Squashed commit of the following:

commit 0161886 Author: Matt Conway <[email protected]> Date: Wed Nov 24 12:45:07 2021 -0500 remote fix commit 867d64f Author: Matt Conway <[email protected]> Date: Wed Nov 24 11:47:38 2021 -0500 enable env for file pattern commit 1bcb9f6 Author: Matt Conway <[email protected]> Date: Wed Nov 24 10:49:53 2021 -0500 fix newline in secrets, allow remote setup script
cloudtruth · Nov 24, 2021 · 9efa45e · 9efa45e
1 parent 23c99db
commit 9efa45e
Show file tree

Hide file tree

Showing 6 changed files with 87 additions and 36 deletions.
diff --git a/Makefile b/Makefile
@@ -1,9 +1,9 @@
-dist/argocd-cloudtruth-plugin: pkg/cloudtruth
+dist/argocd-cloudtruth-plugin: pkg/cloudtruth/client.go *.go
 	go build -o dist/argocd-cloudtruth-plugin
 
-client: pkg/cloudtruth
+client: pkg/cloudtruth/client.go
 
-pkg/cloudtruth: pkg/openapi.yml
+pkg/cloudtruth/client.go: pkg/openapi.yml
 	docker run --rm \
 		-v "$(shell pwd)/pkg:/pkg" \
 		--user "$(shell id -u):$(shell id -g)" \

diff --git a/README.md b/README.md
@@ -6,22 +6,31 @@ The CloudTruth configuration management plugin for [ArgoCD](https://argo-cd.read
 
 ArgoCD plugin installation is somewhat of a manual process, you can either use the `install/*.yaml` files as a guide, or run `install/setup.sh` to use kubectl patch to apply them:
 
+```shell
+curl -s https://raw.githubusercontent.com/cloudtruth/argocd-cloudtruth-plugin/main/install/setup.sh | sh
+```
+OR
 ```shell
 git clone https://github.com/cloudtruth/argocd-cloudtruth-plugin
-cd argocd-cloudtruth-plugin/install
-./setup.sh
+./argocd-cloudtruth-plugin/install/setup.sh
 ```
 
 ## Usage
 
+The default installation process adds the following settings to the Secret named argocd-cloudtruth-plugin, and applies them as environment variables to the argocd-repo-server Deployment.  Theses act as defaults for the plugin, and can be overriden for each argocd project in the plugin setup page for each project.
 
 | Parameter | Description | Type | Default | Required |
 |-----------|-------------|------|---------|:--------:|
-|  |  | string | n/a | yes |
+| CLOUDTRUTH_API_KEY | the api key for authenticating to the CloudTruth Rest API | string | n/a | yes |
+| CLOUDTRUTH_ENVIRONMENT | the CloudTruth environment to query against | string | `default` | no |
+| CLOUDTRUTH_PROJECT | the CloudTruth project to query against | string | `MyFirstProject` | yes |
+| CLOUDTRUTH_TAG | the CloudTruth tag to query against | string | `""` | no |
+| CLOUDTRUTH_REFERENCE_PATTERN | the pattern that indicates parameter references in the input files | string | `<%s>` | no |
+| CLOUDTRUTH_FILE_PATTERN | the file pattern (glob) of the input files | array(string) delim=, | `*.y*ml` | no |
 
 ## Development
 
-After checking out the repo, run `make client` to generate the go client stubs for the cloudtruth rest api.
+After checking out the repo, run `make`.  To generate new client stubs (vs what is checked in), run `make clean` before running `make`
 
 ## Contributing
 

diff --git a/install/argocd-cloudtruth-plugin-secret.yaml b/install/argocd-cloudtruth-plugin-secret.yaml
@@ -2,6 +2,5 @@ kind: Secret
 apiVersion: v1
 metadata:
   name: argocd-cloudtruth-plugin
-  namespace: argocd
 type: Opaque
 data:
diff --git a/install/argocd-cm.patch.yaml b/install/argocd-cm.patch.yaml
@@ -3,4 +3,4 @@ data:
     - name: argocd-cloudtruth-plugin
       generate:
         command: ["argocd-cloudtruth-plugin"]
-        args: ["*.y*ml"]
+        args: []
diff --git a/install/setup.sh b/install/setup.sh
@@ -1,25 +1,69 @@
-#!/usr/bin/env bash
+#!/usr/bin/env sh
 
 # fail fast
 set -e
+typeset -i remote=0
 
+if [[ "$0" == "sh" ]]; then
+  remote=1
+  baseurl=${baseurl:-https://raw.githubusercontent.com/cloudtruth/argocd-cloudtruth-plugin/main/install}
+  baseurl_params=${baseurl_params:-}
+  basedir="."
+else
+  basedir=$(cd $(dirname $0) && pwd)
+fi
 
-printf "Input Cloudtruth Api Key: "
-read CLOUDTRUTH_API_KEY
-printf "Input Cloudtruth Environment (Default and can be overridden for each Argo project): "
-read CLOUDTRUTH_ENVIRONMENT
-printf "Input Cloudtruth Project (Default and can be overridden for each Argo project): "
-read CLOUDTRUTH_PROJECT
+function echoFile {
+  if ((remote)); then
+    curl -s ${baseurl}/${1}${baseurl_params}
+  else
+    cat ${basedir}/${1}
+  fi
+}
+export -f echoFile
 
-cat <<EOF | kubectl apply -n argocd -f -
-$(cat argocd-cloudtruth-plugin-secret.yaml)
-  CLOUDTRUTH_API_KEY: $(echo ${CLOUDTRUTH_API_KEY} | base64)
-  CLOUDTRUTH_ENVIRONMENT: $(echo ${CLOUDTRUTH_ENVIRONMENT} | base64)
-  CLOUDTRUTH_PROJECT: $(echo ${CLOUDTRUTH_PROJECT} | base64)
+ARGO_NAMESPACE=${ARGO_NAMESPACE:-argocd}
+echo "Installing to namespace '${ARGO_NAMESPACE}', override with: ARGO_NAMESPACE=xyz setup.sh"
+echo
+echo "The requested environment variables control the plugin"
+echo "ApiKey is required, and they can all be overriden for each argocd project"
+echo
+
+printf "Input Cloudtruth Api Key (required): "
+read CLOUDTRUTH_API_KEY < /dev/tty
+if [[ -z ${CLOUDTRUTH_API_KEY} ]]; then echo "Api Key is required"; exit 1; fi
+
+printf "Input Cloudtruth Environment [default]: "
+read CLOUDTRUTH_ENVIRONMENT < /dev/tty
+if [[ -z ${CLOUDTRUTH_ENVIRONMENT} ]]; then echo "Using 'default' for environment"; CLOUDTRUTH_ENVIRONMENT=default; fi
+
+printf "Input Cloudtruth Project [MyFirstProject]: "
+read CLOUDTRUTH_PROJECT < /dev/tty
+if [[ -z ${CLOUDTRUTH_PROJECT} ]]; then echo "Using 'MyFirstProject' for project"; CLOUDTRUTH_PROJECT=MyFirstProject; fi
+
+printf "Input Cloudtruth Tag []: "
+read CLOUDTRUTH_TAG < /dev/tty
+
+secret_yaml=$(cat <<EOF
+$(echoFile argocd-cloudtruth-plugin-secret.yaml)
+  CLOUDTRUTH_API_KEY: $(printf ${CLOUDTRUTH_API_KEY} | base64)
+  CLOUDTRUTH_ENVIRONMENT: $(printf ${CLOUDTRUTH_ENVIRONMENT} | base64)
+  CLOUDTRUTH_PROJECT: $(printf ${CLOUDTRUTH_PROJECT} | base64)
+EOF
+)
+
+if [[ -n ${CLOUDTRUTH_TAG} ]]; then
+secret_yaml=$(cat <<EOF
+${secret_yaml}
+  CLOUDTRUTH_TAG: $(printf "${CLOUDTRUTH_TAG}" | base64)
 EOF
+)
+fi
+
+echo "${secret_yaml}" | kubectl apply -n ${ARGO_NAMESPACE} -f -
 
-kubectl get -n argocd configmap/argocd-cm -o yaml > argocd-cm..original.$(date +%s).yaml
-kubectl patch -n argocd configmap/argocd-cm --patch "$(cat argocd-cm.patch.yaml)"
+kubectl get -n ${ARGO_NAMESPACE} configmap/argocd-cm -o yaml > ${basedir}/argocd-cm..original.$(date +%s).yaml
+kubectl patch -n ${ARGO_NAMESPACE} configmap/argocd-cm --patch "$(echoFile argocd-cm.patch.yaml)"
 
-kubectl get -n argocd deployment/argocd-repo-server -o yaml > argocd-repo-server.original.$(date +%s).yaml
-kubectl patch -n argocd deployment/argocd-repo-server --patch "$(cat argocd-repo-server.patch.yaml)"
+kubectl get -n ${ARGO_NAMESPACE} deployment/argocd-repo-server -o yaml > ${basedir}/argocd-repo-server.original.$(date +%s).yaml
+kubectl patch -n ${ARGO_NAMESPACE} deployment/argocd-repo-server --patch "$(echoFile argocd-repo-server.patch.yaml)"
diff --git a/main.go b/main.go
@@ -12,16 +12,14 @@ import (
 )
 
 var config struct {
-	Verbose          []bool `short:"v" long:"verbose" description:"Show verbose debug information"`
-	Environment      string `short:"e" long:"environment" description:"The cloudtruth environment" env:"CLOUDTRUTH_ENVIRONMENT"`
-	Project          string `short:"p" long:"project" description:"The cloudtruth project" env:"CLOUDTRUTH_PROJECT" required:"true"`
-	Tag              string `short:"t" long:"tag" description:"The environment tag to restrict values to" env:"CLOUDTRUTH_TAG"`
-	ReferencePattern string `short:"r" long:"reference-pattern" description:"The reference pattern (go fmt) to substitute with parameters" default:"<%s>" env:"CLOUDTRUTH_REFERENCE_PATTERN"`
-	ApiKey           string `short:"a" long:"api-key" description:"The cloudtruth api key" env:"CLOUDTRUTH_API_KEY" required:"true"`
-	ApiUrl           string `short:"u" long:"api-url" description:"The cloudtruth api url" env:"CLOUDTRUTH_API_URL" hidden:"true" default:"https://api.cloudtruth.io"`
-	Positional       struct {
-		FilePatterns []string `positional-arg-name:"FILEGLOB" required:"true"`
-	} `positional-args:"true"`
+	Verbose          []bool   `short:"v" long:"verbose" description:"Show verbose debug information"`
+	Environment      string   `short:"e" long:"environment" description:"The cloudtruth environment" default:"default" env:"CLOUDTRUTH_ENVIRONMENT"`
+	Project          string   `short:"p" long:"project" description:"The cloudtruth project" env:"CLOUDTRUTH_PROJECT" required:"true"`
+	Tag              string   `short:"t" long:"tag" description:"The environment tag to restrict values to" env:"CLOUDTRUTH_TAG"`
+	ReferencePattern string   `short:"r" long:"reference-pattern" description:"The reference pattern (go fmt) to substitute with parameters" default:"<%s>" env:"CLOUDTRUTH_REFERENCE_PATTERN"`
+	FilePattern      []string `short:"f" long:"file-pattern" description:"The file pattern (glob) to perform substitutions on" default:"*.y*ml" env:"CLOUDTRUTH_FILE_PATTERN" env-delim:","`
+	ApiKey           string   `short:"a" long:"api-key" description:"The cloudtruth api key" env:"CLOUDTRUTH_API_KEY" required:"true"`
+	ApiUrl           string   `short:"u" long:"api-url" description:"The cloudtruth api url" env:"CLOUDTRUTH_API_URL" hidden:"true" default:"https://api.cloudtruth.io"`
 }
 
 //Processes given files to replace paramater references with values from cloudtruth
@@ -50,6 +48,7 @@ func main() {
 	log.Debug("ApiUrl: ", config.ApiUrl)
 	log.Debug("Environment: ", config.Environment)
 	log.Debug("Project: ", config.Project)
+	log.Trace("ALL Config: ", config)
 
 	ctapi := NewCTApi(config.ApiKey, config.ApiUrl)
 
@@ -58,7 +57,7 @@ func main() {
 
 	// TODO: scan files to figure out which ones have a pattern to be replaced rather than replacing against all files
 	first := true
-	for _, pattern := range config.Positional.FilePatterns {
+	for _, pattern := range config.FilePattern {
 		log.Info("Processing pattern: ", pattern)
 
 		matches, err := filepathx.Glob(pattern)