From 55f0930016423104577d5ae777c63280f3970eae Mon Sep 17 00:00:00 2001 From: Tamal Saha Date: Sun, 8 Jul 2018 12:02:29 -0700 Subject: [PATCH] Format shell script (#245) find hack | grep sh | xargs shfmt -l -w -ci -i 2 {} --- hack/coverage.sh | 12 +- hack/deploy/kubedb.sh | 498 ++++++++++++++++++++++-------------------- 2 files changed, 267 insertions(+), 243 deletions(-) diff --git a/hack/coverage.sh b/hack/coverage.sh index eceef7363..f8febf31c 100755 --- a/hack/coverage.sh +++ b/hack/coverage.sh @@ -6,14 +6,14 @@ REPO_ROOT="$GOPATH/src/github.com/kubedb/cli" pushd $REPO_ROOT -echo "" > coverage.txt +echo "" >coverage.txt for d in $(go list ./... | grep -v -e vendor -e test); do - go test -v -race -coverprofile=profile.out -covermode=atomic "$d" - if [ -f profile.out ]; then - cat profile.out >> coverage.txt - rm profile.out - fi + go test -v -race -coverprofile=profile.out -covermode=atomic "$d" + if [ -f profile.out ]; then + cat profile.out >>coverage.txt + rm profile.out + fi done popd diff --git a/hack/deploy/kubedb.sh b/hack/deploy/kubedb.sh index 188f6d689..c54b6df9a 100755 --- a/hack/deploy/kubedb.sh +++ b/hack/deploy/kubedb.sh @@ -5,82 +5,87 @@ crds=(elasticsearches memcacheds mongodbs mysqls postgreses redises snapshots do apiServices=(v1alpha1.validators v1alpha1.mutators) echo "checking kubeconfig context" -kubectl config current-context || { echo "Set a context (kubectl use-context ) out of the following:"; echo; kubectl config get-contexts; exit 1; } +kubectl config current-context || { + echo "Set a context (kubectl use-context ) out of the following:" + echo + kubectl config get-contexts + exit 1 +} echo "" # http://redsymbol.net/articles/bash-exit-traps/ -function cleanup { - rm -rf $ONESSL ca.crt ca.key server.crt server.key +function cleanup() { + rm -rf $ONESSL ca.crt ca.key server.crt server.key } trap cleanup EXIT # ref: https://github.com/appscodelabs/libbuild/blob/master/common/lib.sh#L55 inside_git_repo() { - git rev-parse --is-inside-work-tree > /dev/null 2>&1 - inside_git=$? - if [ "$inside_git" -ne 0 ]; then - echo "Not inside a git repository" - exit 1 - fi + git rev-parse --is-inside-work-tree >/dev/null 2>&1 + inside_git=$? + if [ "$inside_git" -ne 0 ]; then + echo "Not inside a git repository" + exit 1 + fi } detect_tag() { - inside_git_repo - - # http://stackoverflow.com/a/1404862/3476121 - git_tag=$(git describe --exact-match --abbrev=0 2>/dev/null || echo '') - - commit_hash=$(git rev-parse --verify HEAD) - git_branch=$(git rev-parse --abbrev-ref HEAD) - commit_timestamp=$(git show -s --format=%ct) - - if [ "$git_tag" != '' ]; then - TAG=$git_tag - TAG_STRATEGY='git_tag' - elif [ "$git_branch" != 'master' ] && [ "$git_branch" != 'HEAD' ] && [[ "$git_branch" != release-* ]]; then - TAG=$git_branch - TAG_STRATEGY='git_branch' - else - hash_ver=$(git describe --tags --always --dirty) - TAG="${hash_ver}" - TAG_STRATEGY='commit_hash' - fi - - export TAG - export TAG_STRATEGY - export git_tag - export git_branch - export commit_hash - export commit_timestamp + inside_git_repo + + # http://stackoverflow.com/a/1404862/3476121 + git_tag=$(git describe --exact-match --abbrev=0 2>/dev/null || echo '') + + commit_hash=$(git rev-parse --verify HEAD) + git_branch=$(git rev-parse --abbrev-ref HEAD) + commit_timestamp=$(git show -s --format=%ct) + + if [ "$git_tag" != '' ]; then + TAG=$git_tag + TAG_STRATEGY='git_tag' + elif [ "$git_branch" != 'master' ] && [ "$git_branch" != 'HEAD' ] && [[ "$git_branch" != release-* ]]; then + TAG=$git_branch + TAG_STRATEGY='git_branch' + else + hash_ver=$(git describe --tags --always --dirty) + TAG="${hash_ver}" + TAG_STRATEGY='commit_hash' + fi + + export TAG + export TAG_STRATEGY + export git_tag + export git_branch + export commit_hash + export commit_timestamp } # https://stackoverflow.com/a/677212/244009 if [ -x "$(command -v onessl)" ]; then - export ONESSL=onessl + export ONESSL=onessl else - # ref: https://stackoverflow.com/a/27776822/244009 - case "$(uname -s)" in - Darwin) - curl -fsSL -o onessl https://github.com/kubepack/onessl/releases/download/0.3.0/onessl-darwin-amd64 - chmod +x onessl - export ONESSL=./onessl - ;; - - Linux) - curl -fsSL -o onessl https://github.com/kubepack/onessl/releases/download/0.3.0/onessl-linux-amd64 - chmod +x onessl - export ONESSL=./onessl - ;; - - CYGWIN*|MINGW32*|MSYS*) - curl -fsSL -o onessl.exe https://github.com/kubepack/onessl/releases/download/0.3.0/onessl-windows-amd64.exe - chmod +x onessl.exe - export ONESSL=./onessl.exe - ;; - *) - echo 'other OS' - ;; - esac + # ref: https://stackoverflow.com/a/27776822/244009 + case "$(uname -s)" in + Darwin) + curl -fsSL -o onessl https://github.com/kubepack/onessl/releases/download/0.3.0/onessl-darwin-amd64 + chmod +x onessl + export ONESSL=./onessl + ;; + + Linux) + curl -fsSL -o onessl https://github.com/kubepack/onessl/releases/download/0.3.0/onessl-linux-amd64 + chmod +x onessl + export ONESSL=./onessl + ;; + + CYGWIN* | MINGW32* | MSYS*) + curl -fsSL -o onessl.exe https://github.com/kubepack/onessl/releases/download/0.3.0/onessl-windows-amd64.exe + chmod +x onessl.exe + export ONESSL=./onessl.exe + ;; + *) + echo 'other OS' + ;; + esac fi # ref: https://stackoverflow.com/a/7069755/244009 @@ -105,192 +110,202 @@ export KUBEDB_PURGE=0 export APPSCODE_ENV=${APPSCODE_ENV:-prod} export SCRIPT_LOCATION="curl -fsSL https://raw.githubusercontent.com/kubedb/cli/0.8.0/" if [ "$APPSCODE_ENV" = "dev" ]; then - detect_tag - export SCRIPT_LOCATION="cat " - export KUBEDB_OPERATOR_TAG=$TAG - export KUBEDB_IMAGE_PULL_POLICY=Always + detect_tag + export SCRIPT_LOCATION="cat " + export KUBEDB_OPERATOR_TAG=$TAG + export KUBEDB_IMAGE_PULL_POLICY=Always fi if [ ! -z ${CUSTOM_OPERATOR_TAG:-} ]; then - export KUBEDB_OPERATOR_TAG="${CUSTOM_OPERATOR_TAG}" + export KUBEDB_OPERATOR_TAG="${CUSTOM_OPERATOR_TAG}" fi KUBE_APISERVER_VERSION=$(kubectl version -o=json | $ONESSL jsonpath '{.serverVersion.gitVersion}') -$ONESSL semver --check='<1.9.0' $KUBE_APISERVER_VERSION || { export KUBEDB_ENABLE_VALIDATING_WEBHOOK=true; export KUBEDB_ENABLE_MUTATING_WEBHOOK=true; } +$ONESSL semver --check='<1.9.0' $KUBE_APISERVER_VERSION || { + export KUBEDB_ENABLE_VALIDATING_WEBHOOK=true + export KUBEDB_ENABLE_MUTATING_WEBHOOK=true +} show_help() { - echo "kubedb.sh - install kubedb operator" - echo " " - echo "kubedb.sh [options]" - echo " " - echo "options:" - echo "-h, --help show brief help" - echo "-n, --namespace=NAMESPACE specify namespace (default: kube-system)" - echo " --rbac create RBAC roles and bindings (default: true)" - echo " --docker-registry docker registry used to pull KubeDB images (default: appscode)" - echo " --image-pull-secret name of secret used to pull KubeDB operator images" - echo " --run-on-master run KubeDB operator on master" - echo " --enable-validating-webhook enable/disable validating webhooks for KubeDB CRDs" - echo " --enable-mutating-webhook enable/disable mutating webhooks for KubeDB CRDs" - echo " --enable-analytics send usage events to Google Analytics (default: true)" - echo " --operator-name specify which kubedb operator to deploy (default: operator)" - echo " --uninstall uninstall KubeDB" - echo " --purge purges KubeDB crd objects and crds" + echo "kubedb.sh - install kubedb operator" + echo " " + echo "kubedb.sh [options]" + echo " " + echo "options:" + echo "-h, --help show brief help" + echo "-n, --namespace=NAMESPACE specify namespace (default: kube-system)" + echo " --rbac create RBAC roles and bindings (default: true)" + echo " --docker-registry docker registry used to pull KubeDB images (default: appscode)" + echo " --image-pull-secret name of secret used to pull KubeDB operator images" + echo " --run-on-master run KubeDB operator on master" + echo " --enable-validating-webhook enable/disable validating webhooks for KubeDB CRDs" + echo " --enable-mutating-webhook enable/disable mutating webhooks for KubeDB CRDs" + echo " --enable-analytics send usage events to Google Analytics (default: true)" + echo " --operator-name specify which kubedb operator to deploy (default: operator)" + echo " --uninstall uninstall KubeDB" + echo " --purge purges KubeDB crd objects and crds" } while test $# -gt 0; do - case "$1" in - -h|--help) - show_help - exit 0 - ;; - -n) - shift - if test $# -gt 0; then - export KUBEDB_NAMESPACE=$1 - else - echo "no namespace specified" - exit 1 - fi - shift - ;; - --namespace*) - export KUBEDB_NAMESPACE=`echo $1 | sed -e 's/^[^=]*=//g'` - shift - ;; - --docker-registry*) - export KUBEDB_DOCKER_REGISTRY=`echo $1 | sed -e 's/^[^=]*=//g'` - shift - ;; - --image-pull-secret*) - secret=`echo $1 | sed -e 's/^[^=]*=//g'` - export KUBEDB_IMAGE_PULL_SECRET="name: '$secret'" - shift - ;; - --enable-validating-webhook*) - val=`echo $1 | sed -e 's/^[^=]*=//g'` - if [ "$val" = "false" ]; then - export KUBEDB_ENABLE_VALIDATING_WEBHOOK=false - fi - shift - ;; - --enable-mutating-webhook*) - val=`echo $1 | sed -e 's/^[^=]*=//g'` - if [ "$val" = "false" ]; then - export KUBEDB_ENABLE_MUTATING_WEBHOOK=false - fi - shift - ;; - --enable-analytics*) - val=`echo $1 | sed -e 's/^[^=]*=//g'` - if [ "$val" = "false" ]; then - export KUBEDB_ENABLE_ANALYTICS=false - fi - shift - ;; - --rbac*) - val=`echo $1 | sed -e 's/^[^=]*=//g'` - if [ "$val" = "false" ]; then - export KUBEDB_SERVICE_ACCOUNT=default - export KUBEDB_ENABLE_RBAC=false - fi - shift - ;; - --run-on-master) - export KUBEDB_RUN_ON_MASTER=1 - shift - ;; - --operator-name*) - export KUBEDB_OPERATOR_NAME=`echo $1 | sed -e 's/^[^=]*=//g'` - shift - ;; - --uninstall) - export KUBEDB_UNINSTALL=1 - shift - ;; - --purge) - export KUBEDB_PURGE=1 - shift - ;; - *) - echo "Error: unknown flag:" $1 - show_help - exit 1 - ;; - esac + case "$1" in + -h | --help) + show_help + exit 0 + ;; + -n) + shift + if test $# -gt 0; then + export KUBEDB_NAMESPACE=$1 + else + echo "no namespace specified" + exit 1 + fi + shift + ;; + --namespace*) + export KUBEDB_NAMESPACE=$(echo $1 | sed -e 's/^[^=]*=//g') + shift + ;; + --docker-registry*) + export KUBEDB_DOCKER_REGISTRY=$(echo $1 | sed -e 's/^[^=]*=//g') + shift + ;; + --image-pull-secret*) + secret=$(echo $1 | sed -e 's/^[^=]*=//g') + export KUBEDB_IMAGE_PULL_SECRET="name: '$secret'" + shift + ;; + --enable-validating-webhook*) + val=$(echo $1 | sed -e 's/^[^=]*=//g') + if [ "$val" = "false" ]; then + export KUBEDB_ENABLE_VALIDATING_WEBHOOK=false + fi + shift + ;; + --enable-mutating-webhook*) + val=$(echo $1 | sed -e 's/^[^=]*=//g') + if [ "$val" = "false" ]; then + export KUBEDB_ENABLE_MUTATING_WEBHOOK=false + fi + shift + ;; + --enable-analytics*) + val=$(echo $1 | sed -e 's/^[^=]*=//g') + if [ "$val" = "false" ]; then + export KUBEDB_ENABLE_ANALYTICS=false + fi + shift + ;; + --rbac*) + val=$(echo $1 | sed -e 's/^[^=]*=//g') + if [ "$val" = "false" ]; then + export KUBEDB_SERVICE_ACCOUNT=default + export KUBEDB_ENABLE_RBAC=false + fi + shift + ;; + --run-on-master) + export KUBEDB_RUN_ON_MASTER=1 + shift + ;; + --operator-name*) + export KUBEDB_OPERATOR_NAME=$(echo $1 | sed -e 's/^[^=]*=//g') + shift + ;; + --uninstall) + export KUBEDB_UNINSTALL=1 + shift + ;; + --purge) + export KUBEDB_PURGE=1 + shift + ;; + *) + echo "Error: unknown flag:" $1 + show_help + exit 1 + ;; + esac done if [ "$KUBEDB_UNINSTALL" -eq 1 ]; then - # delete webhooks and apiservices - kubectl delete validatingwebhookconfiguration -l app=kubedb || true - kubectl delete mutatingwebhookconfiguration -l app=kubedb || true - kubectl delete apiservice -l app=kubedb - # delete kubedb operator - kubectl delete deployment -l app=kubedb --namespace $KUBEDB_NAMESPACE - kubectl delete service -l app=kubedb --namespace $KUBEDB_NAMESPACE - kubectl delete secret -l app=kubedb --namespace $KUBEDB_NAMESPACE - # delete RBAC objects, if --rbac flag was used. - kubectl delete serviceaccount -l app=kubedb --namespace $KUBEDB_NAMESPACE - kubectl delete clusterrolebindings -l app=kubedb - kubectl delete clusterrole -l app=kubedb - kubectl delete rolebindings -l app=kubedb --namespace $KUBEDB_NAMESPACE - kubectl delete role -l app=kubedb --namespace $KUBEDB_NAMESPACE - - echo "waiting for kubedb operator pod to stop running" - for (( ; ; )); do - pods=($(kubectl get pods --all-namespaces -l app=kubedb -o jsonpath='{range .items[*]}{.metadata.name} {end}')) - total=${#pods[*]} - if [ $total -eq 0 ] ; then - break - fi - sleep 2 + # delete webhooks and apiservices + kubectl delete validatingwebhookconfiguration -l app=kubedb || true + kubectl delete mutatingwebhookconfiguration -l app=kubedb || true + kubectl delete apiservice -l app=kubedb + # delete kubedb operator + kubectl delete deployment -l app=kubedb --namespace $KUBEDB_NAMESPACE + kubectl delete service -l app=kubedb --namespace $KUBEDB_NAMESPACE + kubectl delete secret -l app=kubedb --namespace $KUBEDB_NAMESPACE + # delete RBAC objects, if --rbac flag was used. + kubectl delete serviceaccount -l app=kubedb --namespace $KUBEDB_NAMESPACE + kubectl delete clusterrolebindings -l app=kubedb + kubectl delete clusterrole -l app=kubedb + kubectl delete rolebindings -l app=kubedb --namespace $KUBEDB_NAMESPACE + kubectl delete role -l app=kubedb --namespace $KUBEDB_NAMESPACE + + echo "waiting for kubedb operator pod to stop running" + for (( ; ; )); do + pods=($(kubectl get pods --all-namespaces -l app=kubedb -o jsonpath='{range .items[*]}{.metadata.name} {end}')) + total=${#pods[*]} + if [ $total -eq 0 ]; then + break + fi + sleep 2 + done + + # https://github.com/kubernetes/kubernetes/issues/60538 + if [ "$KUBEDB_PURGE" -eq 1 ]; then + for crd in "${crds[@]}"; do + pairs=($(kubectl get ${crd}.kubedb.com --all-namespaces -o jsonpath='{range .items[*]}{.metadata.name} {.metadata.namespace} {end}' || true)) + total=${#pairs[*]} + + # save objects + if [ $total -gt 0 ]; then + echo "dumping ${crd} objects into ${crd}.yaml" + kubectl get ${crd}.kubedb.com --all-namespaces -o yaml >${crd}.yaml + fi + + for ((i = 0; i < $total; i += 2)); do + name=${pairs[$i]} + namespace=${pairs[$i + 1]} + # remove finalizers + kubectl patch ${crd}.kubedb.com $name -n $namespace -p '{"metadata":{"finalizers":[]}}' --type=merge + # delete crd object + echo "deleting ${crd} $namespace/$name" + kubectl delete ${crd}.kubedb.com $name -n $namespace + done + + # delete crd + kubectl delete crd ${crd}.kubedb.com || true done - # https://github.com/kubernetes/kubernetes/issues/60538 - if [ "$KUBEDB_PURGE" -eq 1 ]; then - for crd in "${crds[@]}"; do - pairs=($(kubectl get ${crd}.kubedb.com --all-namespaces -o jsonpath='{range .items[*]}{.metadata.name} {.metadata.namespace} {end}' || true)) - total=${#pairs[*]} - - # save objects - if [ $total -gt 0 ]; then - echo "dumping ${crd} objects into ${crd}.yaml" - kubectl get ${crd}.kubedb.com --all-namespaces -o yaml > ${crd}.yaml - fi - - for (( i=0; i<$total; i+=2 )); do - name=${pairs[$i]} - namespace=${pairs[$i + 1]} - # remove finalizers - kubectl patch ${crd}.kubedb.com $name -n $namespace -p '{"metadata":{"finalizers":[]}}' --type=merge - # delete crd object - echo "deleting ${crd} $namespace/$name" - kubectl delete ${crd}.kubedb.com $name -n $namespace - done - - # delete crd - kubectl delete crd ${crd}.kubedb.com || true - done - - # delete user roles - kubectl delete clusterroles kubedb:core:admin kubedb:core:edit kubedb:core:view - fi + # delete user roles + kubectl delete clusterroles kubedb:core:admin kubedb:core:edit kubedb:core:view + fi - echo - echo "Successfully uninstalled KubeDB!" - exit 0 + echo + echo "Successfully uninstalled KubeDB!" + exit 0 fi echo "checking whether extended apiserver feature is enabled" -$ONESSL has-keys configmap --namespace=kube-system --keys=requestheader-client-ca-file extension-apiserver-authentication || { echo "Set --requestheader-client-ca-file flag on Kubernetes apiserver"; exit 1; } +$ONESSL has-keys configmap --namespace=kube-system --keys=requestheader-client-ca-file extension-apiserver-authentication || { + echo "Set --requestheader-client-ca-file flag on Kubernetes apiserver" + exit 1 +} echo "" export KUBE_CA= export KUBEDB_ENABLE_APISERVER=false if [ "$KUBEDB_ENABLE_VALIDATING_WEBHOOK" = true ] || [ "$KUBEDB_ENABLE_MUTATING_WEBHOOK" = true ]; then - $ONESSL get kube-ca >/dev/null 2>&1 || { echo "Admission webhooks can't be used when kube apiserver is accesible without verifying its TLS certificate (insecure-skip-tls-verify : true)."; echo; exit 1; } - export KUBE_CA=$($ONESSL get kube-ca | $ONESSL base64) - export KUBEDB_ENABLE_APISERVER=true + $ONESSL get kube-ca >/dev/null 2>&1 || { + echo "Admission webhooks can't be used when kube apiserver is accesible without verifying its TLS certificate (insecure-skip-tls-verify : true)." + echo + exit 1 + } + export KUBE_CA=$($ONESSL get kube-ca | $ONESSL base64) + export KUBEDB_ENABLE_APISERVER=true fi env | sort | grep KUBEDB* @@ -308,40 +323,49 @@ export TLS_SERVING_KEY=$(cat server.key | $ONESSL base64) ${SCRIPT_LOCATION}hack/deploy/operator.yaml | $ONESSL envsubst | kubectl apply -f - if [ "$KUBEDB_ENABLE_RBAC" = true ]; then - ${SCRIPT_LOCATION}hack/deploy/service-account.yaml | $ONESSL envsubst | kubectl apply -f - - ${SCRIPT_LOCATION}hack/deploy/rbac-list.yaml | $ONESSL envsubst | kubectl auth reconcile -f - - ${SCRIPT_LOCATION}hack/deploy/user-roles.yaml | $ONESSL envsubst | kubectl auth reconcile -f - + ${SCRIPT_LOCATION}hack/deploy/service-account.yaml | $ONESSL envsubst | kubectl apply -f - + ${SCRIPT_LOCATION}hack/deploy/rbac-list.yaml | $ONESSL envsubst | kubectl auth reconcile -f - + ${SCRIPT_LOCATION}hack/deploy/user-roles.yaml | $ONESSL envsubst | kubectl auth reconcile -f - fi if [ "$KUBEDB_RUN_ON_MASTER" -eq 1 ]; then - kubectl patch deploy kubedb-$KUBEDB_OPERATOR_NAME -n $KUBEDB_NAMESPACE \ - --patch="$(${SCRIPT_LOCATION}hack/deploy/run-on-master.yaml)" + kubectl patch deploy kubedb-$KUBEDB_OPERATOR_NAME -n $KUBEDB_NAMESPACE \ + --patch="$(${SCRIPT_LOCATION}hack/deploy/run-on-master.yaml)" fi if [ "$KUBEDB_ENABLE_VALIDATING_WEBHOOK" = true ]; then - ${SCRIPT_LOCATION}hack/deploy/validating-webhook.yaml | $ONESSL envsubst | kubectl apply -f - + ${SCRIPT_LOCATION}hack/deploy/validating-webhook.yaml | $ONESSL envsubst | kubectl apply -f - fi if [ "$KUBEDB_ENABLE_MUTATING_WEBHOOK" = true ]; then - ${SCRIPT_LOCATION}hack/deploy/mutating-webhook.yaml | $ONESSL envsubst | kubectl apply -f - + ${SCRIPT_LOCATION}hack/deploy/mutating-webhook.yaml | $ONESSL envsubst | kubectl apply -f - fi echo echo "waiting until kubedb operator deployment is ready" -$ONESSL wait-until-ready deployment kubedb-$KUBEDB_OPERATOR_NAME --namespace $KUBEDB_NAMESPACE || { echo "KubeDB operator deployment failed to be ready"; exit 1; } +$ONESSL wait-until-ready deployment kubedb-$KUBEDB_OPERATOR_NAME --namespace $KUBEDB_NAMESPACE || { + echo "KubeDB operator deployment failed to be ready" + exit 1 +} if [ "$KUBEDB_ENABLE_APISERVER" = true ]; then - echo "waiting until kubedb apiservice is available" - for api in "${apiServices[@]}"; do - $ONESSL wait-until-ready apiservice ${api}.kubedb.com || { echo "KubeDB apiservice $api failed to be ready"; exit 1; } - done + echo "waiting until kubedb apiservice is available" + for api in "${apiServices[@]}"; do + $ONESSL wait-until-ready apiservice ${api}.kubedb.com || { + echo "KubeDB apiservice $api failed to be ready" + exit 1 + } + done fi if [ "$KUBEDB_OPERATOR_NAME" = "operator" ]; then - echo "waiting until kubedb crds are ready" - for crd in "${crds[@]}"; do - $ONESSL wait-until-ready crd ${crd}.kubedb.com || { echo "$crd crd failed to be ready"; exit 1; } - done + echo "waiting until kubedb crds are ready" + for crd in "${crds[@]}"; do + $ONESSL wait-until-ready crd ${crd}.kubedb.com || { + echo "$crd crd failed to be ready" + exit 1 + } + done fi echo