Last active
February 12, 2021 16:23
-
-
Save pt033302/648d94c239684dbbd0e9adfc9efaca7f to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| set -euo pipefail | |
| MIRROR_REG=${MIRROR_REG:-ec2-52-14-193-37.us-east-2.compute.amazonaws.com:5000} | |
| PRODUCT_NAME=${PRODUCT_NAME:-openshift-pipelines-operator-rh} | |
| INDEX=${INDEX:-} | |
| BREW_IIB_PREFIX="brew.registry.redhat.io/rh-osbs/iib" | |
| REGISTRY_IMAGE=$BREW_IIB_PREFIX:$INDEX | |
| REG_CREDS=${REG_CREDS:$HOME/.docker/config.json} | |
| OUTPUT_IMAGE=$MIRROR_REG/rh-osbs/redhat-operator-index:$INDEX | |
| ENVIRONMENT=${ENVIRONMENT:-"pre-stage"} | |
| echo -e $REGISTRY_IMAGE | |
| echo -e $OUTPUT_IMAGE | |
| if [ -z $MIRROR_REG ]; then | |
| echo -e "Specify mirror registry as a parameter of this script \n" | |
| echo "Usage:" | |
| echo " $0 [name]" | |
| exit 1 | |
| fi | |
| if [ -z $INDEX ]; then | |
| echo -e "Specify Index tag for catalogsource as a parameter of this script \n" | |
| echo "Usage:" | |
| echo " $0 [name]" | |
| exit 1 | |
| fi | |
| if [ -z $USERNAME ]; then | |
| echo -e "Specify Brew registry Username \n" | |
| echo "Usage:" | |
| echo " $0 [name]" | |
| exit 1 | |
| fi | |
| if [ -z $PASSWORD ]; then | |
| echo -e "Specify Brew registry Password \n" | |
| echo "Usage:" | |
| echo " $0 [name]" | |
| exit 1 | |
| fi | |
| if [ -z $KBUSER ]; then | |
| echo -e "Specify kerbrose Username \n" | |
| echo "Usage:" | |
| echo " $0 [name]" | |
| exit 1 | |
| fi | |
| if [ -z $KBPASSWORD ]; then | |
| echo -e "Specify kerbrose Password \n" | |
| echo "Usage:" | |
| echo " $0 [name]" | |
| exit 1 | |
| fi | |
| echo -e "Installing opm cli...." | |
| oc image extract registry.redhat.io/openshift4/ose-operator-registry:v4.6 \ | |
| -a ${REG_CREDS} \ | |
| --path /usr/bin/registry/opm:. \ | |
| --confirm | |
| chmod +x opm | |
| function reset() { | |
| rm -rf authfile | |
| } | |
| oc get secret/pull-secret -n openshift-config -o json | jq -r '.data.".dockerconfigjson"' | | |
| base64 -d > authfile | |
| Logging into mirror registry | |
| echo "Loggin to on mirror-registry" | |
| oc registry login --insecure=true --registry $MIRROR_REG --auth-basic="dummy:dummy" | |
| podman login -u dummy -p dummy $MIRROR_REG --tls-verify=false --authfile=${REG_CREDS} | |
| sleep 3 | |
| echo -e "Add mirror-registry authtication details to default pull-secret" | |
| oc registry login --insecure=true --registry $MIRROR_REG --auth-basic="dummy:dummy" --to=authfile | |
| sleep 3 | |
| echo "set mirror-registry authtication details to default pull-secret" | |
| oc set da/ta secret/pull-secret -n openshift-config --from-file=.dockerconfigjson=authfile | |
| sleep 3 | |
| # Loggin into brew registry | |
| podman login -u $USERNAME -p $PASSWORD brew.registry.redhat.io --tls-verify=true | |
| oc registry login --registry brew.registry.redhat.io --auth-basic="$USERNAME:$PASSWORD" --insecure=true | |
| # prune index image | |
| ./opm index prune \ | |
| -f $REGISTRY_IMAGE \ | |
| -p $PRODUCT_NAME \ | |
| -t $OUTPUT_IMAGE | |
| podman push $OUTPUT_IMAGE --tls-verify=false | |
| # Generate Manifests required to configure operatorhub | |
| oc adm catalog mirror $OUTPUT_IMAGE $MIRROR_REG/rh-osbs --insecure --filter-by-os=".*" --manifests-only | |
| function reset() { | |
| echo "Restore mapping.txt" | |
| cp ./$(ls -a | egrep "manifests-redhat-operator-index"| awk '{print $1}')/mapping.txt.bk ./$(ls -a | egrep "manifests-redhat-operator-index"| awk '{print $1}')/mapping.txt || true | |
| rm -rf ./$(ls -a | egrep "manifests-redhat-operator-index"| awk '{print $1}')/mapping.txt.bk | |
| rm -rf final-mapping.txt | |
| echo -e "Remove traces" | |
| rm -rf authfile | |
| } | |
| echo "Backup mapping.txt" | |
| cp ./$(ls -a | egrep "manifests-redhat-operator-index"| awk '{print $1}')/mapping.txt ./$(ls -a | egrep "manifests-redhat-operator-index"| awk '{print $1}')/mapping.txt.bk | |
| trap reset ERR EXIT | |
| if [[ ${ENVIRONMENT} = "stage" ]]; then | |
| sed -i -e "s|registry.redhat.io/openshift-pipelines-tech-preview/|brew.registry.redhat.io/rh-osbs/openshift-pipelines-tech-preview-|g" \ | |
| -e "s|registry.stage.redhat.io/rh-osbs|brew.registry.redhat.io/rh-osbs|g" \ | |
| -e "s|registry.stage.redhat.io|brew.registry.redhat.io|g" \ | |
| -e "s|registry-proxy.engineering.redhat.com|brew.registry.redhat.io|g" \ | |
| ./$(ls -a | egrep "manifests-redhat-operator-index"| awk '{print $1}')/mapping.txt | |
| else | |
| sed -i -e "s|registry.redhat.io/openshift-pipelines-tech-preview/|brew.registry.redhat.io/rh-osbs/openshift-pipelines-tech-preview-|g" \ | |
| -e "s|registry-proxy.engineering.redhat.com/rh-osbs|brew.registry.redhat.io/rh-osbs|g" \ | |
| -e "s|registry.stage.redhat.io|brew.registry.redhat.io|g" \ | |
| -e "s|registry-proxy.engineering.redhat.com|brew.registry.redhat.io|g" \ | |
| ./$(ls -a | egrep "manifests-redhat-operator-index"| awk '{print $1}')/mapping.txt | |
| fi | |
| find_list="\ | |
| registry.access.redhat.com/ubi8/ubi-minimal \ | |
| openshift-serverless-1/client-kn-rhel8 \ | |
| rhel8/skopeo \ | |
| rhel8/buildah \ | |
| ocp-tools-43-tech-preview/source-to-image-rhel8 \ | |
| openshift4/ose-cli \ | |
| pipelines \ | |
| " | |
| for item in $find_list; do | |
| grep -E "$item" ./$(ls -a | egrep "manifests-redhat-operator-index"| awk '{print $1}')/mapping.txt >> final-mapping.txt | |
| done | |
| echo -e ">> started mirroring!..." | |
| oc image mirror -f final-mapping.txt --keep-manifest-list=true -a ${REG_CREDS} --insecure | |
| oc apply -f ./$(ls -a | egrep "manifests-redhat-operator-index"| awk '{print $1}')/imageContentSourcePolicy.yaml | |
| # DisableDefaultSources | |
| oc patch OperatorHub cluster --type json -p '[{"op": "add", "path": "/spec/disableAllDefaultSources", "value": true}]' | |
| echo ">> waiting for nodes to get restarted.." | |
| machines=$(oc get machineconfigpool -o=jsonpath='{.items[*].metadata.name}{" "}') | |
| sleep 60 | |
| for machine in ${machines}; do | |
| echo ">> Waiting for machineconfigpool on node $machine to be in state Updated=true && Updating=false" | |
| while true; do | |
| sleep 3 | |
| oc wait --for=condition=Updated=True -n openshift-operators machineconfigpool $machine --timeout=5m && oc wait --for=condition=Updating=False -n openshift-operators machineconfigpool $machine --timeout=5m > /dev/null 2>&1 && break | |
| done | |
| done | |
| #Create/apply catalog source | |
| oc apply -f - << EOD | |
| apiVersion: operators.coreos.com/v1alpha1 | |
| kind: CatalogSource | |
| metadata: | |
| name: redhat-operators-stage | |
| namespace: openshift-marketplace | |
| spec: | |
| sourceType: grpc | |
| image: $OUTPUT_IMAGE | |
| displayName: redhat-operators-stage | |
| updateStrategy: | |
| registryPoll: | |
| interval: 30m | |
| EOD |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
L125-L151 is pipeline specific you have to change this according while you setup your product