sudhirpandey/Dockerfile

## Dockerfile
----Dockerfile-----
FROM registry.access.redhat.com/rhel7/rhel:latest
MAINTAINER Sudhir Pandey <sudhir2pandey@gmail.com>
COPY oc /usr/local/bin/oc
ENV HOME /apps
RUN mkdir -p /apps &&\
    chown -R 1001:0 ${HOME} &&\
    chmod -R g+rwX ${HOME}
COPY scripts/ /apps
WORKDIR ${HOME}
ENTRYPOINT ["oc","observe","services","--"]
CMD [ "/apps/setpromannonations.sh" ]

## jobwatch.sh
#! /bin/bash

NAMESPACE=$1
RESOURCE=$2
SUCESSSTATUS=0
FAILEDSTATUS=0

#grab projects from environment varaiables paased from deployment config
IFS=', ' read -r -a projects <<< "$PROJECTS"

in_array() {
    local haystack=${1}[@]
    local needle=${2}
    for i in ${!haystack}; do
        if [[ ${i} == ${needle} ]]; then
            return 0
        fi
    done
    return 1
}

#If the namespace encountered is not inder watch list project env variable $PROJECTS do not do anything.
if in_array projects $NAMESPACE; then

   if [[ $EVENT == "Updated"  || $EVENT == "Sync" ]]; then
      SUCESSSTATUS=$(oc get job $RESOURCE -n $NAMESPACE --template="{{ .status.succeeded }}")
      FAILEDSTATUS=$(oc get job $RESOURCE -n $NAMESPACE --template="{{ .status.failed }}")
   fi

   if [ "x$SUCESSSTATUS" == "x1" ]; then
      echo "deleting the job $RESOURCE"
      oc delete job $RESOURCE -n $NAMESPACE
   fi

   if [ "x$FAILEDSTATUS" == "x1" ]; then
      echo "Slack alert for the job $RESOURCE"
      curl -X POST --data-urlencode "payload={\"channel\": \"#channel-name\", \"username\": \"webhookbot\", \"text\": \"Job $RESOUCRE  in $NAMESPACE failed to complete.\", \"icon_emoji\": \":ghost:\"}" https://hooks.slack.com/services/token
   fi

fi

## jobwatchop.yaml
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  labels:
    app: job-clean-ops
  name: job-clean-ops
spec:
  replicas: 1
  selector:
    matchLabels:
      app: job-clean-ops
  strategy:
    rollingUpdate:
      maxSurge: 1
      maxUnavailable: 1
    type: RollingUpdate
  template:
    metadata:
      labels:
        app: job-clean-ops
    spec:
      containers:
      - args:
        - /apps/jobwatch.sh
        command:
        - oc
        - observe
        - job
        - --type-env-var=EVENT
        - --all-namespaces=true
        - --
        env:
        - name: EVENT
        - name: PROJECTS
          value: aaaa, bbb
        image: registry.sss.zzz.xxx/openshift/observer:v3.6.1
        imagePullPolicy: Always
        name: job-clean-ops
        resources: {}
        terminationMessagePath: /dev/termination-log
      dnsPolicy: ClusterFirst
      restartPolicy: Always
      securityContext: {}
      serviceAccount: ocbot
      serviceAccountName: ocbot
      terminationGracePeriodSeconds: 3

## prom-svc-ops.yaml
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  annotations:
    deployment.kubernetes.io/revision: "8"
  creationTimestamp: null
  generation: 13
  labels:
    app: prom-service-ops
  name: prom-service-ops
spec:
  replicas: 1
  selector:
    matchLabels:
      app: prom-service-ops
  strategy:
    rollingUpdate:
      maxSurge: 1
      maxUnavailable: 1
    type: RollingUpdate
  template:
    metadata:
      creationTimestamp: null
      labels:
        app: prom-service-ops
    spec:
      containers:
      - args:
        - /setpromannonations.sh
        command:
        - oc
        - observe
        - services
        - --all-namespaces=true
        - --
        env:
        - name: PROJECTS
          value: xxxx, xxx-test
        - name: EXCLUDERESOURCES
          value: kafka-manager
        image: registry.xxx.xxx.xxxx/openshift/observer:v3.6
        imagePullPolicy: Always
        name: prom-service-ops
        resources: {}
        terminationMessagePath: /dev/termination-log
      dnsPolicy: ClusterFirst
      restartPolicy: Always
      securityContext: {}
      serviceAccount: ocbot
      serviceAccountName: ocbot
      terminationGracePeriodSeconds: 30

## serviceswitch.sh
#!/bin/bash

#set -x
NAMESPACE=$1
RESOURCE=$2
#grab projects from environment varaiables paased from deployment config
IFS=', ' read -r -a projects <<< "$PROJECTS"
in_array() {
    local haystack=${1}[@]
    local needle=${2}
    for i in ${!haystack}; do
        if [[ ${i} == ${needle} ]]; then
            return 0
        fi
    done
    return 1
}

slack_message() {
cat <<EOF
{
 "username": "Openshift Origin",
 "attachments": [
    {
     "text": "Service ${RESOURCE} switched in project ${NAMESPACE} to *${DC}*",
     "title": "${RESOURCE} is released",
     "color": "#7CD197",
     "mrkdwn_in": ["text"]
    }
  ]
}
EOF
}

#If the namespace encountered is not under watch list project env variable $PROJECTS do not do anything.
if in_array projects $NAMESPACE; then
      if [ ${EVENT} != "Sync" ]; then
         DC=$(oc get svc $RESOURCE --template='{{ .spec.selector.deploymentconfig}}' -n $NAMESPACE)

         if [ "${RESOURCE}" != "${DC}" ]; then
            curl --connect-timeout 10 -s  -H "Accept: application/json" -H "Content-Type:application/json" -X POST "https://hooks.slack.com/services/token" --data "$(slack_message)" > /dev/null
         fi
      fi
fi

## setpromannonations.sh
#!/bin/bash

NAMESPACE=$1
RESOUCRE=$2
#grab projects from environment varaiables paased from deployment config
IFS=', ' read -r -a projects <<< "$PROJECTS"

IFS=', ' read -r -a excluderesources <<< "$EXCLUDERESOURCES"

#declare -a projects=("adbc" "efgh");

in_array() {
    local haystack=${1}[@]
    local needle=${2}
    for i in ${!haystack}; do
        if [[ ${i} == ${needle} ]]; then
            return 0
        fi
    done
    return 1
}

#If the namespace encountered is not inder watch list project env variable $PROJECTS do not do anything.

if ! in_array excluderesources $RESOUCRE; then
if in_array projects $NAMESPACE; then

DC=$(oc get svc "$RESOUCRE" --template='{{ .spec.selector.deploymentconfig }}' -n "$NAMESPACE")

#if there in no deployconfing name in service selector this application is deployed on custom, without using templates from openshift
if [[ "${DC}" != "<no value>" ]]; then

 #if the number if desired pods is zero then turn off the monitoring
 REPLICA=$(oc get dc ${DC} --template='{{ .spec.replicas }}' -n $NAMESPACE)
 SCRAPE=$(oc get svc ${RESOUCRE} --template='{{ index .metadata.annotations "prometheus.io/scrape" }}' -n ${NAMESPACE})

   if [[ ${REPLICA} == 0 && "${SCRAPE}" = "true" ]]; then

        echo "Deployment config scaled to zero, removing monitoring"
        oc annotate service "$RESOUCRE" "prometheus.io/scrape"="false" --overwrite -n ${NAMESPACE}
        oc annotate service "$RESOUCRE" "prometheus.io/probe"="false" --overwrite -n ${NAMESPACE}

        #make sure we reload prometheus just to be sure that the targets are dropped (lately when doing automated stuff seems it not updated)
        curl -X POST http://prometheus-monitoring.xxxx.xxxx.xxx/-/reload
    else

        # Add monitoring annonations only if the deployconfig was found and it did not have the monitoring enabled
        if [[ ${REPLICA} > 0 && "${SCRAPE}" != "true" ]]; then
        echo "Service needs monitoring"
        oc annotate service "$RESOUCRE" "prometheus.io/scrape"="true" --overwrite -n ${NAMESPACE}
        fi
     fi
  fi
else
  echo "The project $Namespace is not what i am interested at"
fi
fi
	----Dockerfile-----
	FROM registry.access.redhat.com/rhel7/rhel:latest
	MAINTAINER Sudhir Pandey <sudhir2pandey@gmail.com>
	COPY oc /usr/local/bin/oc
	ENV HOME /apps
	RUN mkdir -p /apps &&\
	chown -R 1001:0 ${HOME} &&\
	chmod -R g+rwX ${HOME}
	COPY scripts/ /apps
	WORKDIR ${HOME}
	ENTRYPOINT ["oc","observe","services","--"]
	CMD [ "/apps/setpromannonations.sh" ]
	#! /bin/bash

	NAMESPACE=$1
	RESOURCE=$2
	SUCESSSTATUS=0
	FAILEDSTATUS=0

	#grab projects from environment varaiables paased from deployment config
	IFS=', ' read -r -a projects <<< "$PROJECTS"

	in_array() {
	local haystack=${1}[@]
	local needle=${2}
	for i in ${!haystack}; do
	if [[ ${i} == ${needle} ]]; then
	return 0
	fi
	done
	return 1
	}

	#If the namespace encountered is not inder watch list project env variable $PROJECTS do not do anything.
	if in_array projects $NAMESPACE; then

	if [[ $EVENT == "Updated" \|\| $EVENT == "Sync" ]]; then
	SUCESSSTATUS=$(oc get job $RESOURCE -n $NAMESPACE --template="{{ .status.succeeded }}")
	FAILEDSTATUS=$(oc get job $RESOURCE -n $NAMESPACE --template="{{ .status.failed }}")
	fi

	if [ "x$SUCESSSTATUS" == "x1" ]; then
	echo "deleting the job $RESOURCE"
	oc delete job $RESOURCE -n $NAMESPACE
	fi

	if [ "x$FAILEDSTATUS" == "x1" ]; then
	echo "Slack alert for the job $RESOURCE"
	curl -X POST --data-urlencode "payload={\"channel\": \"#channel-name\", \"username\": \"webhookbot\", \"text\": \"Job $RESOUCRE in $NAMESPACE failed to complete.\", \"icon_emoji\": \":ghost:\"}" https://hooks.slack.com/services/token
	fi

	fi
	apiVersion: extensions/v1beta1
	kind: Deployment
	metadata:
	labels:
	app: job-clean-ops
	name: job-clean-ops
	spec:
	replicas: 1
	selector:
	matchLabels:
	app: job-clean-ops
	strategy:
	rollingUpdate:
	maxSurge: 1
	maxUnavailable: 1
	type: RollingUpdate
	template:
	metadata:
	labels:
	app: job-clean-ops
	spec:
	containers:
	- args:
	- /apps/jobwatch.sh
	command:
	- oc
	- observe
	- job
	- --type-env-var=EVENT
	- --all-namespaces=true
	- --
	env:
	- name: EVENT
	- name: PROJECTS
	value: aaaa, bbb
	image: registry.sss.zzz.xxx/openshift/observer:v3.6.1
	imagePullPolicy: Always
	name: job-clean-ops
	resources: {}
	terminationMessagePath: /dev/termination-log
	dnsPolicy: ClusterFirst
	restartPolicy: Always
	securityContext: {}
	serviceAccount: ocbot
	serviceAccountName: ocbot
	terminationGracePeriodSeconds: 3
	#!/bin/bash

	#set -x
	NAMESPACE=$1
	RESOURCE=$2
	#grab projects from environment varaiables paased from deployment config
	IFS=', ' read -r -a projects <<< "$PROJECTS"
	in_array() {
	local haystack=${1}[@]
	local needle=${2}
	for i in ${!haystack}; do
	if [[ ${i} == ${needle} ]]; then
	return 0
	fi
	done
	return 1
	}

	slack_message() {
	cat <<EOF
	{
	"username": "Openshift Origin",
	"attachments": [
	{
	"text": "Service ${RESOURCE} switched in project ${NAMESPACE} to ${DC}",
	"title": "${RESOURCE} is released",
	"color": "#7CD197",
	"mrkdwn_in": ["text"]
	}
	]
	}
	EOF
	}

	#If the namespace encountered is not under watch list project env variable $PROJECTS do not do anything.
	if in_array projects $NAMESPACE; then
	if [ ${EVENT} != "Sync" ]; then
	DC=$(oc get svc $RESOURCE --template='{{ .spec.selector.deploymentconfig}}' -n $NAMESPACE)

	if [ "${RESOURCE}" != "${DC}" ]; then
	curl --connect-timeout 10 -s -H "Accept: application/json" -H "Content-Type:application/json" -X POST "https://hooks.slack.com/services/token" --data "$(slack_message)" > /dev/null
	fi
	fi
	fi
	#!/bin/bash

	NAMESPACE=$1
	RESOUCRE=$2
	#grab projects from environment varaiables paased from deployment config
	IFS=', ' read -r -a projects <<< "$PROJECTS"

	IFS=', ' read -r -a excluderesources <<< "$EXCLUDERESOURCES"

	#declare -a projects=("adbc" "efgh");

	in_array() {
	local haystack=${1}[@]
	local needle=${2}
	for i in ${!haystack}; do
	if [[ ${i} == ${needle} ]]; then
	return 0
	fi
	done
	return 1
	}

	#If the namespace encountered is not inder watch list project env variable $PROJECTS do not do anything.

	if ! in_array excluderesources $RESOUCRE; then
	if in_array projects $NAMESPACE; then

	DC=$(oc get svc "$RESOUCRE" --template='{{ .spec.selector.deploymentconfig }}' -n "$NAMESPACE")

	#if there in no deployconfing name in service selector this application is deployed on custom, without using templates from openshift
	if [[ "${DC}" != "<no value>" ]]; then

	#if the number if desired pods is zero then turn off the monitoring
	REPLICA=$(oc get dc ${DC} --template='{{ .spec.replicas }}' -n $NAMESPACE)
	SCRAPE=$(oc get svc ${RESOUCRE} --template='{{ index .metadata.annotations "prometheus.io/scrape" }}' -n ${NAMESPACE})

	if [[ ${REPLICA} == 0 && "${SCRAPE}" = "true" ]]; then

	echo "Deployment config scaled to zero, removing monitoring"
	oc annotate service "$RESOUCRE" "prometheus.io/scrape"="false" --overwrite -n ${NAMESPACE}
	oc annotate service "$RESOUCRE" "prometheus.io/probe"="false" --overwrite -n ${NAMESPACE}

	#make sure we reload prometheus just to be sure that the targets are dropped (lately when doing automated stuff seems it not updated)
	curl -X POST http://prometheus-monitoring.xxxx.xxxx.xxx/-/reload
	else

	# Add monitoring annonations only if the deployconfig was found and it did not have the monitoring enabled
	if [[ ${REPLICA} > 0 && "${SCRAPE}" != "true" ]]; then
	echo "Service needs monitoring"
	oc annotate service "$RESOUCRE" "prometheus.io/scrape"="true" --overwrite -n ${NAMESPACE}
	fi
	fi
	fi
	else
	echo "The project $Namespace is not what i am interested at"
	fi
	fi