New scripts to make easy deployment with helm

#!/bin/bash

# Check if an argument is provided

if [ "$#" -ne 1 ]; then

    echo "Usage: $0 <suffix>"

    exit 1

fi

# Given suffix

suffix=$1

# Find and get the name of the newest file that ends with the given suffix

newest_file=$(find . -type f -name "*$suffix" -printf "%T@ %p\n" | sort -n | tail -1 | cut -d' ' -f2-)

# Check if a file was found

if [ -z "$newest_file" ]; then

    echo "No file found that ends with '$suffix'"

else

    echo "The newest file that ends with '$suffix' is: $newest_file"

fi

 No newline at end of file

#!/bin/bash

IP=""

NAMESPACE=""

help() {

  echo "Usage: $1 <options>"

  echo "       -i : IP to use"

  echo "       -n : Namespace to get ingress information"

  echo "       -h : show this help"

  exit 1

}

# Read params

while getopts ":i:n:h" opt; do

  case $opt in

    i)

      IP="$OPTARG"

      ;;

    n)

      NAMESPACE="$OPTARG"

      ;;

    h)

      help

      ;;

    \?)

      echo "Not valid option: -$OPTARG" >&2

      help

      ;;

    :)

      echo "The -$OPTARG option requires an argument." >&2

      help

      ;;

  esac

done

if [[ -n "$NAMESPACE" && -n "$IP" ]]

then

  echo "IP: $IP and namespace: $NAMESPACE"

else

    echo "IP ($IP) and NAMESPACE ($NAMESPACE) must be set"

    exit -1

fi

kubectl -n $NAMESPACE get ing|grep -v NAME|awk "{print \"$IP \"\$3}"

#!/bin/bash

source $(dirname "$(readlink -f "$0")")/variables.sh

### download dependencies

helm dependency build $HELM_DIR/capif/

### check ingress_ip.oneke and get ip from ingress-nginx-controller

kubectl get svc -A | grep ingress-nginx-controller

### To deploy in other environment we need to setup urls according to it and also using specific kubeconfig:

if [ -f "$VAULT_FILE" ] && [ -s "$VAULT_FILE" ]; then

    echo "$VAULT_FILE exists and has next content"

    cat $VAULT_FILE

    VAULT_ACCESS_TOKEN=$(awk '/Initial Root Token/{ print $4 }' $VAULT_FILE)

else

    echo "$VAULT_FILE not exists or content is empty. Using value on VAULT_ACCESS_TOKEN=$VAULT_ACCESS_TOKEN"

fi

helm upgrade --install -n $CAPIF_NAMESPACE $CAPIF_NAME_VERSION_CHART $HELM_DIR/capif/ \

--set grafana.enabled=true \

--set grafana.ingress.enabled=true \

--set grafana.ingress.hosts[0].host=ocf-mon-$CAPIF_CI_ENV_ENDPOINT.$CAPIF_DOMAIN \

--set grafana.ingress.hosts[0].paths[0].path="/" \

--set grafana.ingress.hosts[0].paths[0].pathType="Prefix" \

--set grafana.env.prometheusUrl=$PROMETHEUS_URL \

--set grafana.env.tempoUrl="http://$CAPIF_NAME_VERSION_CHART-tempo:3100" \

--set fluentbit.enabled=true \

--set loki.enabled=true \

--set tempo.tempo.metricsGenerator.remoteWriteUrl=$PROMETHEUS_URL/api/v1/write \

--set otelcollector.enabled=true \

--set otelcollector.configMap.tempoEndpoint=$CAPIF_NAME_VERSION_CHART-tempo:4317 \

--set ocf-access-control-policy.image.repository=$CAPIF_DOCKER_REGISTRY/ocf-access-control-policy-api \

--set ocf-access-control-policy.image.tag=$CAPIF_IMAGE_TAG \

--set ocf-access-control-policy.image.env.capifHostname=$CAPIF_HOSTNAME \

--set ocf-access-control-policy.monitoring="true" \

--set ocf-access-control-policy.env.logLevel="DEBUG" \

--set ocf-api-invocation-logs.image.repository=$CAPIF_DOCKER_REGISTRY/ocf-logging-api-invocation-api \

--set ocf-api-invocation-logs.image.tag=$CAPIF_IMAGE_TAG \

--set ocf-api-invocation-logs.env.monitoring="true" \

--set ocf-api-invocation-logs.env.capifHostname=$CAPIF_HOSTNAME \

--set ocf-api-invocation-logs.env.vaultHostname=$VAULT_INTERNAL_HOSTNAME \

--set ocf-api-invocation-logs.env.vaultPort=$VAULT_PORT \

--set ocf-api-invocation-logs.env.vaultAccessToken=$VAULT_ACCESS_TOKEN \

--set ocf-api-invocation-logs.env.logLevel="DEBUG" \

--set ocf-api-invoker-management.image.repository=$CAPIF_DOCKER_REGISTRY/ocf-api-invoker-management-api \

--set ocf-api-invoker-management.image.tag=$CAPIF_IMAGE_TAG \

--set ocf-api-invoker-management.env.monitoring="true" \

--set ocf-api-invoker-management.env.vaultHostname=$VAULT_INTERNAL_HOSTNAME \

--set ocf-api-invoker-management.env.vaultPort=$VAULT_PORT \

--set ocf-api-invoker-management.env.vaultAccessToken=$VAULT_ACCESS_TOKEN \

--set ocf-api-invoker-management.env.logLevel="DEBUG" \

--set ocf-api-provider-management.image.repository=$CAPIF_DOCKER_REGISTRY/ocf-api-provider-management-api \

--set ocf-api-provider-management.image.tag=$CAPIF_IMAGE_TAG \

--set ocf-api-provider-management.env.monitoring="true" \

--set ocf-api-provider-management.env.vaultHostname=$VAULT_INTERNAL_HOSTNAME \

--set ocf-api-provider-management.env.logLevel="DEBUG" \

--set ocf-api-provider-management.env.vaultPort=$VAULT_PORT \

--set ocf-api-provider-management.env.vaultAccessToken=$VAULT_ACCESS_TOKEN \

--set ocf-events.image.repository=$CAPIF_DOCKER_REGISTRY/ocf-events-api \

--set ocf-events.image.tag=$CAPIF_IMAGE_TAG \

--set ocf-events.env.monitoring="true" \

--set ocf-events.env.logLevel="DEBUG" \

--set ocf-routing-info.image.repository=$CAPIF_DOCKER_REGISTRY/ocf-routing-info-api \

--set ocf-routing-info.image.tag=$CAPIF_IMAGE_TAG \

--set ocf-routing-info.env.monitoring="true" \

--set ocf-routing-info.env.logLevel="DEBUG" \

--set ocf-security.image.repository=$CAPIF_DOCKER_REGISTRY/ocf-security-api \

--set ocf-security.image.tag=$CAPIF_IMAGE_TAG \

--set ocf-security.env.monitoring="true" \

--set ocf-security.env.capifHostname=$CAPIF_HOSTNAME \

--set ocf-security.env.vaultHostname=$VAULT_INTERNAL_HOSTNAME \

--set ocf-security.env.vaultPort=$VAULT_PORT \

--set ocf-security.env.vaultAccessToken=$VAULT_ACCESS_TOKEN \

--set ocf-security.env.logLevel="DEBUG" \

--set ocf-register.image.repository=$CAPIF_DOCKER_REGISTRY/register \

--set ocf-register.image.tag=$CAPIF_IMAGE_TAG \

--set ocf-register.env.vaultHostname=$VAULT_INTERNAL_HOSTNAME \

--set ocf-register.env.vaultAccessToken=$VAULT_ACCESS_TOKEN \

--set ocf-register.env.vaultPort=$VAULT_PORT \

--set ocf-register.env.mongoHost=mongo-register \

--set ocf-register.env.mongoPort=27017 \

--set ocf-register.env.capifHostname=$CAPIF_HOSTNAME \

--set ocf-register.ingress.enabled=true \

--set ocf-register.ingress.hosts[0].host=$REGISTER_HOSTNAME \

--set ocf-register.ingress.hosts[0].paths[0].path="/" \

--set ocf-register.ingress.hosts[0].paths[0].pathType="Prefix" \

--set ocf-register.env.logLevel="DEBUG" \

--set ocf-auditing-api-logs.image.repository=$CAPIF_DOCKER_REGISTRY/ocf-auditing-api \

--set ocf-auditing-api-logs.image.tag=$CAPIF_IMAGE_TAG \

--set ocf-auditing-api-logs.env.monitoring="true" \

--set ocf-auditing-api-logs.env.logLevel="DEBUG" \

--set ocf-publish-service-api.image.repository=$CAPIF_DOCKER_REGISTRY/ocf-publish-service-api \

--set ocf-publish-service-api.image.tag=$CAPIF_IMAGE_TAG \

--set ocf-publish-service-api.env.monitoring="true" \

--set ocf-publish-service-api.env.logLevel="DEBUG" \

--set ocf-discover-service-api.image.repository=$CAPIF_DOCKER_REGISTRY/ocf-discover-service-api \

--set ocf-discover-service-api.image.tag=$CAPIF_IMAGE_TAG \

--set ocf-discover-service-api.env.monitoring="true" \

--set ocf-discover-service-api.env.logLevel="DEBUG" \

--set nginx.image.repository=$CAPIF_DOCKER_REGISTRY/nginx \

--set nginx.image.tag=$CAPIF_IMAGE_TAG \

--set nginx.env.capifHostname=$CAPIF_HOSTNAME \

--set nginx.env.vaultHostname=$VAULT_INTERNAL_HOSTNAME \

--set nginx.env.vaultPort=$VAULT_PORT \

--set nginx.env.vaultAccessToken=$VAULT_ACCESS_TOKEN \

--set nginx.ingress.enabled=true \

--set nginx.ingress.hosts[0].host=$CAPIF_HOSTNAME \

--set nginx.ingress.hosts[0].paths[0].path="/" \

--set nginx.ingress.hosts[0].paths[0].pathType="Prefix" \

--set nginx.env.logLevel="debug" \

--set ocf-helper.image.repository=$CAPIF_DOCKER_REGISTRY/helper \

--set ocf-helper.image.tag=$CAPIF_IMAGE_TAG \

--set ocf-helper.env.vaultHostname=$VAULT_INTERNAL_HOSTNAME \

--set ocf-helper.env.vaultPort=$VAULT_PORT \

--set ocf-helper.env.vaultAccessToken=$VAULT_ACCESS_TOKEN \

--set ocf-helper.env.capifHostname=$CAPIF_HOSTNAME \

--set ocf-helper.env.logLevel="DEBUG" \

--set mock-server.enabled=true \

--set mock-server.image.repository=$CAPIF_DOCKER_REGISTRY/mock-server \

--set mock-server.image.tag=$CAPIF_IMAGE_TAG \

--set mock-server.ingress.enabled=true \

--set mock-server.ingress.hosts[0].host=mock-server-$CAPIF_CI_ENV_ENDPOINT.$CAPIF_DOMAIN \

--set mock-server.ingress.hosts[0].paths[0].path="/" \

--set mock-server.ingress.hosts[0].paths[0].pathType="Prefix" \

--set mock-server.env.logLevel="DEBUG" \

--set mongo-register-express.enabled=true \

--set mongo-register-express.ingress.enabled=true \

--set mongo-register-express.ingress.hosts[0].host="mongo-express-register-$CAPIF_CI_ENV_ENDPOINT.$CAPIF_DOMAIN" \

--set mongo-register-express.ingress.hosts[0].paths[0].path="/" \

--set mongo-register-express.ingress.hosts[0].paths[0].pathType="Prefix" \

--set mongo-express.enabled=true \

--set mongo-express.ingress.enabled=true \

--set mongo-express.ingress.hosts[0].host="mongo-express-$CAPIF_CI_ENV_ENDPOINT.$CAPIF_DOMAIN" \

--set mongo-express.ingress.hosts[0].paths[0].path="/" \

--set mongo-express.ingress.hosts[0].paths[0].pathType="Prefix" \

--wait --timeout=10m --create-namespace --atomic

#!/bin/bash

source $(dirname "$(readlink -f "$0")")/variables.sh

helm dependency build $HELM_DIR/monitoring-stack/

helm upgrade --install -n $MONITORING_NAMESPACE $MONITORING_SERVICE_NAME $HELM_DIR/monitoring-stack/ \

--set grafana.enabled=false \

--set prometheus.enabled=true \

--set prometheus.ingress.enabled=true \

--set prometheus.ingress.hosts[0].host=$PROMETHEUS_HOSTNAME \

--set prometheus.ingress.hosts[0].paths[0].path="/" \

--set prometheus.ingress.hosts[0].paths[0].pathType="Prefix" \

--wait --timeout=10m --create-namespace --atomic

#!/bin/bash

source $(dirname "$(readlink -f "$0")")/variables.sh

# Function to get the service status

get_service_status() {

    kubectl get pods -n "$VAULT_NAMESPACE" -l $LABEL_TO_CHECK="$VAULT_SERVICE_NAME" -o jsonpath='{.items[*].status.phase}'

}

# Function to get the number of ready replicas

get_ready_replicas() {

    kubectl get pods -n "$VAULT_NAMESPACE" -l $LABEL_TO_CHECK="$VAULT_SERVICE_NAME" -o jsonpath='{.items[*].status.containerStatuses[0].ready}'

}

# Function to get the number of ready replicas

get_started_replicas() {

    kubectl get pods -n "$VAULT_NAMESPACE" -l $LABEL_TO_CHECK="$VAULT_SERVICE_NAME" -o jsonpath='{.items[*].status.containerStatuses[0].started}'

}

get_succeeded_job_status() {

    kubectl get jobs -n "$VAULT_NAMESPACE" -o jsonpath='{.items[*].status.succeeded}'

}

get_failed_job_status() {

    kubectl get jobs -n "$VAULT_NAMESPACE" -o jsonpath='{.items[*].status.failed}'

}

get_completion_job_status() {

    kubectl get jobs -n "$VAULT_NAMESPACE" -o jsonpath='{.items[*].status.conditions[0].status}'

}

get_completed_type_job_status(){

    kubectl get jobs -n "$VAULT_NAMESPACE" -o jsonpath='{.items[*].status.conditions[0].type}'

}

helm repo add hashicorp https://helm.releases.hashicorp.com

helm upgrade --install vault hashicorp/vault -n $VAULT_NAMESPACE --set server.ingress.enabled=true \

--set server.ingress.hosts[0].host="$VAULT_HOSTNAME" \

--set server.ingress.ingressClassName=nginx \

--set server.standalone.enabled=true --create-namespace

# Loop to wait until the service is in "Running" state and has 0/1 ready replicas

while true; do

    SERVICE_STATUS=$(get_service_status)

    READY_REPLICAS=$(get_ready_replicas)

    STARTED_REPLICAS=$(get_started_replicas)

    echo "Service status: $SERVICE_STATUS"

    echo "Ready replicas: $READY_REPLICAS"

    echo "Started Replicas: $STARTED_REPLICAS"

    if [ "$SERVICE_STATUS" == "Running" ] && [ "$READY_REPLICAS" == "false" ] && [ "$STARTED_REPLICAS" == "true" ]; then

        echo "The service $VAULT_SERVICE_NAME is in RUNNING state and has 0/1 ready replicas."

        break

    else

        echo "Waiting for the service $VAULT_SERVICE_NAME to be in RUNNING state and have 0/1 ready replicas..."

        sleep 5

    fi

done

echo "The service $VAULT_SERVICE_NAME is now in the desired state."

# Init vault

echo ""

echo "Init vault"

kubectl exec -ti vault-0 -n $VAULT_NAMESPACE -- vault operator init -key-shares=1 -key-threshold=1 > $VAULT_FILE

# Remove control characters

cat $VAULT_FILE | sed -r 's/\x1B\[[0-9;]*[JKmsu]//g' | sed -e 's/[^[:print:]\t\n]//g' > $VAULT_FILE.tmp

mv $VAULT_FILE.tmp $VAULT_FILE

# get UNSEAL Key and TOKEN

UNSEAL_KEY=$(awk '/Unseal Key 1/{ print $4 }' $VAULT_FILE)

VAULT_TOKEN=$(awk '/Initial Root Token/{ print $4 }' $VAULT_FILE)

echo "UNSEAL KEY: $UNSEAL_KEY"

echo "VAULT TOKEN: $VAULT_TOKEN"

kubectl exec -ti vault-0 -n $VAULT_NAMESPACE -- vault operator unseal $UNSEAL_KEY

# Loop to wait until the service is in "Running" state and has 1/1 ready replicas

while true; do

    SERVICE_STATUS=$(get_service_status)

    READY_REPLICAS=$(get_ready_replicas)

    STARTED_REPLICAS=$(get_started_replicas)

    echo "Service status: $SERVICE_STATUS"

    echo "Ready replicas: $READY_REPLICAS"

    echo "Started Replicas: $STARTED_REPLICAS"

    if [ "$SERVICE_STATUS" == "Running" ] && [ "$READY_REPLICAS" == "true" ] && [ "$STARTED_REPLICAS" == "true" ]; then

        echo "The service $VAULT_SERVICE_NAME is in RUNNING state and has 0/1 ready replicas."

        break

    else

        echo "Waiting for the service $VAULT_SERVICE_NAME to be in RUNNING state and have 1/1 ready replicas..."

        sleep 5

    fi

done

sed -i "s/VAULT_TOKEN=.*/VAULT_TOKEN=$VAULT_TOKEN/g" $HELM_DIR/vault-job/vault-job.yaml

sed -i "s/DOMAIN1=.*/DOMAIN1=$DOMAIN1/g" $HELM_DIR/vault-job/vault-job.yaml

sed -i "s/DOMAIN2=.*/DOMAIN2=$DOMAIN2/g" $HELM_DIR/vault-job/vault-job.yaml

sed -i "s/DOMAIN3=.*/DOMAIN3=$DOMAIN3/g" $HELM_DIR/vault-job/vault-job.yaml

kubectl delete job $VAULT_JOB_NAME  -n ocf-vault || echo "No vault job present"

kubectl apply -f $HELM_DIR/vault-job/

# Check job status

while true; do

    SUCCEEDED_JOB_STATUS=$(get_succeeded_job_status)

    FAILED_JOB_STATUS=$(get_failed_job_status)

    COMPLETION_JOB_STATUS=$(get_completion_job_status)

    COMPLETED_TYPE_JOB_STATUS=$(get_completed_type_job_status)

    echo "SUCCEEDED_JOB_STATUS: $SUCCEEDED_JOB_STATUS"

    echo "FAILED_JOB_STATUS: $FAILED_JOB_STATUS"

    echo "COMPLETION_JOB_STATUS: $COMPLETION_JOB_STATUS"

    echo "COMPLETED_TYPE_JOB_STATUS: $COMPLETED_TYPE_JOB_STATUS"

    if [ "$FAILED_JOB_STATUS" != "" ]; then

        echo "The vault job fails, check variables."

        exit -1

    elif [ "$SUCCEEDED_JOB_STATUS" != "" ] && (( SUCCEEDED_JOB_STATUS > 0 )) && [ "$COMPLETED_TYPE_JOB_STATUS" == "Complete" ] && [ "$COMPLETION_JOB_STATUS" == "True" ]; then

        echo "The vault job succeeded."

        break

    else

        echo "Waiting for the service $VAULT_SERVICE_NAME to be in RUNNING state and have 0/1 ready replicas..."

        sleep 5

    fi

done

echo "Job Success"

# Loop to wait until the service is in "Running" state and has 0/1 ready replicas

while true; do

    SERVICE_STATUS=$(get_service_status)

    READY_REPLICAS=$(get_ready_replicas)

    STARTED_REPLICAS=$(get_started_replicas)

    echo "Service status: $SERVICE_STATUS"

    echo "Ready replicas: $READY_REPLICAS"

    echo "Started Replicas: $STARTED_REPLICAS"

    if [ "$SERVICE_STATUS" == "Running" ] && [ "$READY_REPLICAS" == "true" ] && [ "$STARTED_REPLICAS" == "true" ]; then

        echo "The service $VAULT_SERVICE_NAME is in RUNNING state and has 1/1 ready replicas."

        break

    else

        echo "Waiting for the service $VAULT_SERVICE_NAME to be in RUNNING state and have 1/1 ready replicas..."

        sleep 5

    fi

done

echo "The service $VAULT_SERVICE_NAME is successfully deployed."