From bcadc72ce13f970d2613a80e636ce3de7ac9871e Mon Sep 17 00:00:00 2001 From: Joe Harte <13206585+boonware@users.noreply.github.com> Date: Fri, 22 Nov 2024 20:53:02 +0000 Subject: [PATCH] [minor] Add Group Sync Operator GitOps Support (#1364) --- .secrets.baseline | 14 ++++++++-- image/cli/mascli/functions/gitops_cluster | 27 +++++++++++++++++++ .../cluster/group-sync-operator.yaml.j2 | 23 ++++++++++++++++ 3 files changed, 62 insertions(+), 2 deletions(-) create mode 100644 image/cli/mascli/templates/gitops/appset-configs/cluster/group-sync-operator.yaml.j2 diff --git a/.secrets.baseline b/.secrets.baseline index 6fa752f9fe..04e0b26894 100644 --- a/.secrets.baseline +++ b/.secrets.baseline @@ -3,7 +3,7 @@ "files": "^.secrets.baseline$", "lines": null }, - "generated_at": "2024-11-16T12:02:00Z", + "generated_at": "2024-11-22T12:20:31Z", "plugins_used": [ { "name": "AWSKeyDetector" @@ -162,7 +162,7 @@ "hashed_secret": "b2817467154949a61f8e9ad31d1eeaf03221cbfa", "is_secret": false, "is_verified": false, - "line_number": 353, + "line_number": 360, "type": "Secret Keyword", "verified_result": null } @@ -389,6 +389,16 @@ "verified_result": null } ], + "image/cli/mascli/templates/gitops/appset-configs/cluster/group-sync-operator.yaml.j2": [ + { + "hashed_secret": "fee2d55ad9a49a95fc89abe8f414dad66704ebfd", + "is_secret": false, + "is_verified": false, + "line_number": 21, + "type": "Secret Keyword", + "verified_result": null + } + ], "image/cli/mascli/templates/gitops/appset-configs/cluster/ibm-dro.yaml.j2": [ { "hashed_secret": "fee2d55ad9a49a95fc89abe8f414dad66704ebfd", diff --git a/image/cli/mascli/functions/gitops_cluster b/image/cli/mascli/functions/gitops_cluster index 83fbf81669..8187115e98 100644 --- a/image/cli/mascli/functions/gitops_cluster +++ b/image/cli/mascli/functions/gitops_cluster @@ -71,6 +71,9 @@ Notifications (Optional): Selenium Grid (Optional): --install-selenium-grid ${COLOR_YELLOW}INSTALL_SELENIUM_GRID${TEXT_RESET} Install Selenium Grid +Group Sync Operator (Optional): + --install-group-sync-operator ${COLOR_YELLOW}INSTALL_GROUP_SYNC_OPERATOR${TEXT_RESET} Install the Group Sync Operator + Other Commands: -h, --help Show this help message EOM @@ -240,6 +243,10 @@ function gitops_cluster_noninteractive() { export INSTALL_SELENIUM_GRID=true ;; + --install-group-sync-operator) + export INSTALL_GROUP_SYNC_OPERATOR=true + ;; + # Other Commands -h|--help) gitops_cluster_help @@ -402,6 +409,11 @@ function gitops_cluster() { echo_reset_dim "Install Selenium Grid ........... ${COLOR_MAGENTA}${INSTALL_SELENIUM_GRID}" reset_colors + echo "${TEXT_DIM}" + echo_h2 "Group Sync Operator" " " + echo_reset_dim "Install the Group Sync Operator ........... ${COLOR_MAGENTA}${INSTALL_GROUP_SYNC_OPERATOR}" + reset_colors + # Set up secrets # --------------------------------------------------------------------------- echo @@ -418,12 +430,22 @@ function gitops_cluster() { export SECRET_NAME_DEVOPS_MONGO=${ACCOUNT_ID}${SM_DELIM}${CLUSTER_ID}${SM_DELIM}devops export SECRET_KEY_DEVOPS_MONGO=${SECRET_NAME_DEVOPS_MONGO}#devops_mongo_uri + export SECRET_NAME_ISV_CLIENT=${ACCOUNT_ID}${SM_DELIM}${CLUSTER_ID}${SM_DELIM}isv_client + export SECRET_KEY_ISV_CLIENT_ID=${SECRET_NAME_ISV_CLIENT}#client_id + export SECRET_KEY_ISV_CLIENT_SECRET=${SECRET_NAME_ISV_CLIENT}#client_secret + if [ -n "$DEVOPS_MONGO_URI" ];then echo "- Update DEVOPS_MONGO_URI secret" TAGS="[{\"Key\": \"source\", \"Value\": \"gitops_cluster\"}, {\"Key\": \"account\", \"Value\": \"${ACCOUNT_ID}\"}, {\"Key\": \"cluster\", \"Value\": \"${CLUSTER_ID}\"}]" sm_update_secret $SECRET_NAME_DEVOPS_MONGO "{\"devops_mongo_uri\": \"${DEVOPS_MONGO_URI}\"}" "${TAGS}" fi + if [ -n "$ISV_CLIENT_ID" ] && [ -n "$ISV_CLIENT_SECRET" ]; then + echo "- Update ISV_CLIENT_ID and ISV_CLIENT_SECRET secrets" + TAGS="[{\"Key\": \"source\", \"Value\": \"gitops_cluster\"}, {\"Key\": \"account\", \"Value\": \"${ACCOUNT_ID}\"}, {\"Key\": \"cluster\", \"Value\": \"${CLUSTER_ID}\"}]" + sm_update_secret $SECRET_NAME_ISV_CLIENT "{\"client_id\": \"${ISV_CLIENT_ID}\", \"client_secret\": \"${ISV_CLIENT_SECRET}\"}" "${TAGS}" + fi + if [ -z $GIT_SSH ]; then export GIT_SSH="false" fi @@ -514,6 +536,11 @@ function gitops_cluster() { jinja -X .+ $CLI_DIR/templates/gitops/appset-configs/cluster/phase1/ibm-cis-cert-manager.yaml.j2 -o ${GITOPS_CLUSTER_DIR}/ibm-cis-cert-manager.yaml fi + if [[ "$INSTALL_GROUP_SYNC_OPERATOR" == "true" ]]; then + echo "- Group Sync Operator" + jinja -X .+ $CLI_DIR/templates/gitops/appset-configs/cluster/group-sync-operator.yaml.j2 -o ${GITOPS_CLUSTER_DIR}/group-sync-operator.yaml + fi + # Commit and push to github target repo # --------------------------------------------------------------------------- if [ "$GITHUB_PUSH" == "true" ]; then diff --git a/image/cli/mascli/templates/gitops/appset-configs/cluster/group-sync-operator.yaml.j2 b/image/cli/mascli/templates/gitops/appset-configs/cluster/group-sync-operator.yaml.j2 new file mode 100644 index 0000000000..d485082e69 --- /dev/null +++ b/image/cli/mascli/templates/gitops/appset-configs/cluster/group-sync-operator.yaml.j2 @@ -0,0 +1,23 @@ +merge-key: "{{ ACCOUNT_ID }}/{{ CLUSTER_ID }}" + +{#- Parses the ISV groups from a string representation of a list of maps #} +{#- Example: isv_groups: "name:'a1',id:'a2'; name:'a3',id:'a4'" #} +{%- set group_namespace = namespace(isv_groups = []) %} +{%- set group_strs = GROUP_SYNC_OPERATOR_ISV_GROUPS.split(';') %} +{%- for group_str in group_strs %} + {%- set group_loop = loop %} + {%- set _ = group_namespace.isv_groups.append(dict()) %} + {%- set pairs = group_str.split(',') %} + {%- for pair in pairs %} + {%- set items = pair.split(':') %} + {%- set _ = group_namespace.isv_groups[group_loop.index - 1].__setitem__(items[0].strip().strip("'"), items[1].strip().strip("'")) %} + {%- endfor %} +{%- endfor %} + +group_sync_operator: + cron_schedule: "{{ GROUP_SYNC_OPERATOR_CRON_SCHEDULE }}" + isv_tenant_url: "{{ GROUP_SYNC_OPERATOR_ISV_TENANT_URL }}" + isv_client_id: "" + isv_client_secret: "" + isv_groups: + {{ group_namespace.isv_groups }}