Last active
October 20, 2020 08:31
-
-
Save praveen4g0/70adc88609792c9c588c0e6d1ada9d40 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| set -euo pipefail | |
| MIRROR_REG=${MIRROR_REG:-} | |
| PRODUCT_NAME=${PRODUCT_NAME:-pipeline} | |
| INDEX=${INDEX:-} | |
| BREW_IIB_PREFIX="brew.registry.redhat.io/rh-osbs/iib" | |
| REGISTRY_IMAGE=$BREW_IIB_PREFIX:$INDEX | |
| OUTPUT_IMAGE=$MIRROR_REG/rh-osbs/iib:$INDEX | |
| ENVIRONMENT=${ENVIRONMENT:-"pre-stage"} | |
| echo -e $REGISTRY_IMAGE | |
| if [ -z $MIRROR_REG ]; then | |
| echo -e "Specify mirror registry as a parameter of this script \n" | |
| echo "Usage:" | |
| echo " $0 [name]" | |
| exit 1 | |
| fi | |
| if [ -z $INDEX ]; then | |
| echo -e "Specify Index tag for catalogsource as a parameter of this script \n" | |
| echo "Usage:" | |
| echo " $0 [name]" | |
| exit 1 | |
| fi | |
| if [ -z $USERNAME ]; then | |
| echo -e "Specify Brew registry Username \n" | |
| echo "Usage:" | |
| echo " $0 [name]" | |
| exit 1 | |
| fi | |
| if [ -z $PASSWORD ]; then | |
| echo -e "Specify Brew registry Password \n" | |
| echo "Usage:" | |
| echo " $0 [name]" | |
| exit 1 | |
| fi | |
| function wait_run_in_parallel() | |
| { | |
| local number_to_run_concurrently=$1 | |
| if [ `jobs -np | wc -l` -gt $number_to_run_concurrently ]; then | |
| wait `jobs -np | head -1` # wait for the oldest one to finish | |
| fi | |
| } | |
| function mirror_images() | |
| { | |
| local sleep_time=$(($RANDOM % 10)) | |
| echo "starting mirroring $1" | |
| sleep $sleep_time && skopeo copy --all docker://$1 docker://$2 --dest-tls-verify=false || exit 1 | |
| } | |
| # Logging into mirror registry | |
| oc registry login --registry $MIRROR_REG --auth-basic="dummy:dummy" --insecure=true | |
| podman login -u dummy -p dummy $MIRROR_REG --tls-verify=false | |
| oc get secret/pull-secret -n openshift-config -o json | jq -r '.data.".dockerconfigjson"' | | |
| base64 -d > authfile | |
| echo "Loggin to on mirror-registry registry" | |
| oc registry login --insecure=true --registry $MIRROR_REG --auth-basic="dummy:dummy" --to=authfile | |
| echo "set mirror-registry authtication details to default pull-secret" | |
| oc set data secret/pull-secret -n openshift-config --from-file=.dockerconfigjson=authfile | |
| sleep 3 | |
| # Loggin into brew registry | |
| podman login -u $USERNAME -p $PASSWORD brew.registry.redhat.io --tls-verify=true | |
| oc registry login --registry brew.registry.redhat.io --auth-basic="$USERNAME:$PASSWORD" --insecure=true | |
| # Tag, build & push iib image | |
| podman pull $REGISTRY_IMAGE | |
| podman tag $REGISTRY_IMAGE $OUTPUT_IMAGE | |
| podman push $OUTPUT_IMAGE --tls-verify=false | |
| # Generate Manifests required to configure operatorhub | |
| oc adm catalog mirror $OUTPUT_IMAGE $MIRROR_REG --insecure --manifests-only | |
| if [[ ${ENVIRONMENT} = "stage" ]]; then | |
| sed -i -e "s|registry.redhat.io/openshift-pipelines-tech-preview/|brew.registry.redhat.io/rh-osbs/openshift-pipelines-tech-preview-|g" \ | |
| -e "s|registry.stage.redhat.io/rh-osbs|brew.registry.redhat.io/rh-osbs|g" \ | |
| ./iib-manifests/mapping.txt | |
| else | |
| sed -i -e "s|registry.redhat.io/openshift-pipelines-tech-preview/|brew.registry.redhat.io/rh-osbs/openshift-pipelines-tech-preview-|g" \ | |
| -e "s|registry-proxy.engineering.redhat.com/rh-osbs|brew.registry.redhat.io/rh-osbs|g" \ | |
| ./iib-manifests/mapping.txt | |
| fi | |
| sed -i -e 's/\(.*\)\(:.*$\)/\1/' ./iib-manifests/mapping.txt | |
| cat ./iib-manifests/mapping.txt | while read mapping | |
| do | |
| for images in $mapping | |
| do | |
| image=($(echo $images | tr "=" "\n")) | |
| mirror_images ${image[0]} ${image[1]} & | |
| # now wait if there are more than N sub processes executing | |
| wait_run_in_parallel 2 | |
| done | |
| done | |
| wait | |
| oc apply -f ./iib-manifests/imageContentSourcePolicy.yaml | |
| # DisableDefaultSources | |
| oc patch OperatorHub cluster --type json -p '[{"op": "add", "path": "/spec/disableAllDefaultSources", "value": true}]' | |
| sleep 60 | |
| echo ">> waiting for nodes to get restarted.." | |
| machines=$(oc get machineconfigpool -o=jsonpath='{.items[*].metadata.name}{" "}') | |
| for machine in ${machines}; do | |
| echo ">> Waiting for machineconfigpool on node $machine to be in state Updated=true && Updating=false" | |
| while true; do | |
| sleep 3 | |
| oc wait --for=condition=Updated=True -n openshift-operators machineconfigpool $machine --timeout=5m && oc wait --for=condition=Updating=False -n openshift-operators machineconfigpool $machine --timeout=5m > /dev/null 2>&1 && break | |
| done | |
| done | |
| # Create/apply catalog source | |
| oc apply -f - << EOD | |
| apiVersion: operators.coreos.com/v1alpha1 | |
| kind: CatalogSource | |
| metadata: | |
| name: redhat-operators-stage | |
| namespace: openshift-marketplace | |
| spec: | |
| sourceType: grpc | |
| image: $OUTPUT_IMAGE | |
| displayName: redhat-operators-stage | |
| updateStrategy: | |
| registryPoll: | |
| interval: 30m | |
| EOD |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment