-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathannotate_helmfile_releases.go
117 lines (98 loc) · 3.14 KB
/
annotate_helmfile_releases.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
package main
import (
"bytes"
"flag"
"fmt"
"log"
"os"
"os/exec"
"strings"
)
const (
HELMFILE_BIN = "helmfile"
KUBECTL_BIN = "kubectl"
NAMESPACE_KEY = "NAMESPACE: "
NAME_KEY = "NAME: "
REVISION_KEY = "REVISION: "
)
var (
GITLAB_USER_LOGIN = os.Getenv("GITLAB_USER_LOGIN")
CI_PIPELINE_URL = os.Getenv("CI_PIPELINE_URL")
)
type namespacedSecret struct {
secretName string
namespace string
}
// Runs the command name arg... Returns its Stderr if it fails or its stringified Stdout
func RunCommand(name string, arg ...string) (string, error) {
cmd := exec.Command(name, arg...)
var (
stdout bytes.Buffer
stderr bytes.Buffer
)
cmd.Stdout = &stdout
cmd.Stderr = &stderr
err := cmd.Run()
if err != nil {
return "", fmt.Errorf(stderr.String())
}
return stdout.String(), nil
}
// Adds annotations to the Secret
func annotateSecret(secret string, namespace string) {
args := []string{"annotate", "secret", secret, "--namespace", namespace, "--overwrite=true", fmt.Sprintf("cicdbox/releaser=%s", GITLAB_USER_LOGIN), fmt.Sprintf("cicdbox/gitlab-ci-pipeline-url=%s", CI_PIPELINE_URL)}
_, err := RunCommand(KUBECTL_BIN, args...)
if err != nil {
log.Fatal(err)
}
fmt.Printf("Secret %s/%s was annotated.\n", namespace, secret)
}
// Infers the Helm Secrets corresponding to the revisions of the given releases
func retrieveSecrets(releases string) []namespacedSecret {
var secretList []namespacedSecret
var releaseNamespace string
var releaseName string
for _, line := range strings.Split(releases, "\n") {
line = strings.TrimSpace(line)
if strings.HasPrefix(line, NAMESPACE_KEY) {
releaseNamespace = strings.TrimPrefix(line, NAMESPACE_KEY)
} else if strings.HasPrefix(line, NAME_KEY) {
releaseName = strings.TrimPrefix(line, NAME_KEY)
} else if strings.HasPrefix(line, REVISION_KEY) {
releaseRevision := strings.TrimPrefix(line, REVISION_KEY)
// We suppose REVISION_KEY is the last key.
secretList = append(secretList, namespacedSecret{namespace: releaseNamespace, secretName: fmt.Sprintf("sh.helm.release.v1.%s.v%s", releaseName, releaseRevision)})
}
}
return secretList
}
func AnnotateHelmfileReleases(args []string) {
flag := flag.NewFlagSet(ANNOTATE_HELMFILE_RELEASES_CMD_NAME, flag.ExitOnError)
helmfileEnvironment := flag.String("environment", EMPTY, "Helmfile environment (Required)")
helmfileSelector := flag.String("selector", EMPTY, "Helmfile selector (Required)")
file := flag.String("file", EMPTY, "Helmfile file (Required)")
err := flag.Parse(args)
if err != nil {
log.Fatal(err)
}
helmfileArgs := []string{}
if *helmfileEnvironment != EMPTY {
helmfileArgs = append(helmfileArgs, "--environment", *helmfileEnvironment)
}
if *helmfileSelector != EMPTY {
helmfileArgs = append(helmfileArgs, "--selector", *helmfileSelector)
}
if *file != EMPTY {
helmfileArgs = append(helmfileArgs, "--file", *file)
}
helmfileArgs = append(helmfileArgs, "status")
// Retrieve releases status
output, err := RunCommand(HELMFILE_BIN, helmfileArgs...)
if err != nil {
log.Fatal(err)
}
// Annotate secrets
for _, secret := range retrieveSecrets(output) {
annotateSecret(secret.secretName, secret.namespace)
}
}