "$GITHUB_PUSH" == "true" ]; then - echo - echo_h2 "Commit and push changes to GitHub repo $GITHUB_ORG $GITHUB_REPO" - save_to_target_git_repo $GITHUB_HOST $GITHUB_ORG $GITHUB_REPO $GIT_BRANCH $GITOPS_INSTANCE_DIR "${GIT_COMMIT_MSG}" - - if [ "${ARGOCD_CHECK}" == "true" ]; then - MONGO_CONFIG_APP="${MAS_INSTANCE_ID}-mongo-system.${ACCOUNT_ID}.${REGION}.${CLUSTER_ID}.${MAS_INSTANCE_ID}" - - argocd_sync "${MONGO_CONFIG_APP}" # Trigger the cleanup job to run - - # wait for it to finish syncing now the delete: true flag has been set - check_argo_app_synced "${MONGO_CONFIG_APP}" - # once synced, the CR will have been deleted and we can move on - fi - fi - fi - fi - - if [[ -f "${GITOPS_INSTANCE_DIR}/system.ibm-mas-bas-config.yaml" ]]; then - if [[ -z $(grep '^delete: true$' ${GITOPS_INSTANCE_DIR}/system.ibm-mas-bas-config.yaml) ]]; then - echo "Adding delete: true flag to config" - echo -e "\n\ndelete: true" >> ${GITOPS_INSTANCE_DIR}/system.ibm-mas-bas-config.yaml - - # Commit and push to github target repo - # --------------------------------------------------------------------------- - if [ "$GITHUB_PUSH" == "true" ]; then - echo - echo_h2 "Commit and push changes to GitHub repo $GITHUB_ORG $GITHUB_REPO" - save_to_target_git_repo $GITHUB_HOST $GITHUB_ORG $GITHUB_REPO $GIT_BRANCH $GITOPS_INSTANCE_DIR "${GIT_COMMIT_MSG}" - - if [ "${ARGOCD_CHECK}" == "true" ]; then - BAS_CONFIG_APP="${MAS_INSTANCE_ID}-bas-system.${ACCOUNT_ID}.${REGION}.${CLUSTER_ID}.${MAS_INSTANCE_ID}" - - argocd_sync "${BAS_CONFIG_APP}" # Trigger the cleanup job to run - - # wait for it to finish syncing now the delete: true flag has been set - check_argo_app_synced "${BAS_CONFIG_APP}" - # once synced, the CR will have been deleted and we can move on - fi - fi - fi - fi - - # Delete config file that triggers system-configs ArgoCD application to render charts for this config type - # --------------------------------------------------------------------------- - rm ${GITOPS_INSTANCE_DIR}/wsapp-masdev-manage.ibm-mas-jdbc-config.yaml - rm ${GITOPS_INSTANCE_DIR}/system.ibm-mas-jdbc-config.yaml - rm ${GITOPS_INSTANCE_DIR}/system.ibm-mas-sls-config.yaml - rm ${GITOPS_INSTANCE_DIR}/system.ibm-mas-mongo-config.yaml - rm ${GITOPS_INSTANCE_DIR}/system.ibm-mas-bas-config.yaml - - # Commit and push to github target repo - # --------------------------------------------------------------------------- - if [ "$GITHUB_PUSH" == "true" ]; then - echo - echo_h2 "Commit and push changes to GitHub repo $GITHUB_ORG $GITHUB_REPO" - save_to_target_git_repo $GITHUB_HOST $GITHUB_ORG $GITHUB_REPO $GIT_BRANCH $GITOPS_INSTANCE_DIR "${GIT_COMMIT_MSG}" - remove_git_repo_clone $GITOPS_WORKING_DIR/$GITHUB_REPO - - if [ "${ARGOCD_CHECK}" == "true" ]; then - INSTANCE_ROOT_APP="instance.${ACCOUNT_ID}.${REGION}.${CLUSTER_ID}.${MAS_INSTANCE_ID}" - - # TODO: currently hard-coded to support only the known system/wsapp JDBC bindings - WSAPP_JDBC_CONFIG_APP="${MAS_INSTANCE_ID}-jdbc-wsapp-${MAS_WORKSPACE_ID}-${MAS_APP_ID}-configs.${ACCOUNT_ID}.${REGION}.${CLUSTER_ID}.${MAS_INSTANCE_ID}" - SYSTEM_JDBC_CONFIG_APP="${MAS_INSTANCE_ID}-jdbc-system.${ACCOUNT_ID}.${REGION}.${CLUSTER_ID}.${MAS_INSTANCE_ID}" - MONGO_CONFIG_APP="${MAS_INSTANCE_ID}-mongo-system.${ACCOUNT_ID}.${REGION}.${CLUSTER_ID}.${MAS_INSTANCE_ID}" - BAS_CONFIG_APP="${MAS_INSTANCE_ID}-bas-system.${ACCOUNT_ID}.${REGION}.${CLUSTER_ID}.${MAS_INSTANCE_ID}" - SLS_CONFIG_APP="${MAS_INSTANCE_ID}-sls-system.${ACCOUNT_ID}.${REGION}.${CLUSTER_ID}.${MAS_INSTANCE_ID}" - - argocd_login - argocd_prune_sync "${INSTANCE_ROOT_APP}" ## trigger the config app set to notice the deletion of the config file - - check_argo_app_deleted ${WSAPP_JDBC_CONFIG_APP} "mas" - check_argo_app_deleted ${SYSTEM_JDBC_CONFIG_APP} "mas" - check_argo_app_deleted ${MONGO_CONFIG_APP} "mas" - check_argo_app_deleted ${BAS_CONFIG_APP} "mas" - check_argo_app_deleted ${SLS_CONFIG_APP} "mas" - fi - - - fi -} diff --git a/image/cli/mascli/functions/gitops_deprovision_suite_idp_config b/image/cli/mascli/functions/gitops_deprovision_suite_idp_config deleted file mode 100644 index 4b3b6d0f3c..0000000000 --- a/image/cli/mascli/functions/gitops_deprovision_suite_idp_config +++ /dev/null @@ -1,289 +0,0 @@ -#!/usr/bin/env bash - -function gitops_deprovision_suite_idp_config_help() { - [[ -n "$1" ]] && echo_warning "$1" - reset_colors - cat << EOM -Usage: - mas gitops_deprovision_suite_idp_config [options] -Where ${COLOR_YELLOW}specified${TEXT_RESET} each option may also be defined by setting the appropriate environment variable. -When no options are specified on the command line, interactive-mode will be enabled by default. - -Options: - -GitOps Configuration: - -d, --dir ${COLOR_YELLOW}GITOPS_WORKING_DIR${TEXT_RESET} Working directory for GitOps repository - -g, --gitops-version ${COLOR_YELLOW}GITOPS_VERSION${TEXT_RESET} Version of ibm-mas/gitops to use - -a, --account-id ${COLOR_YELLOW}ACCOUNT_ID${TEXT_RESET} Account name that the cluster belongs to - -r, --region-id ${COLOR_YELLOW}CLUSTER_ID${TEXT_RESET} Region ID - -c, --cluster-id ${COLOR_YELLOW}CLUSTER_ID${TEXT_RESET} Cluster ID - -m, --mas-instance-id ${COLOR_YELLOW}MAS_INSTANCE_ID${TEXT_RESET} IBM Suite Maximo Application Suite Instance ID - -f, --force-removal ${COLOR_YELLOW}FORCE_REMOVAL${TEXT_RESET} Force remove the ArgoCD Application, when deletion exceeds timeout - -A, --argocd-check ${COLOR_YELLOW}ARGOCD_CHECK${TEXT_RESET} ArgoCD check flag, when set to true will make ArgoCD calls - -Secrets Manager: - --secrets-path ${COLOR_YELLOW}SECRETS_PATH${TEXT_RESET} Secrets Manager path - --secrets-key-seperator ${COLOR_YELLOW}SECRETS_KEY_SEPERATOR${TEXT_RESET} Secrets Manager key seperator string - - -Automatic GitHub Push: - -P, --github-push ${COLOR_YELLOW}GITHUB_PUSH${TEXT_RESET} Enable automatic push to GitHub - -H, --github-host ${COLOR_YELLOW}GITHUB_HOST${TEXT_RESET} GitHub Hostname for your GitOps repository - -O, --github-org ${COLOR_YELLOW}GITHUB_ORG${TEXT_RESET} Github org for your GitOps repository - -R, --github-repo ${COLOR_YELLOW}GITHUB_REPO${TEXT_RESET} Github repo for your GitOps repository - -B, --git-branch ${COLOR_YELLOW}GIT_BRANCH${TEXT_RESET} Git branch to commit to of your GitOps repository - -M, --git-commit-msg ${COLOR_YELLOW}GIT_COMMIT_MSG${TEXT_RESET} Git commit message to use when committing to of your GitOps repository - -S , --github-ssh ${COLOR_YELLOW}GIT_SSH${TEXT_RESET} Git ssh key path - -Other Commands: - -h, --help Show this help message -EOM - [[ -n "$1" ]] && exit 1 || exit 0 -} - -function gitops_deprovision_suite_idp_config_noninteractive() { - GITOPS_WORKING_DIR=$PWD/working-dir - SECRETS_KEY_SEPERATOR="/" - GIT_COMMIT_MSG="gitops-deprovision-mas-idp-config commit" - export GITOPS_VERSION=${GITOPS_VERSION:-poc} - - export REGION=${REGION:-${SM_AWS_REGION}} - export ARGOCD_CHECK=${ARGOCD_CHECK:-"true"} - - while [[ $# -gt 0 ]] - do - key="$1" - shift - case $key in - -d|--dir) - export GITOPS_WORKING_DIR=$1 && shift - ;; - -g|--gitops-version) - export GITOPS_VERSION=$1 && shift - ;; - -a|--account-id) - export ACCOUNT_ID=$1 && shift - ;; - -r|--region-id) - export REGION=$1 && shift - ;; - -c|--cluster-id) - export CLUSTER_ID=$1 && shift - ;; - -m|--mas-instance-id) - export MAS_INSTANCE_ID=$1 && shift - ;; - -f|--force-removal) - export FORCE_REMOVAL=$1 && shift - ;; - -A|--argocd-check) - export ARGOCD_CHECK=$1 && shift - ;; - - # Secrets Manager - --secrets-path) - export SECRETS_PATH=$1 && shift - ;; - --secrets-key-seperator) - export SECRETS_KEY_SEPERATOR=$1 && shift - ;; - - # Automatic GitHub Push - -P|--github-push) - export GITHUB_PUSH=true - ;; - -H|--github-host) - export GITHUB_HOST=$1 && shift - ;; - -O|--github-org) - export GITHUB_ORG=$1 && shift - ;; - -R|--github-repo) - export GITHUB_REPO=$1 && shift - ;; - -B|--git-branch) - export GIT_BRANCH=$1 && shift - ;; - -M|--git-commit-msg) - export GIT_COMMIT_MSG=$1 && shift - ;; - -S|--github-ssh) - export GIT_SSH=$1 && shift - ;; - - -h|--help) - gitops_deprovision_suite_idp_config_help - ;; - *) - # unknown option - echo -e "${COLOR_RED}Usage Error: Unsupported option \"${key}\"${COLOR_RESET}\n" - gitops_deprovision_suite_idp_config_help "Usage Error: Unsupported option \"${key}\" " - exit 1 - ;; - esac - done - - [[ -z "$GITOPS_WORKING_DIR" ]] && gitops_deprovision_suite_idp_config_help "GITOPS_WORKING_DIR is not set" - [[ -z "$GITOPS_VERSION" ]] && gitops_deprovision_suite_idp_config_help "GITOPS_VERSION is not set" - [[ -z "$CLUSTER_ID" ]] && gitops_deprovision_suite_idp_config_help "CLUSTER_ID is not set" - [[ -z "$REGION" ]] && gitops_deprovision_suite_idp_config_help "REGION is not set" - [[ -z "$ACCOUNT_ID" ]] && gitops_deprovision_suite_idp_config_help "ACCOUNT_ID is not set" - if [[ "$GITHUB_PUSH" == "true" ]]; then - [[ -z "$GITHUB_HOST" ]] && gitops_deprovision_suite_idp_config_help "GITHUB_HOST is not set" - [[ -z "$GITHUB_ORG" ]] && gitops_deprovision_suite_idp_config_help "GITHUB_ORG is not set" - [[ -z "$GITHUB_REPO" ]] && gitops_deprovision_suite_idp_config_help "GITHUB_REPO is not set" - [[ -z "$GIT_BRANCH" ]] && gitops_deprovision_suite_idp_config_help "GIT_BRANCH is not set" - fi - -} - -function gitops_deprovision_suite_idp_config() { - # Take the first parameter off (it will be create-gitops) - shift - if [[ $# -gt 0 ]]; then - gitops_deprovision_suite_idp_config_noninteractive "$@" - else - echo "Not supported yet" - exit 1 - gitops_deprovision_suite_idp_config_interactive - fi - - mkdir -p ${GITOPS_WORKING_DIR} - GITOPS_INSTANCE_DIR=${GITOPS_WORKING_DIR}/${GITHUB_REPO}/${ACCOUNT_ID}/${REGION}/${CLUSTER_ID}/${MAS_INSTANCE_ID}/configs - - echo - reset_colors - echo_h2 "Review Settings" - - echo "${TEXT_DIM}" - echo_h2 "Target" " " - echo_reset_dim "Account ID............................. ${COLOR_MAGENTA}${ACCOUNT_ID}" - echo_reset_dim "Region ID ............................. ${COLOR_MAGENTA}${REGION}" - echo_reset_dim "Cluster ID ............................ ${COLOR_MAGENTA}${CLUSTER_ID}" - echo_reset_dim "Application Directory ................. ${COLOR_MAGENTA}${GITOPS_INSTANCE_DIR}" - echo_reset_dim "Force Remove Application Flag ......... ${COLOR_MAGENTA}${FORCE_REMOVAL}" - echo_reset_dim "ArgoCD Check .......................... ${COLOR_MAGENTA}${ARGOCD_CHECK}" - reset_colors - - echo "${TEXT_DIM}" - echo_h2 "Secrets Manager" " " - echo_reset_dim "Secrets Path .......................... ${COLOR_MAGENTA}${SECRETS_PATH}" - reset_colors - - echo "${TEXT_DIM}" - echo_h2 "GitOps Source" " " - echo_reset_dim "GitOps URL ............................ ${COLOR_MAGENTA}https://github.com/ibm-mas/gitops" - echo_reset_dim "GitOps Version ........................ ${COLOR_MAGENTA}${GITOPS_VERSION}" - reset_colors - - echo "${TEXT_DIM}" - if [[ "$GITHUB_PUSH" == "true" ]]; then - echo_h2 "GitOps Target" " " - echo_reset_dim "Automatic Push ........................ ${COLOR_GREEN}Enabled" - echo_reset_dim "Working Directory ..................... ${COLOR_MAGENTA}${GITOPS_WORKING_DIR}" - echo_reset_dim "Host .................................. ${COLOR_MAGENTA}${GITHUB_HOST}" - echo_reset_dim "Organization .......................... ${COLOR_MAGENTA}${GITHUB_ORG}" - echo_reset_dim "Repository ............................ ${COLOR_MAGENTA}${GITHUB_REPO}" - echo_reset_dim "Branch ................................ ${COLOR_MAGENTA}${GIT_BRANCH}" - else - echo_h2 "GitOps Target" " " - echo_reset_dim "Automatic Push ........................ ${COLOR_RED}Disabled" - echo_reset_dim "Working Directory ..................... ${COLOR_MAGENTA}${GITOPS_WORKING_DIR}" - fi - reset_colors - - echo "${TEXT_DIM}" - echo_h2 "IBM Maximo Application Suite" " " - echo_reset_dim "Instance ID ........................... ${COLOR_MAGENTA}${MAS_INSTANCE_ID}" - reset_colors - - # Set up Suite secrets - # --------------------------------------------------------------------------- - echo - echo_h2 "Configuring Suite secrets" - AVP_TYPE=aws # Support for IBM will be added later - sm_login - - # Instance-level secret to delete - # --------------------------------------------------------------------------- - SECRET_NAME_LDAP=${SECRET_PREFIX}${ACCOUNT_ID}${SECRETS_KEY_SEPERATOR}${CLUSTER_ID}${SECRETS_KEY_SEPERATOR}${MAS_INSTANCE_ID}${SECRETS_KEY_SEPERATOR}ldap - - # Delete Instance level secret - # --------------------------------------------------------------------------- - echo " Deleting $SECRET_NAME_LDAP" - sm_delete_secret $SECRET_NAME_LDAP - - if [ -z $GIT_SSH ]; then - export GIT_SSH="false" - fi - - # Clone github target repo - # --------------------------------------------------------------------------- - if [ "$GITHUB_PUSH" == "true" ]; then - echo - echo_h2 "Cloning GitHub repo $GITHUB_ORG $GITHUB_REPO" - clone_target_git_repo $GITHUB_HOST $GITHUB_ORG $GITHUB_REPO $GIT_BRANCH $GITOPS_WORKING_DIR $GIT_SSH - fi - mkdir -p ${GITOPS_INSTANCE_DIR} - - - # Because the CR has an owner (Suite), ArgoCD won't cleanup the CR when the application is removed, - # so we need to call oc delete ourselves (and we have to do this from within the cluster itself as our deprovision scripts cannot access oc directly. - # For now, as a temporary solution: conditionally render templates containing a Job that deletes the CR when the "delete" flag is set by our provision scripts - # prior to deletion of the config itself. - # TODO: change to OnDelete hook once we have access to ArgoCD 2.10 - # See https://jsw.ibm.com/browse/MASCORE-1643 - - if [[ "$GITHUB_PUSH" == "true" && "${ARGOCD_CHECK}" == "true" ]]; then - argocd_login - fi - - # Append the ;delete: true' flag iff the config file exists and the flag is not in there already - if [[ -f "${GITOPS_INSTANCE_DIR}/system.ibm-mas-idp-config.yaml" ]]; then - if [[ -z $(grep '^delete: true$' ${GITOPS_INSTANCE_DIR}/system.ibm-mas-idp-config.yaml) ]]; then - echo "Adding delete: true flag to config" - echo -e "\n\ndelete: true" >> ${GITOPS_INSTANCE_DIR}/system.ibm-mas-idp-config.yaml - - # Commit and push to github target repo - # --------------------------------------------------------------------------- - if [ "$GITHUB_PUSH" == "true" ]; then - echo - echo_h2 "Commit and push changes to GitHub repo $GITHUB_ORG $GITHUB_REPO" - save_to_target_git_repo $GITHUB_HOST $GITHUB_ORG $GITHUB_REPO $GIT_BRANCH $GITOPS_INSTANCE_DIR "${GIT_COMMIT_MSG}" - - if [ "${ARGOCD_CHECK}" == "true" ]; then - IDP_CONFIG_APP="${MAS_INSTANCE_ID}-ldap-default-system.${ACCOUNT_ID}.${REGION}.${CLUSTER_ID}.${MAS_INSTANCE_ID}" - - argocd_sync "${IDP_CONFIG_APP}" # Trigger the cleanup job to run - - # wait for it to finish syncing now the delete: true flag has been set - check_argo_app_synced "${IDP_CONFIG_APP}" - # once synced, the CR will have been deleted and we can move on - fi - fi - fi - fi - - # Delete config file that triggers system-configs ArgoCD application to render charts for this config type - # --------------------------------------------------------------------------- - rm ${GITOPS_INSTANCE_DIR}/system.ibm-mas-idp-config.yaml - - # Commit and push to github target repo - # --------------------------------------------------------------------------- - if [ "$GITHUB_PUSH" == "true" ]; then - echo - echo_h2 "Commit and push changes to GitHub repo $GITHUB_ORG $GITHUB_REPO" - save_to_target_git_repo $GITHUB_HOST $GITHUB_ORG $GITHUB_REPO $GIT_BRANCH $GITOPS_INSTANCE_DIR "${GIT_COMMIT_MSG}" - remove_git_repo_clone $GITOPS_WORKING_DIR/$GITHUB_REPO - - if [ "${ARGOCD_CHECK}" == "true" ]; then - INSTANCE_ROOT_APP="instance.${ACCOUNT_ID}.${REGION}.${CLUSTER_ID}.${MAS_INSTANCE_ID}" - IDP_CONFIG_APP="${MAS_INSTANCE_ID}-ldap-default-system.${ACCOUNT_ID}.${REGION}.${CLUSTER_ID}.${MAS_INSTANCE_ID}" - - argocd_login - argocd_prune_sync "${INSTANCE_ROOT_APP}" ## trigger the config appset to notice the deletion of the config file - - check_argo_app_deleted ${IDP_CONFIG_APP} "mas" - fi - fi -} diff --git a/image/cli/mascli/functions/gitops_deprovision_suite_objectstorage_config b/image/cli/mascli/functions/gitops_deprovision_suite_objectstorage_config deleted file mode 100644 index 91f3eb4670..0000000000 --- a/image/cli/mascli/functions/gitops_deprovision_suite_objectstorage_config +++ /dev/null @@ -1,254 +0,0 @@ -#!/usr/bin/env bash - -function gitops_deprovision_suite_objectstorage_config_help() { - [[ -n "$1" ]] && echo_warning "$1" - reset_colors - cat << EOM -Usage: - mas gitops_deprovision_suite_objectstorage_config [options] -Where ${COLOR_YELLOW}specified${TEXT_RESET} each option may also be defined by setting the appropriate environment variable. -When no options are specified on the command line, interactive-mode will be enabled by default. - -Options: - -GitOps Configuration: - -d, --dir ${COLOR_YELLOW}GITOPS_WORKING_DIR${TEXT_RESET} Working directory for GitOps repository - -g, --gitops-version ${COLOR_YELLOW}GITOPS_VERSION${TEXT_RESET} Version of ibm-mas/gitops to use - -a, --account-id ${COLOR_YELLOW}ACCOUNT_ID${TEXT_RESET} Account name that the cluster belongs to - -r, --region-id ${COLOR_YELLOW}CLUSTER_ID${TEXT_RESET} Region ID - -c, --cluster-id ${COLOR_YELLOW}CLUSTER_ID${TEXT_RESET} Cluster ID - -m, --mas-instance-id ${COLOR_YELLOW}MAS_INSTANCE_ID${TEXT_RESET} IBM Suite Maximo Application Suite Instance ID - -f, --force-removal ${COLOR_YELLOW}FORCE_REMOVAL${TEXT_RESET} Force remove the ArgoCD Application, when deletion exceeds timeout - -A, --argocd-check ${COLOR_YELLOW}ARGOCD_CHECK${TEXT_RESET} ArgoCD check flag, when set to true will make ArgoCD calls - -Secrets Manager: - --secrets-path ${COLOR_YELLOW}SECRETS_PATH${TEXT_RESET} Secrets Manager path - --secrets-key-seperator ${COLOR_YELLOW}SECRETS_KEY_SEPERATOR${TEXT_RESET} Secrets Manager key seperator string - -Automatic GitHub Push: - -P, --github-push ${COLOR_YELLOW}GITHUB_PUSH${TEXT_RESET} Enable automatic push to GitHub - -H, --github-host ${COLOR_YELLOW}GITHUB_HOST${TEXT_RESET} GitHub Hostname for your GitOps repository - -O, --github-org ${COLOR_YELLOW}GITHUB_ORG${TEXT_RESET} Github org for your GitOps repository - -R, --github-repo ${COLOR_YELLOW}GITHUB_REPO${TEXT_RESET} Github repo for your GitOps repository - -B, --git-branch ${COLOR_YELLOW}GIT_BRANCH${TEXT_RESET} Git branch to commit to of your GitOps repository - -M, --git-commit-msg ${COLOR_YELLOW}GIT_COMMIT_MSG${TEXT_RESET} Git commit message to use when committing to of your GitOps repository - -S , --github-ssh ${COLOR_YELLOW}GIT_SSH${TEXT_RESET} Git ssh key path - -Other Commands: - -h, --help Show this help message -EOM - [[ -n "$1" ]] && exit 1 || exit 0 -} - -function gitops_deprovision_suite_objectstorage_config_noninteractive() { - GITOPS_WORKING_DIR=$PWD/working-dir - SECRETS_KEY_SEPERATOR="/" - GIT_COMMIT_MSG="gitops-deprovision-objectstorage-config commit" - export GITOPS_VERSION=${GITOPS_VERSION:-poc} - - export REGION=${REGION:-${SM_AWS_REGION}} - export ARGOCD_CHECK=${ARGOCD_CHECK:-"true"} - - while [[ $# -gt 0 ]] - do - key="$1" - shift - case $key in - -d|--dir) - export GITOPS_WORKING_DIR=$1 && shift - ;; - -g|--gitops-version) - export GITOPS_VERSION=$1 && shift - ;; - -a|--account-id) - export ACCOUNT_ID=$1 && shift - ;; - -r|--region-id) - export REGION=$1 && shift - ;; - -c|--cluster-id) - export CLUSTER_ID=$1 && shift - ;; - -m|--mas-instance-id) - export MAS_INSTANCE_ID=$1 && shift - ;; - -f|--force-removal) - export FORCE_REMOVAL=$1 && shift - ;; - -A|--argocd-check) - export ARGOCD_CHECK=$1 && shift - ;; - - # Secrets Manager - --secrets-path) - export SECRETS_PATH=$1 && shift - ;; - --secrets-key-seperator) - export SECRETS_KEY_SEPERATOR=$1 && shift - ;; - - # Automatic GitHub Push - -P|--github-push) - export GITHUB_PUSH=true - ;; - -H|--github-host) - export GITHUB_HOST=$1 && shift - ;; - -O|--github-org) - export GITHUB_ORG=$1 && shift - ;; - -R|--github-repo) - export GITHUB_REPO=$1 && shift - ;; - -B|--git-branch) - export GIT_BRANCH=$1 && shift - ;; - -M|--git-commit-msg) - export GIT_COMMIT_MSG=$1 && shift - ;; - -S|--github-ssh) - export GIT_SSH=$1 && shift - ;; - - -h|--help) - gitops_deprovision_suite_objectstorage_config_help - ;; - *) - # unknown option - echo -e "${COLOR_RED}Usage Error: Unsupported option \"${key}\"${COLOR_RESET}\n" - gitops_deprovision_suite_objectstorage_config_help "Usage Error: Unsupported option \"${key}\" " - exit 1 - ;; - esac - done - - [[ -z "$GITOPS_WORKING_DIR" ]] && gitops_deprovision_suite_objectstorage_config_help "GITOPS_WORKING_DIR is not set" - [[ -z "$GITOPS_VERSION" ]] && gitops_deprovision_suite_objectstorage_config_help "GITOPS_VERSION is not set" - [[ -z "$CLUSTER_ID" ]] && gitops_deprovision_suite_objectstorage_config_help "CLUSTER_ID is not set" - [[ -z "$REGION" ]] && gitops_deprovision_suite_objectstorage_config_help "REGION is not set" - [[ -z "$ACCOUNT_ID" ]] && gitops_deprovision_suite_objectstorage_config_help "ACCOUNT_ID is not set" - if [[ "$GITHUB_PUSH" == "true" ]]; then - [[ -z "$GITHUB_HOST" ]] && gitops_deprovision_suite_objectstorage_config_help "GITHUB_HOST is not set" - [[ -z "$GITHUB_ORG" ]] && gitops_deprovision_suite_objectstorage_config_help "GITHUB_ORG is not set" - [[ -z "$GITHUB_REPO" ]] && gitops_deprovision_suite_objectstorage_config_help "GITHUB_REPO is not set" - [[ -z "$GIT_BRANCH" ]] && gitops_deprovision_suite_objectstorage_config_help "GIT_BRANCH is not set" - fi -} - -function gitops_deprovision_suite_objectstorage_config() { - # Take the first parameter off (it will be create-gitops) - shift - if [[ $# -gt 0 ]]; then - gitops_deprovision_suite_objectstorage_config_noninteractive "$@" - else - echo "Not supported yet" - exit 1 - gitops_deprovision_suite_objectstorage_config_interactive - fi - rm -rf ${GITOPS_WORKING_DIR} - mkdir -p ${GITOPS_WORKING_DIR} - GITOPS_INSTANCE_DIR=${GITOPS_WORKING_DIR}/${GITHUB_REPO}/${ACCOUNT_ID}/${REGION}/${CLUSTER_ID}/${MAS_INSTANCE_ID}/configs - - echo - reset_colors - echo_h2 "Review Settings" - - echo "${TEXT_DIM}" - echo_h2 "Target" " " - echo_reset_dim "Account ID ............................ ${COLOR_MAGENTA}${ACCOUNT_ID}" - echo_reset_dim "Region ID ............................. ${COLOR_MAGENTA}${REGION}" - echo_reset_dim "Cluster ID ............................ ${COLOR_MAGENTA}${CLUSTER_ID}" - echo_reset_dim "Application Directory ................. ${COLOR_MAGENTA}${GITOPS_INSTANCE_DIR}" - echo_reset_dim "Force Remove Application Flag ......... ${COLOR_MAGENTA}${FORCE_REMOVAL}" - echo_reset_dim "ArgoCD Check .......................... ${COLOR_MAGENTA}${ARGOCD_CHECK}" - reset_colors - - echo "${TEXT_DIM}" - echo_h2 "Secrets Manager" " " - echo_reset_dim "Secrets Path .......................... ${COLOR_MAGENTA}${SECRETS_PATH}" - reset_colors - - echo "${TEXT_DIM}" - echo_h2 "GitOps Source" " " - echo_reset_dim "GitOps URL ............................ ${COLOR_MAGENTA}https://github.com/ibm-mas/gitops" - echo_reset_dim "GitOps Version ........................ ${COLOR_MAGENTA}${GITOPS_VERSION}" - reset_colors - - echo "${TEXT_DIM}" - if [[ "$GITHUB_PUSH" == "true" ]]; then - echo_h2 "GitOps Target" " " - echo_reset_dim "Automatic Push ........................ ${COLOR_GREEN}Enabled" - echo_reset_dim "Working Directory ..................... ${COLOR_MAGENTA}${GITOPS_WORKING_DIR}" - echo_reset_dim "Host .................................. ${COLOR_MAGENTA}${GITHUB_HOST}" - echo_reset_dim "Organization .......................... ${COLOR_MAGENTA}${GITHUB_ORG}" - echo_reset_dim "Repository ............................ ${COLOR_MAGENTA}${GITHUB_REPO}" - echo_reset_dim "Branch ................................ ${COLOR_MAGENTA}${GIT_BRANCH}" - else - echo_h2 "GitOps Target" " " - echo_reset_dim "Automatic Push ........................ ${COLOR_RED}Disabled" - echo_reset_dim "Working Directory ..................... ${COLOR_MAGENTA}${GITOPS_WORKING_DIR}" - fi - reset_colors - - echo "${TEXT_DIM}" - echo_h2 "IBM Maximo Application Suite" " " - echo_reset_dim "Instance ID ........................... ${COLOR_MAGENTA}${MAS_INSTANCE_ID}" - reset_colors - - - # Set up Suite secrets - # --------------------------------------------------------------------------- - echo - echo_h2 "Configuring Suite secrets" - AVP_TYPE=aws # Support for IBM will be added later - sm_login - - # Get the cluster-level secrets used - # --------------------------------------------------------------------------- - CURRENT_DIR=$PWD - TEMP_DIR=$CURRENT_DIR/tmp-cos-deprovision-config - rm -rf $TEMP_DIR - mkdir -p $TEMP_DIR - - if [ -z $GIT_SSH ]; then - export GIT_SSH="false" - fi - - # Clone github target repo - # --------------------------------------------------------------------------- - if [ "$GITHUB_PUSH" == "true" ]; then - echo - echo_h2 "Cloning GitHub repo $GITHUB_ORG $GITHUB_REPO" - clone_target_git_repo $GITHUB_HOST $GITHUB_ORG $GITHUB_REPO $GIT_BRANCH $GITOPS_WORKING_DIR $GIT_SSH - fi - mkdir -p ${GITOPS_INSTANCE_DIR} - - - # Delete config file that triggers system-configs ArgoCD application to render charts for this config type - # --------------------------------------------------------------------------- - rm ${GITOPS_INSTANCE_DIR}/system.ibm-mas-objectstorage-config.yaml - - # Commit and push to github target repo - # --------------------------------------------------------------------------- - if [ "$GITHUB_PUSH" == "true" ]; then - echo - echo_h2 "Commit and push changes to GitHub repo $GITHUB_ORG $GITHUB_REPO" - save_to_target_git_repo $GITHUB_HOST $GITHUB_ORG $GITHUB_REPO $GIT_BRANCH $GITOPS_INSTANCE_DIR "${GIT_COMMIT_MSG}" - remove_git_repo_clone $GITOPS_WORKING_DIR/$GITHUB_REPO - - if [ "${ARGOCD_CHECK}" == "true" ]; then - INSTANCE_ROOT_APP="instance.${ACCOUNT_ID}.${REGION}.${CLUSTER_ID}.${MAS_INSTANCE_ID}" - COS_CONFIG_APP="system-cos.${ACCOUNT_ID}.${REGION}.${CLUSTER_ID}.${MAS_INSTANCE_ID}" - - argocd_login - argocd_prune_sync "${INSTANCE_ROOT_APP}" ## trigger the instance root app to notice the deletion of the config file - - # postsync hook takes care of ensuring the config CR is actually deleted - check_argo_app_deleted ${COS_CONFIG_APP} "mas" - fi - - fi - - rm -rf $TEMP_DIR - -} diff --git a/image/cli/mascli/functions/gitops_deprovision_suite_smtp_config b/image/cli/mascli/functions/gitops_deprovision_suite_smtp_config deleted file mode 100644 index fa7eeeb123..0000000000 --- a/image/cli/mascli/functions/gitops_deprovision_suite_smtp_config +++ /dev/null @@ -1,289 +0,0 @@ -#!/usr/bin/env bash - -function gitops_deprovision_suite_smtp_config_help() { - [[ -n "$1" ]] && echo_warning "$1" - reset_colors - cat << EOM -Usage: - mas gitops_deprovision_suite_smtp_config [options] -Where ${COLOR_YELLOW}specified${TEXT_RESET} each option may also be defined by setting the appropriate environment variable. -When no options are specified on the command line, interactive-mode will be enabled by default. - -Options: - -GitOps Configuration: - -d, --dir ${COLOR_YELLOW}GITOPS_WORKING_DIR${TEXT_RESET} Working directory for GitOps repository - -g, --gitops-version ${COLOR_YELLOW}GITOPS_VERSION${TEXT_RESET} Version of ibm-mas/gitops to use - -a, --account-id ${COLOR_YELLOW}ACCOUNT_ID${TEXT_RESET} Account name that the cluster belongs to - -r, --region-id ${COLOR_YELLOW}CLUSTER_ID${TEXT_RESET} Region ID - -c, --cluster-id ${COLOR_YELLOW}CLUSTER_ID${TEXT_RESET} Cluster ID - -m, --mas-instance-id ${COLOR_YELLOW}MAS_INSTANCE_ID${TEXT_RESET} IBM Suite Maximo Application Suite Instance ID - -f, --force-removal ${COLOR_YELLOW}FORCE_REMOVAL${TEXT_RESET} Force remove the ArgoCD Application, when deletion exceeds timeout - -A, --argocd-check ${COLOR_YELLOW}ARGOCD_CHECK${TEXT_RESET} ArgoCD check flag, when set to true will make ArgoCD calls - -Secrets Manager: - --secrets-path ${COLOR_YELLOW}SECRETS_PATH${TEXT_RESET} Secrets Manager path - --secrets-key-seperator ${COLOR_YELLOW}SECRETS_KEY_SEPERATOR${TEXT_RESET} Secrets Manager key seperator string - - -Automatic GitHub Push: - -P, --github-push ${COLOR_YELLOW}GITHUB_PUSH${TEXT_RESET} Enable automatic push to GitHub - -H, --github-host ${COLOR_YELLOW}GITHUB_HOST${TEXT_RESET} GitHub Hostname for your GitOps repository - -O, --github-org ${COLOR_YELLOW}GITHUB_ORG${TEXT_RESET} Github org for your GitOps repository - -R, --github-repo ${COLOR_YELLOW}GITHUB_REPO${TEXT_RESET} Github repo for your GitOps repository - -B, --git-branch ${COLOR_YELLOW}GIT_BRANCH${TEXT_RESET} Git branch to commit to of your GitOps repository - -M, --git-commit-msg ${COLOR_YELLOW}GIT_COMMIT_MSG${TEXT_RESET} Git commit message to use when committing to of your GitOps repository - -S , --github-ssh ${COLOR_YELLOW}GIT_SSH${TEXT_RESET} Git ssh key path - -Other Commands: - -h, --help Show this help message -EOM - [[ -n "$1" ]] && exit 1 || exit 0 -} - -function gitops_deprovision_suite_smtp_config_noninteractive() { - GITOPS_WORKING_DIR=$PWD/working-dir - SECRETS_KEY_SEPERATOR="/" - GIT_COMMIT_MSG="gitops-deprovision-mas-smtp-config commit" - export GITOPS_VERSION=${GITOPS_VERSION:-poc} - - export REGION=${REGION:-${SM_AWS_REGION}} - export ARGOCD_CHECK=${ARGOCD_CHECK:-"true"} - - while [[ $# -gt 0 ]] - do - key="$1" - shift - case $key in - -d|--dir) - export GITOPS_WORKING_DIR=$1 && shift - ;; - -g|--gitops-version) - export GITOPS_VERSION=$1 && shift - ;; - -a|--account-id) - export ACCOUNT_ID=$1 && shift - ;; - -r|--region-id) - export REGION=$1 && shift - ;; - -c|--cluster-id) - export CLUSTER_ID=$1 && shift - ;; - -m|--mas-instance-id) - export MAS_INSTANCE_ID=$1 && shift - ;; - -f|--force-removal) - export FORCE_REMOVAL=$1 && shift - ;; - -A|--argocd-check) - export ARGOCD_CHECK=$1 && shift - ;; - - # Secrets Manager - --secrets-path) - export SECRETS_PATH=$1 && shift - ;; - --secrets-key-seperator) - export SECRETS_KEY_SEPERATOR=$1 && shift - ;; - - # Automatic GitHub Push - -P|--github-push) - export GITHUB_PUSH=true - ;; - -H|--github-host) - export GITHUB_HOST=$1 && shift - ;; - -O|--github-org) - export GITHUB_ORG=$1 && shift - ;; - -R|--github-repo) - export GITHUB_REPO=$1 && shift - ;; - -B|--git-branch) - export GIT_BRANCH=$1 && shift - ;; - -M|--git-commit-msg) - export GIT_COMMIT_MSG=$1 && shift - ;; - -S|--github-ssh) - export GIT_SSH=$1 && shift - ;; - - -h|--help) - gitops_deprovision_suite_smtp_config_help - ;; - *) - # unknown option - echo -e "${COLOR_RED}Usage Error: Unsupported option \"${key}\"${COLOR_RESET}\n" - gitops_deprovision_suite_smtp_config_help "Usage Error: Unsupported option \"${key}\" " - exit 1 - ;; - esac - done - - [[ -z "$GITOPS_WORKING_DIR" ]] && gitops_deprovision_suite_smtp_config_help "GITOPS_WORKING_DIR is not set" - [[ -z "$GITOPS_VERSION" ]] && gitops_deprovision_suite_smtp_config_help "GITOPS_VERSION is not set" - [[ -z "$CLUSTER_ID" ]] && gitops_deprovision_suite_smtp_config_help "CLUSTER_ID is not set" - [[ -z "$REGION" ]] && gitops_deprovision_suite_smtp_config_help "REGION is not set" - [[ -z "$ACCOUNT_ID" ]] && gitops_deprovision_suite_smtp_config_help "ACCOUNT_ID is not set" - if [[ "$GITHUB_PUSH" == "true" ]]; then - [[ -z "$GITHUB_HOST" ]] && gitops_deprovision_suite_smtp_config_help "GITHUB_HOST is not set" - [[ -z "$GITHUB_ORG" ]] && gitops_deprovision_suite_smtp_config_help "GITHUB_ORG is not set" - [[ -z "$GITHUB_REPO" ]] && gitops_deprovision_suite_smtp_config_help "GITHUB_REPO is not set" - [[ -z "$GIT_BRANCH" ]] && gitops_deprovision_suite_smtp_config_help "GIT_BRANCH is not set" - fi - -} - -function gitops_deprovision_suite_smtp_config() { - # Take the first parameter off (it will be create-gitops) - shift - if [[ $# -gt 0 ]]; then - gitops_deprovision_suite_smtp_config_noninteractive "$@" - else - echo "Not supported yet" - exit 1 - gitops_deprovision_suite_smtp_config_interactive - fi - - mkdir -p ${GITOPS_WORKING_DIR} - GITOPS_INSTANCE_DIR=${GITOPS_WORKING_DIR}/${GITHUB_REPO}/${ACCOUNT_ID}/${REGION}/${CLUSTER_ID}/${MAS_INSTANCE_ID}/configs - - echo - reset_colors - echo_h2 "Review Settings" - - echo "${TEXT_DIM}" - echo_h2 "Target" " " - echo_reset_dim "Account ID............................. ${COLOR_MAGENTA}${ACCOUNT_ID}" - echo_reset_dim "Region ID ............................. ${COLOR_MAGENTA}${REGION}" - echo_reset_dim "Cluster ID ............................ ${COLOR_MAGENTA}${CLUSTER_ID}" - echo_reset_dim "Application Directory ................. ${COLOR_MAGENTA}${GITOPS_INSTANCE_DIR}" - echo_reset_dim "Force Remove Application Flag ......... ${COLOR_MAGENTA}${FORCE_REMOVAL}" - echo_reset_dim "ArgoCD Check .......................... ${COLOR_MAGENTA}${ARGOCD_CHECK}" - reset_colors - - echo "${TEXT_DIM}" - echo_h2 "Secrets Manager" " " - echo_reset_dim "Secrets Path .......................... ${COLOR_MAGENTA}${SECRETS_PATH}" - reset_colors - - echo "${TEXT_DIM}" - echo_h2 "GitOps Source" " " - echo_reset_dim "GitOps URL ............................ ${COLOR_MAGENTA}https://github.com/ibm-mas/gitops" - echo_reset_dim "GitOps Version ........................ ${COLOR_MAGENTA}${GITOPS_VERSION}" - reset_colors - - echo "${TEXT_DIM}" - if [[ "$GITHUB_PUSH" == "true" ]]; then - echo_h2 "GitOps Target" " " - echo_reset_dim "Automatic Push ........................ ${COLOR_GREEN}Enabled" - echo_reset_dim "Working Directory ..................... ${COLOR_MAGENTA}${GITOPS_WORKING_DIR}" - echo_reset_dim "Host .................................. ${COLOR_MAGENTA}${GITHUB_HOST}" - echo_reset_dim "Organization .......................... ${COLOR_MAGENTA}${GITHUB_ORG}" - echo_reset_dim "Repository ............................ ${COLOR_MAGENTA}${GITHUB_REPO}" - echo_reset_dim "Branch ................................ ${COLOR_MAGENTA}${GIT_BRANCH}" - else - echo_h2 "GitOps Target" " " - echo_reset_dim "Automatic Push ........................ ${COLOR_RED}Disabled" - echo_reset_dim "Working Directory ..................... ${COLOR_MAGENTA}${GITOPS_WORKING_DIR}" - fi - reset_colors - - echo "${TEXT_DIM}" - echo_h2 "IBM Maximo Application Suite" " " - echo_reset_dim "Instance ID ........................... ${COLOR_MAGENTA}${MAS_INSTANCE_ID}" - reset_colors - - - # Set up Suite secrets - # --------------------------------------------------------------------------- - echo - echo_h2 "Configuring Suite secrets" - AVP_TYPE=aws # Support for IBM will be added later - sm_login - - # Instance-level secret to delete - # --------------------------------------------------------------------------- - SECRET_NAME_SMTP=${SECRET_PREFIX}${ACCOUNT_ID}${SECRETS_KEY_SEPERATOR}${CLUSTER_ID}${SECRETS_KEY_SEPERATOR}${MAS_INSTANCE_ID}${SECRETS_KEY_SEPERATOR}smtp - - # Delete Instance level secret - # --------------------------------------------------------------------------- - echo " Deleting $SECRET_NAME_SMTP" - sm_delete_secret $SECRET_NAME_SMTP - - if [ -z $GIT_SSH ]; then - export GIT_SSH="false" - fi - - # Clone github target repo - # --------------------------------------------------------------------------- - if [ "$GITHUB_PUSH" == "true" ]; then - echo - echo_h2 "Cloning GitHub repo $GITHUB_ORG $GITHUB_REPO" - clone_target_git_repo $GITHUB_HOST $GITHUB_ORG $GITHUB_REPO $GIT_BRANCH $GITOPS_WORKING_DIR $GIT_SSH - fi - mkdir -p ${GITOPS_INSTANCE_DIR} - - - # Because the CR has an owner (Suite), ArgoCD won't cleanup the CR when the application is removed, - # so we need to call oc delete ourselves (and we have to do this from within the cluster itself as our deprovision scripts cannot access oc directly. - # For now, as a temporary solution: conditionally render templates containing a Job that deletes the CR when the "delete" flag is set by our provision scripts - # prior to deletion of the config itself. - # TODO: change to OnDelete hook once we have access to ArgoCD 2.10 - # See https://jsw.ibm.com/browse/MASCORE-1643 - - if [[ "$GITHUB_PUSH" == "true" && "${ARGOCD_CHECK}" == "true" ]]; then - argocd_login - fi - - # Append the ;delete: true' flag iff the config file exists and the flag is not in there already - if [[ -f "${GITOPS_INSTANCE_DIR}/system.ibm-mas-smtp-config.yaml" ]]; then - if [[ -z $(grep '^delete: true$' ${GITOPS_INSTANCE_DIR}/system.ibm-mas-smtp-config.yaml) ]]; then - echo "Adding delete: true flag to config" - echo -e "\n\ndelete: true" >> ${GITOPS_INSTANCE_DIR}/system.ibm-mas-smtp-config.yaml - - # Commit and push to github target repo - # --------------------------------------------------------------------------- - if [ "$GITHUB_PUSH" == "true" ]; then - echo - echo_h2 "Commit and push changes to GitHub repo $GITHUB_ORG $GITHUB_REPO" - save_to_target_git_repo $GITHUB_HOST $GITHUB_ORG $GITHUB_REPO $GIT_BRANCH $GITOPS_INSTANCE_DIR "${GIT_COMMIT_MSG}" - - if [ "${ARGOCD_CHECK}" == "true" ]; then - SMTP_CONFIG_APP="${MAS_INSTANCE_ID}-smtp-system.${ACCOUNT_ID}.${REGION}.${CLUSTER_ID}.${MAS_INSTANCE_ID}" - - argocd_sync "${SMTP_CONFIG_APP}" # Trigger the cleanup job to run - - # wait for it to finish syncing now the delete: true flag has been set - check_argo_app_synced "${SMTP_CONFIG_APP}" - # once synced, the CR will have been deleted and we can move on - fi - fi - fi - fi - - # Delete config file that triggers system-configs ArgoCD application to render charts for this config type - # --------------------------------------------------------------------------- - rm ${GITOPS_INSTANCE_DIR}/system.ibm-mas-smtp-config.yaml - - # Commit and push to github target repo - # --------------------------------------------------------------------------- - if [ "$GITHUB_PUSH" == "true" ]; then - echo - echo_h2 "Commit and push changes to GitHub repo $GITHUB_ORG $GITHUB_REPO" - save_to_target_git_repo $GITHUB_HOST $GITHUB_ORG $GITHUB_REPO $GIT_BRANCH $GITOPS_INSTANCE_DIR "${GIT_COMMIT_MSG}" - remove_git_repo_clone $GITOPS_WORKING_DIR/$GITHUB_REPO - - if [ "${ARGOCD_CHECK}" == "true" ]; then - INSTANCE_ROOT_APP="instance.${ACCOUNT_ID}.${REGION}.${CLUSTER_ID}.${MAS_INSTANCE_ID}" - SMTP_CONFIG_APP="${MAS_INSTANCE_ID}-smtp-system.${ACCOUNT_ID}.${REGION}.${CLUSTER_ID}.${MAS_INSTANCE_ID}" - - argocd_prune_sync "${INSTANCE_ROOT_APP}" ## trigger the config appset to notice the deletion of the config file - - check_argo_app_deleted ${SMTP_CONFIG_APP} "mas" - fi - fi -} diff --git a/image/cli/mascli/functions/gitops_kafka_config b/image/cli/mascli/functions/gitops_kafka_config deleted file mode 100644 index 08cca23f4a..0000000000 --- a/image/cli/mascli/functions/gitops_kafka_config +++ /dev/null @@ -1,271 +0,0 @@ -#!/usr/bin/env bash - -function gitops_kafka_config_help() { - [[ -n "$1" ]] && echo_warning "$1" - reset_colors - cat << EOM -Usage: - mas gitops_kafka_config [options] -Where ${COLOR_YELLOW}specified${TEXT_RESET} each option may also be defined by setting the appropriate environment variable. -When no options are specified on the command line, interactive-mode will be enabled by default. - -Options: - -GitOps Configuration: - -d, --dir ${COLOR_YELLOW}GITOPS_WORKING_DIR${TEXT_RESET} Working directory for GitOps repository - -g, --gitops-version ${COLOR_YELLOW}GITOPS_VERSION${TEXT_RESET} Version of ibm-mas/gitops to use - -a, --account-id ${COLOR_YELLOW}ACCOUNT_ID${TEXT_RESET} Account name that the cluster belongs to - -c, --cluster-id ${COLOR_YELLOW}CLUSTER_ID${TEXT_RESET} Cluster ID - -m, --mas-instance-id ${COLOR_YELLOW}MAS_INSTANCE_ID${TEXT_RESET} IBM Suite Maximo Application Suite Instance ID - -A, --argocd-check ${COLOR_YELLOW}ARGOCD_CHECK${TEXT_RESET} ArgoCD check flag, when set to true will make ArgoCD calls - -Secrets Manager: - --secrets-path ${COLOR_YELLOW}SECRETS_PATH${TEXT_RESET} Secrets Manager path - --secrets-key-seperator ${COLOR_YELLOW}SECRETS_KEY_SEPERATOR${TEXT_RESET} Secrets Manager key seperator string - - -Automatic GitHub Push: - -P, --github-push ${COLOR_YELLOW}GITHUB_PUSH${TEXT_RESET} Enable automatic push to GitHub - -H, --github-host ${COLOR_YELLOW}GITHUB_HOST${TEXT_RESET} GitHub Hostname for your GitOps repository - -O, --github-org ${COLOR_YELLOW}GITHUB_ORG${TEXT_RESET} Github org for your GitOps repository - -R, --github-repo ${COLOR_YELLOW}GITHUB_REPO${TEXT_RESET} Github repo for your GitOps repository - -B, --git-branch ${COLOR_YELLOW}GIT_BRANCH${TEXT_RESET} Git branch to commit to of your GitOps repository - -M, --git-commit-msg ${COLOR_YELLOW}GIT_COMMIT_MSG${TEXT_RESET} Git commit message to use when committing to of your GitOps repository - -S , --github-ssh ${COLOR_YELLOW}GIT_SSH${TEXT_RESET} Git ssh key path - -Other Commands: - -h, --help Show this help message -EOM - [[ -n "$1" ]] && exit 1 || exit 0 -} - -function gitops_kafka_config_noninteractive() { - GITOPS_WORKING_DIR=$PWD/working-dir - SECRETS_KEY_SEPERATOR="/" - GIT_COMMIT_MSG="gitops-kafka-config commit" - export GITOPS_VERSION=${GITOPS_VERSION:-poc} - - # TODO: will need to add explicit args to pipeline when we start using this code to deploy to MCSP - export REGION=${REGION:-${SM_AWS_REGION}} - export ARGOCD_CHECK=${ARGOCD_CHECK:-"true"} - - while [[ $# -gt 0 ]] - do - key="$1" - shift - case $key in - -d|--dir) - export GITOPS_WORKING_DIR=$1 && shift - ;; - -g|--gitops-version) - export GITOPS_VERSION=$1 && shift - ;; - -a|--account-id) - export ACCOUNT_ID=$1 && shift - ;; - -c|--cluster-id) - export CLUSTER_ID=$1 && shift - ;; - -r|--region) - export REGION=$1 && shift - ;; - -m|--mas-instance-id) - export MAS_INSTANCE_ID=$1 && shift - ;; - -A|--argocd-check) - export ARGOCD_CHECK=$1 && shift - ;; - - # Secrets Manager - --secrets-path) - export SECRETS_PATH=$1 && shift - ;; - --secrets-key-seperator) - export SECRETS_KEY_SEPERATOR=$1 && shift - ;; - - # Automatic GitHub Push - -P|--github-push) - export GITHUB_PUSH=true - ;; - -H|--github-host) - export GITHUB_HOST=$1 && shift - ;; - -O|--github-org) - export GITHUB_ORG=$1 && shift - ;; - -R|--github-repo) - export GITHUB_REPO=$1 && shift - ;; - -B|--git-branch) - export GIT_BRANCH=$1 && shift - ;; - -M|--git-commit-msg) - export GIT_COMMIT_MSG=$1 && shift - ;; - -S|--github-ssh) - export GIT_SSH=$1 && shift - ;; - - -h|--help) - gitops_kafka_config_help - ;; - *) - # unknown option - echo -e "${COLOR_RED}Usage Error: Unsupported option \"${key}\"${COLOR_RESET}\n" - gitops_kafka_config_help "Usage Error: Unsupported option \"${key}\" " - exit 1 - ;; - esac - done - - [[ -z "$GITOPS_WORKING_DIR" ]] && gitops_kafka_config_help "GITOPS_WORKING_DIR is not set" - [[ -z "$GITOPS_VERSION" ]] && gitops_kafka_config_help "GITOPS_VERSION is not set" - [[ -z "$CLUSTER_ID" ]] && gitops_kafka_config_help "CLUSTER_ID is not set" - [[ -z "$ACCOUNT_ID" ]] && gitops_kafka_config_help "ACCOUNT_ID is not set" - [[ -z "$REGION" ]] && gitops_kafka_config_help "REGION is not set" - if [[ "$GITHUB_PUSH" == "true" ]]; then - [[ -z "$GITHUB_HOST" ]] && gitops_kafka_config_help "GITHUB_HOST is not set" - [[ -z "$GITHUB_ORG" ]] && gitops_kafka_config_help "GITHUB_ORG is not set" - [[ -z "$GITHUB_REPO" ]] && gitops_kafka_config_help "GITHUB_REPO is not set" - [[ -z "$GIT_BRANCH" ]] && gitops_kafka_config_help "GIT_BRANCH is not set" - fi -} - -function gitops_kafka_config() { - # Take the first parameter off (it will be create-gitops) - shift - if [[ $# -gt 0 ]]; then - gitops_kafka_config_noninteractive "$@" - else - echo "Not supported yet" - exit 1 - gitops_kafka_config_interactive - fi - rm -rf ${GITOPS_WORKING_DIR} - mkdir -p ${GITOPS_WORKING_DIR} - GITOPS_INSTANCE_DIR=${GITOPS_WORKING_DIR}/${GITHUB_REPO}/${ACCOUNT_ID}/${REGION}/${CLUSTER_ID}/${MAS_INSTANCE_ID}/configs - - echo - reset_colors - echo_h2 "Review Settings" - - echo "${TEXT_DIM}" - echo_h2 "Target" " " - echo_reset_dim "Account ID ............................ ${COLOR_MAGENTA}${ACCOUNT_ID}" - echo_reset_dim "Region ................................ ${COLOR_MAGENTA}${REGION}" - echo_reset_dim "Cluster ID ............................ ${COLOR_MAGENTA}${CLUSTER_ID}" - echo_reset_dim "System Config Directory................ ${COLOR_MAGENTA}${GITOPS_INSTANCE_DIR}" - echo_reset_dim "ArgoCD Check .......................... ${COLOR_MAGENTA}${ARGOCD_CHECK}" - reset_colors - - echo "${TEXT_DIM}" - echo_h2 "Secrets Manager" " " - echo_reset_dim "Secrets Path .......................... ${COLOR_MAGENTA}${SECRETS_PATH}" - reset_colors - - echo "${TEXT_DIM}" - echo_h2 "GitOps Source" " " - echo_reset_dim "GitOps URL ............................ ${COLOR_MAGENTA}https://github.com/ibm-mas/gitops" - echo_reset_dim "GitOps Version ........................ ${COLOR_MAGENTA}${GITOPS_VERSION}" - reset_colors - - echo "${TEXT_DIM}" - if [[ "$GITHUB_PUSH" == "true" ]]; then - echo_h2 "GitOps Target" " " - echo_reset_dim "Automatic Push ........................ ${COLOR_GREEN}Enabled" - echo_reset_dim "Working Directory ..................... ${COLOR_MAGENTA}${GITOPS_WORKING_DIR}" - echo_reset_dim "Host .................................. ${COLOR_MAGENTA}${GITHUB_HOST}" - echo_reset_dim "Organization .......................... ${COLOR_MAGENTA}${GITHUB_ORG}" - echo_reset_dim "Repository ............................ ${COLOR_MAGENTA}${GITHUB_REPO}" - echo_reset_dim "Branch ................................ ${COLOR_MAGENTA}${GIT_BRANCH}" - else - echo_h2 "GitOps Target" " " - echo_reset_dim "Automatic Push ........................ ${COLOR_RED}Disabled" - echo_reset_dim "Working Directory ..................... ${COLOR_MAGENTA}${GITOPS_WORKING_DIR}" - fi - reset_colors - - echo "${TEXT_DIM}" - echo_h2 "IBM Maximo Application Suite" " " - echo_reset_dim "Instance ID ........................... ${COLOR_MAGENTA}${MAS_INSTANCE_ID}" - reset_colors - - - # Set up Suite secrets - # --------------------------------------------------------------------------- - echo - echo_h2 "Configuring Suite secrets" - AVP_TYPE=aws # Support for IBM will be added later - sm_login - if [[ "$AVP_TYPE" == "aws" ]]; then - # kafka - export SECRET_PREFIX="AmazonMSK_" - fi - - # Get the cluster-level secrets used - # --------------------------------------------------------------------------- - CURRENT_DIR=$PWD - TEMP_DIR=$CURRENT_DIR/tmp-kafka-config - rm -rf $TEMP_DIR - mkdir -p $TEMP_DIR - - # Get the instance-level values to used - # --------------------------------------------------------------------------- - export KAFKA_SECRET_FILE=$TEMP_DIR/kafka-secret.json - export KAFKA_CONFIG_FILE=$TEMP_DIR/kafka-info.yaml - - sm_get_secret_file ${SECRET_PREFIX}${ACCOUNT_ID}${SECRETS_KEY_SEPERATOR}${CLUSTER_ID}${SECRETS_KEY_SEPERATOR}${MAS_INSTANCE_ID}${SECRETS_KEY_SEPERATOR}kafka $KAFKA_SECRET_FILE - jq -r .info $KAFKA_SECRET_FILE > $KAFKA_CONFIG_FILE - - export AWS_MSK_SECRET=${SECRET_PREFIX}${ACCOUNT_ID}${SECRETS_KEY_SEPERATOR}${CLUSTER_ID}${SECRETS_KEY_SEPERATOR}${MAS_INSTANCE_ID}${SECRETS_KEY_SEPERATOR}kafka - export SECRET_KEY_KAFKA_USERNAME=${AWS_MSK_SECRET}#username - export SECRET_KEY_KAFKA_PASSWORD=${AWS_MSK_SECRET}#password - - if [ -z $GIT_SSH ]; then - export GIT_SSH="false" - fi - - # Clone github target repo - # --------------------------------------------------------------------------- - if [ "$GITHUB_PUSH" == "true" ]; then - echo - echo_h2 "Cloning GitHub repo $GITHUB_ORG $GITHUB_REPO" - clone_target_git_repo $GITHUB_HOST $GITHUB_ORG $GITHUB_REPO $GIT_BRANCH $GITOPS_WORKING_DIR $GIT_SSH - fi - mkdir -p ${GITOPS_INSTANCE_DIR} - - export MAS_CONFIG_SCOPE="system" - - # Generate ArgoApps - # --------------------------------------------------------------------------- - # Per MAS instance - echo "- IBM MAS System Kafka Config" - jinja -X .+ -d $KAFKA_CONFIG_FILE $CLI_DIR/templates/gitops/appset-configs/cluster/instance/configs/ibm-mas-kafka-config.yaml.j2 -o ${GITOPS_INSTANCE_DIR}/system.ibm-mas-kafka-config.yaml - - # Commit and push to github target repo - # --------------------------------------------------------------------------- - if [ "$GITHUB_PUSH" == "true" ]; then - echo - echo_h2 "Commit and push changes to GitHub repo $GITHUB_ORG $GITHUB_REPO" - save_to_target_git_repo $GITHUB_HOST $GITHUB_ORG $GITHUB_REPO $GIT_BRANCH $GITOPS_INSTANCE_DIR "${GIT_COMMIT_MSG}" - remove_git_repo_clone $GITOPS_WORKING_DIR/$GITHUB_REPO - if [ "${ARGOCD_CHECK}" == "true" ]; then - CLUSTER_ROOT_APP="cluster.${ACCOUNT_ID}.${REGION}.${CLUSTER_ID}" - INSTANCE_ROOT_APP="instance.${ACCOUNT_ID}.${REGION}.${CLUSTER_ID}.${MAS_INSTANCE_ID}" - KAFKA_CONFIG_APP="${MAS_INSTANCE_ID}-kafka-system.${ACCOUNT_ID}.${REGION}.${CLUSTER_ID}.${MAS_INSTANCE_ID}" - - argocd_login - argocd_sync "${INSTANCE_ROOT_APP}" ## trigger the config appset to pick up the new config files - check_argo_app_synced "${INSTANCE_ROOT_APP}" "${CLUSTER_ROOT_APP}" # wait for the instance root app to sync - - argocd_hard_refresh "${KAFKA_CONFIG_APP}" - check_argo_app_synced "${KAFKA_CONFIG_APP}" "${INSTANCE_ROOT_APP}" - check_argo_app_healthy "${KAFKA_CONFIG_APP}" "${INSTANCE_ROOT_APP}" - fi - - fi - - rm -rf $TEMP_DIR - -} diff --git a/image/cli/mascli/functions/gitops_mas_config b/image/cli/mascli/functions/gitops_mas_config new file mode 100644 index 0000000000..38a101ba32 --- /dev/null +++ b/image/cli/mascli/functions/gitops_mas_config @@ -0,0 +1,820 @@ +#!/usr/bin/env bash + +function gitops_mas_config_help() { + [[ -n "$1" ]] && echo_warning "$1" + reset_colors + cat << EOM +Usage: + mas gitops_mas_config [options] +Where ${COLOR_YELLOW}specified${TEXT_RESET} each option may also be defined by setting the appropriate environment variable. +When no options are specified on the command line, interactive-mode will be enabled by default. + +Options: + +GitOps Configuration: + -d, --dir ${COLOR_YELLOW}GITOPS_WORKING_DIR${TEXT_RESET} Working directory for GitOps repository + -a, --account-id ${COLOR_YELLOW}ACCOUNT_ID${TEXT_RESET} Account name that the cluster belongs to + -c, --cluster-id ${COLOR_YELLOW}CLUSTER_ID${TEXT_RESET} Cluster ID + --config-action ${COLOR_YELLOW}CONFIG_ACTION${TEXT_RESET} One of upsert|remove. + --mas-config-type ${COLOR_YELLOW}MAS_CONFIG_TYPE${TEXT_RESET} One of bas|jdbc|kafka|ldap-default|mongo|objectstorage|sls|smtp + --mas-config-scope ${COLOR_YELLOW}MAS_CONFIG-SCOPE${TEXT_RESET} One of system|ws|app|wsapp + --use-postdelete-hooks ${COLOR_YELLOW}USE_POSTDELETE_HOOKS${TEXT_RESET} !!! ArgoCD >= 2.10.* only !!!. If set, PostDelete hooks will be deployed to ensure config CRs are properly cleaned up by ArgoCD on deletion (default: false) + +IBM Maximo Application Suite: + -m, --mas-instance-id ${COLOR_YELLOW}MAS_INSTANCE_ID${TEXT_RESET} IBM Suite Maximo Application Suite Instance ID + --mas-app-id ${COLOR_YELLOW}MAS_APP_ID${TEXT_RESET} MAS Application scope for this configuration (required iff MAS_CONFIG_SCOPE is app or wsapp) + --mas-workspace-id ${COLOR_YELLOW}MAS_WORKSPACE_ID${TEXT_RESET} MAS Workspace scope for this configuration (required iff MAS_CONFIG_SCOPE is ws or wsapp) + +AWS Secrets Manager Configuration (Required): + --sm-aws-secret-region ${COLOR_YELLOW}SM_AWS_REGION${TEXT_RESET} Region of the AWS Secrets Manager to use + --sm-aws-access-key ${COLOR_YELLOW}SM_AWS_ACCESS_KEY_ID${TEXT_RESET} Your AWS Access Key ID + --sm-aws-secret-key ${COLOR_YELLOW}SM_AWS_SECRET_ACCESS_KEY${TEXT_RESET} Your AWS Secret Key + --secrets-path ${COLOR_YELLOW}SECRETS_PATH${TEXT_RESET} Secrets Manager path + +Mongo Configuration (required iff MAS_CONFIG_TYPE is "mongo"): + --mongo-provider ${COLOR_YELLOW}MONGODB_PROVIDER${TEXT_RESET} The mongodb provider to install. One of aws|yaml (defaults to yaml) + +DRO Configuration (required iff MAS_CONFIG_TYPE is "bas"): + --dro-contact-email ${COLOR_YELLOW}DRO_CONTACT_EMAIL${TEXT_RESET} The email address to register with DRO + --dro-contact-firstname ${COLOR_YELLOW}DRO_CONTACT_FIRSTNAME${TEXT_RESET} The first name to register with DRO + --dro-contact-lastname ${COLOR_YELLOW}DRO_CONTACT_LASTNAME${TEXT_RESET} The last name to register with DRO + --dro-ca-certificate-file ${COLOR_YELLOW}DRO_CA_CERTIFICATE_FILE${TEXT_RESET} The location of a file containing the DRO CA certificate + +IDP/LDAP Configuration (required iff MAS_CONFIG_TYPE is "ldap-default"): + --idpcfg-display-name ${COLOR_YELLOW}IDPCFG_DISPLAY_NAME${TEXT_RESET} Display name for IDPCfg resource + --ldap-url ${COLOR_YELLOW}LDAP_URL${TEXT_RESET} Url of the LDAP server. In the form protocol://host:port + --ldap-basedn ${COLOR_YELLOW}LDAP_BASEDN${TEXT_RESET} The baseDN for the LDAP server + --ldap-userid-map ${COLOR_YELLOW}LDAP_USERID_MAP${TEXT_RESET} LDAP UserId map + --ldap-certificate-file ${COLOR_YELLOW}LDAP_CERTIFICATE_FILE${TEXT_RESET} Path to file containing CA Certificate for LDAP server + --ldap-bind-dn ${COLOR_YELLOW}LDAP_BIND_DN${TEXT_RESET} DN for LDAP server authentication + --ldap-bind-password ${COLOR_YELLOW}LDAP_BIND_PASSWORD${TEXT_RESET} Password for LDAP server authenticaiton + +Object Storage Configuration (required iff MAS_CONFIG_TYPE is "objectstorage"): + --gitops-config-dir ${COLOR_YELLOW}GITOPS_CONFIG_DIR${TEXT_RESET} Directory that holds configuration to use + +JDBC Configuration (required iff MAS_CONFIG_TYPE is "jdbc"): + --tls-version ${COLOR_YELLOW}TLS_VERSION${TEXT_RESET} TLS Version (defaults to TLSv1.2) + --db2-ldap-username ${COLOR_YELLOW}DB2_LDAP_USERNAME${TEXT_RESET} DB2 LDAP Username to create + --db2-ldap-password ${COLOR_YELLOW}DB2_LDAP_PASSWORD${TEXT_RESET} DB2 LDAP Password to create + --db2-internal ${COLOR_YELLOW}DB2_INTERNAL${TEXT_RESET} Set true iff DB2 is running in same cluster as MAS (defaults to true) + --db2-instance-name ${COLOR_YELLOW}DB2_INSTANCE_NAME${TEXT_RESET} Name of the DB2 instance e.g. db2wh--iot, db2wh--manage + --db2-dbname ${COLOR_YELLOW}DB2_DBNAME${TEXT_RESET} DB2 database name (defaults to BLUDB) + +SMTP Configuration (required iff MAS_CONFIG_TYPE is "smtp"): + --smtp-display-name ${COLOR_YELLOW}SMTP_DISPLAY_NAME${TEXT_RESET} Display name for SmtpCfg resource + --smtp-host ${COLOR_YELLOW}SMTP_HOST${TEXT_RESET} Host of the SMTP server + --smtp-port ${COLOR_YELLOW}SMTP_PORT${TEXT_RESET} Port of the SMTP server + --smtp-security ${COLOR_YELLOW}SMTP_SECURITY${TEXT_RESET} Security protocol. None, STARTTLS or SSL + --smtp-authentication ${COLOR_YELLOW}SMTP_AUTHENTICATION${TEXT_RESET} true or false on whether to authenticate + --smtp-default-sender-email ${COLOR_YELLOW}SMTP_DEFAULT_SENDER_EMAIL${TEXT_RESET} The default sender email + --smtp-default-sender-name ${COLOR_YELLOW}SMTP_DEFAULT_SENDER_NAME${TEXT_RESET} The default sender name + --smtp-default-recipient-email ${COLOR_YELLOW}SMTP_DEFAULT_RECIPIENT_EMAIL${TEXT_RESET} The default recipient email + --smtp-default-should-email-passwords ${COLOR_YELLOW}SMTP_DEFAULT_SHOULD_EMAIL_PASSWORDS${TEXT_RESET} true or false on sending email passwords + --smtp-username ${COLOR_YELLOW}SMTP_USERNAME${TEXT_RESET} Username for SMTP server authentication + --smtp-password ${COLOR_YELLOW}SMTP_PASSWORD${TEXT_RESET} + +Automatic GitHub Push: + -P, --github-push ${COLOR_YELLOW}GITHUB_PUSH${TEXT_RESET} Enable automatic push to GitHub + -H, --github-host ${COLOR_YELLOW}GITHUB_HOST${TEXT_RESET} GitHub Hostname for your GitOps repository + -O, --github-org ${COLOR_YELLOW}GITHUB_ORG${TEXT_RESET} Github org for your GitOps repository + -R, --github-repo ${COLOR_YELLOW}GITHUB_REPO${TEXT_RESET} Github repo for your GitOps repository + -S, --github-ssh ${COLOR_YELLOW}GIT_SSH${TEXT_RESET} Git ssh key path + -B, --git-branch ${COLOR_YELLOW}GIT_BRANCH${TEXT_RESET} Git branch to commit to of your GitOps repository + -M, --git-commit-msg ${COLOR_YELLOW}GIT_COMMIT_MSG${TEXT_RESET} Git commit message to use when committing to of your GitOps repository + +Other Commands: + -h, --help Show this help message +EOM + [[ -n "$1" ]] && exit 1 || exit 0 +} + +function gitops_mas_config_noninteractive() { + # Set defaults + GITOPS_WORKING_DIR=$PWD/working-dir + SECRETS_KEY_SEPERATOR="/" + + export REGION_ID=${REGION_ID:-${SM_AWS_REGION}} + + if [ -z $GIT_SSH ]; then + export GIT_SSH="false" + fi + + while [[ $# -gt 0 ]] + do + key="$1" + shift + case $key in + -d|--dir) + export GITOPS_WORKING_DIR=$1 && shift + ;; + -a|--account-id) + export ACCOUNT_ID=$1 && shift + ;; + -c|--cluster-id) + export CLUSTER_ID=$1 && shift + ;; + -m|--mas-instance-id) + export MAS_INSTANCE_ID=$1 && shift + ;; + -W|--mas-workspace-id) + export MAS_WORKSPACE_ID=$1 && shift + ;; + --mas-app-id) + export MAS_APP_ID=$1 && shift + ;; + --use-postdelete-hooks) + export USE_POSTDELETE_HOOKS=true + ;; + + --mas-config-type) + export MAS_CONFIG_TYPE=$1 && shift + ;; + --mas-config-scope) + export MAS_CONFIG_SCOPE=$1 && shift + ;; + + --config-action) + export CONFIG_ACTION=$1 && shift + ;; + + # MongoDb Provider Selection + --mongo-provider) + export MONGODB_PROVIDER=$1 && shift + ;; + + # DRO + --dro-contact-email) + export DRO_CONTACT_EMAIL=$1 && shift + ;; + --dro-contact-firstname) + export DRO_CONTACT_FIRSTNAME=$1 && shift + ;; + --dro-contact-lastname) + export DRO_CONTACT_LASTNAME=$1 && shift + ;; + --dro-ca-certificate-file) + export DRO_CA_CERTIFICATE_FILE=$1 && shift + ;; + + # LDAP + --idpcfg-display-name) + export IDPCFG_DISPLAY_NAME=$1 && shift + ;; + --ldap-url) + export LDAP_URL=$1 && shift + ;; + --ldap-basedn) + export LDAP_BASEDN=$1 && shift + ;; + --ldap-userid-map) + export LDAP_USERID_MAP=$1 && shift + ;; + --ldap-certificate-file) + export LDAP_CERTIFICATE_FILE=$1 && shift + ;; + --ldap-bind-dn) + export LDAP_BIND_DN=$1 && shift + ;; + --ldap-bind-password) + export LDAP_BIND_PASSWORD=$1 && shift + ;; + + + # COS + --gitops-config-dir) + # TODO: this doesn't feel like a cos-specific parameter + # but it seems to be the only config script that actually attempts to read from the shared + # /workspace/configs directory + + # Unless there's a good reason not to, I think we should align COS to expect config to be passed in via + # pre-registered secrets in SM (like we do for mongo, kafka, etc) + export GITOPS_CONFIG_DIR=$1 && shift + ;; + + # JDBC + --tls-version) + export TLS_VERSION=$1 && shift + ;; + --db2-ldap-username) + export DB2_LDAP_USERNAME=$1 && shift + ;; + --db2-ldap-password) + export DB2_LDAP_PASSWORD=$1 && shift + ;; + --db2-internal) + export DB2_INTERNAL=$1 && shift + ;; + --db2-instance-name) + export DB2_INSTANCE_NAME=$1 && shift + ;; + --db2-dbname) + export DB2_DBNAME=$1 && shift + ;; + + + # SMTP + --smtp-display-name) + export SMTP_DISPLAY_NAME=$1 && shift + ;; + --smtp-host) + export SMTP_HOST=$1 && shift + ;; + --smtp-port) + export SMTP_PORT=$1 && shift + ;; + --smtp-security) + export SMTP_SECURITY=$1 && shift + ;; + --smtp-authentication) + export SMTP_AUTHENTICATION=$1 && shift + ;; + --smtp-default-sender-email) + export SMTP_DEFAULT_SENDER_EMAIL=$1 && shift + ;; + --smtp-default-sender-name) + export SMTP_DEFAULT_SENDER_NAME=$1 && shift + ;; + --smtp-default-recipient-email) + export SMTP_DEFAULT_RECIPIENT_EMAIL=$1 && shift + ;; + --smtp-default-should-email-passwords) + export SMTP_DEFAULT_SHOULD_EMAIL_PASSWORDS=$1 && shift + ;; + --smtp-username) + export SMTP_USERNAME=$1 && shift + ;; + --smtp-password) + export SMTP_PASSWORD=$1 && shift + ;; + + # AWS Secrets Manager Configuration + --sm-aws-secret-region) + export SM_AWS_REGION=$1 + export REGION_ID=$1 + shift + ;; + --sm-aws-access-key) + export SM_AWS_ACCESS_KEY_ID=$1 && shift + ;; + --sm-aws-secret-key) + export SM_AWS_SECRET_ACCESS_KEY=$1 && shift + ;; + --secrets-path) + export SECRETS_PATH=$1 && shift + ;; + + # Automatic GitHub Push + -P|--github-push) + export GITHUB_PUSH=true + ;; + -H|--github-host) + export GITHUB_HOST=$1 && shift + ;; + -O|--github-org) + export GITHUB_ORG=$1 && shift + ;; + -R|--github-repo) + export GITHUB_REPO=$1 && shift + ;; + -S|--github-ssh) + export GIT_SSH=$1 && shift + ;; + -B|--git-branch) + export GIT_BRANCH=$1 && shift + ;; + -M|--git-commit-msg) + export GIT_COMMIT_MSG=$1 && shift + ;; + + -h|--help) + gitops_mas_config_help + ;; + *) + # unknown option + gitops_mas_config_help "Usage Error: Unsupported option \"${key}\" " + ;; + esac + done + + + + [[ -z "$GITOPS_WORKING_DIR" ]] && gitops_mas_config_help "GITOPS_WORKING_DIR is not set" + [[ -z "$ACCOUNT_ID" ]] && gitops_mas_config_help "ACCOUNT_ID is not set" + [[ -z "$REGION_ID" ]] && gitops_mas_config_help "REGION_ID is not set" + [[ -z "$CLUSTER_ID" ]] && gitops_mas_config_help "CLUSTER_ID is not set" + [[ -z "$MAS_INSTANCE_ID" ]] && gitops_mas_config_help "MAS_INSTANCE_ID is not set" + + [[ -z "$CONFIG_ACTION" ]] && gitops_mas_config_help "CONFIG_ACTION is not set" + if ! [[ "$CONFIG_ACTION" =~ ^(upsert|remove)$ ]]; then + gitops_mas_config_help "Invalid CONFIG_ACTION \"${CONFIG_ACTION}\"; must be one of 'upsert' or 'remove'" + fi + + [[ -z "$MAS_CONFIG_TYPE" ]] && gitops_mas_config_help "MAS_INSTANCE_ID is not set" + if ! [[ "$MAS_CONFIG_TYPE" =~ ^(bas|jdbc|kafka|ldap-default|mongo|objectstorage|sls|smtp)$ ]]; then + gitops_mas_config_help "Invalid MAS_CONFIG_TYPE \"${MAS_CONFIG_TYPE}\"; must be one of bas|jdbc|kafka|ldap-default|mongo|objectstorage|sls|smtp" + fi + + [[ -z "$MAS_CONFIG_SCOPE" ]] && gitops_mas_config_help "MAS_CONFIG_SCOPE is not set" + if ! [[ "$MAS_CONFIG_SCOPE" =~ ^(system|ws|app|wsapp)$ ]]; then + gitops_mas_config_help "Invalid MAS_CONFIG_SCOPE \"${CONFIG_ACTION}\"; must be one of system|ws|app|wsapp" + fi + + if [[ "$MAS_CONFIG_SCOPE" =~ ^(ws|wsapp)$ ]]; then + [[ -z "$MAS_WORKSPACE_ID" ]] && gitops_mas_config_help "MAS_WORKSPACE_ID must be set when MAS_CONFIG_SCOPE is one of ws|wsapp" + fi + + if [[ "$MAS_CONFIG_SCOPE" =~ ^(app|wsapp)$ ]]; then + [[ -z "$MAS_APP_ID" ]] && gitops_mas_config_help "MAS_APP_ID must be set when MAS_CONFIG_SCOPE is one of app|wsapp" + fi + + + # Per config-type parameter validation + # Only necessary if config action is "upsert" (we don't need the values for a config if we're just removing it) + if [ "${CONFIG_ACTION}" == "upsert" ]; then + + if [ "${MAS_CONFIG_TYPE}" == "mongo" ]; then + export MONGODB_PROVIDER=${MONGODB_PROVIDER:-"yaml"} + if ! [[ "$MONGODB_PROVIDER" =~ ^(aws|yaml)$ ]]; then + gitops_mas_config_help "Invalid MONGODB_PROVIDER \"${MONGODB_PROVIDER}\"; must be one of aws|yaml" + fi + fi + + + if [ "${MAS_CONFIG_TYPE}" == "bas" ]; then + [[ -z "$DRO_CONTACT_EMAIL" ]] && gitops_mas_config_help "DRO_CONTACT_EMAIL is not set" + [[ -z "$DRO_CONTACT_FIRSTNAME" ]] && gitops_mas_config_help "DRO_CONTACT_FIRSTNAME is not set" + [[ -z "$DRO_CONTACT_LASTNAME" ]] && gitops_mas_config_help "DRO_CONTACT_LASTNAME is not set" + [[ -z "$DRO_CA_CERTIFICATE_FILE" ]] && gitops_mas_config_help "DRO_CA_CERTIFICATE_FILE is not set" + fi + + # if [ "${MAS_CONFIG_TYPE}" == "sls" ]; then + # No specific parameters required for sls at present; they are all fetched from SM + # fi + + # if [ "${MAS_CONFIG_TYPE}" == "kafka" ]; then + # No specific parameters required for kafka at present; they are all fetched from SM + # fi + + if [ "${MAS_CONFIG_TYPE}" == "ldap-default" ]; then + export IDPCFG_DISPLAY_NAME=${IDPCFG_DISPLAY_NAME:="Suite IDPCfg"} + + [[ -z "$LDAP_URL" ]] && gitops_mas_config_help "LDAP_URL is not set" + [[ -z "$LDAP_BASEDN" ]] && gitops_mas_config_help "LDAP_BASEDN is not set" + [[ -z "$LDAP_USERID_MAP" ]] && gitops_mas_config_help "LDAP_USERID_MAP is not set" + [[ -z "$LDAP_CERTIFICATE_FILE" ]] && gitops_mas_config_help "LDAP_CERTIFICATE_FILE is not set" + [[ -z "$LDAP_BIND_DN" ]] && gitops_mas_config_help "LDAP_BIND_DN is not set" + [[ -z "$LDAP_BIND_PASSWORD" ]] && gitops_mas_config_help "LDAP_BIND_PASSWORD is not set" + fi + + + if [ "${MAS_CONFIG_TYPE}" == "objectstorage" ]; then + [[ -z "$GITOPS_CONFIG_DIR" ]] && gitops_mas_config_help "GITOPS_CONFIG_DIR is not set" + fi + + if [ "${MAS_CONFIG_TYPE}" == "jdbc" ]; then + if [[ -z $DB2_DBNAME ]]; then + export DB2_DBNAME=BLUDB + fi + [[ -z "$DB2_INSTANCE_NAME" ]] && gitops_mas_config_help "DB2_INSTANCE_NAME is not set" + export DB2_NAMESPACE=db2u + export TLS_VERSION=${TLS_VERSION:-"TLSv1.2"} + # by default db2 internal is true, set it to false if db2 is external + export DB2_INTERNAL=${DB2_INTERNAL:-"true"} + + [[ -z "$DB2_LDAP_USERNAME" ]] && gitops_mas_config_help "DB2_LDAP_USERNAME is not set" + [[ -z "$DB2_LDAP_PASSWORD" ]] && gitops_mas_config_help "DB2_LDAP_PASSWORD is not set" + fi + + if [ "${MAS_CONFIG_TYPE}" == "smtp" ]; then + export SMTP_DISPLAY_NAME=${SMTP_DISPLAY_NAME:="Suite SMTP"} + [[ -z "$SMTP_HOST" ]] && gitops_mas_config_help "SMTP_HOST is not set" + [[ -z "$SMTP_PORT" ]] && gitops_mas_config_help "SMTP_PORT is not set" + [[ -z "$SMTP_SECURITY" ]] && gitops_mas_config_help "SMTP_SECURITY is not set" + [[ -z "$SMTP_AUTHENTICATION" ]] && gitops_mas_config_help "SMTP_AUTHENTICATION is not set" + [[ -z "$SMTP_DEFAULT_SENDER_EMAIL" ]] && gitops_mas_config_help "SMTP_DEFAULT_SENDER_EMAIL is not set" + [[ -z "$SMTP_DEFAULT_SENDER_NAME" ]] && gitops_mas_config_help "SMTP_DEFAULT_SENDER_NAME is not set" + [[ -z "$SMTP_DEFAULT_RECIPIENT_EMAIL" ]] && gitops_mas_config_help "SMTP_DEFAULT_RECIPIENT_EMAIL is not set" + [[ -z "$SMTP_DEFAULT_SHOULD_EMAIL_PASSWORDS" ]] && gitops_mas_config_help "SMTP_DEFAULT_SHOULD_EMAIL_PASSWORDS is not set" + [[ -z "$SMTP_USERNAME" ]] && gitops_mas_config_help "SMTP_USERNAME is not set" + [[ -z "$SMTP_PASSWORD" ]] && gitops_mas_config_help "SMTP_PASSWORD is not set" + fi + fi # [ "${CONFIG_ACTION}" == "upsert" ] + + + # A subset of the per-config upsert parameters are still required to remove certain configs + # (i.e. to resolve the paths of the secrets we need to delete) + if [ "${CONFIG_ACTION}" == "remove" ]; then + if [ "${MAS_CONFIG_TYPE}" == "jdbc" ]; then + [[ -z "$DB2_INSTANCE_NAME" ]] && gitops_mas_config_help "DB2_INSTANCE_NAME is not set" + fi + fi + + if [[ "$GITHUB_PUSH" == "true" ]]; then + [[ -z "$GITHUB_HOST" ]] && gitops_mas_config_help "GITHUB_HOST is not set" + [[ -z "$GITHUB_ORG" ]] && gitops_mas_config_help "GITHUB_ORG is not set" + [[ -z "$GITHUB_REPO" ]] && gitops_mas_config_help "GITHUB_REPO is not set" + [[ -z "$GIT_BRANCH" ]] && gitops_mas_config_help "GIT_BRANCH is not set" + fi + + + # TODO: because we now support ws/app/wsapp bindings as well as system, I think we will need to + # add additional delimiters to the secret names we use + # For instance, there might be a system binding to kafka_a and a wsapp binding to kafka_b. These cannot both use the same secret from secrets manager + # JDBC is the only wsapp binding we actually use at the moment, and this includes DB2_INSTANCE_NAME in the secrets path so it works for now + # To avoid changing too much at once, I do not want to attempt to fix this problem now. Instead, I'm going to restrict this script + # to only support wsapp bindings for jdbc. + # We should remove this restriction once this issue is resolved. + if [[ "$MAS_CONFIG_SCOPE" =~ ^(app|ws)$ ]]; then + gitops_mas_config_help "MAS_CONFIG_SCOPE ${MAS_CONFIG_SCOPE} is not currently supported this script" + fi + if [[ "$MAS_CONFIG_SCOPE" == "wsapp" && "$MAS_CONFIG_TYPE" != "jdbc" ]]; then + gitops_mas_config_help "MAS_CONFIG_SCOPE ${MAS_CONFIG_SCOPE} is only supported for MAS_CONFIG_TYPE jdbc at present" + fi + + +} + +function gitops_mas_config() { + # Take the first parameter off (it will be create-gitops) + shift + if [[ $# -gt 0 ]]; then + gitops_mas_config_noninteractive "$@" + else + echo "Not supported yet" + exit 1 + gitops_mas_config_interactive + fi + + mkdir -p ${GITOPS_WORKING_DIR} + GITOPS_INSTANCE_DIR=${GITOPS_WORKING_DIR}/${GITHUB_REPO}/${ACCOUNT_ID}/${REGION_ID}/${CLUSTER_ID}/${MAS_INSTANCE_ID} + CONFIGS_FILE="${GITOPS_INSTANCE_DIR}/ibm-mas-suite-configs.yaml" + GIT_LOCK_BRANCH=$(git_lock_branch_name "gitops-mas-config" "${ACCOUNT_ID}" "${REGION_ID}" "${CLUSTER_ID}" "${MAS_INSTANCE_ID}") + + export USE_POSTDELETE_HOOKS=${USE_POSTDELETE_HOOKS:-false} + + TEMP_DIR=$GITOPS_WORKING_DIR/tmp-mas-config + mkdir -p $TEMP_DIR + + echo + reset_colors + echo_h2 "Review Settings" + + echo "${TEXT_DIM}" + echo_h4 "Target" " " + echo_reset_dim "Account ID...................... ${COLOR_MAGENTA}${ACCOUNT_ID}" + echo_reset_dim "Region ID....................... ${COLOR_MAGENTA}${REGION_ID}" + echo_reset_dim "Cluster ID ..................... ${COLOR_MAGENTA}${CLUSTER_ID}" + echo_reset_dim "MAS Instance ID ................ ${COLOR_MAGENTA}${MAS_INSTANCE_ID}" + echo_reset_dim "System Config Directory ........ ${COLOR_MAGENTA}${GITOPS_INSTANCE_DIR}" + reset_colors + + echo "${TEXT_DIM}" + echo_h4 "AWS Secrets Manager" " " + echo_reset_dim "Region ......................... ${COLOR_MAGENTA}${SM_AWS_REGION}" + echo_reset_dim "Secret Key ..................... ${COLOR_MAGENTA}${SM_AWS_ACCESS_KEY_ID:0:4}" + echo_reset_dim "Access Key ..................... ${COLOR_MAGENTA}${SM_AWS_SECRET_ACCESS_KEY:0:4}" + echo_reset_dim "Secrets Path ................... ${COLOR_MAGENTA}${SECRETS_PATH}" + reset_colors + + echo "${TEXT_DIM}" + if [[ "$GITHUB_PUSH" == "true" ]]; then + echo_h4 "GitOps Target" " " + echo_reset_dim "Automatic Push ................. ${COLOR_GREEN}Enabled" + echo_reset_dim "Working Directory .............. ${COLOR_MAGENTA}${GITOPS_WORKING_DIR}" + echo_reset_dim "Host ........................... ${COLOR_MAGENTA}${GITHUB_HOST}" + echo_reset_dim "Organization ................... ${COLOR_MAGENTA}${GITHUB_ORG}" + echo_reset_dim "Repository ..................... ${COLOR_MAGENTA}${GITHUB_REPO}" + echo_reset_dim "Branch ......................... ${COLOR_MAGENTA}${GIT_BRANCH}" + echo_reset_dim "Lock Branch .................... ${COLOR_MAGENTA}${GIT_LOCK_BRANCH}" + else + echo_h4 "GitOps Target" " " + echo_reset_dim "Automatic Push ................. ${COLOR_RED}Disabled" + echo_reset_dim "Working Directory .............. ${COLOR_MAGENTA}${GITOPS_WORKING_DIR}" + fi + reset_colors + echo + + + # Generate the correct name for the config + export MAS_CONFIG_NAME="${MAS_INSTANCE_ID}-${MAS_CONFIG_TYPE}-${MAS_CONFIG_SCOPE}" + if [[ "$MAS_CONFIG_SCOPE" =~ ^(ws|wsapp)$ ]]; then + MAS_CONFIG_NAME="${MAS_CONFIG_NAME}-${MAS_WORKSPACE_ID}" + fi + if [[ "$MAS_CONFIG_SCOPE" =~ ^(app|wsapp)$ ]]; then + MAS_CONFIG_NAME="${MAS_CONFIG_NAME}-${MAS_APP_ID}" + fi + + + echo "${TEXT_DIM}" + echo_h4 "Configuration change to apply" " " + echo_reset_dim "Config Action .......................... ${COLOR_MAGENTA}${CONFIG_ACTION}" + echo_reset_dim "Config Type ............................ ${COLOR_MAGENTA}${MAS_CONFIG_TYPE}" + echo_reset_dim "Config Name ............................ ${COLOR_MAGENTA}${MAS_CONFIG_NAME}" + echo_reset_dim "Use PostDelete Hooks? ................... ${COLOR_MAGENTA}${USE_POSTDELETE_HOOKS}" + reset_colors + + # Set a default commit message now we know the config name + export GIT_COMMIT_MSG=${GIT_COMMIT_MSG:="gitops-mas-config commit (${CONFIG_ACTION} ${MAS_CONFIG_NAME})"} + + # Echo provided values for config type iff this is an upsert + + if [ "${CONFIG_ACTION}" == "upsert" ]; then + + if [ "${MAS_CONFIG_TYPE}" == "mongo" ]; then + echo "${TEXT_DIM}" + echo_reset_dim "Mongo Provider ................ ${COLOR_MAGENTA}${MONGODB_PROVIDER}" + reset_colors + fi + + + if [ "${MAS_CONFIG_TYPE}" == "bas" ]; then + echo "${TEXT_DIM}" + echo_reset_dim "DRO Contact Email ............. ${COLOR_MAGENTA}${DRO_CONTACT_EMAIL}" + echo_reset_dim "DRO Contact First Name ........ ${COLOR_MAGENTA}${DRO_CONTACT_FIRSTNAME}" + echo_reset_dim "DRO Contact Last Name ......... ${COLOR_MAGENTA}${DRO_CONTACT_LASTNAME}" + echo_reset_dim "DRO Certificate File .......... ${COLOR_MAGENTA}${DRO_CA_CERTIFICATE_FILE}" + reset_colors + fi + + if [ "${MAS_CONFIG_TYPE}" == "sls" ]; then + echo "${TEXT_DIM}" + echo_reset_dim "SLS URL ....................... ${COLOR_MAGENTA}https://sls.mas-${MAS_INSTANCE_ID}-sls.svc" + reset_colors + fi + + if [ "${MAS_CONFIG_TYPE}" == "kafka" ]; then + echo "${TEXT_DIM}" + # No specific parameters required for Kafka at present; they are all fetched from SM + reset_colors + fi + + if [ "${MAS_CONFIG_TYPE}" == "ldap-default" ]; then + echo "${TEXT_DIM}" + echo_reset_dim "IdpCfg Display Name ............................ ${COLOR_MAGENTA}${IDPCFG_DISPLAY_NAME}" + echo_reset_dim "LDAP Server URL ................................ ${COLOR_MAGENTA}${LDAP_URL}" + echo_reset_dim "LDAP Server baseDN ............................. ${COLOR_MAGENTA}${LDAP_BASEDN}" + echo_reset_dim "LDAP UserId Map ................................ ${COLOR_MAGENTA}${LDAP_USERID_MAP}" + echo_reset_dim "Path to LDAP Cert File ........................ ${COLOR_MAGENTA}${LDAP_CERTIFICATE_FILE}" + echo_reset_dim "ldap Server Bind DN ............................ ${COLOR_MAGENTA}${LDAP_BIND_DN}" + echo_reset_dim "ldap Server Bind Password ...................... ${COLOR_MAGENTA}${LDAP_BIND_PASSWORD:0:4}" + reset_colors + fi + + if [ "${MAS_CONFIG_TYPE}" == "objectstorage" ]; then + echo "${TEXT_DIM}" + echo_reset_dim "Config Directory ...................... ${COLOR_MAGENTA}${GITOPS_CONFIG_DIR}" + reset_colors + fi + + if [ "${MAS_CONFIG_TYPE}" == "jdbc" ]; then + echo "${TEXT_DIM}" + echo_reset_dim "DB2_INSTANCE_NAME ....................... ${COLOR_MAGENTA}${DB2_INSTANCE_NAME}" + echo_reset_dim "DB2_NAMESPACE ........................... ${COLOR_MAGENTA}$DB2_NAMESPACE" + echo_reset_dim "DB2_DBNAME ............................. ${COLOR_MAGENTA}${DB2_DBNAME}" + echo_reset_dim "TLS_VERSION ............................. ${COLOR_MAGENTA}${TLS_VERSION}" + echo_reset_dim "DB2_LDAP_USERNAME ....................... ${COLOR_MAGENTA}${DB2_LDAP_USERNAME}" + echo_reset_dim "DB2_LDAP_PASSWORD ....................... ${COLOR_MAGENTA}${DB2_LDAP_PASSWORD:0:4}" + reset_colors + fi + + if [ "${MAS_CONFIG_TYPE}" == "smtp" ]; then + echo "${TEXT_DIM}" + echo_reset_dim "SmtpCfg Display Name ........................... ${COLOR_MAGENTA}${SMTP_DISPLAY_NAME}" + echo_reset_dim "Smtp Server Host ............................... ${COLOR_MAGENTA}${SMTP_HOST}" + echo_reset_dim "Smtp Server Port ............................... ${COLOR_MAGENTA}${SMTP_PORT}" + echo_reset_dim "Smtp Security Protocol ......................... ${COLOR_MAGENTA}${SMTP_SECURITY}" + echo_reset_dim "Smtp Authentication ............................ ${COLOR_MAGENTA}${SMTP_AUTHENTICATION}" + echo_reset_dim "Smtp Default Sender Email ...................... ${COLOR_MAGENTA}${SMTP_DEFAULT_SENDER_EMAIL}" + echo_reset_dim "Smtp Default Sender Name ....................... ${COLOR_MAGENTA}${SMTP_DEFAULT_SENDER_NAME}" + echo_reset_dim "Smtp Default Recipient Email ................... ${COLOR_MAGENTA}${SMTP_DEFAULT_RECIPIENT_EMAIL}" + echo_reset_dim "Smtp Should Email Passwords .................... ${COLOR_MAGENTA}${SMTP_DEFAULT_SHOULD_EMAIL_PASSWORDS}" + echo_reset_dim "Smtp Server Username ........................... ${COLOR_MAGENTA}${SMTP_USERNAME}" + echo_reset_dim "Smtp Server Password ........................... ${COLOR_MAGENTA}${SMTP_PASSWORD:0:4}" + reset_colors + fi + + fi + + + # Clone github target repo + # --------------------------------------------------------------------------- + echo + echo_h2 "Cloning GitHub repo $GITHUB_ORG $GITHUB_REPO" + + if [ "$GITHUB_PUSH" == "true" ]; then + # only create the lock branch if we plan to actually push changes to git + clone_and_lock_target_git_repo "${GITHUB_HOST}" "${GITHUB_ORG}" "${GITHUB_REPO}" "${GIT_BRANCH}" "${GITOPS_WORKING_DIR}" "${GIT_SSH}" "${GIT_LOCK_BRANCH}" + else + # even though we don't want to push anything to git, + # because this script modifies the existing suite-configs.yaml file, we still need to checkout the repo + clone_target_git_repo $GITHUB_HOST $GITHUB_ORG $GITHUB_REPO $GIT_BRANCH $GITOPS_WORKING_DIR $GIT_SSH + fi + mkdir -p ${GITOPS_INSTANCE_DIR} + + + if [ "${CONFIG_ACTION}" == "upsert" ]; then + echo + echo_h2 "Fetching/Updating secrets specific to ${MAS_CONFIG_TYPE}" + + + # Define/lookup secrets that may be used depending on which config we are upserting + # --------------------------------------------------------------------------- + + # Certain configurations require additional parameters to be passed in when + # rendering the configuration template file (e.g. Mongo) + # Put these parameters into this YAML file. + export ADDITIONAL_JINJA_PARAMS_FILE="$TEMP_DIR/additional-jinja-params.yaml" + echo "{}" > $ADDITIONAL_JINJA_PARAMS_FILE + + # Source: gitops_suite_config + # --------------------------------------------------------------------------- + if [ "${MAS_CONFIG_TYPE}" == "mongo" ]; then + export SECRET_KEY_MONGO_INFO=${ACCOUNT_ID}${SECRETS_KEY_SEPERATOR}${CLUSTER_ID}${SECRETS_KEY_SEPERATOR}mongo#info + export MONGO_SECRET_FILE=$TEMP_DIR/mongo-secret.json + sm_login + if [ $MONGODB_PROVIDER == 'yaml' ]; then + sm_get_secret_file ${ACCOUNT_ID}${SECRETS_KEY_SEPERATOR}${CLUSTER_ID}${SECRETS_KEY_SEPERATOR}mongo $MONGO_SECRET_FILE + elif [ $MONGODB_PROVIDER == 'aws' ]; then + sm_get_secret_file ${ACCOUNT_ID}${SECRETS_KEY_SEPERATOR}${CLUSTER_ID}${SECRETS_KEY_SEPERATOR}${MAS_INSTANCE_ID}${SECRETS_KEY_SEPERATOR}mongo $MONGO_SECRET_FILE + fi + + jq -r .info $MONGO_SECRET_FILE > $ADDITIONAL_JINJA_PARAMS_FILE + + export SECRET_NAME_MONGO=${ACCOUNT_ID}${SECRETS_KEY_SEPERATOR}${CLUSTER_ID}${SECRETS_KEY_SEPERATOR}${MAS_INSTANCE_ID}${SECRETS_KEY_SEPERATOR}mongo + export SECRET_KEY_MONGO_USERNAME=${SECRET_NAME_MONGO}#username + export SECRET_KEY_MONGO_PASSWORD=${SECRET_NAME_MONGO}#password + fi + + + if [ "${MAS_CONFIG_TYPE}" == "bas" ]; then + export SECRET_KEY_DRO_API_TOKEN=${ACCOUNT_ID}${SECRETS_KEY_SEPERATOR}${CLUSTER_ID}${SECRETS_KEY_SEPERATOR}dro#dro_api_token + export SECRET_KEY_DRO_URL=${ACCOUNT_ID}${SECRETS_KEY_SEPERATOR}${CLUSTER_ID}${SECRETS_KEY_SEPERATOR}dro#dro_url + export DRO_CA_CERTIFICATE=$(cat ${DRO_CA_CERTIFICATE_FILE}) + fi + + if [ "${MAS_CONFIG_TYPE}" == "sls" ]; then + export SECRET_NAME_SLS=${ACCOUNT_ID}${SECRETS_KEY_SEPERATOR}${CLUSTER_ID}${SECRETS_KEY_SEPERATOR}${MAS_INSTANCE_ID}${SECRETS_KEY_SEPERATOR}sls + export SECRET_KEY_SLS_REGISTRATION_KEY=${SECRET_NAME_SLS}#registration_key + export SECRET_KEY_SLS_CA_B64=${SECRET_NAME_SLS}#ca_b64 + fi + + # Source: gitops_kafka_config + # --------------------------------------------------------------------------- + if [ "${MAS_CONFIG_TYPE}" == "kafka" ]; then + if [[ "$AVP_TYPE" == "aws" ]]; then + # kafka + export SECRET_PREFIX="AmazonMSK_" + fi + export KAFKA_SECRET_FILE=$TEMP_DIR/kafka-secret.json + sm_login + sm_get_secret_file ${SECRET_PREFIX}${ACCOUNT_ID}${SECRETS_KEY_SEPERATOR}${CLUSTER_ID}${SECRETS_KEY_SEPERATOR}${MAS_INSTANCE_ID}${SECRETS_KEY_SEPERATOR}kafka $KAFKA_SECRET_FILE + jq -r .info $KAFKA_SECRET_FILE > $ADDITIONAL_JINJA_PARAMS_FILE + export AWS_MSK_SECRET=${SECRET_PREFIX}${ACCOUNT_ID}${SECRETS_KEY_SEPERATOR}${CLUSTER_ID}${SECRETS_KEY_SEPERATOR}${MAS_INSTANCE_ID}${SECRETS_KEY_SEPERATOR}kafka + export SECRET_KEY_KAFKA_USERNAME=${AWS_MSK_SECRET}#username + export SECRET_KEY_KAFKA_PASSWORD=${AWS_MSK_SECRET}#password + fi + + # Source: gitops_suite_idp_config + # --------------------------------------------------------------------------- + if [ "${MAS_CONFIG_TYPE}" == "ldap-default" ]; then + sm_login + SECRET_NAME_LDAP=${SECRET_PREFIX}${ACCOUNT_ID}${SECRETS_KEY_SEPERATOR}${CLUSTER_ID}${SECRETS_KEY_SEPERATOR}${MAS_INSTANCE_ID}${SECRETS_KEY_SEPERATOR}ldap + sm_update_secret $SECRET_NAME_LDAP "{\"bindDN\": \"$LDAP_BIND_DN\", \"bindPassword\": \"$LDAP_BIND_PASSWORD\"}" + export SECRET_KEY_LDAP_BIND_DN=${SECRET_NAME_LDAP}#bindDN + export SECRET_KEY_LDAP_BIND_PASSWORD=${SECRET_NAME_LDAP}#bindPassword + export LDAP_CERTIFICATE_CONTENT=$(<$LDAP_CERTIFICATE_FILE) + fi + + # Source: gitops_suite_objectstorage_config + # --------------------------------------------------------------------------- + if [ "${MAS_CONFIG_TYPE}" == "objectstorage" ]; then + export COS_CONFIG=$GITOPS_CONFIG_DIR/$MAS_INSTANCE_ID-cos/cos-ibm-system.yml + /usr/bin/yq '.[1].spec' $COS_CONFIG > $ADDITIONAL_JINJA_PARAMS_FILE + rc=$? + [ $rc -ne 0 ] && exit $rc + /usr/bin/yq -i 'del(.config.credentials)' $ADDITIONAL_JINJA_PARAMS_FILE + /usr/bin/yq -i 'del(.displayName)' $ADDITIONAL_JINJA_PARAMS_FILE + export OBJECTSTORAGE_SECRET=${ACCOUNT_ID}${SECRETS_KEY_SEPERATOR}${CLUSTER_ID}${SECRETS_KEY_SEPERATOR}${MAS_INSTANCE_ID}${SECRETS_KEY_SEPERATOR}cos + export SECRET_KEY_OBJECTSTORAGE_USERNAME=${OBJECTSTORAGE_SECRET}#username + export SECRET_KEY_OBJECTSTORAGE_PASSWORD=${OBJECTSTORAGE_SECRET}#password + fi + + + # Source: gitops_db2u_jdbc_config + # --------------------------------------------------------------------------- + if [ "${MAS_CONFIG_TYPE}" == "jdbc" ]; then + sm_login + + # Create a secret in SM containing the username/password for this specific DB2 database instance. + # A presync hook on the jdbccfg chart will take care of ensuring the user added to the database's LDAP registry + export DB2_CREDENTIALS_SECRET_ID=${ACCOUNT_ID}${SECRETS_KEY_SEPERATOR}${CLUSTER_ID}${SECRETS_KEY_SEPERATOR}${MAS_INSTANCE_ID}${SECRETS_KEY_SEPERATOR}db2${SECRETS_KEY_SEPERATOR}${DB2_INSTANCE_NAME}${SECRETS_KEY_SEPERATOR}credentials + echo_reset_dim "DB2_CREDENTIALS_SECRET_ID ......................... ${COLOR_MAGENTA}$DB2_CREDENTIALS_SECRET_ID" + sm_update_secret $DB2_CREDENTIALS_SECRET_ID "{ \"username\": \"$DB2_LDAP_USERNAME\", \"password\": \"$DB2_LDAP_PASSWORD\"}" + export SECRET_KEY_DB2_USERNAME=${DB2_CREDENTIALS_SECRET_ID}#username + export SECRET_KEY_DB2_PASSWORD=${DB2_CREDENTIALS_SECRET_ID}#password + + # This secret is created by a PostSync Job in the ibm-db2u-database chart + export DB2_CONFIG_SECRET_ID=${ACCOUNT_ID}${SECRETS_KEY_SEPERATOR}${CLUSTER_ID}${SECRETS_KEY_SEPERATOR}${MAS_INSTANCE_ID}${SECRETS_KEY_SEPERATOR}db2${SECRETS_KEY_SEPERATOR}${DB2_INSTANCE_NAME}${SECRETS_KEY_SEPERATOR}config + export SECRET_KEY_DB2_CA_PEM=${DB2_CONFIG_SECRET_ID}#ca_b64 + export SECRET_KEY_DB2_TLS_SERVICEPORT=${DB2_CONFIG_SECRET_ID}#tls_serviceport + + fi + + + + # Source: gitops_suite_smtp_config + # --------------------------------------------------------------------------- + if [ "${MAS_CONFIG_TYPE}" == "smtp" ]; then + sm_login + SECRET_NAME_SMTP=${SECRET_PREFIX}${ACCOUNT_ID}${SECRETS_KEY_SEPERATOR}${CLUSTER_ID}${SECRETS_KEY_SEPERATOR}${MAS_INSTANCE_ID}${SECRETS_KEY_SEPERATOR}smtp + sm_update_secret $SECRET_NAME_SMTP "{\"username\": \"$SMTP_USERNAME\", \"password\": \"$SMTP_PASSWORD\"}" + export SECRET_KEY_SMTP_USERNAME=${SECRET_NAME_SMTP}#username + export SECRET_KEY_SMTP_PASSWORD=${SECRET_NAME_SMTP}#password + fi + + + echo + echo_h2 "Generated params file to pass to Jinja2 ($ADDITIONAL_JINJA_PARAMS_FILE)" + cat $ADDITIONAL_JINJA_PARAMS_FILE + + echo + echo_h2 "Updating configuration file" + + # If the file doesn't exist, create a blank one + if ! [ -f ${CONFIGS_FILE} ]; then + jinja -X .+ $CLI_DIR/templates/gitops/appset-configs/cluster/instance/configs/ibm-mas-config-common.yaml.j2 > $CONFIGS_FILE + fi + + # Remove any existing config with this name + /usr/bin/yq 'del(.ibm_mas_suite_configs[] | select(.mas_config_name == "'${MAS_CONFIG_NAME}'"))' $CONFIGS_FILE > $TEMP_DIR/configs.yaml + + # Render the appropriate template for the config into a new file + jinja -X .+ -d $ADDITIONAL_JINJA_PARAMS_FILE $CLI_DIR/templates/gitops/appset-configs/cluster/instance/configs/ibm-mas-${MAS_CONFIG_TYPE}-config.yaml.j2 | /usr/bin/yq '{"ibm_mas_suite_configs": [] + .}' > ${TEMP_DIR}/newconfig.yaml + + # Merge the two files + /usr/bin/yq eval-all '. as $item ireduce ({}; . *+ $item)' $TEMP_DIR/configs.yaml ${TEMP_DIR}/newconfig.yaml > $CONFIGS_FILE + + fi # [ "${CONFIG_ACTION}" == "upsert" ] + + + + if [ "${CONFIG_ACTION}" == "remove" ]; then + + echo + echo_h2 "Deleting secrets specific to ${MAS_CONFIG_TYPE}" + # Delete any secrets that were created by the "upsert" action for this MAS_CONFIG_TYPE + # NOTE: this does not include any secrets that were created by post-sync hooks (e.g. sls). + # these will now be handled by PostDelete hooks on the corresponding charts + + if [ "${MAS_CONFIG_TYPE}" == "ldap-default" ]; then + sm_login + SECRET_NAME_LDAP=${SECRET_PREFIX}${ACCOUNT_ID}${SECRETS_KEY_SEPERATOR}${CLUSTER_ID}${SECRETS_KEY_SEPERATOR}${MAS_INSTANCE_ID}${SECRETS_KEY_SEPERATOR}ldap + sm_delete_secret $SECRET_NAME_LDAP + fi + + if [ "${MAS_CONFIG_TYPE}" == "jdbc" ]; then + sm_login + export DB2_CREDENTIALS_SECRET_ID=${ACCOUNT_ID}${SECRETS_KEY_SEPERATOR}${CLUSTER_ID}${SECRETS_KEY_SEPERATOR}${MAS_INSTANCE_ID}${SECRETS_KEY_SEPERATOR}db2${SECRETS_KEY_SEPERATOR}${DB2_INSTANCE_NAME}${SECRETS_KEY_SEPERATOR}credentials + sm_delete_secret $DB2_CREDENTIALS_SECRET_ID + fi + + if [ "${MAS_CONFIG_TYPE}" == "smtp" ]; then + sm_login + SECRET_NAME_SMTP=${SECRET_PREFIX}${ACCOUNT_ID}${SECRETS_KEY_SEPERATOR}${CLUSTER_ID}${SECRETS_KEY_SEPERATOR}${MAS_INSTANCE_ID}${SECRETS_KEY_SEPERATOR}smtp + sm_delete_secret $SECRET_NAME_SMTP + fi + + # If the file doesn't exist, nothing to remove, so no-op + if [ -f ${CONFIGS_FILE} ]; then + /usr/bin/yq 'del(.ibm_mas_suite_configs[] | select(.mas_config_name == "'${MAS_CONFIG_NAME}'"))' $CONFIGS_FILE > ${TEMP_DIR}/configs.yaml + cp ${TEMP_DIR}/configs.yaml ${CONFIGS_FILE} + + # If the file is there, but the configs are empty, delete the file + CONFIGS_COUNT=$(/usr/bin/yq '.ibm_mas_suite_configs | length' $CONFIGS_FILE) + if [ "${CONFIGS_COUNT}" == "0" ]; then + rm $CONFIGS_FILE + fi + fi + + + + fi + + echo_h2 "Updated configuration file (${CONFIGS_FILE})" + if [ -f ${CONFIGS_FILE} ]; then + cat $CONFIGS_FILE + else + echo "" + fi + + # Commit and push to github target repo + # --------------------------------------------------------------------------- + if [ "$GITHUB_PUSH" == "true" ]; then + echo + echo_h2 "Commit and push changes to GitHub repo $GITHUB_ORG $GITHUB_REPO" + save_and_unlock_target_git_repo "${GITHUB_REPO}" "${GIT_BRANCH}" "${GITOPS_WORKING_DIR}" "${GIT_COMMIT_MSG}" "${GIT_LOCK_BRANCH}" + else + remove_git_repo_clone $GITOPS_WORKING_DIR/$GITHUB_REPO + fi + +} diff --git a/image/cli/mascli/functions/gitops_suite_certs b/image/cli/mascli/functions/gitops_suite_certs index 59b8e7d3c7..437c956c92 100644 --- a/image/cli/mascli/functions/gitops_suite_certs +++ b/image/cli/mascli/functions/gitops_suite_certs @@ -117,9 +117,9 @@ function gitops_suite_certs_noninteractive() { fi fi - [[ -z "$CLUSTER_ID" ]] && gitops_kafka_config_help "CLUSTER_ID is not set" - [[ -z "$ACCOUNT_ID" ]] && gitops_kafka_config_help "ACCOUNT_ID is not set" - [[ -z "$MAS_INSTANCE_ID" ]] && gitops_kafka_help "MAS_INSTANCE_ID is not set" + [[ -z "$CLUSTER_ID" ]] && gitops_suite_certs_help "CLUSTER_ID is not set" + [[ -z "$ACCOUNT_ID" ]] && gitops_suite_certs_help "ACCOUNT_ID is not set" + [[ -z "$MAS_INSTANCE_ID" ]] && gitops_suite_certs_help "MAS_INSTANCE_ID is not set" } diff --git a/image/cli/mascli/functions/gitops_suite_config b/image/cli/mascli/functions/gitops_suite_config deleted file mode 100644 index e21fde5ded..0000000000 --- a/image/cli/mascli/functions/gitops_suite_config +++ /dev/null @@ -1,357 +0,0 @@ -#!/usr/bin/env bash - -function gitops_suite_config_help() { - [[ -n "$1" ]] && echo_warning "$1" - reset_colors - cat << EOM -Usage: - mas gitops_suite_config [options] -Where ${COLOR_YELLOW}specified${TEXT_RESET} each option may also be defined by setting the appropriate environment variable. -When no options are specified on the command line, interactive-mode will be enabled by default. - -Options: - -GitOps Configuration: - -d, --dir ${COLOR_YELLOW}GITOPS_WORKING_DIR${TEXT_RESET} Working directory for GitOps repository - -a, --account-id ${COLOR_YELLOW}ACCOUNT_ID${TEXT_RESET} Account name that the cluster belongs to - -c, --cluster-id ${COLOR_YELLOW}CLUSTER_ID${TEXT_RESET} Cluster ID - -m, --mas-instance-id ${COLOR_YELLOW}MAS_INSTANCE_ID${TEXT_RESET} IBM Suite Maximo Application Suite Instance ID - -A, --argocd-check ${COLOR_YELLOW}ARGOCD_CHECK${TEXT_RESET} ArgoCD check flag, when set to true will make ArgoCD calls - -AWS Secrets Manager Configuration (Required): - --sm-aws-secret-region ${COLOR_YELLOW}SM_AWS_REGION${TEXT_RESET} Region of the AWS Secrets Manager to use - --sm-aws-access-key ${COLOR_YELLOW}SM_AWS_ACCESS_KEY_ID${TEXT_RESET} Your AWS Access Key ID - --sm-aws-secret-key ${COLOR_YELLOW}SM_AWS_SECRET_ACCESS_KEY${TEXT_RESET} Your AWS Secret Key - --secrets-path ${COLOR_YELLOW}SECRETS_PATH${TEXT_RESET} Secrets Manager path - -MongoDb Provider Selection: - --mongo-provider ${COLOR_YELLOW}MONGODB_PROVIDER${TEXT_RESET} The mongodb provider to install. Only "aws" is supported - -DRO Configuration: - --dro-contact-email ${COLOR_YELLOW}DRO_CONTACT_EMAIL${TEXT_RESET} The email address to register with DRO - --dro-contact-firstname ${COLOR_YELLOW}DRO_CONTACT_FIRSTNAME${TEXT_RESET} The first name to register with DRO - --dro-contact-lastname ${COLOR_YELLOW}DRO_CONTACT_LASTNAME${TEXT_RESET} The last name to register with DRO - --dro-ca-certificate-file ${COLOR_YELLOW}DRO_CA_CERTIFICATE_FILE${TEXT_RESET} The location of a file containing the DRO CA certificate - -Automatic GitHub Push: - -P, --github-push ${COLOR_YELLOW}GITHUB_PUSH${TEXT_RESET} Enable automatic push to GitHub - -H, --github-host ${COLOR_YELLOW}GITHUB_HOST${TEXT_RESET} GitHub Hostname for your GitOps repository - -O, --github-org ${COLOR_YELLOW}GITHUB_ORG${TEXT_RESET} Github org for your GitOps repository - -R, --github-repo ${COLOR_YELLOW}GITHUB_REPO${TEXT_RESET} Github repo for your GitOps repository - -S, --github-ssh ${COLOR_YELLOW}GIT_SSH${TEXT_RESET} Git ssh key path - -B, --git-branch ${COLOR_YELLOW}GIT_BRANCH${TEXT_RESET} Git branch to commit to of your GitOps repository - -M, --git-commit-msg ${COLOR_YELLOW}GIT_COMMIT_MSG${TEXT_RESET} Git commit message to use when committing to of your GitOps repository - -Other Commands: - -h, --help Show this help message -EOM - [[ -n "$1" ]] && exit 1 || exit 0 -} - -function gitops_suite_config_noninteractive() { - # Set defaults - GITOPS_WORKING_DIR=$PWD/working-dir - SECRETS_KEY_SEPERATOR="/" - - GIT_COMMIT_MSG="gitops-suite-config commit" - - export MONGODB_PROVIDER=${MONGODB_PROVIDER:-"yaml"} - export ARGOCD_CHECK=${ARGOCD_CHECK:-"true"} - - while [[ $# -gt 0 ]] - do - key="$1" - shift - case $key in - -d|--dir) - export GITOPS_WORKING_DIR=$1 && shift - ;; - -a|--account-id) - export ACCOUNT_ID=$1 && shift - ;; - -c|--cluster-id) - export CLUSTER_ID=$1 && shift - ;; - -m|--mas-instance-id) - export MAS_INSTANCE_ID=$1 && shift - ;; - -A|--argocd-check) - export ARGOCD_CHECK=$1 && shift - ;; - - # MongoDb Provider Selection - --mongo-provider) - export MONGODB_PROVIDER=$1 && shift - ;; - - # DRO - --dro-contact-email) - export DRO_CONTACT_EMAIL=$1 && shift - ;; - --dro-contact-firstname) - export DRO_CONTACT_FIRSTNAME=$1 && shift - ;; - --dro-contact-lastname) - export DRO_CONTACT_LASTNAME=$1 && shift - ;; - --dro-ca-certificate-file) - export DRO_CA_CERTIFICATE_FILE=$1 && shift - ;; - - # AWS Secrets Manager Configuration - --sm-aws-secret-region) - export SM_AWS_REGION=$1 - export REGION_ID=$1 - shift - ;; - --sm-aws-access-key) - export SM_AWS_ACCESS_KEY_ID=$1 && shift - ;; - --sm-aws-secret-key) - export SM_AWS_SECRET_ACCESS_KEY=$1 && shift - ;; - --secrets-path) - export SECRETS_PATH=$1 && shift - ;; - - # Automatic GitHub Push - -P|--github-push) - export GITHUB_PUSH=true - ;; - -H|--github-host) - export GITHUB_HOST=$1 && shift - ;; - -O|--github-org) - export GITHUB_ORG=$1 && shift - ;; - -R|--github-repo) - export GITHUB_REPO=$1 && shift - ;; - -S|--github-ssh) - export GIT_SSH=$1 && shift - ;; - -B|--git-branch) - export GIT_BRANCH=$1 && shift - ;; - -M|--git-commit-msg) - export GIT_COMMIT_MSG=$1 && shift - ;; - - -h|--help) - gitops_suite_config_help - ;; - *) - # unknown option - gitops_suite_config_help "Usage Error: Unsupported option \"${key}\" " - ;; - esac - done - - [[ -z "$DRO_CONTACT_EMAIL" ]] && gitops_suite_config_help "DRO_CONTACT_EMAIL is not set" - [[ -z "$DRO_CONTACT_FIRSTNAME" ]] && gitops_suite_config_help "DRO_CONTACT_FIRSTNAME is not set" - [[ -z "$DRO_CONTACT_LASTNAME" ]] && gitops_suite_config_help "DRO_CONTACT_LASTNAME is not set" - [[ -z "$DRO_CA_CERTIFICATE_FILE" ]] && gitops_suite_config_help "DRO_CA_CERTIFICATE_FILE is not set" - - [[ -z "$GITOPS_WORKING_DIR" ]] && gitops_suite_config_help "GITOPS_WORKING_DIR is not set" - [[ -z "$ACCOUNT_ID" ]] && gitops_suite_config_help "ACCOUNT_ID is not set" - [[ -z "$REGION_ID" ]] && gitops_suite_config_help "REGION_ID is not set" - [[ -z "$CLUSTER_ID" ]] && gitops_suite_config_help "CLUSTER_ID is not set" - [[ -z "$MAS_INSTANCE_ID" ]] && gitops_suite_config_help "MAS_INSTANCE_ID is not set" - - [[ -z "$MONGODB_PROVIDER" ]] && gitops_suite_config_help "MONGODB_PROVIDER is not set" - - if [[ "$GITHUB_PUSH" == "true" ]]; then - [[ -z "$GITHUB_HOST" ]] && gitops_suite_config_help "GITHUB_HOST is not set" - [[ -z "$GITHUB_ORG" ]] && gitops_suite_config_help "GITHUB_ORG is not set" - [[ -z "$GITHUB_REPO" ]] && gitops_suite_config_help "GITHUB_REPO is not set" - [[ -z "$GIT_BRANCH" ]] && gitops_suite_config_help "GIT_BRANCH is not set" - fi -} - -function gitops_suite_config() { - # Take the first parameter off (it will be create-gitops) - shift - if [[ $# -gt 0 ]]; then - gitops_suite_config_noninteractive "$@" - else - echo "Not supported yet" - exit 1 - gitops_suite_config_interactive - fi - - mkdir -p ${GITOPS_WORKING_DIR} - GITOPS_INSTANCE_DIR=${GITOPS_WORKING_DIR}/${GITHUB_REPO}/${ACCOUNT_ID}/${REGION_ID}/${CLUSTER_ID}/${MAS_INSTANCE_ID}/configs - - echo - reset_colors - echo_h2 "Review Settings" - - echo "${TEXT_DIM}" - echo_h4 "Target" " " - echo_reset_dim "Account ID...................... ${COLOR_MAGENTA}${ACCOUNT_ID}" - echo_reset_dim "Region ID....................... ${COLOR_MAGENTA}${REGION_ID}" - echo_reset_dim "Cluster ID ..................... ${COLOR_MAGENTA}${CLUSTER_ID}" - echo_reset_dim "MAS Instance ID ................ ${COLOR_MAGENTA}${CLUSTER_ID}" - echo_reset_dim "System Config Directory ........ ${COLOR_MAGENTA}${GITOPS_INSTANCE_DIR}" - echo_reset_dim "ArgoCD Check ................... ${COLOR_MAGENTA}${ARGOCD_CHECK}" - reset_colors - - echo "${TEXT_DIM}" - echo_h4 "AWS Secrets Manager" " " - echo_reset_dim "Region ......................... ${COLOR_MAGENTA}${SM_AWS_REGION}" - echo_reset_dim "Secret Key ..................... ${COLOR_MAGENTA}${SM_AWS_ACCESS_KEY_ID:0:4}" - echo_reset_dim "Access Key ..................... ${COLOR_MAGENTA}${SM_AWS_SECRET_ACCESS_KEY:0:4}" - echo_reset_dim "Secrets Path ................... ${COLOR_MAGENTA}${SECRETS_PATH}" - reset_colors - - echo "${TEXT_DIM}" - echo_h4 "Mongo" " " - echo_reset_dim "Mongo Provider ................ ${COLOR_MAGENTA}${MONGODB_PROVIDER}" - reset_colors - - echo "${TEXT_DIM}" - echo_h4 "DRO" " " - echo_reset_dim "DRO Contact Email ............. ${COLOR_MAGENTA}${DRO_CONTACT_EMAIL}" - echo_reset_dim "DRO Contact First Name ........ ${COLOR_MAGENTA}${DRO_CONTACT_FIRSTNAME}" - echo_reset_dim "DRO Contact Last Name ......... ${COLOR_MAGENTA}${DRO_CONTACT_LASTNAME}" - echo_reset_dim "DRO Certificate File .......... ${COLOR_MAGENTA}${DRO_CA_CERTIFICATE_FILE}" - reset_colors - - echo "${TEXT_DIM}" - echo_h4 "IBM Suite License Service" " " - echo_reset_dim "SLS URL ....................... ${COLOR_MAGENTA}https://sls.mas-${MAS_INSTANCE_ID}-sls.svc" - reset_colors - - echo "${TEXT_DIM}" - if [[ "$GITHUB_PUSH" == "true" ]]; then - echo_h4 "GitOps Target" " " - echo_reset_dim "Automatic Push ................. ${COLOR_GREEN}Enabled" - echo_reset_dim "Working Directory .............. ${COLOR_MAGENTA}${GITOPS_WORKING_DIR}" - echo_reset_dim "Host ........................... ${COLOR_MAGENTA}${GITHUB_HOST}" - echo_reset_dim "Organization ................... ${COLOR_MAGENTA}${GITHUB_ORG}" - echo_reset_dim "Repository ..................... ${COLOR_MAGENTA}${GITHUB_REPO}" - echo_reset_dim "Branch ......................... ${COLOR_MAGENTA}${GIT_BRANCH}" - else - echo_h4 "GitOps Target" " " - echo_reset_dim "Automatic Push ................. ${COLOR_RED}Disabled" - echo_reset_dim "Working Directory .............. ${COLOR_MAGENTA}${GITOPS_WORKING_DIR}" - fi - reset_colors - echo - - # Define cluster-level secrets used - # --------------------------------------------------------------------------- - # Note that these cluster-level secrets are set up by gitops-mongo - export SECRET_KEY_MONGO_INFO=${ACCOUNT_ID}${SECRETS_KEY_SEPERATOR}${CLUSTER_ID}${SECRETS_KEY_SEPERATOR}mongo#info - export SECRET_KEY_DRO_API_TOKEN=${ACCOUNT_ID}${SECRETS_KEY_SEPERATOR}${CLUSTER_ID}${SECRETS_KEY_SEPERATOR}dro#dro_api_token - export SECRET_KEY_DRO_URL=${ACCOUNT_ID}${SECRETS_KEY_SEPERATOR}${CLUSTER_ID}${SECRETS_KEY_SEPERATOR}dro#dro_url - - export DRO_CA_CERTIFICATE=$(cat ${DRO_CA_CERTIFICATE_FILE}) - - # Get the cluster-level secrets used - # --------------------------------------------------------------------------- - CURRENT_DIR=$PWD - TEMP_DIR=$CURRENT_DIR/tmp-suite-config - rm -rf $TEMP_DIR - mkdir -p $TEMP_DIR - - export MONGO_SECRET_FILE=$TEMP_DIR/mongo-secret.json - export MONGO_CONFIG_FILE=$TEMP_DIR/mongo-info.yaml - - sm_login - - if [ $MONGODB_PROVIDER == 'yaml' ]; then - sm_get_secret_file ${ACCOUNT_ID}${SECRETS_KEY_SEPERATOR}${CLUSTER_ID}${SECRETS_KEY_SEPERATOR}mongo $MONGO_SECRET_FILE - elif [ $MONGODB_PROVIDER == 'aws' ]; then - sm_get_secret_file ${ACCOUNT_ID}${SECRETS_KEY_SEPERATOR}${CLUSTER_ID}${SECRETS_KEY_SEPERATOR}${MAS_INSTANCE_ID}${SECRETS_KEY_SEPERATOR}mongo $MONGO_SECRET_FILE - fi - - jq -r .info $MONGO_SECRET_FILE > $MONGO_CONFIG_FILE - - # Get the instance-level values to used - # --------------------------------------------------------------------------- - # The SLS registration key and ca.certs are now put into secrets manager by post-sync job on ibm-sls chart - export SECRET_NAME_MONGO=${ACCOUNT_ID}${SECRETS_KEY_SEPERATOR}${CLUSTER_ID}${SECRETS_KEY_SEPERATOR}${MAS_INSTANCE_ID}${SECRETS_KEY_SEPERATOR}mongo - export SECRET_KEY_MONGO_USERNAME=${SECRET_NAME_MONGO}#username - export SECRET_KEY_MONGO_PASSWORD=${SECRET_NAME_MONGO}#password - - export SECRET_NAME_SLS=${ACCOUNT_ID}${SECRETS_KEY_SEPERATOR}${CLUSTER_ID}${SECRETS_KEY_SEPERATOR}${MAS_INSTANCE_ID}${SECRETS_KEY_SEPERATOR}sls - export SECRET_KEY_SLS_REGISTRATION_KEY=${SECRET_NAME_SLS}#registration_key - export SECRET_KEY_SLS_CA_B64=${SECRET_NAME_SLS}#ca_b64 - - if [ -z $GIT_SSH ]; then - export GIT_SSH="false" - fi - - # Clone github target repo - # --------------------------------------------------------------------------- - if [ "$GITHUB_PUSH" == "true" ]; then - echo - echo_h2 "Cloning GitHub repo $GITHUB_ORG $GITHUB_REPO" - clone_target_git_repo $GITHUB_HOST $GITHUB_ORG $GITHUB_REPO $GIT_BRANCH $GITOPS_WORKING_DIR $GIT_SSH - fi - mkdir -p ${GITOPS_INSTANCE_DIR} - - export MAS_CONFIG_SCOPE="system" - - # Generate ArgoApps - # --------------------------------------------------------------------------- - # Per MAS instance - echo "- IBM MAS System Mongo Config" - jinja -X .+ -d $MONGO_CONFIG_FILE $CLI_DIR/templates/gitops/appset-configs/cluster/instance/configs/ibm-mas-mongo-config.yaml.j2 -o ${GITOPS_INSTANCE_DIR}/system.ibm-mas-mongo-config.yaml - - echo "- IBM MAS System BAS Config" - jinja -X .+ $CLI_DIR/templates/gitops/appset-configs/cluster/instance/configs/ibm-mas-bas-config.yaml.j2 -o ${GITOPS_INSTANCE_DIR}/system.ibm-mas-bas-config.yaml - - echo "- IBM MAS System SLS Config" - jinja -X .+ $CLI_DIR/templates/gitops/appset-configs/cluster/instance/configs/ibm-mas-sls-config.yaml.j2 -o ${GITOPS_INSTANCE_DIR}/system.ibm-mas-sls-config.yaml - - # Commit and push to github target repo - # --------------------------------------------------------------------------- - if [ "$GITHUB_PUSH" == "true" ]; then - echo - echo_h2 "Commit and push changes to GitHub repo $GITHUB_ORG $GITHUB_REPO" - save_to_target_git_repo $GITHUB_HOST $GITHUB_ORG $GITHUB_REPO $GIT_BRANCH $GITOPS_INSTANCE_DIR "${GIT_COMMIT_MSG}" - remove_git_repo_clone $GITOPS_WORKING_DIR/$GITHUB_REPO - - if [ "${ARGOCD_CHECK}" == "true" ]; then - CLUSTER_ROOT_APP="cluster.${ACCOUNT_ID}.${REGION_ID}.${CLUSTER_ID}" - INSTANCE_ROOT_APP="instance.${ACCOUNT_ID}.${REGION_ID}.${CLUSTER_ID}.${MAS_INSTANCE_ID}" - MONGO_CONFIG_APP="${MAS_INSTANCE_ID}-mongo-system.${ACCOUNT_ID}.${REGION_ID}.${CLUSTER_ID}.${MAS_INSTANCE_ID}" - BAS_CONFIG_APP="${MAS_INSTANCE_ID}-bas-system.${ACCOUNT_ID}.${REGION_ID}.${CLUSTER_ID}.${MAS_INSTANCE_ID}" - SLS_CONFIG_APP="${MAS_INSTANCE_ID}-sls-system.${ACCOUNT_ID}.${REGION_ID}.${CLUSTER_ID}.${MAS_INSTANCE_ID}" - SUITE_APP_NAME="suite.${ACCOUNT_ID}.${REGION_ID}.${CLUSTER_ID}.${MAS_INSTANCE_ID}" - SLS_APP_NAME="sls.${ACCOUNT_ID}.${REGION_ID}.${CLUSTER_ID}.${MAS_INSTANCE_ID}" - - argocd_login - argocd_sync "${INSTANCE_ROOT_APP}" # trigger the configs appset to pick up the new config files - check_argo_app_synced "${INSTANCE_ROOT_APP}" "${CLUSTER_ROOT_APP}" # wait for the instance root app to sync - - argocd_hard_refresh "${MONGO_CONFIG_APP}" - argocd_sync "${MONGO_CONFIG_APP}" - check_argo_app_synced "${MONGO_CONFIG_APP}" "${INSTANCE_ROOT_APP}" - check_argo_app_healthy "${MONGO_CONFIG_APP}" "${INSTANCE_ROOT_APP}" - - argocd_hard_refresh "${SLS_CONFIG_APP}" - argocd_sync "${SLS_CONFIG_APP}" - check_argo_app_synced "${SLS_CONFIG_APP}" "${INSTANCE_ROOT_APP}" - check_argo_app_healthy "${SLS_CONFIG_APP}" "${INSTANCE_ROOT_APP}" - - argocd_hard_refresh "${BAS_CONFIG_APP}" - argocd_sync "${BAS_CONFIG_APP}" - check_argo_app_synced "${BAS_CONFIG_APP}" "${INSTANCE_ROOT_APP}" - check_argo_app_healthy "${BAS_CONFIG_APP}" "${INSTANCE_ROOT_APP}" - - # Wait for SLS to sync and become healthy - check_argo_app_synced "${SLS_APP_NAME}" "${INSTANCE_ROOT_APP}" mas-${MAS_INSTANCE_ID}-sls - check_argo_app_healthy "${SLS_APP_NAME}" "${INSTANCE_ROOT_APP}" - - # Wait for Suite to become healthy - # health check of suite will be done in gitops_suite_config (suite will not be healthy until core configs are established) - check_argo_app_synced "${SUITE_APP_NAME}" "${INSTANCE_ROOT_APP}" mas-${MAS_INSTANCE_ID}-core - check_argo_app_healthy "${SUITE_APP_NAME}" "${INSTANCE_ROOT_APP}" - fi - - fi - -} diff --git a/image/cli/mascli/functions/gitops_suite_idp_config b/image/cli/mascli/functions/gitops_suite_idp_config deleted file mode 100644 index 6b5ef9cfb1..0000000000 --- a/image/cli/mascli/functions/gitops_suite_idp_config +++ /dev/null @@ -1,315 +0,0 @@ -#!/usr/bin/env bash - -function gitops_suite_idp_config_help() { - [[ -n "$1" ]] && echo_warning "$1" - reset_colors - cat << EOM -Usage: - mas gitops_suite_idp_config [options] -Where ${COLOR_YELLOW}specified${TEXT_RESET} each option may also be defined by setting the appropriate environment variable. -When no options are specified on the command line, interactive-mode will be enabled by default. - -Options: - -GitOps Configuration: - -d, --dir ${COLOR_YELLOW}GITOPS_WORKING_DIR${TEXT_RESET} Working directory for GitOps repository - -g, --gitops-version ${COLOR_YELLOW}GITOPS_VERSION${TEXT_RESET} Version of ibm-mas/gitops to use - -a, --account-id ${COLOR_YELLOW}ACCOUNT_ID${TEXT_RESET} Account name that the cluster belongs to - -c, --cluster-id ${COLOR_YELLOW}CLUSTER_ID${TEXT_RESET} Cluster ID - -m, --mas-instance-id ${COLOR_YELLOW}MAS_INSTANCE_ID${TEXT_RESET} IBM Suite Maximo Application Suite Instance ID - -A, --argocd-check ${COLOR_YELLOW}ARGOCD_CHECK${TEXT_RESET} ArgoCD check flag, when set to true will make ArgoCD calls - -Secrets Manager: - --secrets-path ${COLOR_YELLOW}SECRETS_PATH${TEXT_RESET} Secrets Manager path - --secrets-key-seperator ${COLOR_YELLOW}SECRETS_KEY_SEPERATOR${TEXT_RESET} Secrets Manager key seperator string - -MAS IDP/LDAP Options: - --idpcfg-display-name ${COLOR_YELLOW}IDPCFG_DISPLAY_NAME${TEXT_RESET} Display name for IDPCfg resource - --ldap-url ${COLOR_YELLOW}LDAP_URL${TEXT_RESET} Url of the LDAP server. In the form protocol://host:port - --ldap-basedn ${COLOR_YELLOW}LDAP_BASEDN${TEXT_RESET} The baseDN for the LDAP server - --ldap-userid-map ${COLOR_YELLOW}LDAP_USERID_MAP${TEXT_RESET} LDAP UserId map - --ldap-certificate-file ${COLOR_YELLOW}LDAP_CERTIFICATE_FILE${TEXT_RESET} Path to file containing CA Certificate for LDAP server - --ldap-bind-dn ${COLOR_YELLOW}LDAP_BIND_DN${TEXT_RESET} DN for LDAP server authentication - --ldap-bind-password ${COLOR_YELLOW}LDAP_BIND_PASSWORD${TEXT_RESET} Password for LDAP server authenticaiton - -Automatic GitHub Push: - -P, --github-push ${COLOR_YELLOW}GITHUB_PUSH${TEXT_RESET} Enable automatic push to GitHub - -H, --github-host ${COLOR_YELLOW}GITHUB_HOST${TEXT_RESET} GitHub Hostname for your GitOps repository - -O, --github-org ${COLOR_YELLOW}GITHUB_ORG${TEXT_RESET} Github org for your GitOps repository - -R, --github-repo ${COLOR_YELLOW}GITHUB_REPO${TEXT_RESET} Github repo for your GitOps repository - -B, --git-branch ${COLOR_YELLOW}GIT_BRANCH${TEXT_RESET} Git branch to commit to of your GitOps repository - -M, --git-commit-msg ${COLOR_YELLOW}GIT_COMMIT_MSG${TEXT_RESET} Git commit message to use when committing to of your GitOps repository - -S , --github-ssh ${COLOR_YELLOW}GIT_SSH${TEXT_RESET} Git ssh key path - -Other Commands: - -h, --help Show this help message -EOM - [[ -n "$1" ]] && exit 1 || exit 0 -} - -function gitops_suite_idp_config_noninteractive() { - GITOPS_WORKING_DIR=$PWD/working-dir - SECRETS_KEY_SEPERATOR="/" - GIT_COMMIT_MSG="gitops-mas-idp-config commit" - export GITOPS_VERSION=${GITOPS_VERSION:-poc} - export IDPCFG_DISPLAY_NAME=${IDPCFG_DISPLAY_NAME:="Suite IDPCfg"} - - # TODO: will need to add explicit args to pipeline when we start using this code to deploy to MCSP - export REGION=${REGION:-${SM_AWS_REGION}} - export ARGOCD_CHECK=${ARGOCD_CHECK:-"true"} - - while [[ $# -gt 0 ]] - do - key="$1" - shift - case $key in - -d|--dir) - export GITOPS_WORKING_DIR=$1 && shift - ;; - -g|--gitops-version) - export GITOPS_VERSION=$1 && shift - ;; - -a|--account-id) - export ACCOUNT_ID=$1 && shift - ;; - -c|--cluster-id) - export CLUSTER_ID=$1 && shift - ;; - -r|--region) - export REGION=$1 && shift - ;; - -m|--mas-instance-id) - export MAS_INSTANCE_ID=$1 && shift - ;; - -A|--argocd-check) - export ARGOCD_CHECK=$1 && shift - ;; - - # Secrets Manager - --secrets-path) - export SECRETS_PATH=$1 && shift - ;; - --secrets-key-seperator) - export SECRETS_KEY_SEPERATOR=$1 && shift - ;; - - # LDAP - --idpcfg-display-name) - export IDPCFG_DISPLAY_NAME=$1 && shift - ;; - --ldap-url) - export LDAP_URL=$1 && shift - ;; - --ldap-basedn) - export LDAP_BASEDN=$1 && shift - ;; - --ldap-userid-map) - export LDAP_USERID_MAP=$1 && shift - ;; - --ldap-certificate-file) - export LDAP_CERTIFICATE_FILE=$1 && shift - ;; - --ldap-bind-dn) - export LDAP_BIND_DN=$1 && shift - ;; - --ldap-bind-password) - export LDAP_BIND_PASSWORD=$1 && shift - ;; - - # Automatic GitHub Push - -P|--github-push) - export GITHUB_PUSH=true - ;; - -H|--github-host) - export GITHUB_HOST=$1 && shift - ;; - -O|--github-org) - export GITHUB_ORG=$1 && shift - ;; - -R|--github-repo) - export GITHUB_REPO=$1 && shift - ;; - -B|--git-branch) - export GIT_BRANCH=$1 && shift - ;; - -M|--git-commit-msg) - export GIT_COMMIT_MSG=$1 && shift - ;; - -S|--github-ssh) - export GIT_SSH=$1 && shift - ;; - - -h|--help) - gitops_suite_idp_config_help - ;; - *) - # unknown option - echo -e "${COLOR_RED}Usage Error: Unsupported option \"${key}\"${COLOR_RESET}\n" - gitops_suite_idp_config_help "Usage Error: Unsupported option \"${key}\" " - exit 1 - ;; - esac - done - - [[ -z "$GITOPS_WORKING_DIR" ]] && gitops_suite_idp_config_help "GITOPS_WORKING_DIR is not set" - [[ -z "$GITOPS_VERSION" ]] && gitops_suite_idp_config_help "GITOPS_VERSION is not set" - [[ -z "$CLUSTER_ID" ]] && gitops_suite_idp_config_help "CLUSTER_ID is not set" - [[ -z "$REGION" ]] && gitops_suite_idp_config_help "REGION is not set" - [[ -z "$ACCOUNT_ID" ]] && gitops_suite_idp_config_help "ACCOUNT_ID is not set" - if [[ "$GITHUB_PUSH" == "true" ]]; then - [[ -z "$GITHUB_HOST" ]] && gitops_suite_idp_config_help "GITHUB_HOST is not set" - [[ -z "$GITHUB_ORG" ]] && gitops_suite_idp_config_help "GITHUB_ORG is not set" - [[ -z "$GITHUB_REPO" ]] && gitops_suite_idp_config_help "GITHUB_REPO is not set" - [[ -z "$GIT_BRANCH" ]] && gitops_suite_idp_config_help "GIT_BRANCH is not set" - fi - [[ -z "$LDAP_URL" ]] && gitops_suite_idp_config_help "LDAP_URL is not set" - [[ -z "$LDAP_BASEDN" ]] && gitops_suite_idp_config_help "LDAP_BASEDN is not set" - [[ -z "$LDAP_USERID_MAP" ]] && gitops_suite_idp_config_help "LDAP_USERID_MAP is not set" - [[ -z "$LDAP_CERTIFICATE_FILE" ]] && gitops_suite_idp_config_help "LDAP_CERTIFICATE_FILE is not set" - [[ -z "$LDAP_BIND_DN" ]] && gitops_suite_idp_config_help "LDAP_BIND_DN is not set" - [[ -z "$LDAP_BIND_PASSWORD" ]] && gitops_suite_idp_config_help "LDAP_BIND_PASSWORD is not set" - -} - -function gitops_suite_idp_config() { - # Take the first parameter off (it will be create-gitops) - shift - if [[ $# -gt 0 ]]; then - gitops_suite_idp_config_noninteractive "$@" - else - echo "Not supported yet" - exit 1 - gitops_suite_idp_config_interactive - fi - - mkdir -p ${GITOPS_WORKING_DIR} - GITOPS_INSTANCE_DIR=${GITOPS_WORKING_DIR}/${GITHUB_REPO}/${ACCOUNT_ID}/${REGION}/${CLUSTER_ID}/${MAS_INSTANCE_ID}/configs - - echo - reset_colors - echo_h2 "Review Settings" - - echo "${TEXT_DIM}" - echo_h2 "Target" " " - echo_reset_dim "Account ID............................. ${COLOR_MAGENTA}${ACCOUNT_ID}" - echo_reset_dim "Region ................................ ${COLOR_MAGENTA}${REGION}" - echo_reset_dim "Cluster ID ............................ ${COLOR_MAGENTA}${CLUSTER_ID}" - echo_reset_dim "System Config Directory ............... ${COLOR_MAGENTA}${GITOPS_INSTANCE_DIR}" - echo_reset_dim "ArgoCD Check .......................... ${COLOR_MAGENTA}${ARGOCD_CHECK}" - reset_colors - - echo "${TEXT_DIM}" - echo_h2 "Secrets Manager" " " - echo_reset_dim "Secrets Path .......................... ${COLOR_MAGENTA}${SECRETS_PATH}" - reset_colors - - echo "${TEXT_DIM}" - echo_h2 "GitOps Source" " " - echo_reset_dim "GitOps URL ............................ ${COLOR_MAGENTA}https://github.com/ibm-mas/gitops" - echo_reset_dim "GitOps Version ........................ ${COLOR_MAGENTA}${GITOPS_VERSION}" - reset_colors - - echo "${TEXT_DIM}" - if [[ "$GITHUB_PUSH" == "true" ]]; then - echo_h2 "GitOps Target" " " - echo_reset_dim "Automatic Push ........................ ${COLOR_GREEN}Enabled" - echo_reset_dim "Working Directory ..................... ${COLOR_MAGENTA}${GITOPS_WORKING_DIR}" - echo_reset_dim "Host .................................. ${COLOR_MAGENTA}${GITHUB_HOST}" - echo_reset_dim "Organization .......................... ${COLOR_MAGENTA}${GITHUB_ORG}" - echo_reset_dim "Repository ............................ ${COLOR_MAGENTA}${GITHUB_REPO}" - echo_reset_dim "Branch ................................ ${COLOR_MAGENTA}${GIT_BRANCH}" - else - echo_h2 "GitOps Target" " " - echo_reset_dim "Automatic Push ........................ ${COLOR_RED}Disabled" - echo_reset_dim "Working Directory ..................... ${COLOR_MAGENTA}${GITOPS_WORKING_DIR}" - fi - reset_colors - - echo "${TEXT_DIM}" - echo_h2 "IBM Maximo Application Suite" " " - echo_reset_dim "Instance ID ........................... ${COLOR_MAGENTA}${MAS_INSTANCE_ID}" - reset_colors - - echo "${TEXT_DIM}" - echo_h2 "IBM Maximo Application Suite IDP/LDAP Config" " " - echo_reset_dim "IdpCfg Display Name ............................ ${COLOR_MAGENTA}${IDPCFG_DISPLAY_NAME}" - echo_reset_dim "LDAP Server URL ................................ ${COLOR_MAGENTA}${LDAP_URL}" - echo_reset_dim "LDAP Server baseDN ............................. ${COLOR_MAGENTA}${LDAP_BASEDN}" - echo_reset_dim "LDAP UserId Map ................................ ${COLOR_MAGENTA}${LDAP_USERID_MAP}" - echo_reset_dim "Path to LDAP Cert File ........................ ${COLOR_MAGENTA}${LDAP_CERTIFICATE_FILE}" - echo_reset_dim "ldap Server Bind DN ............................ ${COLOR_MAGENTA}${LDAP_BIND_DN}" - echo_reset_dim "ldap Server Bind Password ...................... ${COLOR_MAGENTA}${LDAP_BIND_PASSWORD:0:4}" - reset_colors - - # Set up Suite secrets - # --------------------------------------------------------------------------- - echo - echo_h2 "Configuring Suite secrets" - AVP_TYPE=aws # Support for IBM will be added later - sm_login - - # Set the instance-level values to used - # --------------------------------------------------------------------------- - SECRET_NAME_LDAP=${SECRET_PREFIX}${ACCOUNT_ID}${SECRETS_KEY_SEPERATOR}${CLUSTER_ID}${SECRETS_KEY_SEPERATOR}${MAS_INSTANCE_ID}${SECRETS_KEY_SEPERATOR}ldap - sm_update_secret $SECRET_NAME_LDAP "{\"bindDN\": \"$LDAP_BIND_DN\", \"bindPassword\": \"$LDAP_BIND_PASSWORD\"}" - export SECRET_KEY_LDAP_BIND_DN=${SECRET_NAME_LDAP}#bindDN - export SECRET_KEY_LDAP_BIND_PASSWORD=${SECRET_NAME_LDAP}#bindPassword - - # Get LDAP Certificate File content - # --------------------------------------------------------------------------- - export LDAP_CERTIFICATE_CONTENT=$(<$LDAP_CERTIFICATE_FILE) - - CURRENT_DIR=$PWD - TEMP_DIR=$CURRENT_DIR/tmp-mas-idp-config - rm -rf $TEMP_DIR - mkdir -p $TEMP_DIR - - if [ -z $GIT_SSH ]; then - export GIT_SSH="false" - fi - - # Clone github target repo - # --------------------------------------------------------------------------- - if [ "$GITHUB_PUSH" == "true" ]; then - echo - echo_h2 "Cloning GitHub repo $GITHUB_ORG $GITHUB_REPO" - clone_target_git_repo $GITHUB_HOST $GITHUB_ORG $GITHUB_REPO $GIT_BRANCH $GITOPS_WORKING_DIR $GIT_SSH - fi - mkdir -p ${GITOPS_INSTANCE_DIR} - - export MAS_CONFIG_SCOPE="system" - - # Generate ArgoApps - # --------------------------------------------------------------------------- - # Per MAS instance - echo "- IBM MAS IDP Config" - jinja -X .+ $CLI_DIR/templates/gitops/appset-configs/cluster/instance/configs/ibm-mas-idp-config.yaml.j2 -o ${GITOPS_INSTANCE_DIR}/system.ibm-mas-idp-config.yaml - - # Commit and push to github target repo - # --------------------------------------------------------------------------- - if [ "$GITHUB_PUSH" == "true" ]; then - echo - echo_h2 "Commit and push changes to GitHub repo $GITHUB_ORG $GITHUB_REPO" - save_to_target_git_repo $GITHUB_HOST $GITHUB_ORG $GITHUB_REPO $GIT_BRANCH $GITOPS_INSTANCE_DIR "${GIT_COMMIT_MSG}" - remove_git_repo_clone $GITOPS_WORKING_DIR/$GITHUB_REPO - - if [ "${ARGOCD_CHECK}" == "true" ]; then - CLUSTER_ROOT_APP="cluster.${ACCOUNT_ID}.${REGION}.${CLUSTER_ID}" - INSTANCE_ROOT_APP="instance.${ACCOUNT_ID}.${REGION}.${CLUSTER_ID}.${MAS_INSTANCE_ID}" - IDP_CONFIG_APP="${MAS_INSTANCE_ID}-ldap-default-system.${ACCOUNT_ID}.${REGION}.${CLUSTER_ID}.${MAS_INSTANCE_ID}" - - argocd_login - argocd_sync "${INSTANCE_ROOT_APP}" # trigger the configs appset to pick up the new config files - check_argo_app_synced "${INSTANCE_ROOT_APP}" "${CLUSTER_ROOT_APP}" # wait for the instance root app to sync - - argocd_hard_refresh "${IDP_CONFIG_APP}" - argocd_sync "${IDP_CONFIG_APP}" - check_argo_app_synced "${IDP_CONFIG_APP}" "${INSTANCE_ROOT_APP}" - check_argo_app_healthy "${IDP_CONFIG_APP}" "${INSTANCE_ROOT_APP}" - fi - - fi - - rm -rf $TEMP_DIR - -} diff --git a/image/cli/mascli/functions/gitops_suite_objectstorage_config b/image/cli/mascli/functions/gitops_suite_objectstorage_config deleted file mode 100644 index a43de883b9..0000000000 --- a/image/cli/mascli/functions/gitops_suite_objectstorage_config +++ /dev/null @@ -1,272 +0,0 @@ -#!/usr/bin/env bash - -function gitops_suite_objectstorage_config_help() { - [[ -n "$1" ]] && echo_warning "$1" - reset_colors - cat << EOM -Usage: - mas gitops_suite_objectstorage_config [options] -Where ${COLOR_YELLOW}specified${TEXT_RESET} each option may also be defined by setting the appropriate environment variable. -When no options are specified on the command line, interactive-mode will be enabled by default. - -Options: - -GitOps Configuration: - -d, --dir ${COLOR_YELLOW}GITOPS_WORKING_DIR${TEXT_RESET} Working directory for GitOps repository - -g, --gitops-version ${COLOR_YELLOW}GITOPS_VERSION${TEXT_RESET} Version of ibm-mas/gitops to use - -a, --account-id ${COLOR_YELLOW}ACCOUNT_ID${TEXT_RESET} Account name that the cluster belongs to - -c, --cluster-id ${COLOR_YELLOW}CLUSTER_ID${TEXT_RESET} Cluster ID - -m, --mas-instance-id ${COLOR_YELLOW}MAS_INSTANCE_ID${TEXT_RESET} IBM Suite Maximo Application Suite Instance ID - --gitops-config-dir ${COLOR_YELLOW}GITOPS_CONFIG_DIR${TEXT_RESET} Directory that holds configuration to use - -A, --argocd-check ${COLOR_YELLOW}ARGOCD_CHECK${TEXT_RESET} ArgoCD check flag, when set to true will make ArgoCD calls - -Secrets Manager: - --secrets-path ${COLOR_YELLOW}SECRETS_PATH${TEXT_RESET} Secrets Manager path - --secrets-key-seperator ${COLOR_YELLOW}SECRETS_KEY_SEPERATOR${TEXT_RESET} Secrets Manager key seperator string - - -Automatic GitHub Push: - -P, --github-push ${COLOR_YELLOW}GITHUB_PUSH${TEXT_RESET} Enable automatic push to GitHub - -H, --github-host ${COLOR_YELLOW}GITHUB_HOST${TEXT_RESET} GitHub Hostname for your GitOps repository - -O, --github-org ${COLOR_YELLOW}GITHUB_ORG${TEXT_RESET} Github org for your GitOps repository - -R, --github-repo ${COLOR_YELLOW}GITHUB_REPO${TEXT_RESET} Github repo for your GitOps repository - -B, --git-branch ${COLOR_YELLOW}GIT_BRANCH${TEXT_RESET} Git branch to commit to of your GitOps repository - -M, --git-commit-msg ${COLOR_YELLOW}GIT_COMMIT_MSG${TEXT_RESET} Git commit message to use when committing to of your GitOps repository - -S , --github-ssh ${COLOR_YELLOW}GIT_SSH${TEXT_RESET} Git ssh key path - -Other Commands: - -h, --help Show this help message -EOM - [[ -n "$1" ]] && exit 1 || exit 0 -} - -function gitops_suite_objectstorage_config_noninteractive() { - GITOPS_WORKING_DIR=$PWD/working-dir - SECRETS_KEY_SEPERATOR="/" - GIT_COMMIT_MSG="gitops-suite-objectstorage-config commit" - export GITOPS_VERSION=${GITOPS_VERSION:-poc} - - export REGION=${REGION:-${SM_AWS_REGION}} - export ARGOCD_CHECK=${ARGOCD_CHECK:-"true"} - - while [[ $# -gt 0 ]] - do - key="$1" - shift - case $key in - -d|--dir) - export GITOPS_WORKING_DIR=$1 && shift - ;; - -g|--gitops-version) - export GITOPS_VERSION=$1 && shift - ;; - -a|--account-id) - export ACCOUNT_ID=$1 && shift - ;; - -r|--region) - export REGION=$1 && shift - ;; - -c|--cluster-id) - export CLUSTER_ID=$1 && shift - ;; - --gitops-config-dir) - export GITOPS_CONFIG_DIR=$1 && shift - ;; - -m|--mas-instance-id) - export MAS_INSTANCE_ID=$1 && shift - ;; - -A|--argocd-check) - export ARGOCD_CHECK=$1 && shift - ;; - - # Secrets Manager - --secrets-path) - export SECRETS_PATH=$1 && shift - ;; - --secrets-key-seperator) - export SECRETS_KEY_SEPERATOR=$1 && shift - ;; - - # Automatic GitHub Push - -P|--github-push) - export GITHUB_PUSH=true - ;; - -H|--github-host) - export GITHUB_HOST=$1 && shift - ;; - -O|--github-org) - export GITHUB_ORG=$1 && shift - ;; - -R|--github-repo) - export GITHUB_REPO=$1 && shift - ;; - -B|--git-branch) - export GIT_BRANCH=$1 && shift - ;; - -M|--git-commit-msg) - export GIT_COMMIT_MSG=$1 && shift - ;; - -S|--github-ssh) - export GIT_SSH=$1 && shift - ;; - - -h|--help) - gitops_suite_objectstorage_config_help - ;; - *) - # unknown option - echo -e "${COLOR_RED}Usage Error: Unsupported option \"${key}\"${COLOR_RESET}\n" - gitops_suite_objectstorage_config_help "Usage Error: Unsupported option \"${key}\" " - exit 1 - ;; - esac - done - - [[ -z "$GITOPS_WORKING_DIR" ]] && gitops_suite_objectstorage_config_help "GITOPS_WORKING_DIR is not set" - [[ -z "$GITOPS_CONFIG_DIR" ]] && gitops_suite_objectstorage_config_help "GITOPS_CONFIG_DIR is not set" - [[ -z "$GITOPS_VERSION" ]] && gitops_suite_objectstorage_config_help "GITOPS_VERSION is not set" - [[ -z "$CLUSTER_ID" ]] && gitops_suite_objectstorage_config_help "CLUSTER_ID is not set" - [[ -z "$REGION" ]] && gitops_suite_objectstorage_config_help "REGION is not set" - [[ -z "$ACCOUNT_ID" ]] && gitops_suite_objectstorage_config_help "ACCOUNT_ID is not set" - if [[ "$GITHUB_PUSH" == "true" ]]; then - [[ -z "$GITHUB_HOST" ]] && gitops_suite_objectstorage_config_help "GITHUB_HOST is not set" - [[ -z "$GITHUB_ORG" ]] && gitops_suite_objectstorage_config_help "GITHUB_ORG is not set" - [[ -z "$GITHUB_REPO" ]] && gitops_suite_objectstorage_config_help "GITHUB_REPO is not set" - [[ -z "$GIT_BRANCH" ]] && gitops_suite_objectstorage_config_help "GIT_BRANCH is not set" - fi -} - -function gitops_suite_objectstorage_config() { - # Take the first parameter off (it will be create-gitops) - shift - if [[ $# -gt 0 ]]; then - gitops_suite_objectstorage_config_noninteractive "$@" - else - echo "Not supported yet" - exit 1 - gitops_suite_objectstorage_config_interactive - fi - rm -rf ${GITOPS_WORKING_DIR} - mkdir -p ${GITOPS_WORKING_DIR} - GITOPS_INSTANCE_DIR=${GITOPS_WORKING_DIR}/${GITHUB_REPO}/${ACCOUNT_ID}/${REGION}/${CLUSTER_ID}/${MAS_INSTANCE_ID}/configs - - echo - reset_colors - echo_h2 "Review Settings" - - echo "${TEXT_DIM}" - echo_h2 "Target" " " - echo_reset_dim "Account ID ............................ ${COLOR_MAGENTA}${ACCOUNT_ID}" - echo_reset_dim "Cluster ID ............................ ${COLOR_MAGENTA}${CLUSTER_ID}" - echo_reset_dim "System Config Directory................ ${COLOR_MAGENTA}${GITOPS_INSTANCE_DIR}" - echo_reset_dim "Config Directory ...................... ${COLOR_MAGENTA}${GITOPS_CONFIG_DIR}" - echo_reset_dim "ArgoCD Check .......................... ${COLOR_MAGENTA}${ARGOCD_CHECK}" - reset_colors - - echo "${TEXT_DIM}" - echo_h2 "Secrets Manager" " " - echo_reset_dim "Secrets Path .......................... ${COLOR_MAGENTA}${SECRETS_PATH}" - reset_colors - - echo "${TEXT_DIM}" - echo_h2 "GitOps Source" " " - echo_reset_dim "GitOps URL ............................ ${COLOR_MAGENTA}https://github.com/ibm-mas/gitops" - echo_reset_dim "GitOps Version ........................ ${COLOR_MAGENTA}${GITOPS_VERSION}" - reset_colors - - echo "${TEXT_DIM}" - if [[ "$GITHUB_PUSH" == "true" ]]; then - echo_h2 "GitOps Target" " " - echo_reset_dim "Automatic Push ........................ ${COLOR_GREEN}Enabled" - echo_reset_dim "Working Directory ..................... ${COLOR_MAGENTA}${GITOPS_WORKING_DIR}" - echo_reset_dim "Host .................................. ${COLOR_MAGENTA}${GITHUB_HOST}" - echo_reset_dim "Organization .......................... ${COLOR_MAGENTA}${GITHUB_ORG}" - echo_reset_dim "Repository ............................ ${COLOR_MAGENTA}${GITHUB_REPO}" - echo_reset_dim "Branch ................................ ${COLOR_MAGENTA}${GIT_BRANCH}" - else - echo_h2 "GitOps Target" " " - echo_reset_dim "Automatic Push ........................ ${COLOR_RED}Disabled" - echo_reset_dim "Working Directory ..................... ${COLOR_MAGENTA}${GITOPS_WORKING_DIR}" - fi - reset_colors - - echo "${TEXT_DIM}" - echo_h2 "IBM Maximo Application Suite" " " - echo_reset_dim "Instance ID ........................... ${COLOR_MAGENTA}${MAS_INSTANCE_ID}" - reset_colors - - - # Set up Suite secrets - # --------------------------------------------------------------------------- - echo - echo_h2 "Configuring Suite secrets" - AVP_TYPE=aws # Support for IBM will be added later - sm_login - - # Get the cluster-level secrets used - # --------------------------------------------------------------------------- - CURRENT_DIR=$PWD - TEMP_DIR=$CURRENT_DIR/tmp-cos-config - rm -rf $TEMP_DIR - mkdir -p $TEMP_DIR - - # Get the instance-level values to used - # --------------------------------------------------------------------------- - export COS_CONFIG=$GITOPS_CONFIG_DIR/$MAS_INSTANCE_ID-cos/cos-ibm-system.yml - yq -sY '.[1].spec' $COS_CONFIG >> $TEMP_DIR/cos-info.yaml - rc=$? - [ $rc -ne 0 ] && exit $rc - yq -iY 'del(.config.credentials)' $TEMP_DIR/cos-info.yaml - yq -iY 'del(.displayName)' $TEMP_DIR/cos-info.yaml - export OBJECTSTORAGE_SECRET=${ACCOUNT_ID}${SECRETS_KEY_SEPERATOR}${CLUSTER_ID}${SECRETS_KEY_SEPERATOR}${MAS_INSTANCE_ID}${SECRETS_KEY_SEPERATOR}cos - export SECRET_KEY_OBJECTSTORAGE_USERNAME=${OBJECTSTORAGE_SECRET}#username - export SECRET_KEY_OBJECTSTORAGE_PASSWORD=${OBJECTSTORAGE_SECRET}#password - - if [ -z $GIT_SSH ]; then - export GIT_SSH="false" - fi - - # Clone github target repo - # --------------------------------------------------------------------------- - if [ "$GITHUB_PUSH" == "true" ]; then - echo - echo_h2 "Cloning GitHub repo $GITHUB_ORG $GITHUB_REPO" - clone_target_git_repo $GITHUB_HOST $GITHUB_ORG $GITHUB_REPO $GIT_BRANCH $GITOPS_WORKING_DIR $GIT_SSH - fi - mkdir -p ${GITOPS_INSTANCE_DIR} - - export MAS_CONFIG_SCOPE="system" - - # Generate ArgoApps - # --------------------------------------------------------------------------- - # Per MAS instance - jinja -X .+ -d $TEMP_DIR/cos-info.yaml $CLI_DIR/templates/gitops/appset-configs/cluster/instance/configs/ibm-mas-objectstorage-config.yaml.j2 -o ${GITOPS_INSTANCE_DIR}/system.ibm-mas-objectstorage-config.yaml - - # Commit and push to github target repo - # --------------------------------------------------------------------------- - if [ "$GITHUB_PUSH" == "true" ]; then - echo - echo_h2 "Commit and push changes to GitHub repo $GITHUB_ORG $GITHUB_REPO" - save_to_target_git_repo $GITHUB_HOST $GITHUB_ORG $GITHUB_REPO $GIT_BRANCH $GITOPS_INSTANCE_DIR "${GIT_COMMIT_MSG}" - remove_git_repo_clone $GITOPS_WORKING_DIR/$GITHUB_REPO - - if [ "${ARGOCD_CHECK}" == "true" ]; then - CLUSTER_ROOT_APP="cluster.${ACCOUNT_ID}.${REGION}.${CLUSTER_ID}" - INSTANCE_ROOT_APP="instance.${ACCOUNT_ID}.${REGION}.${CLUSTER_ID}.${MAS_INSTANCE_ID}" - COS_CONFIG_APP="${MAS_INSTANCE_ID}-objectstorage-system.${ACCOUNT_ID}.${REGION}.${CLUSTER_ID}.${MAS_INSTANCE_ID}" - - argocd_login - argocd_sync "${INSTANCE_ROOT_APP}" ## trigger the configs appset to pick up the new config files - check_argo_app_synced "${INSTANCE_ROOT_APP}" "${CLUSTER_ROOT_APP}" # wait for the instance root app to sync - - argocd_hard_refresh "${COS_CONFIG_APP}" - argocd_sync "${COS_CONFIG_APP}" - check_argo_app_synced "${COS_CONFIG_APP}" "${INSTANCE_ROOT_APP}" - check_argo_app_healthy "${COS_CONFIG_APP}" "${INSTANCE_ROOT_APP}" - fi - - fi - - rm -rf $TEMP_DIR - -} diff --git a/image/cli/mascli/functions/gitops_suite_smtp_config b/image/cli/mascli/functions/gitops_suite_smtp_config deleted file mode 100644 index 7ede4b4029..0000000000 --- a/image/cli/mascli/functions/gitops_suite_smtp_config +++ /dev/null @@ -1,334 +0,0 @@ -#!/usr/bin/env bash - -function gitops_suite_smtp_config_help() { - [[ -n "$1" ]] && echo_warning "$1" - reset_colors - cat << EOM -Usage: - mas gitops_suite_smtp_config [options] -Where ${COLOR_YELLOW}specified${TEXT_RESET} each option may also be defined by setting the appropriate environment variable. -When no options are specified on the command line, interactive-mode will be enabled by default. - -Options: - -GitOps Configuration: - -d, --dir ${COLOR_YELLOW}GITOPS_WORKING_DIR${TEXT_RESET} Working directory for GitOps repository - -g, --gitops-version ${COLOR_YELLOW}GITOPS_VERSION${TEXT_RESET} Version of ibm-mas/gitops to use - -a, --account-id ${COLOR_YELLOW}ACCOUNT_ID${TEXT_RESET} Account name that the cluster belongs to - -c, --cluster-id ${COLOR_YELLOW}CLUSTER_ID${TEXT_RESET} Cluster ID - -m, --mas-instance-id ${COLOR_YELLOW}MAS_INSTANCE_ID${TEXT_RESET} IBM Suite Maximo Application Suite Instance ID - -A, --argocd-check ${COLOR_YELLOW}ARGOCD_CHECK${TEXT_RESET} ArgoCD check flag, when set to true will make ArgoCD calls - -Secrets Manager: - --secrets-path ${COLOR_YELLOW}SECRETS_PATH${TEXT_RESET} Secrets Manager path - --secrets-key-seperator ${COLOR_YELLOW}SECRETS_KEY_SEPERATOR${TEXT_RESET} Secrets Manager key seperator string - -MAS SMTP Options: - --smtp-display-name ${COLOR_YELLOW}SMTP_DISPLAY_NAME${TEXT_RESET} Display name for SmtpCfg resource - --smtp-host ${COLOR_YELLOW}SMTP_HOST{TEXT_RESET} Host of the SMTP server - --smtp-port ${COLOR_YELLOW}SMTP_PORT${TEXT_RESET} Port of the SMTP server - --smtp-security ${COLOR_YELLOW}SMTP_SECURITY${TEXT_RESET} Security protocol. None, STARTTLS or SSL - --smtp-authentication ${COLOR_YELLOW}SMTP_AUTHENTICATION${TEXT_RESET} true or false on whether to authenticate - --smtp-default-sender-email ${COLOR_YELLOW}SMTP_DEFAULT_SENDER_EMAIL${TEXT_RESET} The default sender email - --smtp-default-sender-name ${COLOR_YELLOW}SMTP_DEFAULT_SENDER_NAME${TEXT_RESET} The default sender name - --smtp-default-recipient-email ${COLOR_YELLOW}SMTP_DEFAULT_RECIPIENT_EMAIL${TEXT_RESET} The default recipient email - --smtp-default-should-email-passwords ${COLOR_YELLOW}SMTP_DEFAULT_SHOULD_EMAIL_PASSWORDS${TEXT_RESET} true or false on sending email passwords - --smtp-username ${COLOR_YELLOW}SMTP_USERNAME${TEXT_RESET} Username for SMTP server authentication - --smtp-password ${COLOR_YELLOW}SMTP_PASSWORD${TEXT_RESET} Password for SMTP server authenticaiton - -Automatic GitHub Push: - -P, --github-push ${COLOR_YELLOW}GITHUB_PUSH${TEXT_RESET} Enable automatic push to GitHub - -H, --github-host ${COLOR_YELLOW}GITHUB_HOST${TEXT_RESET} GitHub Hostname for your GitOps repository - -O, --github-org ${COLOR_YELLOW}GITHUB_ORG${TEXT_RESET} Github org for your GitOps repository - -R, --github-repo ${COLOR_YELLOW}GITHUB_REPO${TEXT_RESET} Github repo for your GitOps repository - -B, --git-branch ${COLOR_YELLOW}GIT_BRANCH${TEXT_RESET} Git branch to commit to of your GitOps repository - -M, --git-commit-msg ${COLOR_YELLOW}GIT_COMMIT_MSG${TEXT_RESET} Git commit message to use when committing to of your GitOps repository - -S , --github-ssh ${COLOR_YELLOW}GIT_SSH${TEXT_RESET} Git ssh key path - -Other Commands: - -h, --help Show this help message -EOM - [[ -n "$1" ]] && exit 1 || exit 0 -} - -function gitops_suite_smtp_config_noninteractive() { - GITOPS_WORKING_DIR=$PWD/working-dir - SECRETS_KEY_SEPERATOR="/" - GIT_COMMIT_MSG="gitops-mas-smtp-config commit" - export GITOPS_VERSION=${GITOPS_VERSION:-poc} - export SMTP_DISPLAY_NAME=${SMTP_DISPLAY_NAME:="Suite SMTP"} - - # TODO: will need to add explicit args to pipeline when we start using this code to deploy to MCSP - export REGION=${REGION:-${SM_AWS_REGION}} - export ARGOCD_CHECK=${ARGOCD_CHECK:-"true"} - - while [[ $# -gt 0 ]] - do - key="$1" - shift - case $key in - -d|--dir) - export GITOPS_WORKING_DIR=$1 && shift - ;; - -g|--gitops-version) - export GITOPS_VERSION=$1 && shift - ;; - -a|--account-id) - export ACCOUNT_ID=$1 && shift - ;; - -c|--cluster-id) - export CLUSTER_ID=$1 && shift - ;; - -r|--region) - export REGION=$1 && shift - ;; - -m|--mas-instance-id) - export MAS_INSTANCE_ID=$1 && shift - ;; - -A|--argocd-check) - export ARGOCD_CHECK=$1 && shift - ;; - - # Secrets Manager - --secrets-path) - export SECRETS_PATH=$1 && shift - ;; - --secrets-key-seperator) - export SECRETS_KEY_SEPERATOR=$1 && shift - ;; - - # SMTP - --smtp-display-name) - export SMTP_DISPLAY_NAME=$1 && shift - ;; - --smtp-host) - export SMTP_HOST=$1 && shift - ;; - --smtp-port) - export SMTP_PORT=$1 && shift - ;; - --smtp-security) - export SMTP_SECURITY=$1 && shift - ;; - --smtp-authentication) - export SMTP_AUTHENTICATION=$1 && shift - ;; - --smtp-default-sender-email) - export SMTP_DEFAULT_SENDER_EMAIL=$1 && shift - ;; - --smtp-default-sender-name) - export SMTP_DEFAULT_SENDER_NAME=$1 && shift - ;; - --smtp-default-recipient-email) - export SMTP_DEFAULT_RECIPIENT_EMAIL=$1 && shift - ;; - --smtp-default-should-email-passwords) - export SMTP_DEFAULT_SHOULD_EMAIL_PASSWORDS=$1 && shift - ;; - --smtp-username) - export SMTP_USERNAME=$1 && shift - ;; - --smtp-password) - export SMTP_PASSWORD=$1 && shift - ;; - - # Automatic GitHub Push - -P|--github-push) - export GITHUB_PUSH=true - ;; - -H|--github-host) - export GITHUB_HOST=$1 && shift - ;; - -O|--github-org) - export GITHUB_ORG=$1 && shift - ;; - -R|--github-repo) - export GITHUB_REPO=$1 && shift - ;; - -B|--git-branch) - export GIT_BRANCH=$1 && shift - ;; - -M|--git-commit-msg) - export GIT_COMMIT_MSG=$1 && shift - ;; - -S|--github-ssh) - export GIT_SSH=$1 && shift - ;; - - -h|--help) - gitops_suite_smtp_config_help - ;; - *) - # unknown option - echo -e "${COLOR_RED}Usage Error: Unsupported option \"${key}\"${COLOR_RESET}\n" - gitops_suite_smtp_config_help "Usage Error: Unsupported option \"${key}\" " - exit 1 - ;; - esac - done - - [[ -z "$GITOPS_WORKING_DIR" ]] && gitops_suite_smtp_config_help "GITOPS_WORKING_DIR is not set" - [[ -z "$GITOPS_VERSION" ]] && gitops_suite_smtp_config_help "GITOPS_VERSION is not set" - [[ -z "$CLUSTER_ID" ]] && gitops_suite_smtp_config_help "CLUSTER_ID is not set" - [[ -z "$REGION" ]] && gitops_suite_smtp_config_help "REGION is not set" - [[ -z "$ACCOUNT_ID" ]] && gitops_suite_smtp_config_help "ACCOUNT_ID is not set" - if [[ "$GITHUB_PUSH" == "true" ]]; then - [[ -z "$GITHUB_HOST" ]] && gitops_suite_smtp_config_help "GITHUB_HOST is not set" - [[ -z "$GITHUB_ORG" ]] && gitops_suite_smtp_config_help "GITHUB_ORG is not set" - [[ -z "$GITHUB_REPO" ]] && gitops_suite_smtp_config_help "GITHUB_REPO is not set" - [[ -z "$GIT_BRANCH" ]] && gitops_suite_smtp_config_help "GIT_BRANCH is not set" - fi - [[ -z "$SMTP_HOST" ]] && gitops_suite_smtp_config_help "SMTP_HOST is not set" - [[ -z "$SMTP_PORT" ]] && gitops_suite_smtp_config_help "SMTP_PORT is not set" - [[ -z "$SMTP_SECURITY" ]] && gitops_suite_smtp_config_help "SMTP_SECURITY is not set" - [[ -z "$SMTP_AUTHENTICATION" ]] && gitops_suite_smtp_config_help "SMTP_AUTHENTICATION is not set" - [[ -z "$SMTP_DEFAULT_SENDER_EMAIL" ]] && gitops_suite_smtp_config_help "SMTP_DEFAULT_SENDER_EMAIL is not set" - [[ -z "$SMTP_DEFAULT_SENDER_NAME" ]] && gitops_suite_smtp_config_help "SMTP_DEFAULT_SENDER_NAME is not set" - [[ -z "$SMTP_DEFAULT_RECIPIENT_EMAIL" ]] && gitops_suite_smtp_config_help "SMTP_DEFAULT_RECIPIENT_EMAIL is not set" - [[ -z "$SMTP_DEFAULT_SHOULD_EMAIL_PASSWORDS" ]] && gitops_suite_smtp_config_help "SMTP_DEFAULT_SHOULD_EMAIL_PASSWORDS is not set" - [[ -z "$SMTP_USERNAME" ]] && gitops_suite_smtp_config_help "SMTP_USERNAME is not set" - [[ -z "$SMTP_PASSWORD" ]] && gitops_suite_smtp_config_help "SMTP_PASSWORD is not set" -} - -function gitops_suite_smtp_config() { - # Take the first parameter off (it will be create-gitops) - shift - if [[ $# -gt 0 ]]; then - gitops_suite_smtp_config_noninteractive "$@" - else - echo "Not supported yet" - exit 1 - gitops_suite_smtp_config_interactive - fi - - mkdir -p ${GITOPS_WORKING_DIR} - GITOPS_INSTANCE_DIR=${GITOPS_WORKING_DIR}/${GITHUB_REPO}/${ACCOUNT_ID}/${REGION}/${CLUSTER_ID}/${MAS_INSTANCE_ID}/configs - - echo - reset_colors - echo_h2 "Review Settings" - - echo "${TEXT_DIM}" - echo_h2 "Target" " " - echo_reset_dim "Account ID............................. ${COLOR_MAGENTA}${ACCOUNT_ID}" - echo_reset_dim "Region ................................ ${COLOR_MAGENTA}${REGION}" - echo_reset_dim "Cluster ID ............................ ${COLOR_MAGENTA}${CLUSTER_ID}" - echo_reset_dim "System Config Directory ............... ${COLOR_MAGENTA}${GITOPS_INSTANCE_DIR}" - echo_reset_dim "ArgoCD Check .......................... ${COLOR_MAGENTA}${ARGOCD_CHECK}" - reset_colors - - echo "${TEXT_DIM}" - echo_h2 "Secrets Manager" " " - echo_reset_dim "Secrets Path .......................... ${COLOR_MAGENTA}${SECRETS_PATH}" - reset_colors - - echo "${TEXT_DIM}" - echo_h2 "GitOps Source" " " - echo_reset_dim "GitOps URL ............................ ${COLOR_MAGENTA}https://github.com/ibm-mas/gitops" - echo_reset_dim "GitOps Version ........................ ${COLOR_MAGENTA}${GITOPS_VERSION}" - reset_colors - - echo "${TEXT_DIM}" - if [[ "$GITHUB_PUSH" == "true" ]]; then - echo_h2 "GitOps Target" " " - echo_reset_dim "Automatic Push ........................ ${COLOR_GREEN}Enabled" - echo_reset_dim "Working Directory ..................... ${COLOR_MAGENTA}${GITOPS_WORKING_DIR}" - echo_reset_dim "Host .................................. ${COLOR_MAGENTA}${GITHUB_HOST}" - echo_reset_dim "Organization .......................... ${COLOR_MAGENTA}${GITHUB_ORG}" - echo_reset_dim "Repository ............................ ${COLOR_MAGENTA}${GITHUB_REPO}" - echo_reset_dim "Branch ................................ ${COLOR_MAGENTA}${GIT_BRANCH}" - else - echo_h2 "GitOps Target" " " - echo_reset_dim "Automatic Push ........................ ${COLOR_RED}Disabled" - echo_reset_dim "Working Directory ..................... ${COLOR_MAGENTA}${GITOPS_WORKING_DIR}" - fi - reset_colors - - echo "${TEXT_DIM}" - echo_h2 "IBM Maximo Application Suite" " " - echo_reset_dim "Instance ID ........................... ${COLOR_MAGENTA}${MAS_INSTANCE_ID}" - reset_colors - - echo "${TEXT_DIM}" - echo_h2 "IBM Maximo Application Suite SMTP Config" " " - echo_reset_dim "SmtpCfg Display Name ........................... ${COLOR_MAGENTA}${SMTP_DISPLAY_NAME}" - echo_reset_dim "Smtp Server Host ............................... ${COLOR_MAGENTA}${SMTP_HOST}" - echo_reset_dim "Smtp Server Port ............................... ${COLOR_MAGENTA}${SMTP_PORT}" - echo_reset_dim "Smtp Security Protocol ......................... ${COLOR_MAGENTA}${SMTP_SECURITY}" - echo_reset_dim "Smtp Authentication ............................ ${COLOR_MAGENTA}${SMTP_AUTHENTICATION}" - echo_reset_dim "Smtp Default Sender Email ...................... ${COLOR_MAGENTA}${SMTP_DEFAULT_SENDER_EMAIL}" - echo_reset_dim "Smtp Default Sender Name ....................... ${COLOR_MAGENTA}${SMTP_DEFAULT_SENDER_NAME}" - echo_reset_dim "Smtp Default Recipient Email ................... ${COLOR_MAGENTA}${SMTP_DEFAULT_RECIPIENT_EMAIL}" - echo_reset_dim "Smtp Should Email Passwords .................... ${COLOR_MAGENTA}${SMTP_DEFAULT_SHOULD_EMAIL_PASSWORDS}" - echo_reset_dim "Smtp Server Username ........................... ${COLOR_MAGENTA}${SMTP_USERNAME}" - echo_reset_dim "Smtp Server Password ........................... ${COLOR_MAGENTA}${SMTP_PASSWORD:0:4}" - reset_colors - - # Set up Suite secrets - # --------------------------------------------------------------------------- - echo - echo_h2 "Configuring Suite secrets" - AVP_TYPE=aws # Support for IBM will be added later - sm_login - - # Set the instance-level values to used - # --------------------------------------------------------------------------- - SECRET_NAME_SMTP=${SECRET_PREFIX}${ACCOUNT_ID}${SECRETS_KEY_SEPERATOR}${CLUSTER_ID}${SECRETS_KEY_SEPERATOR}${MAS_INSTANCE_ID}${SECRETS_KEY_SEPERATOR}smtp - sm_update_secret $SECRET_NAME_SMTP "{\"username\": \"$SMTP_USERNAME\", \"password\": \"$SMTP_PASSWORD\"}" - export SECRET_KEY_SMTP_USERNAME=${SECRET_NAME_SMTP}#username - export SECRET_KEY_SMTP_PASSWORD=${SECRET_NAME_SMTP}#password - - CURRENT_DIR=$PWD - TEMP_DIR=$CURRENT_DIR/tmp-mas-smtp-config - rm -rf $TEMP_DIR - mkdir -p $TEMP_DIR - - if [ -z $GIT_SSH ]; then - export GIT_SSH="false" - fi - - # Clone github target repo - # --------------------------------------------------------------------------- - if [ "$GITHUB_PUSH" == "true" ]; then - echo - echo_h2 "Cloning GitHub repo $GITHUB_ORG $GITHUB_REPO" - clone_target_git_repo $GITHUB_HOST $GITHUB_ORG $GITHUB_REPO $GIT_BRANCH $GITOPS_WORKING_DIR $GIT_SSH - fi - mkdir -p ${GITOPS_INSTANCE_DIR} - - export MAS_CONFIG_SCOPE="system" - - # Generate ArgoApps - # --------------------------------------------------------------------------- - # Per MAS instance - echo "- IBM MAS SMTP Config" - jinja -X .+ $CLI_DIR/templates/gitops/appset-configs/cluster/instance/configs/ibm-mas-smtp-config.yaml.j2 -o ${GITOPS_INSTANCE_DIR}/system.ibm-mas-smtp-config.yaml - - # Commit and push to github target repo - # --------------------------------------------------------------------------- - if [ "$GITHUB_PUSH" == "true" ]; then - echo - echo_h2 "Commit and push changes to GitHub repo $GITHUB_ORG $GITHUB_REPO" - save_to_target_git_repo $GITHUB_HOST $GITHUB_ORG $GITHUB_REPO $GIT_BRANCH $GITOPS_INSTANCE_DIR "${GIT_COMMIT_MSG}" - remove_git_repo_clone $GITOPS_WORKING_DIR/$GITHUB_REPO - - CLUSTER_ROOT_APP="cluster.${ACCOUNT_ID}.${REGION}.${CLUSTER_ID}" - INSTANCE_ROOT_APP="instance.${ACCOUNT_ID}.${REGION}.${CLUSTER_ID}.${MAS_INSTANCE_ID}" - SMTP_CONFIG_APP="${MAS_INSTANCE_ID}-smtp-system.${ACCOUNT_ID}.${REGION}.${CLUSTER_ID}.${MAS_INSTANCE_ID}" - - if [ "${ARGOCD_CHECK}" == "true" ]; then - argocd_login - argocd_sync "${INSTANCE_ROOT_APP}" # trigger the configs appset to pick up the new config files - check_argo_app_synced "${INSTANCE_ROOT_APP}" "${CLUSTER_ROOT_APP}" # wait for the instance root app to sync - - argocd_hard_refresh "${SMTP_CONFIG_APP}" - argocd_sync "${SMTP_CONFIG_APP}" - check_argo_app_synced "${SMTP_CONFIG_APP}" "${INSTANCE_ROOT_APP}" - check_argo_app_healthy "${SMTP_CONFIG_APP}" "${INSTANCE_ROOT_APP}" - fi - - fi - - rm -rf $TEMP_DIR - -} diff --git a/image/cli/mascli/functions/gitops_suite_workspace b/image/cli/mascli/functions/gitops_suite_workspace index b4c8e54a21..a99cc5efd1 100644 --- a/image/cli/mascli/functions/gitops_suite_workspace +++ b/image/cli/mascli/functions/gitops_suite_workspace @@ -153,7 +153,6 @@ function gitops_suite_workspace() { gitops_suite_workspace_interactive fi - mkdir -p ${GITOPS_WORKING_DIR} mkdir -p ${GITOPS_WORKING_DIR} GITOPS_INSTANCE_DIR=${GITOPS_WORKING_DIR}/${GITHUB_REPO}/${ACCOUNT_ID}/${REGION}/${CLUSTER_ID}/${MAS_INSTANCE_ID} diff --git a/image/cli/mascli/functions/gitops_utils b/image/cli/mascli/functions/gitops_utils index 23165edc7d..f6802e6b9b 100644 --- a/image/cli/mascli/functions/gitops_utils +++ b/image/cli/mascli/functions/gitops_utils @@ -257,6 +257,164 @@ function remove_git_repo_clone() { } + + + +function unlock_git_repo() { + GIT_LOCK_BRANCH=$1 + GITOPS_REPO_DIR=$2 + echo "" + echo "Deleting "${GIT_LOCK_BRANCH}" from remote" + git -C "${GITOPS_REPO_DIR}" push origin --delete "${GIT_LOCK_BRANCH}" + + echo "" + echo "Deleting ${GITOPS_REPO_DIR} from filesystem" + rm -rf "${GITOPS_REPO_DIR}" +} + + + + +function git_lock_branch_name() { + + LOCK_NAME=$1 + ACCOUNT_ID=$2 + REGION_ID=$3 + CLUSTER_ID=$4 + MAS_INSTANCE_ID=$5 + + echo -n "lock.${LOCK_NAME}.${ACCOUNT_ID}.${REGION_ID}.${CLUSTER_ID}" + if [[ -n "${MAS_INSTANCE_ID}" ]]; then + echo -n ".${MAS_INSTANCE_ID}" + fi + +} + + + +# Clones the target repo and attempts to create a new branch ($GIT_LOCK_BRANCH) on the remote +# If this lock branch already exists, this means another process is currently making a change and could lead to a merge conflict. +# This function retries a limited number of times to reaquire the lock branch, and exits if this does not succeed. +# In this way, we guarantee sequentual execution order across any script that shares the same $GIT_LOCK_BRANCH name. +# If the function successfully acquires the lock branch, it registers git_lock_branch_name as an exit trap, to ensure we do not +# leave the lock branch in place (which would permanently block any other invokations of this function with the same GIT_LOCK_BRANCH. +# For consistency, it is recommended to use the git_lock_branch_name function above to generate GIT_LOCK_BRANCH, i.e. +# GIT_LOCK_BRANCH=$(git_lock_branch_name "${LOCK_NAME}" "${ACCOUNT_ID}" "${REGION_ID}" "${CLUSTER_ID}" "${MAS_INSTANCE_ID}") +# In order to commit and push at the end of any script that uses this function, use save_and_unlock_target_git_repo. +function clone_and_lock_target_git_repo() { + + GITHUB_HOST=$1 + GITHUB_ORG=$2 + GITHUB_REPO=$3 + GIT_BRANCH=$4 + LOCAL_DIR=$5 + SSH_PATH=$6 + GIT_LOCK_BRANCH=$7 + + RETRIES=${8:-10} + RETRY_DELAY_SECONDS=${8:-20} + + GITOPS_REPO_DIR="${LOCAL_DIR}/${GITHUB_REPO}" + LOCKFILE_NAME='.lock' + + + echo "" + echo "" + echo "clone_and_lock_git_repo: (${GIT_LOCK_BRANCH})" + + for (( c=1; c<="${RETRIES}"; c++ )); do + echo "" + echo "clone_and_lock_git_repo: retry ${c} of ${RETRIES}" + + + # Remove any clones created by prior attempts + rm -rf "${GITOPS_REPO_DIR}" + + clone_target_git_repo "${GITHUB_HOST}" "${GITHUB_ORG}" "${GITHUB_REPO}" "${GIT_BRANCH}" "${LOCAL_DIR}" "${SSH_PATH}" + + + # If the lock branch exists currently on the remote, return after a delay + LS_REMOTE_STDOUT=$(git -C "${GITOPS_REPO_DIR}" ls-remote --heads origin ${GIT_LOCK_BRANCH}) + if [[ -n "${LS_REMOTE_STDOUT}" ]]; then + echo "Lock branch ${GIT_LOCK_BRANCH} currently in use by another process, retry in ${RETRY_DELAY_SECONDS}s" + sleep ${RETRY_DELAY_SECONDS} + continue + fi + # NOTE: >1 invokation may pass the initial "git ls-remote" check above + # because of the non-zero delay between this call and the subsequent git push that creates the branch + # The "git ls-remote" check is NOT DEFINITIVE, it is merely an optimization to avoid doing unnecessary work where + # there is sufficient desynchronization between parallel runs of this script + + # Create the lock branch locally + git -C "${GITOPS_REPO_DIR}" checkout -b "${GIT_LOCK_BRANCH}" + + # To definitively acquire the "lock", we create and commit a temporary "lock file"; + # This will mean that, amongst n scripts running in parallel and in sync (i.e. where all invokations have passed the initial git ls-remote check), + # at most 1 invokation will be able to successfully perform the push below. + touch "${GITOPS_REPO_DIR}/${LOCKFILE_NAME}" + git -C "${GITOPS_REPO_DIR}" add ${LOCKFILE_NAME} + git -C "${GITOPS_REPO_DIR}" commit -m 'Acquire lock branch' + git -C "${GITOPS_REPO_DIR}" push --atomic -u origin "${GIT_LOCK_BRANCH}" + GIT_PUSH_RC=$? + + if [ "${GIT_PUSH_RC}" == "0" ]; then + # Now we've created the remote lock branch, we are blocking any other invokations of this script + # Register an exit trap to ensure we delete the remote branch whatever happens + trap "unlock_git_repo ${GIT_LOCK_BRANCH} ${GITOPS_REPO_DIR}" EXIT + echo "" + echo "clone_and_lock_git_repo: Acquired lock on branch ${GIT_LOCK_BRANCH}; proceeding..." + return 0 + fi + + echo "" + echo "clone_and_lock_git_repo: Failed to acquire Lock branch ${GIT_LOCK_BRANCH}, retry in ${RETRY_DELAY_SECONDS}s" + sleep ${RETRY_DELAY_SECONDS} + + done + + echo "!!! Failed clone_and_lock_git_repo after ${RETRIES} retries... giving up" + exit 1 + +} + + +# Intended to be called at the end of a script that uses the clone_and_lock_target_git_repo function above +# after modifications to config files have been applied to the local clone +# This pushes the changes to the lock branch (GIT_LOCK_BRANCH), and squash merges them to the main branch (GIT_BRANCH) +function save_and_unlock_target_git_repo { + GITHUB_REPO=$1 + GIT_BRANCH=$2 + LOCAL_DIR=$3 + COMMIT_MSG="$4" + GIT_LOCK_BRANCH=$5 + + LOCKFILE_NAME='.lock' + GITOPS_REPO_DIR="${LOCAL_DIR}/${GITHUB_REPO}" + + # Delete the .lock file + rm "${GITOPS_REPO_DIR}/${LOCKFILE_NAME}" + + # commit and push all changes + git -C "${GITOPS_REPO_DIR}" add -v . + git -C "${GITOPS_REPO_DIR}" commit -m "${GIT_COMMIT_MSG}" + git -C "${GITOPS_REPO_DIR}" push -u origin "${GIT_LOCK_BRANCH}" + + # Merge back to master + git -C "${GITOPS_REPO_DIR}" switch "${GIT_BRANCH}" + git -C "${GITOPS_REPO_DIR}" merge --squash "${GIT_LOCK_BRANCH}" + git -C "${GITOPS_REPO_DIR}" commit -m "${GIT_COMMIT_MSG}" + git -C "${GITOPS_REPO_DIR}" push -u origin "${GIT_BRANCH}" + + # unlock_git_repo exit trap function registered in clone_and_lock_target_git_repo + # takes care of deleting remote branch and local clone + # we'll do it here too anyway just to be sure + # (note since this will also delete the repo dir from the system, when the exit trap reruns this script + # it won't repeat the branch delete (which could cause problems since another process could have since re-created the lock branch)) + unlock_git_repo "${GIT_LOCK_BRANCH}" "${GITOPS_REPO_DIR}" + +} + + function argocd_login() { retries=${1:-20} interval=${2:-30} diff --git a/image/cli/mascli/mas b/image/cli/mascli/mas index 743b539a00..34eea0adad 100755 --- a/image/cli/mascli/mas +++ b/image/cli/mascli/mas @@ -68,29 +68,22 @@ mkdir -p $CONFIG_DIR . $CLI_DIR/functions/gitops_license . $CLI_DIR/functions/gitops_mongo . $CLI_DIR/functions/gitops_kafka -. $CLI_DIR/functions/gitops_kafka_config . $CLI_DIR/functions/gitops_suite . $CLI_DIR/functions/gitops_suite_app_install . $CLI_DIR/functions/gitops_suite_app_config . $CLI_DIR/functions/gitops_suite_certs -. $CLI_DIR/functions/gitops_suite_config +. $CLI_DIR/functions/gitops_mas_config . $CLI_DIR/functions/gitops_suite_dns -. $CLI_DIR/functions/gitops_suite_idp_config -. $CLI_DIR/functions/gitops_suite_objectstorage_config -. $CLI_DIR/functions/gitops_suite_smtp_config . $CLI_DIR/functions/gitops_suite_workspace . $CLI_DIR/functions/gitops_deprovision_app_config . $CLI_DIR/functions/gitops_deprovision_app_install . $CLI_DIR/functions/gitops_deprovision_cos . $CLI_DIR/functions/gitops_deprovision_suite -. $CLI_DIR/functions/gitops_deprovision_suite_config -. $CLI_DIR/functions/gitops_deprovision_suite_objectstorage_config . $CLI_DIR/functions/gitops_deprovision_suite_workspace . $CLI_DIR/functions/gitops_efs . $CLI_DIR/functions/gitops_dro . $CLI_DIR/functions/gitops_db2u . $CLI_DIR/functions/gitops_db2u_database -. $CLI_DIR/functions/gitops_db2u_jdbc_config . $CLI_DIR/functions/gitops_db2u_jdbc_config_rotate_password . $CLI_DIR/functions/gitops_process_mongo_user . $CLI_DIR/functions/gitops_aws_infrastructure @@ -98,11 +91,8 @@ mkdir -p $CONFIG_DIR . $CLI_DIR/functions/gitops_deprovision_rosa . $CLI_DIR/functions/gitops_deprovision_cluster . $CLI_DIR/functions/gitops_deprovision_mongo -. $CLI_DIR/functions/gitops_delete_kafka_config . $CLI_DIR/functions/gitops_deprovision_efs . $CLI_DIR/functions/gitops_deprovision_kafka -. $CLI_DIR/functions/gitops_deprovision_suite_idp_config -. $CLI_DIR/functions/gitops_deprovision_suite_smtp_config . $CLI_DIR/functions/gitops_mas_fvt_preparer . $CLI_DIR/functions/gitops_suite_watson_studio_config . $CLI_DIR/functions/gitops_deprovision_suite_watson_studio_config @@ -265,14 +255,6 @@ case $1 in gitops_cos "$@" ;; - gitops-suite-objectstorage-config) - echo "${TEXT_UNDERLINE}IBM Maximo Application Suite GitOps Manager (v${VERSION})${TEXT_RESET}" - echo "Powered by ${COLOR_CYAN}${TEXT_UNDERLINE}https://github.com/ibm-mas/gitops/${TEXT_RESET}" - echo - reset_colors - gitops_suite_objectstorage_config "$@" - ;; - gitops-cp4d) echo "${TEXT_UNDERLINE}IBM Maximo Application Suite GitOps Manager (v${VERSION})${TEXT_RESET}" echo "Powered by ${COLOR_CYAN}${TEXT_UNDERLINE}https://github.com/ibm-mas/gitops/${TEXT_RESET}" @@ -336,14 +318,14 @@ case $1 in reset_colors gitops_suite_app_config "$@" ;; - gitops-suite-config) + + gitops-mas-config) echo "${TEXT_UNDERLINE}IBM Maximo Application Suite GitOps Manager (v${VERSION})${TEXT_RESET}" echo "Powered by ${COLOR_CYAN}${TEXT_UNDERLINE}https://github.com/ibm-mas/gitops/${TEXT_RESET}" echo reset_colors - gitops_suite_config "$@" + gitops_mas_config "$@" ;; - gitops-suite-dns) echo "${TEXT_UNDERLINE}IBM Maximo Application Suite GitOps Manager (v${VERSION})${TEXT_RESET}" @@ -361,22 +343,6 @@ case $1 in gitops_suite_certs "$@" ;; - gitops-suite-idp-config) - echo "${TEXT_UNDERLINE}IBM Maximo Application Suite GitOps Manager (v${VERSION})${TEXT_RESET}" - echo "Powered by ${COLOR_CYAN}${TEXT_UNDERLINE}https://github.com/ibm-mas/gitops/${TEXT_RESET}" - echo - reset_colors - gitops_suite_idp_config "$@" - ;; - - gitops-suite-smtp-config) - echo "${TEXT_UNDERLINE}IBM Maximo Application Suite GitOps Manager (v${VERSION})${TEXT_RESET}" - echo "Powered by ${COLOR_CYAN}${TEXT_UNDERLINE}https://github.com/ibm-mas/gitops/${TEXT_RESET}" - echo - reset_colors - gitops_suite_smtp_config "$@" - ;; - gitops-suite-workspace) echo "${TEXT_UNDERLINE}IBM Maximo Application Suite GitOps Manager (v${VERSION})${TEXT_RESET}" echo "Powered by ${COLOR_CYAN}${TEXT_UNDERLINE}https://github.com/ibm-mas/gitops/${TEXT_RESET}" @@ -409,14 +375,6 @@ case $1 in gitops_deprovision_suite_workspace "$@" ;; - gitops-deprovision-suite-config) - echo "${TEXT_UNDERLINE}IBM Maximo Application Suite GitOps Manager (v${VERSION})${TEXT_RESET}" - echo "Powered by ${COLOR_CYAN}${TEXT_UNDERLINE}https://github.com/ibm-mas/gitops/${TEXT_RESET}" - echo - reset_colors - gitops_deprovision_suite_config "$@" - ;; - gitops-deprovision-suite) echo "${TEXT_UNDERLINE}IBM Maximo Application Suite GitOps Manager (v${VERSION})${TEXT_RESET}" echo "Powered by ${COLOR_CYAN}${TEXT_UNDERLINE}https://github.com/ibm-mas/gitops/${TEXT_RESET}" @@ -457,22 +415,6 @@ case $1 in gitops_deprovision_cos "$@" ;; - gitops-deprovision-suite-objectstorage-config) - echo "${TEXT_UNDERLINE}IBM Maximo Application Suite GitOps Manager (v${VERSION})${TEXT_RESET}" - echo "Powered by ${COLOR_CYAN}${TEXT_UNDERLINE}https://github.com/ibm-mas/gitops/${TEXT_RESET}" - echo - reset_colors - gitops_deprovision_suite_objectstorage_config "$@" - ;; - - gitops-delete-kafka-config) - echo "${TEXT_UNDERLINE}IBM Maximo Application Suite GitOps Manager (v${VERSION})${TEXT_RESET}" - echo "Powered by ${COLOR_CYAN}${TEXT_UNDERLINE}https://github.com/ibm-mas/gitops/${TEXT_RESET}" - echo - reset_colors - gitops_delete_kafka_config "$@" - ;; - gitops-deprovision-efs) echo "${TEXT_UNDERLINE}IBM Maximo Application Suite GitOps Manager (v${VERSION})${TEXT_RESET}" echo "Powered by ${COLOR_CYAN}${TEXT_UNDERLINE}https://github.com/ibm-mas/gitops/${TEXT_RESET}" @@ -489,22 +431,6 @@ case $1 in gitops_deprovision_kafka "$@" ;; - gitops-deprovision-suite-idp-config) - echo "${TEXT_UNDERLINE}IBM Maximo Application Suite GitOps Manager (v${VERSION})${TEXT_RESET}" - echo "Powered by ${COLOR_CYAN}${TEXT_UNDERLINE}https://github.com/ibm-mas/gitops/${TEXT_RESET}" - echo - reset_colors - gitops_deprovision_suite_idp_config "$@" - ;; - - gitops-deprovision-suite-smtp-config) - echo "${TEXT_UNDERLINE}IBM Maximo Application Suite GitOps Manager (v${VERSION})${TEXT_RESET}" - echo "Powered by ${COLOR_CYAN}${TEXT_UNDERLINE}https://github.com/ibm-mas/gitops/${TEXT_RESET}" - echo - reset_colors - gitops_deprovision_suite_smtp_config "$@" - ;; - gitops-efs) echo "${TEXT_UNDERLINE}IBM Maximo Application Suite GitOps Manager (v${VERSION})${TEXT_RESET}" echo "Powered by ${COLOR_CYAN}${TEXT_UNDERLINE}https://github.com/ibm-mas/gitops/${TEXT_RESET}" @@ -537,14 +463,6 @@ case $1 in gitops_db2u_database "$@" ;; - gitops-db2u-jdbc-config) - echo "${TEXT_UNDERLINE}IBM Maximo Application Suite GitOps Manager (v${VERSION})${TEXT_RESET}" - echo "Powered by ${COLOR_CYAN}${TEXT_UNDERLINE}https://github.com/ibm-mas/gitops/${TEXT_RESET}" - echo - reset_colors - gitops_db2u_jdbc_config "$@" - ;; - gitops-db2u-jdbc-config-rotate-password) echo "${TEXT_UNDERLINE}IBM Maximo Application Suite GitOps Manager (v${VERSION})${TEXT_RESET}" echo "Powered by ${COLOR_CYAN}${TEXT_UNDERLINE}https://github.com/ibm-mas/gitops/${TEXT_RESET}" @@ -569,13 +487,6 @@ case $1 in gitops_kafka "$@" ;; - gitops-kafka-config) - echo "${TEXT_UNDERLINE}IBM Maximo Application Suite GitOps Manager (v${VERSION})${TEXT_RESET}" - echo "Powered by ${COLOR_CYAN}${TEXT_UNDERLINE}https://github.com/ibm-mas/gitops/${TEXT_RESET}" - echo - reset_colors - gitops_kafka_config "$@" - ;; gitops-rosa) echo "${TEXT_UNDERLINE}IBM Maximo Application Suite GitOps Manager (v${VERSION})${TEXT_RESET}" echo "Powered by ${COLOR_CYAN}${TEXT_UNDERLINE}https://github.com/ibm-mas/gitops/${TEXT_RESET}" diff --git a/image/cli/mascli/templates/gitops/appset-configs/cluster/instance/configs/ibm-mas-bas-config.yaml.j2 b/image/cli/mascli/templates/gitops/appset-configs/cluster/instance/configs/ibm-mas-bas-config.yaml.j2 index f11c65c82c..983cac73e9 100644 --- a/image/cli/mascli/templates/gitops/appset-configs/cluster/instance/configs/ibm-mas-bas-config.yaml.j2 +++ b/image/cli/mascli/templates/gitops/appset-configs/cluster/instance/configs/ibm-mas-bas-config.yaml.j2 @@ -1,10 +1,11 @@ -mas_config_name: "{{ MAS_INSTANCE_ID }}-bas-{{ MAS_CONFIG_SCOPE }}{% if MAS_CONFIG_SCOPE == "ws" or MAS_CONFIG_SCOPE == "wsapp" %}-{{ MAS_WORKSPACE_ID }}{% endif %}{% if MAS_CONFIG_SCOPE == "app" or MAS_CONFIG_SCOPE == "wsapp" %}-{{ MAS_APP_ID }}{% endif %}" +mas_config_name: "{{ MAS_CONFIG_NAME }}" mas_config_chart: ibm-mas-bas-config mas_config_scope: {{ MAS_CONFIG_SCOPE }} mas_workspace_id: {{ MAS_WORKSPACE_ID }} mas_application_id: {{ MAS_APP_ID }} mas_config_kind: "bascfgs" mas_config_api_version: "config.mas.ibm.com" +use_postdelete_hooks: {{ USE_POSTDELETE_HOOKS }} mas_instance_id: {{ MAS_INSTANCE_ID }} dro_api_token: diff --git a/image/cli/mascli/templates/gitops/appset-configs/cluster/instance/configs/ibm-mas-config-common.yaml.j2 b/image/cli/mascli/templates/gitops/appset-configs/cluster/instance/configs/ibm-mas-config-common.yaml.j2 new file mode 100644 index 0000000000..921827984e --- /dev/null +++ b/image/cli/mascli/templates/gitops/appset-configs/cluster/instance/configs/ibm-mas-config-common.yaml.j2 @@ -0,0 +1,2 @@ +merge-key: "{{ ACCOUNT_ID }}/{{ REGION_ID }}/{{ CLUSTER_ID }}/{{ MAS_INSTANCE_ID }}" +ibm_mas_suite_configs: [] diff --git a/image/cli/mascli/templates/gitops/appset-configs/cluster/instance/configs/ibm-mas-jdbc-config.yaml.j2 b/image/cli/mascli/templates/gitops/appset-configs/cluster/instance/configs/ibm-mas-jdbc-config.yaml.j2 index 5d75ae94e2..e27edc2d2c 100644 --- a/image/cli/mascli/templates/gitops/appset-configs/cluster/instance/configs/ibm-mas-jdbc-config.yaml.j2 +++ b/image/cli/mascli/templates/gitops/appset-configs/cluster/instance/configs/ibm-mas-jdbc-config.yaml.j2 @@ -1,10 +1,11 @@ -mas_config_name: "{{ MAS_INSTANCE_ID }}-jdbc-{{ MAS_CONFIG_SCOPE }}{% if MAS_CONFIG_SCOPE == "ws" or MAS_CONFIG_SCOPE == "wsapp" %}-{{ MAS_WORKSPACE_ID }}{% endif %}{% if MAS_CONFIG_SCOPE == "app" or MAS_CONFIG_SCOPE == "wsapp" %}-{{ MAS_APP_ID }}{% endif %}" +mas_config_name: "{{ MAS_CONFIG_NAME }}" mas_config_chart: ibm-db2u-jdbc-config mas_config_scope: {{ MAS_CONFIG_SCOPE }} mas_workspace_id: {{ MAS_WORKSPACE_ID }} mas_application_id: {{ MAS_APP_ID }} mas_config_kind: "jdbccfgs" mas_config_api_version: "config.mas.ibm.com" +use_postdelete_hooks: {{ USE_POSTDELETE_HOOKS }} db2_instance_name: {{ DB2_INSTANCE_NAME }} mas_instance_id: {{ MAS_INSTANCE_ID }} diff --git a/image/cli/mascli/templates/gitops/appset-configs/cluster/instance/configs/ibm-mas-kafka-config.yaml.j2 b/image/cli/mascli/templates/gitops/appset-configs/cluster/instance/configs/ibm-mas-kafka-config.yaml.j2 index 414d395eb9..98270d4322 100644 --- a/image/cli/mascli/templates/gitops/appset-configs/cluster/instance/configs/ibm-mas-kafka-config.yaml.j2 +++ b/image/cli/mascli/templates/gitops/appset-configs/cluster/instance/configs/ibm-mas-kafka-config.yaml.j2 @@ -1,10 +1,11 @@ -mas_config_name: "{{ MAS_INSTANCE_ID }}-kafka-{{ MAS_CONFIG_SCOPE }}{% if MAS_CONFIG_SCOPE == "ws" or MAS_CONFIG_SCOPE == "wsapp" %}-{{ MAS_WORKSPACE_ID }}{% endif %}{% if MAS_CONFIG_SCOPE == "app" or MAS_CONFIG_SCOPE == "wsapp" %}-{{ MAS_APP_ID }}{% endif %}" +mas_config_name: "{{ MAS_CONFIG_NAME }}" mas_config_chart: ibm-kafka-config mas_config_scope: {{ MAS_CONFIG_SCOPE }} mas_workspace_id: {{ MAS_WORKSPACE_ID }} mas_application_id: {{ MAS_APP_ID }} mas_config_kind: "kafkacfgs" mas_config_api_version: "config.mas.ibm.com" +use_postdelete_hooks: {{ USE_POSTDELETE_HOOKS }} mas_instance_id: {{ MAS_INSTANCE_ID }} suite_kafka_username: diff --git a/image/cli/mascli/templates/gitops/appset-configs/cluster/instance/configs/ibm-mas-idp-config.yaml.j2 b/image/cli/mascli/templates/gitops/appset-configs/cluster/instance/configs/ibm-mas-ldap-default-config.yaml.j2 similarity index 72% rename from image/cli/mascli/templates/gitops/appset-configs/cluster/instance/configs/ibm-mas-idp-config.yaml.j2 rename to image/cli/mascli/templates/gitops/appset-configs/cluster/instance/configs/ibm-mas-ldap-default-config.yaml.j2 index cd2c1a17b2..6f4ae21500 100644 --- a/image/cli/mascli/templates/gitops/appset-configs/cluster/instance/configs/ibm-mas-idp-config.yaml.j2 +++ b/image/cli/mascli/templates/gitops/appset-configs/cluster/instance/configs/ibm-mas-ldap-default-config.yaml.j2 @@ -1,10 +1,11 @@ -mas_config_name: "{{ MAS_INSTANCE_ID }}-ldap-default-{{ MAS_CONFIG_SCOPE }}{% if MAS_CONFIG_SCOPE == "ws" or MAS_CONFIG_SCOPE == "wsapp" %}-{{ MAS_WORKSPACE_ID }}{% endif %}{% if MAS_CONFIG_SCOPE == "app" or MAS_CONFIG_SCOPE == "wsapp" %}-{{ MAS_APP_ID }}{% endif %}" +mas_config_name: "{{ MAS_CONFIG_NAME }}" mas_config_chart: ibm-mas-idp-config mas_config_scope: {{ MAS_CONFIG_SCOPE }} mas_workspace_id: {{ MAS_WORKSPACE_ID }} mas_application_id: {{ MAS_APP_ID }} mas_config_kind: "idpcfgs" mas_config_api_version: "config.mas.ibm.com" +use_postdelete_hooks: {{ USE_POSTDELETE_HOOKS }} mas_instance_id: {{ MAS_INSTANCE_ID }} diff --git a/image/cli/mascli/templates/gitops/appset-configs/cluster/instance/configs/ibm-mas-mongo-config.yaml.j2 b/image/cli/mascli/templates/gitops/appset-configs/cluster/instance/configs/ibm-mas-mongo-config.yaml.j2 index c3f12c68ee..a845e054e9 100644 --- a/image/cli/mascli/templates/gitops/appset-configs/cluster/instance/configs/ibm-mas-mongo-config.yaml.j2 +++ b/image/cli/mascli/templates/gitops/appset-configs/cluster/instance/configs/ibm-mas-mongo-config.yaml.j2 @@ -1,10 +1,11 @@ -mas_config_name: "{{ MAS_INSTANCE_ID }}-mongo-{{ MAS_CONFIG_SCOPE }}{% if MAS_CONFIG_SCOPE == "ws" or MAS_CONFIG_SCOPE == "wsapp" %}-{{ MAS_WORKSPACE_ID }}{% endif %}{% if MAS_CONFIG_SCOPE == "app" or MAS_CONFIG_SCOPE == "wsapp" %}-{{ MAS_APP_ID }}{% endif %}" +mas_config_name: "{{ MAS_CONFIG_NAME }}" mas_config_chart: ibm-mas-mongo-config mas_config_scope: {{ MAS_CONFIG_SCOPE }} mas_workspace_id: {{ MAS_WORKSPACE_ID }} mas_application_id: {{ MAS_APP_ID }} mas_config_kind: "mongocfgs" mas_config_api_version: "config.mas.ibm.com" +use_postdelete_hooks: {{ USE_POSTDELETE_HOOKS }} mas_instance_id: {{ MAS_INSTANCE_ID }} username: diff --git a/image/cli/mascli/templates/gitops/appset-configs/cluster/instance/configs/ibm-mas-objectstorage-config.yaml.j2 b/image/cli/mascli/templates/gitops/appset-configs/cluster/instance/configs/ibm-mas-objectstorage-config.yaml.j2 index 090eb06b53..48cadba303 100644 --- a/image/cli/mascli/templates/gitops/appset-configs/cluster/instance/configs/ibm-mas-objectstorage-config.yaml.j2 +++ b/image/cli/mascli/templates/gitops/appset-configs/cluster/instance/configs/ibm-mas-objectstorage-config.yaml.j2 @@ -1,11 +1,12 @@ -mas_config_name: "{{ MAS_INSTANCE_ID }}-objectstorage-{{ MAS_CONFIG_SCOPE }}{% if MAS_CONFIG_SCOPE == "ws" or MAS_CONFIG_SCOPE == "wsapp" %}-{{ MAS_WORKSPACE_ID }}{% endif %}{% if MAS_CONFIG_SCOPE == "app" or MAS_CONFIG_SCOPE == "wsapp" %}-{{ MAS_APP_ID }}{% endif %}" +mas_config_name: "{{ MAS_CONFIG_NAME }}" mas_config_chart: ibm-objectstorage-config mas_config_scope: {{ MAS_CONFIG_SCOPE }} mas_workspace_id: {{ MAS_WORKSPACE_ID }} mas_application_id: {{ MAS_APP_ID }} mas_config_kind: "objectstoragecfgs" mas_config_api_version: "config.mas.ibm.com" +use_postdelete_hooks: {{ USE_POSTDELETE_HOOKS }} mas_instance_id: {{ MAS_INSTANCE_ID }} suite_objectstorage_username: diff --git a/image/cli/mascli/templates/gitops/appset-configs/cluster/instance/configs/ibm-mas-sls-config.yaml.j2 b/image/cli/mascli/templates/gitops/appset-configs/cluster/instance/configs/ibm-mas-sls-config.yaml.j2 index fd913c0208..bd2f11de40 100644 --- a/image/cli/mascli/templates/gitops/appset-configs/cluster/instance/configs/ibm-mas-sls-config.yaml.j2 +++ b/image/cli/mascli/templates/gitops/appset-configs/cluster/instance/configs/ibm-mas-sls-config.yaml.j2 @@ -1,10 +1,11 @@ -mas_config_name: "{{ MAS_INSTANCE_ID }}-sls-{{ MAS_CONFIG_SCOPE }}{% if MAS_CONFIG_SCOPE == "ws" or MAS_CONFIG_SCOPE == "wsapp" %}-{{ MAS_WORKSPACE_ID }}{% endif %}{% if MAS_CONFIG_SCOPE == "app" or MAS_CONFIG_SCOPE == "wsapp" %}-{{ MAS_APP_ID }}{% endif %}" +mas_config_name: "{{ MAS_CONFIG_NAME }}" mas_config_chart: ibm-mas-sls-config mas_config_scope: {{ MAS_CONFIG_SCOPE }} mas_workspace_id: {{ MAS_WORKSPACE_ID }} mas_application_id: {{ MAS_APP_ID }} mas_config_kind: "slscfgs" mas_config_api_version: "config.mas.ibm.com" +use_postdelete_hooks: {{ USE_POSTDELETE_HOOKS }} mas_instance_id: {{ MAS_INSTANCE_ID }} registration_key: diff --git a/image/cli/mascli/templates/gitops/appset-configs/cluster/instance/configs/ibm-mas-smtp-config.yaml.j2 b/image/cli/mascli/templates/gitops/appset-configs/cluster/instance/configs/ibm-mas-smtp-config.yaml.j2 index 4c0b1b454b..ecb154a248 100644 --- a/image/cli/mascli/templates/gitops/appset-configs/cluster/instance/configs/ibm-mas-smtp-config.yaml.j2 +++ b/image/cli/mascli/templates/gitops/appset-configs/cluster/instance/configs/ibm-mas-smtp-config.yaml.j2 @@ -1,10 +1,11 @@ -mas_config_name: "{{ MAS_INSTANCE_ID }}-smtp-{{ MAS_CONFIG_SCOPE }}{% if MAS_CONFIG_SCOPE == "ws" or MAS_CONFIG_SCOPE == "wsapp" %}-{{ MAS_WORKSPACE_ID }}{% endif %}{% if MAS_CONFIG_SCOPE == "app" or MAS_CONFIG_SCOPE == "wsapp" %}-{{ MAS_APP_ID }}{% endif %}" +mas_config_name: "{{ MAS_CONFIG_NAME }}" mas_config_chart: ibm-mas-smtp-config mas_config_scope: {{ MAS_CONFIG_SCOPE }} mas_workspace_id: {{ MAS_WORKSPACE_ID }} mas_application_id: {{ MAS_APP_ID }} mas_config_kind: "smtpcfgs" mas_config_api_version: "config.mas.ibm.com" +use_postdelete_hooks: {{ USE_POSTDELETE_HOOKS }} mas_instance_id: {{ MAS_INSTANCE_ID }} suite_smtp_username: diff --git a/image/cli/mascli/templates/gitops/bootstrap/root-application.yaml.j2 b/image/cli/mascli/templates/gitops/bootstrap/root-application.yaml.j2 index 75aafbd773..612e4e1123 100644 --- a/image/cli/mascli/templates/gitops/bootstrap/root-application.yaml.j2 +++ b/image/cli/mascli/templates/gitops/bootstrap/root-application.yaml.j2 @@ -29,6 +29,8 @@ spec: "argoapp_namespace": "{{ ARGOAPP_NAMESPACE }}" } syncPolicy: - automated: {} + automated: + prune: true + selfHeal: true syncOptions: - CreateNamespace=false diff --git a/tekton/src/tasks/gitops/gitops-db2u-config.yml.j2 b/tekton/src/tasks/gitops/gitops-db2u-config.yml.j2 index af34d9d649..0e544f04c0 100644 --- a/tekton/src/tasks/gitops/gitops-db2u-config.yml.j2 +++ b/tekton/src/tasks/gitops/gitops-db2u-config.yml.j2 @@ -44,15 +44,15 @@ spec: stepTemplate: name: gitops-db2u-config env: - - name: CLUSTER_NAME + - name: CLUSTER_ID value: $(params.cluster_name) - name: OCP_SERVER value: $(params.cluster_url) - - name: ACCOUNT + - name: ACCOUNT_ID value: $(params.account) - name: GITHUB_REPO value: $(params.github_repo) - - name: SECRET_PATH + - name: SECRETS_PATH value: $(params.secrets_path) - name: GIT_BRANCH value: $(params.git_branch) @@ -98,15 +98,26 @@ spec: export DB2_LDAP_USERNAME=${!DB2_USER_VAR} export DB2_LDAP_PASSWORD=${!DB2_PASSWORD_VAR} - mkdir -p /tmp/init-db2u-jdbc-config-$MAS_APP_ID - mas gitops-db2u-jdbc-config -a $ACCOUNT -c $CLUSTER_NAME \ - --dir /tmp/init-db2u-jdbc-config-$MAS_APP_ID \ - --secrets-path $SECRET_PATH \ - --github-push \ - --github-host $GITHUB_HOST \ - --github-org $GITHUB_ORG \ - --github-repo $GITHUB_REPO \ - --git-branch $GIT_BRANCH + mas gitops-mas-config \ + --account-id "$ACCOUNT_ID" \ + --cluster-id "$CLUSTER_ID" \ + --mas-instance-id "$MAS_INSTANCE_ID" \ + --mas-workspace-id "$MAS_WORKSPACE_ID" \ + --mas-app-id "$MAS_APP_ID" \ + --secrets-path "$SECRETS_PATH" \ + --github-push \ + --github-host "$GITHUB_HOST" \ + --github-org "$GITHUB_ORG" \ + --github-repo "$GITHUB_REPO" \ + --git-branch "$GIT_BRANCH" \ + --config-action upsert \ + --mas-config-scope "$MAS_CONFIG_SCOPE" \ + --mas-config-type jdbc \ + --dir /tmp/init-db2u-jdbc-config-$MAS_APP_ID \ + --gitops-config-dir "$GITOPS_CONFIG_DIR" \ + --db2-instance-name "db2wh-$MAS_INSTANCE_ID-$MAS_APP_ID" \ + --tls-version "$TLS_VERSION" + exit $? command: diff --git a/tekton/src/tasks/gitops/gitops-delete-kafka-config.yml.j2 b/tekton/src/tasks/gitops/gitops-delete-kafka-config.yml.j2 index cc28e4bc8b..810fe51fe5 100644 --- a/tekton/src/tasks/gitops/gitops-delete-kafka-config.yml.j2 +++ b/tekton/src/tasks/gitops/gitops-delete-kafka-config.yml.j2 @@ -38,13 +38,13 @@ spec: stepTemplate: name: gitops-delete-kafka-config env: - - name: CLUSTER_NAME + - name: CLUSTER_ID value: $(params.cluster_name) - - name: ACCOUNT + - name: ACCOUNT_ID value: $(params.account) - name: REGION value: $(params.region) - - name: SECRET_PATH + - name: SECRETS_PATH value: $(params.secrets_path) - name: MAS_INSTANCE_ID value: $(params.mas_instance_id) @@ -73,7 +73,7 @@ spec: steps: - args: - |- - mkdir -p /tmp/delete-kafka-config + aws configure set aws_access_key_id $SM_AWS_ACCESS_KEY_ID aws configure set aws_secret_access_key $SM_AWS_SECRET_ACCESS_KEY @@ -83,14 +83,21 @@ spec: git config --global user.email "you@example.com" git config --global user.password $GITHUB_PAT - mas gitops-delete-kafka-config -a $ACCOUNT -c $CLUSTER_NAME -m $MAS_INSTANCE_ID \ - --secrets-path $SECRET_PATH \ - --dir /tmp/delete-kafka-config \ + mkdir -p /tmp/delete-kafka-config + mas gitops-mas-config \ + --account-id "$ACCOUNT_ID" \ + --cluster-id "$CLUSTER_ID" \ + --mas-instance-id "$MAS_INSTANCE_ID" \ + --secrets-path "$SECRETS_PATH" \ --github-push \ - --github-host $GITHUB_HOST \ - --github-org $GITHUB_ORG \ - --github-repo $GITHUB_REPO \ - --git-branch $GIT_BRANCH + --github-host "$GITHUB_HOST" \ + --github-org "$GITHUB_ORG" \ + --github-repo "$GITHUB_REPO" \ + --git-branch "$GIT_BRANCH" \ + --config-action remove \ + --mas-config-scope system \ + --mas-config-type kafka \ + --dir /tmp/delete-kafka-config command: - /bin/sh - -c diff --git a/tekton/src/tasks/gitops/gitops-deprovision-suite-config.yml.j2 b/tekton/src/tasks/gitops/gitops-deprovision-suite-config.yml.j2 index 5f8799e15d..11e7e06ef6 100644 --- a/tekton/src/tasks/gitops/gitops-deprovision-suite-config.yml.j2 +++ b/tekton/src/tasks/gitops/gitops-deprovision-suite-config.yml.j2 @@ -39,13 +39,13 @@ spec: stepTemplate: name: gitops-deprovision-suite-config env: - - name: CLUSTER_NAME + - name: CLUSTER_ID value: $(params.cluster_name) - - name: ACCOUNT + - name: ACCOUNT_ID value: $(params.account) - name: REGION value: $(params.region) - - name: SECRET_PATH + - name: SECRETS_PATH value: $(params.secrets_path) - name: MAS_INSTANCE_ID value: $(params.mas_instance_id) @@ -76,20 +76,101 @@ spec: steps: - args: - |- - mkdir -p /tmp/deprovision-suite-config + git config --global user.name "MAS Automation" git config --global user.email "you@example.com" git config --global user.password $GITHUB_PAT - mas gitops-deprovision-suite-config -a $ACCOUNT -c $CLUSTER_NAME -m $MAS_INSTANCE_ID \ - --secrets-path $SECRET_PATH \ - --dir /tmp/deprovision-suite-config \ + # TODO: the calls to remove JDBC config really belong in their own tasks (without the hard-coded appid/wsid/db2_instance_name params) + # For now, as I need to limit the impact of the changes under MASCORE-2082 (Replace configs appset with individual Applications), + # I'm simply porting our existing code over without changing the interface/layout of our Tekton pipelines + # The equivalents of the operations performed below were previously handled by the (deprecated) gitops-deprovision-suite-config function + + mkdir -p /tmp/deprovision-suite-config-iotdb2 + mas gitops-mas-config \ + --account-id "$ACCOUNT_ID" \ + --cluster-id "$CLUSTER_ID" \ + --mas-instance-id "$MAS_INSTANCE_ID" \ + --secrets-path "$SECRETS_PATH" \ + --github-push \ + --github-host "$GITHUB_HOST" \ + --github-org "$GITHUB_ORG" \ + --github-repo "$GITHUB_REPO" \ + --git-branch "$GIT_BRANCH" \ + --config-action remove \ + --mas-config-scope system \ + --mas-config-type jdbc \ + --dir /tmp/deprovision-suite-config-iotdb2 \ + --db2-instance-name "db2wh-$MAS_INSTANCE_ID-iot" + + mkdir -p /tmp/deprovision-suite-config-managedb2 + mas gitops-mas-config \ + --account-id "$ACCOUNT_ID" \ + --cluster-id "$CLUSTER_ID" \ + --mas-instance-id "$MAS_INSTANCE_ID" \ + --secrets-path "$SECRETS_PATH" \ + --github-push \ + --github-host "$GITHUB_HOST" \ + --github-org "$GITHUB_ORG" \ + --github-repo "$GITHUB_REPO" \ + --git-branch "$GIT_BRANCH" \ + --config-action remove \ + --mas-config-scope wsapp \ + --mas-config-type jdbc \ + --dir /tmp/deprovision-suite-config-managedb2 \ + --mas-workspace-id "masdev" \ + --mas-app-id "manage" \ + --db2-instance-name "db2wh-$MAS_INSTANCE_ID-manage" + + mkdir -p /tmp/deprovision-suite-config-sls + mas gitops-mas-config \ + --account-id "$ACCOUNT_ID" \ + --cluster-id "$CLUSTER_ID" \ + --mas-instance-id "$MAS_INSTANCE_ID" \ + --secrets-path "$SECRETS_PATH" \ --github-push \ - --github-host $GITHUB_HOST \ - --github-org $GITHUB_ORG \ - --github-repo $GITHUB_REPO \ - --git-branch $GIT_BRANCH + --github-host "$GITHUB_HOST" \ + --github-org "$GITHUB_ORG" \ + --github-repo "$GITHUB_REPO" \ + --git-branch "$GIT_BRANCH" \ + --config-action remove \ + --mas-config-scope system \ + --mas-config-type sls \ + --dir /tmp/deprovision-suite-config-sls + + mkdir -p /tmp/deprovision-suite-config-mongo + mas gitops-mas-config \ + --account-id "$ACCOUNT_ID" \ + --cluster-id "$CLUSTER_ID" \ + --mas-instance-id "$MAS_INSTANCE_ID" \ + --secrets-path "$SECRETS_PATH" \ + --github-push \ + --github-host "$GITHUB_HOST" \ + --github-org "$GITHUB_ORG" \ + --github-repo "$GITHUB_REPO" \ + --git-branch "$GIT_BRANCH" \ + --config-action remove \ + --mas-config-scope system \ + --mas-config-type mongo \ + --dir /tmp/deprovision-suite-config-mongo + + mkdir -p /tmp/deprovision-suite-config-bas + mas gitops-mas-config \ + --account-id "$ACCOUNT_ID" \ + --cluster-id "$CLUSTER_ID" \ + --mas-instance-id "$MAS_INSTANCE_ID" \ + --secrets-path "$SECRETS_PATH" \ + --github-push \ + --github-host "$GITHUB_HOST" \ + --github-org "$GITHUB_ORG" \ + --github-repo "$GITHUB_REPO" \ + --git-branch "$GIT_BRANCH" \ + --config-action remove \ + --mas-config-scope system \ + --mas-config-type bas \ + --dir /tmp/deprovision-suite-config-bas + command: - /bin/sh - -c diff --git a/tekton/src/tasks/gitops/gitops-deprovision-suite-idp-config.yml.j2 b/tekton/src/tasks/gitops/gitops-deprovision-suite-idp-config.yml.j2 index 702f18de41..0a4eb50859 100644 --- a/tekton/src/tasks/gitops/gitops-deprovision-suite-idp-config.yml.j2 +++ b/tekton/src/tasks/gitops/gitops-deprovision-suite-idp-config.yml.j2 @@ -39,13 +39,13 @@ spec: stepTemplate: name: gitops-deprovision-suite-idp-config env: - - name: CLUSTER_NAME + - name: CLUSTER_ID value: $(params.cluster_name) - - name: ACCOUNT + - name: ACCOUNT_ID value: $(params.account) - name: REGION value: $(params.region) - - name: SECRET_PATH + - name: SECRETS_PATH value: $(params.secrets_path) - name: MAS_INSTANCE_ID value: $(params.mas_instance_id) @@ -76,20 +76,28 @@ spec: steps: - args: - |- - mkdir -p /tmp/deprovision-suite-idp-config + git config --global user.name "MAS Automation" git config --global user.email "you@example.com" git config --global user.password $GITHUB_PAT - mas gitops-deprovision-suite-idp-config -a $ACCOUNT -c $CLUSTER_NAME -m $MAS_INSTANCE_ID \ - --secrets-path $SECRET_PATH \ - --dir /tmp/deprovision-suite-idp-config \ + mkdir -p /tmp/deprovision-suite-idp-config + mas gitops-mas-config \ + --account-id "$ACCOUNT_ID" \ + --cluster-id "$CLUSTER_ID" \ + --mas-instance-id "$MAS_INSTANCE_ID" \ + --secrets-path "$SECRETS_PATH" \ --github-push \ - --github-host $GITHUB_HOST \ - --github-org $GITHUB_ORG \ - --github-repo $GITHUB_REPO \ - --git-branch $GIT_BRANCH + --github-host "$GITHUB_HOST" \ + --github-org "$GITHUB_ORG" \ + --github-repo "$GITHUB_REPO" \ + --git-branch "$GIT_BRANCH" \ + --config-action remove \ + --mas-config-scope system \ + --mas-config-type ldap-default \ + --dir /tmp/deprovision-suite-idp-config + command: - /bin/sh - -c diff --git a/tekton/src/tasks/gitops/gitops-deprovision-suite-objectstorage-config.yml.j2 b/tekton/src/tasks/gitops/gitops-deprovision-suite-objectstorage-config.yml.j2 index b38908e541..29b95e7a5d 100644 --- a/tekton/src/tasks/gitops/gitops-deprovision-suite-objectstorage-config.yml.j2 +++ b/tekton/src/tasks/gitops/gitops-deprovision-suite-objectstorage-config.yml.j2 @@ -39,13 +39,13 @@ spec: stepTemplate: name: gitops-deprovision-suite-objectstorage-config env: - - name: CLUSTER_NAME + - name: CLUSTER_ID value: $(params.cluster_name) - - name: ACCOUNT + - name: ACCOUNT_ID value: $(params.account) - name: REGION value: $(params.region) - - name: SECRET_PATH + - name: SECRETS_PATH value: $(params.secrets_path) - name: MAS_INSTANCE_ID value: $(params.mas_instance_id) @@ -76,20 +76,26 @@ spec: steps: - args: - |- - mkdir -p /tmp/deprovision-suite-objectstorage-config git config --global user.name "MAS Automation" git config --global user.email "you@example.com" git config --global user.password $GITHUB_PAT - mas gitops-deprovision-suite-objectstorage-config -a $ACCOUNT -c $CLUSTER_NAME -m $MAS_INSTANCE_ID \ - --secrets-path $SECRET_PATH \ - --dir /tmp/deprovision-suite-objectstorage-config \ + mkdir -p /tmp/deprovision-suite-objectstorage-config + mas gitops-mas-config \ + --account-id "$ACCOUNT_ID" \ + --cluster-id "$CLUSTER_ID" \ + --mas-instance-id "$MAS_INSTANCE_ID" \ + --secrets-path "$SECRETS_PATH" \ --github-push \ - --github-host $GITHUB_HOST \ - --github-org $GITHUB_ORG \ - --github-repo $GITHUB_REPO \ - --git-branch $GIT_BRANCH + --github-host "$GITHUB_HOST" \ + --github-org "$GITHUB_ORG" \ + --github-repo "$GITHUB_REPO" \ + --git-branch "$GIT_BRANCH" \ + --config-action remove \ + --mas-config-scope system \ + --mas-config-type objectstorage \ + --dir /tmp/deprovision-suite-objectstorage-config command: - /bin/sh - -c diff --git a/tekton/src/tasks/gitops/gitops-deprovision-suite-smtp-config.yml.j2 b/tekton/src/tasks/gitops/gitops-deprovision-suite-smtp-config.yml.j2 index 0def7b18e5..6e709b97bc 100644 --- a/tekton/src/tasks/gitops/gitops-deprovision-suite-smtp-config.yml.j2 +++ b/tekton/src/tasks/gitops/gitops-deprovision-suite-smtp-config.yml.j2 @@ -39,13 +39,13 @@ spec: stepTemplate: name: gitops-deprovision-suite-smtp-config env: - - name: CLUSTER_NAME + - name: CLUSTER_ID value: $(params.cluster_name) - - name: ACCOUNT + - name: ACCOUNT_ID value: $(params.account) - name: REGION value: $(params.region) - - name: SECRET_PATH + - name: SECRETS_PATH value: $(params.secrets_path) - name: MAS_INSTANCE_ID value: $(params.mas_instance_id) @@ -76,20 +76,26 @@ spec: steps: - args: - |- - mkdir -p /tmp/deprovision-suite-smtp-config git config --global user.name "MAS Automation" git config --global user.email "you@example.com" git config --global user.password $GITHUB_PAT - mas gitops-deprovision-suite-smtp-config -a $ACCOUNT -c $CLUSTER_NAME -m $MAS_INSTANCE_ID \ - --secrets-path $SECRET_PATH \ - --dir /tmp/deprovision-suite-smtp-config \ + mkdir -p /tmp/deprovision-suite-smtp-config + mas gitops-mas-config \ + --account-id "$ACCOUNT_ID" \ + --cluster-id "$CLUSTER_ID" \ + --mas-instance-id "$MAS_INSTANCE_ID" \ + --secrets-path "$SECRETS_PATH" \ --github-push \ - --github-host $GITHUB_HOST \ - --github-org $GITHUB_ORG \ - --github-repo $GITHUB_REPO \ - --git-branch $GIT_BRANCH + --github-host "$GITHUB_HOST" \ + --github-org "$GITHUB_ORG" \ + --github-repo "$GITHUB_REPO" \ + --git-branch "$GIT_BRANCH" \ + --config-action remove \ + --mas-config-scope system \ + --mas-config-type smtp \ + --dir /tmp/deprovision-suite-smtp-config command: - /bin/sh - -c diff --git a/tekton/src/tasks/gitops/gitops-kafka-config.yml.j2 b/tekton/src/tasks/gitops/gitops-kafka-config.yml.j2 index 53ad1c28a2..477dbca98c 100644 --- a/tekton/src/tasks/gitops/gitops-kafka-config.yml.j2 +++ b/tekton/src/tasks/gitops/gitops-kafka-config.yml.j2 @@ -36,13 +36,13 @@ spec: stepTemplate: name: gitops-kafka-config env: - - name: CLUSTER_NAME + - name: CLUSTER_ID value: $(params.cluster_name) - name: OCP_SERVER value: $(params.cluster_url) - - name: ACCOUNT + - name: ACCOUNT_ID value: $(params.account) - - name: SECRET_PATH + - name: SECRETS_PATH value: $(params.secrets_path) - name: MAS_INSTANCE_ID value: $(params.mas_instance_id) @@ -75,14 +75,21 @@ spec: git config --global user.email "you@example.com" git config --global user.password $GITHUB_PAT - mas gitops-kafka-config -a $ACCOUNT -c $CLUSTER_NAME -m $MAS_INSTANCE_ID \ - --secrets-path $SECRET_PATH \ - --dir /tmp/init-kafka-config \ - --github-push \ - --github-host $GITHUB_HOST \ - --github-org $GITHUB_ORG \ - --github-repo $GITHUB_REPO \ - --git-branch $GIT_BRANCH + mas gitops-mas-config \ + --account-id "$ACCOUNT_ID" \ + --cluster-id "$CLUSTER_ID" \ + --mas-instance-id "$MAS_INSTANCE_ID" \ + --secrets-path "$SECRETS_PATH" \ + --github-push \ + --github-host "$GITHUB_HOST" \ + --github-org "$GITHUB_ORG" \ + --github-repo "$GITHUB_REPO" \ + --git-branch "$GIT_BRANCH" \ + --config-action upsert \ + --mas-config-scope system \ + --mas-config-type kafka \ + --dir /tmp/init-kafka-config + command: - /bin/sh - -c diff --git a/tekton/src/tasks/gitops/gitops-suite-config.yml.j2 b/tekton/src/tasks/gitops/gitops-suite-config.yml.j2 index a012036548..532db351ff 100644 --- a/tekton/src/tasks/gitops/gitops-suite-config.yml.j2 +++ b/tekton/src/tasks/gitops/gitops-suite-config.yml.j2 @@ -49,15 +49,15 @@ spec: env: - name: OCP_SERVER value: $(params.cluster_url) - - name: CLUSTER_NAME + - name: CLUSTER_ID value: $(params.cluster_name) - - name: ACCOUNT + - name: ACCOUNT_ID value: $(params.account) - - name: SECRET_PATH + - name: SECRETS_PATH value: $(params.secrets_path) - name: MAS_INSTANCE_ID value: $(params.mas_instance_id) - - name: MONGO_PROVIDER + - name: MONGODB_PROVIDER value: $(params.mongo_provider) - name: GIT_BRANCH value: $(params.git_branch) @@ -92,21 +92,66 @@ spec: steps: - args: - |- - mkdir -p /tmp/init-suite-config + git config --global user.name "MAS Automation" git config --global user.email "you@example.com" git config --global user.password $GITHUB_PAT - mas gitops-suite-config -a $ACCOUNT -c $CLUSTER_NAME -m $MAS_INSTANCE_ID \ - --secrets-path $SECRET_PATH \ - --mongo-provider $MONGO_PROVIDER \ - --dir /tmp/init-suite-config \ + mkdir -p /tmp/init-mas-config-mongo + mas gitops-mas-config \ + --account-id "$ACCOUNT_ID" \ + --cluster-id "$CLUSTER_ID" \ + --mas-instance-id "$MAS_INSTANCE_ID" \ + --secrets-path "$SECRETS_PATH" \ --github-push \ - --github-host $GITHUB_HOST \ - --github-org $GITHUB_ORG \ - --github-repo $GITHUB_REPO \ - --git-branch $GIT_BRANCH + --github-host "$GITHUB_HOST" \ + --github-org "$GITHUB_ORG" \ + --github-repo "$GITHUB_REPO" \ + --git-branch "$GIT_BRANCH" \ + --config-action upsert \ + --mas-config-scope system \ + --mas-config-type mongo \ + --dir /tmp/init-mas-config-mongo \ + --mongo-provider "$MONGODB_PROVIDER" + + mkdir -p /tmp/init-mas-config-sls + mas gitops-mas-config \ + --account-id "$ACCOUNT_ID" \ + --cluster-id "$CLUSTER_ID" \ + --mas-instance-id "$MAS_INSTANCE_ID" \ + --secrets-path "$SECRETS_PATH" \ + --github-push \ + --github-host "$GITHUB_HOST" \ + --github-org "$GITHUB_ORG" \ + --github-repo "$GITHUB_REPO" \ + --git-branch "$GIT_BRANCH" \ + --config-action upsert \ + --mas-config-scope system \ + --mas-config-type sls \ + --dir /tmp/init-mas-config-sls + + mkdir -p /tmp/init-mas-config-bas + mas gitops-mas-config \ + --account-id "$ACCOUNT_ID" \ + --cluster-id "$CLUSTER_ID" \ + --mas-instance-id "$MAS_INSTANCE_ID" \ + --secrets-path "$SECRETS_PATH" \ + --github-push \ + --github-host "$GITHUB_HOST" \ + --github-org "$GITHUB_ORG" \ + --github-repo "$GITHUB_REPO" \ + --git-branch "$GIT_BRANCH" \ + --config-action upsert \ + --mas-config-scope system \ + --mas-config-type bas \ + --dir /tmp/init-mas-config-bas \ + --dro-contact-email "$DRO_CONTACT_EMAIL" \ + --dro-contact-firstname "$DRO_CONTACT_FIRSTNAME" \ + --dro-contact-lastname "$DRO_CONTACT_LASTNAME" \ + --dro-ca-certificate-file "$DRO_CA_CERTIFICATE_FILE" + + command: - /bin/sh - -c diff --git a/tekton/src/tasks/gitops/gitops-suite-idp-config.yml.j2 b/tekton/src/tasks/gitops/gitops-suite-idp-config.yml.j2 index d81dbd37de..8afa772c1b 100644 --- a/tekton/src/tasks/gitops/gitops-suite-idp-config.yml.j2 +++ b/tekton/src/tasks/gitops/gitops-suite-idp-config.yml.j2 @@ -53,13 +53,13 @@ spec: stepTemplate: name: gitops-suite-idp-config env: - - name: CLUSTER_NAME + - name: CLUSTER_ID value: $(params.cluster_name) - name: OCP_SERVER value: $(params.cluster_url) - - name: ACCOUNT + - name: ACCOUNT_ID value: $(params.account) - - name: SECRET_PATH + - name: SECRETS_PATH value: $(params.secrets_path) - name: MAS_INSTANCE_ID value: $(params.mas_instance_id) @@ -104,20 +104,27 @@ spec: git config --global user.email "you@example.com" git config --global user.password $GITHUB_PAT - mas gitops-suite-idp-config -a $ACCOUNT -c $CLUSTER_NAME -m $MAS_INSTANCE_ID \ - --secrets-path $SECRET_PATH \ - --dir /tmp/init-suite-idp-config \ + mas gitops-mas-config \ + --account-id "$ACCOUNT_ID" \ + --cluster-id "$CLUSTER_ID" \ + --mas-instance-id "$MAS_INSTANCE_ID" \ + --secrets-path "$SECRETS_PATH" \ --github-push \ - --github-host $GITHUB_HOST \ - --github-org $GITHUB_ORG \ - --github-repo $GITHUB_REPO \ - --git-branch $GIT_BRANCH \ - --ldap-url $LDAP_URL \ - --ldap-basedn $LDAP_BASEDN \ - --ldap-userid-map $LDAP_USERID_MAP \ + --github-host "$GITHUB_HOST" \ + --github-org "$GITHUB_ORG" \ + --github-repo "$GITHUB_REPO" \ + --git-branch "$GIT_BRANCH" \ + --config-action upsert \ + --mas-config-scope system \ + --mas-config-type ldap-default \ + --dir /tmp/init-suite-idp-config \ + --ldap-url "$LDAP_URL" \ + --ldap-basedn "$LDAP_BASEDN" \ + --ldap-userid-map "$LDAP_USERID_MAP" \ --ldap-certificate-file /workspace/shared-additional-configs/ldap_masdeps1_cert.pem \ - --ldap-bind-dn $LDAP_BIND_DN \ - --ldap-bind-password $LDAP_BIND_PASSWORD + --ldap-bind-dn "$LDAP_BIND_DN" \ + --ldap-bind-password "$LDAP_BIND_PASSWORD" + command: - /bin/sh - -c diff --git a/tekton/src/tasks/gitops/gitops-suite-objectstorage-config.yml.j2 b/tekton/src/tasks/gitops/gitops-suite-objectstorage-config.yml.j2 index d7e915f640..989356aa6f 100644 --- a/tekton/src/tasks/gitops/gitops-suite-objectstorage-config.yml.j2 +++ b/tekton/src/tasks/gitops/gitops-suite-objectstorage-config.yml.j2 @@ -38,13 +38,13 @@ spec: stepTemplate: name: gitops-suite-objectstorage-config env: - - name: CLUSTER_NAME + - name: CLUSTER_ID value: $(params.cluster_name) - name: OCP_SERVER value: $(params.cluster_url) - - name: ACCOUNT + - name: ACCOUNT_ID value: $(params.account) - - name: SECRET_PATH + - name: SECRETS_PATH value: $(params.secrets_path) - name: MAS_INSTANCE_ID value: $(params.mas_instance_id) @@ -88,14 +88,21 @@ spec: cp ${GITOPS_CONFIG_DIR}/cos_ibm_system.yml ${COS_CONFIG} fi - mas gitops-suite-objectstorage-config -a $ACCOUNT -c $CLUSTER_NAME -m $MAS_INSTANCE_ID \ - --secrets-path $SECRET_PATH \ - --dir /tmp/init-suite-objectstorage-config \ - --github-push \ - --github-host $GITHUB_HOST \ - --github-org $GITHUB_ORG \ - --github-repo $GITHUB_REPO \ - --git-branch $GIT_BRANCH + mas gitops-mas-config \ + --account-id "$ACCOUNT_ID" \ + --cluster-id "$CLUSTER_ID" \ + --mas-instance-id "$MAS_INSTANCE_ID" \ + --secrets-path "$SECRETS_PATH" \ + --github-push \ + --github-host "$GITHUB_HOST" \ + --github-org "$GITHUB_ORG" \ + --github-repo "$GITHUB_REPO" \ + --git-branch "$GIT_BRANCH" \ + --config-action upsert \ + --mas-config-scope system \ + --mas-config-type objectstorage \ + --dir /tmp/init-suite-objectstorage-config \ + --gitops-config-dir "$GITOPS_CONFIG_DIR" command: - /bin/sh diff --git a/tekton/src/tasks/gitops/gitops-suite-smtp-config.yml.j2 b/tekton/src/tasks/gitops/gitops-suite-smtp-config.yml.j2 index b473a18cbc..e7d1b11bd8 100644 --- a/tekton/src/tasks/gitops/gitops-suite-smtp-config.yml.j2 +++ b/tekton/src/tasks/gitops/gitops-suite-smtp-config.yml.j2 @@ -65,13 +65,13 @@ spec: stepTemplate: name: gitops-suite-smtp-config env: - - name: CLUSTER_NAME + - name: CLUSTER_ID value: $(params.cluster_name) - name: OCP_SERVER value: $(params.cluster_url) - - name: ACCOUNT + - name: ACCOUNT_ID value: $(params.account) - - name: SECRET_PATH + - name: SECRETS_PATH value: $(params.secrets_path) - name: MAS_INSTANCE_ID value: $(params.mas_instance_id) @@ -125,24 +125,29 @@ spec: git config --global user.email "you@example.com" git config --global user.password $GITHUB_PAT - mas gitops-suite-smtp-config -a $ACCOUNT -c $CLUSTER_NAME -m $MAS_INSTANCE_ID \ - --secrets-path $SECRET_PATH \ - --dir /tmp/init-suite-smtp-config \ + mas gitops-mas-config \ + --account-id "$ACCOUNT_ID" \ + --cluster-id "$CLUSTER_ID" \ + --mas-instance-id "$MAS_INSTANCE_ID" \ + --secrets-path "$SECRETS_PATH" \ --github-push \ - --github-host $GITHUB_HOST \ - --github-org $GITHUB_ORG \ - --github-repo $GITHUB_REPO \ - --git-branch $GIT_BRANCH \ - --smtp-host $SMTP_HOST \ - --smtp-port $SMTP_PORT \ - --smtp-security $SMTP_SECURITY \ - --smtp-authentication $SMTP_AUTHENTICATION \ - --smtp-default-sender-email $SMTP_DEFAULT_SENDER_EMAIL \ - --smtp-default-sender-name $SMTP_DEFAULT_SENDER_NAME \ - --smtp-default-recipient-email $SMTP_DEFAULT_RECIPIENT_EMAIL \ - --smtp-default-should-email-passwords $SMTP_DEFAULT_SHOULD_EMAIL_PASSWORDS \ - --smtp-username $SMTP_USERNAME \ - --smtp-password $SMTP_PASSWORD + --github-host "$GITHUB_HOST" \ + --github-org "$GITHUB_ORG" \ + --github-repo "$GITHUB_REPO" \ + --git-branch "$GIT_BRANCH" \ + --config-action upsert \ + --mas-config-scope system \ + --mas-config-type smtp \ + --dir /tmp/init-suite-smtp-config \ + --smtp-host "$SMTP_HOST" \ + --smtp-port "$SMTP_PORT" \ + --smtp-security "$SMTP_SECURITY" \ + --smtp-authentication "$SMTP_AUTHENTICATION" \ + --smtp-default-sender-email "$SMTP_DEFAULT_SENDER_EMAIL" \ + --smtp-default-sender-name "$SMTP_DEFAULT_SENDER_NAME" \ + --smtp-default-recipient-email "$SMTP_DEFAULT_RECIPIENT_EMAIL" \ + --smtp-default-should-email-passwords "$SMTP_DEFAULT_SHOULD_EMAIL_PASSWORDS" + command: - /bin/sh - -c