networkglue fixes

README.md

@@ -101,7 +101,7 @@ First, generate a GitHub personal access token (PAT) with minimal permissions fo
 
 - https://github.com/settings/personal-access-tokens/
 - limit to the specific repository
-- contents (read)
+- contents (write, needs for branches)
 - PRs (write)
 
 Install (token will be needed here)
@@ -178,3 +178,5 @@ TODO
 - go missing from devcontainer -> clean go.sums etc
 - harden the configs
 - make postgre managed identity to work, would require some postgre commands?
+- network-glue do not create PR if no changes
+- network-glue save status to crd

network-glue/Dockerfile

@@ -1,4 +1,4 @@
 FROM ghcr.io/flant/shell-operator:latest
-RUN apk add git
+RUN apk add git curl
 ADD hooks /hooks
 

network-glue/hooks/bin/clone-repo.sh

@@ -19,7 +19,7 @@ fi
 # Clone the repository using the GitHub token
 echo "Cloning the repository..."
 rm -rf "$REPO_DIR"
-git clone https://"${GIT_TOKEN}":x-oauth-basic@"$REPO_URL" "$REPO_DIR"
+git clone https://"${GIT_TOKEN}":x-oauth-basic@"${REPO_URL#https://}" "$REPO_DIR"
 cd "$REPO_DIR"
 
 # Create a new branch for the changes

network-glue/hooks/bin/create-pr.sh

@@ -11,10 +11,12 @@ set -u
 # BRANCH_NAME
 # FILE_TO_UPDATE
 # Configuration
+GIT_USER="shell-operator"
+GIT_EMAIL="shell-operator@example.com"
 COMMIT_MESSAGE="Update configuration file"
 PR_TITLE="Proposal: Update Configuration $FILE_TO_UPDATE"
 PR_BODY="This PR proposes updates to the configuration file."
-TARGET_BRANCH="master"
+TARGET_BRANCH="main"
 
 # Load the GitHub token from environment variable (e.g., from a Kubernetes secret)
 if [ -z "$GIT_TOKEN" ]; then
@@ -23,13 +25,16 @@ if [ -z "$GIT_TOKEN" ]; then
 fi
 
 # Add and commit the changes
+cd "$REPO_DIR"
 git add "$FILE_TO_UPDATE"
-echo "Committing the changes..."
+echo "Committing the changes with $GIT_USER <$GIT_EMAIL>..."
+git config --global user.name "$GIT_USER"
+git config --global user.email "$GIT_EMAIL"
 git commit -m "$COMMIT_MESSAGE"
 
 # Push the changes to the new branch
 echo "Pushing the changes to the branch $BRANCH_NAME..."
-git push origin "$BRANCH_NAME"
+git push origin "$BRANCH_NAME" -f
 
 # example https://github.com/toddnni/pe-automation-demo-2024-repo
 REPO_NAME="${REPO_URL##*/}"
@@ -39,18 +44,13 @@ echo "Resolved repo owner and name: $REPO_OWNER, $REPO_NAME"
 
 
 echo "Creating a pull request..."
-curl -X POST \
-  -H "Authorization: token ${GITHUB_TOKEN}" \
-  -H "Accept: application/vnd.github.v3+json" \
-  --fail
-  -d @- \
-  "https://github.com/repos/${REPO_OWNER}/${REPO_NAME}/pulls" <<EOF
-{
-  "title": "${PR_TITLE}",
-  "body": "${PR_BODY}",
-  "head": "${BRANCH_NAME}",
-  "base": "${TARGET_BRANCH}"
-}
-EOF
+curl -L -X POST \
+  -H "Accept: application/vnd.github+json" \
+  -H "Authorization: Bearer ${GIT_TOKEN}" \
+  -H "X-GitHub-Api-Version: 2022-11-28" \
+  --fail \
+  -d "{ \"title\": \"${PR_TITLE}\", \"body\": \"${PR_BODY}\", \"head\": \"${BRANCH_NAME}\", \"base\": \"${TARGET_BRANCH}\" }" \
+  "https://api.github.com/repos/${REPO_OWNER}/${REPO_NAME}/pulls"
+
 
 echo "Pull request created successfully!"

network-glue/hooks/hook.sh

@@ -19,30 +19,31 @@ else
   type=$(jq -r '.[0].type' "${BINDING_CONTEXT_PATH}")
   namespace=$(jq -r '.[0].object.metadata.namespace' "${BINDING_CONTEXT_PATH}")
   name=$(jq -r '.[0].object.metadata.name' "${BINDING_CONTEXT_PATH}")
+  version=$(jq -r '.[0].object.metadata.resourceVersion' "${BINDING_CONTEXT_PATH}")
   eventType=$(jq -r '.[0].watchEvent' "${BINDING_CONTEXT_PATH}")
   source=$(jq -r '.[0].object.spec.source.networkCIDR' "${BINDING_CONTEXT_PATH}")
   target=$(jq -r '.[0].object.spec.target.networkCIDR' "${BINDING_CONTEXT_PATH}")
   targetPort=$(jq -r '.[0].object.spec.target.port' "${BINDING_CONTEXT_PATH}")
 
-  export REPO_URL="$REPO_URL"
+  export REPO_URL="$(echo $REPO_URL | tr -d '\n ')" # strip newlines
   export REPO_DIR=/git
-  export BRANCH_NAME="feature/update-config-$(date +%Y%m%d-%H%M%S)"
+  export BRANCH_NAME="feature/update-config-$namespace-$name-$version"
   export FILE_TO_UPDATE="$REPO_DIR/$namespace-$name.json"
 
   if [[ $type == "Synchronization" ]] ; then
     # handle existing objects
     echo "sync asked"
   fi
 
-  if [[ $type == "Event" ]] && ([[ $eventType = "Added" ]] || [[ $eventType = "Updated" ]]) ; then
+  if [[ $type == "Event" ]] && ([[ $eventType = "Added" ]] || [[ $eventType = "Modified" ]]) ; then
     echo "${name} object is added or modified"
     bash bin/clone-repo.sh
     echo "{ \"source\": \"$source\", \"target\": \"$target\", \"targetPort\": \"$targetPort\" }" > "$FILE_TO_UPDATE"
     bash bin/create-pr.sh
   elif [[ $type == "Event" ]] && [[ $eventType = "Deleted" ]] ; then
     echo "${name} object is deleted"
     bash bin/clone-repo.sh
-    echo "{ \"source\": \"$source\", \"target\": \"$target\", \"targetPort\": \"$targetPort\" }" > "$FILE_TO_UPDATE"
+    rm "$FILE_TO_UPDATE"
     bash bin/create-pr.sh
   fi
 fi

ng.yaml

@@ -8,5 +8,5 @@ spec:
   source:
     networkCIDR: 192.168.0.0/24
   target:
-    networkCIDR: 192.168.1.0/24
+    networkCIDR: 192.168.3.0/24
     port: "443"