Created
November 19, 2020 16:32
-
-
Save williamcaban/bed08bd82e9dddcdf27a89040d009091 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash -e | |
source set-environment | |
# Variables to set, suit to your installation | |
export AIRGAP_REGISTRY_INDEX_TAG=olm-index/redhat-operator-index:v$OCP_RELEASE_MAIN | |
export AIRGAP_REGISTRY_IMAGE_TAG=olm | |
# Set these values to true for the catalog and miror to be created | |
export RH_OP='true' | |
export CERT_OP='false' | |
export COMM_OP='false' | |
export MARKETPLACE_OP='false' | |
export RH_OP_INDEX="registry.redhat.io/redhat/redhat-operator-index:v${OCP_RELEASE_MAIN}" | |
export CERT_OP_INDEX="registry.redhat.io/redhat/certified-operator-index:v${OCP_RELEASE_MAIN}" | |
export COMM_OP_INDEX="registry.redhat.io/redhat/community-operator-index:v${OCP_RELEASE_MAIN}" | |
export MARKETPLACE_OP_INDEX="registry.redhat.io/redhat-marketplace-index:v${OCP_RELEASE_MAIN}" | |
export RH_OP_PACKAGES='advanced-cluster-management,cluster-logging,local-storage-operator,performance-addon-operator,ptp-operator,sriov-network-operator' | |
#redhat-operator-index | |
# If OPM cli not available need to down load it | |
if [[ ! -f /usr/local/bin/opm ]]; then | |
oc image extract registry.redhat.io/openshift4/ose-operator-registry:v${OCP_RELEASE_MAIN} \ | |
--registry-config=$PULL_SECRET2 --path /usr/bin/opm:/usr/local/bin --confirm | |
chmod +x /usr/local/bin/opm | |
fi | |
# Mirror redhat-operator index image | |
if [ "${RH_OP}" = true ] | |
then | |
# /run/user/<linux-uid>/containers/auth | |
cp $PULL_SECRET2 /run/user/0/containers/auth.json | |
export GODEBUG=x509ignoreCN=0 | |
opm index prune --from-index $RH_OP_INDEX --packages $RH_OP_PACKAGES --tag $AIRGAP_REGISTRY/$AIRGAP_REGISTRY_INDEX_TAG | |
podman push $AIRGAP_REGISTRY/$AIRGAP_REGISTRY_INDEX_TAG --authfile $PULL_SECRET2 | |
oc adm catalog mirror $AIRGAP_REGISTRY/$AIRGAP_REGISTRY_INDEX_TAG $AIRGAP_REGISTRY/$AIRGAP_REGISTRY_IMAGE_TAG \ | |
--registry-config=$PULL_SECRET2 | |
# Temporary workaround | |
skopeo copy docker://registry.redhat.io/openshift4/ose-oauth-proxy@sha256:1f8a1818480230eb6f2b9c46e330cbc270771530c8d68e71ca882706c5d33ca1 \ | |
docker://$AIRGAP_REGISTRY/$AIRGAP_REGISTRY_IMAGE_TAG/ose-oauth-proxy@sha256:1f8a1818480230eb6f2b9c46e330cbc270771530c8d68e71ca882706c5d33ca1 \ | |
--all --authfile $PULL_SECRET2 | |
# Workaround OLM sync bug | |
for packagemanifest in $(oc get packagemanifest -n openshift-marketplace -o name) ; do | |
for package in $(oc get $packagemanifest -o jsonpath='{.status.channels[*].currentCSVDesc.relatedImages}' | sed "s/ /\n/g" | tr -d '[],' | sed 's/"/ /g') ; do | |
skopeo copy docker://$package docker://$AIRGAP_REGISTRY/$AIRGAP_REGISTRY_IMAGE_TAG/openshift4-$(basename $package) --all --authfile $PULL_SECRET2 | |
done | |
done | |
# Generate OLM CatalogSource | |
cat > redhat-operator-index-manifests/olm-catalogsource.yaml <<EOF | |
apiVersion: operators.coreos.com/v1alpha1 | |
kind: CatalogSource | |
metadata: | |
name: custom-operators-disconnected | |
namespace: openshift-marketplace | |
spec: | |
displayName: Custom Operators Disconnected | |
image: ${AIRGAP_REGISTRY}/${AIRGAP_REGISTRY_INDEX_TAG} | |
publisher: MIT | |
sourceType: grpc | |
updateStrategy: | |
registryPoll: | |
interval: 30m | |
EOF | |
echo "" | |
echo "To apply the Red Hat Operators catalog mirror configuration to your cluster, do the following:" | |
echo "oc apply -f ./redhat-operator-index-manifests/imageContentSourcePolicy.yaml" | |
echo "oc apply -f ./redhat-operator-index-manifests/olm-catalogsource.yaml" | |
fi | |
if [ "${CERT_OP}" = true ] | |
then | |
"echo 1" | |
fi | |
if [ "${COMM_OP}" = true ] | |
then | |
"echo 2" | |
fi | |
if [ "${MARKETPLACE_OP}" = true ] | |
then | |
"echo 3" | |
fi | |
exit 0 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment