80 lines
2.3 KiB
Bash
Executable File
80 lines
2.3 KiB
Bash
Executable File
#!/bin/bash
|
|
|
|
# sync-secrets.sh
|
|
# Automically updates kustomization resources and deployment patches using yq.
|
|
|
|
BASE_DIR="k8s/overlays"
|
|
SECRETS_DIR="k8s/service-config/Secrets"
|
|
|
|
# Determinar qué ambientes procesar
|
|
if [ -n "$1" ]; then
|
|
ENVS=("$1")
|
|
else
|
|
ENVS=("dev" "qat" "prd" "box")
|
|
fi
|
|
|
|
for ENV in "${ENVS[@]}"; do
|
|
echo "Processing environment: $ENV..."
|
|
KUST_FILE="$BASE_DIR/$ENV/kustomization.yaml"
|
|
PATCH_FILE="$BASE_DIR/$ENV/litellm-patch.yaml"
|
|
|
|
if [ ! -f "$KUST_FILE" ]; then
|
|
echo "Error: Kustomization file not found at $KUST_FILE"
|
|
continue
|
|
fi
|
|
|
|
# 1. Clear existing dynamic secret resources from kustomization.yaml
|
|
yq -i 'del(.resources[] | select(. == "../../service-config/Secrets/*"))' "$KUST_FILE"
|
|
|
|
# 2. Clear existing deployment patches that manage envFrom (by path or by content)
|
|
yq -i 'del(.patches[] | select(.path == "litellm-patch.yaml" or .patch == "*envFrom*"))' "$KUST_FILE"
|
|
|
|
# 3. Identify environment-specific secrets
|
|
FILES=$(ls $SECRETS_DIR/*-${ENV}.yaml 2>/dev/null)
|
|
|
|
# 4. Generate the Strategic Merge Patch content (envFrom list)
|
|
ENV_FROM_LIST=" - configMapRef:
|
|
name: litellm-env"
|
|
|
|
if [ -n "$FILES" ]; then
|
|
for FILE in $FILES; do
|
|
REL_PATH="../../service-config/Secrets/$(basename $FILE)"
|
|
SECRET_NAME=$(yq '.metadata.name' "$FILE" | tr -d '"')
|
|
|
|
echo " Adding secret: $SECRET_NAME ($REL_PATH)"
|
|
|
|
# Add secret to kustomization resources
|
|
yq -i ".resources += [\"$REL_PATH\"]" "$KUST_FILE"
|
|
|
|
# Append to patch content
|
|
ENV_FROM_LIST="$ENV_FROM_LIST
|
|
- secretRef:
|
|
name: $SECRET_NAME"
|
|
done
|
|
|
|
# 5. Create the dedicated patch file with NAMESPACE included
|
|
cat <<EOF > "$PATCH_FILE"
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: litellm
|
|
namespace: litellm
|
|
spec:
|
|
template:
|
|
spec:
|
|
containers:
|
|
- name: litellm
|
|
envFrom:
|
|
$ENV_FROM_LIST
|
|
EOF
|
|
|
|
# 6. Reference the patch file in kustomization.yaml
|
|
yq -i ".patches += [{\"path\": \"litellm-patch.yaml\"}]" "$KUST_FILE"
|
|
else
|
|
echo " No secrets found for $ENV, skipping patch."
|
|
rm -f "$PATCH_FILE"
|
|
fi
|
|
done
|
|
|
|
echo "¡Synchronization complete with namespaced external patch files!"
|