-
Notifications
You must be signed in to change notification settings - Fork 19
/
Copy pathupdate-config-map.sh
executable file
·131 lines (110 loc) · 4.17 KB
/
update-config-map.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
#!/bin/sh
#
# This script is meant to be run inside a Kubernetes pod
#
###############################################################################
if [ -z "$CONFIG_MAP_NAME" -o -z "$APISERVER" -o -z "$APP_CONFIG_PATH" -o -z "$WES_APP_NAME" -o -z "$CELERY_APP_NAME" ];
then
echo "CONFIG_MAP_NAME, APISERVER, APP_CONFIG_PATH, WES_APP_NAME, and CELERY_APP_NAME env vars required"
env
exit 1
fi
if [ -z "$MONGO_HOST" ];
then
MONGO_HOST='mongodb'
fi
if [ -z "$RABBIT_HOST" ];
then
RABBIT_HOST='rabbitmq'
fi
echo "Inputs:"
echo " CONFIG MAP NAME: $CONFIG_MAP_NAME"
echo " API SERVER: $APISERVER"
echo " APP CONFIG PATH: $APP_CONFIG_PATH"
echo " WES APP NAME: $WES_APP_NAME"
echo " CELERY APP NAME: $CELERY_APP_NAME"
echo " MONGO HOST: $MONGO_HOST"
echo " RABBIT HOST: $RABBIT_HOST"
NAMESPACE=$(cat /var/run/secrets/kubernetes.io/serviceaccount/namespace)
if [ -z "$NAMESPACE" ];
then
echo "ERROR: Cannot get the namespace from '/var/run/secrets/kubernetes.io'" >&2
echo "This script is meant to be run inside a Kubernetes pod only." >&2
exit -1
fi
echo "Current Kubernetes namespace: $NAMESPACE"; echo
echo " * Getting current default configuration"
command -V yq || { echo "yq not found, exiting"; exit 6; }
APP_CONFIG=$(yq -y --arg MONGO_HOST "$MONGO_HOST" \
--arg RABBIT_HOST "$RABBIT_HOST" \
'.db.host = $MONGO_HOST |
.jobs.host = $RABBIT_HOST' \
"$APP_CONFIG_PATH") || exit 4
echo " * Getting current configMap"
curl -s \
--cacert /var/run/secrets/kubernetes.io/serviceaccount/ca.crt \
-H "Authorization: Bearer $(cat /var/run/secrets/kubernetes.io/serviceaccount/token)" \
-X GET \
-H "Accept: application/json, */*" \
-o /tmp/configmap.json \
-w "Return HTTP/code: %{http_code}\n\n" \
"https://$APISERVER/api/v1/namespaces/${NAMESPACE}/configmaps/${CONFIG_MAP_NAME}"
echo " * Validating JSON file recevied:"; echo
jq . /tmp/configmap.json || exit 2
echo " JSON file is valid";echo
echo " * Creating update for secret"
jq --arg APP_CONFIG "$APP_CONFIG" '.data."app_config.yaml" = $APP_CONFIG' /tmp/configmap.json >/tmp/configmap-patch.json || exit 5
echo " * Validating JSON file patched:"; echo
jq . /tmp/configmap-patch.json || exit 3
echo " JSON file is valid";echo
# Update Config map
echo " * Updating config map"
curl -s \
--cacert /var/run/secrets/kubernetes.io/serviceaccount/ca.crt \
-H "Authorization: Bearer $(cat /var/run/secrets/kubernetes.io/serviceaccount/token)" \
-X PATCH \
-H "Accept: application/json, */*" \
-H "Content-Type: application/strategic-merge-patch+json" \
-d @/tmp/configmap-patch.json "https://$APISERVER/api/v1/namespaces/${NAMESPACE}/configmaps/${CONFIG_MAP_NAME}" \
-o /dev/null
echo " * Deleting current $WES_APP_NAME pod"
curl -s \
--cacert /var/run/secrets/kubernetes.io/serviceaccount/ca.crt \
-H "Authorization: Bearer $(cat /var/run/secrets/kubernetes.io/serviceaccount/token)" \
-X GET \
-H "Accept: application/json, */*" \
"https://$APISERVER/api/v1/namespaces/${NAMESPACE}/pods/" | \
jq '.items | .[] | .metadata.name ' -r | grep "^${WES_APP_NAME}-" | \
while read pod;
do
echo " - Deleting: $pod"
curl -s \
--cacert /var/run/secrets/kubernetes.io/serviceaccount/ca.crt \
-H "Authorization: Bearer $(cat /var/run/secrets/kubernetes.io/serviceaccount/token)" \
-X DELETE \
-H "Accept: application/json, */*" \
-o /dev/null \
"https://$APISERVER/api/v1/namespaces/${NAMESPACE}/pods/$pod"
done
###
echo " * Deleting current $CELERY_APP_NAME pod"
curl -s \
--cacert /var/run/secrets/kubernetes.io/serviceaccount/ca.crt \
-H "Authorization: Bearer $(cat /var/run/secrets/kubernetes.io/serviceaccount/token)" \
-X GET \
-H "Accept: application/json, */*" \
"https://$APISERVER/api/v1/namespaces/${NAMESPACE}/pods/" | \
jq '.items | .[] | .metadata.name ' -r | grep "^${CELERY_APP_NAME}-" | \
while read pod;
do
echo " - Deleting: $pod"
curl -s \
--cacert /var/run/secrets/kubernetes.io/serviceaccount/ca.crt \
-H "Authorization: Bearer $(cat /var/run/secrets/kubernetes.io/serviceaccount/token)" \
-X DELETE \
-H "Accept: application/json, */*" \
-o /dev/null \
"https://$APISERVER/api/v1/namespaces/${NAMESPACE}/pods/$pod"
done
###
echo " All Done"