Skip to content

Add Flux sync manifests #147

Add Flux sync manifests

Add Flux sync manifests #147

name: inject-sidecar
on:
workflow_dispatch:
push:
branches:
- main
jobs:
inject-istio:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2
- uses: chrisdickinson/setup-yq@latest
with:
yq-version: v4.25.1
- name: get istio controlplane version
id: get-istio-version
run: |
ISTIO_VERSION=$(yq eval '.data.version' ./clusters/my-cluster/istio-version.yaml)
echo "ISTIO_VERSION=$ISTIO_VERSION" >> $GITHUB_ENV
- name: get istioctl uri
id: get-istioctl
uses: istio/[email protected]
with:
version: ${{ env.ISTIO_VERSION }}
- uses: azure/[email protected]
id: install
- name: Get Istioctl
run: |
istioctl version --remote=false
- uses: "actions/setup-python@v2"
with:
python-version: "3.8"
- name: Inject Sidecar
id: inject
run: |
# hydrate isto manifest into configmap files
URI=$(cat istio/system/istio.yaml | yq e '. | select(.kind == "HelmRepository" and .metadata.name =="istio") | .spec.url' -)
cat istio/system/istio.yaml | yq e '. | select(.kind == "HelmRelease" and .metadata.name =="istiod") | .spec.values' - > values.yaml
VERSION=$(cat clusters/my-cluster/istio-version.yaml | yq e '.data.version' -)
helm repo add istio $URI
helm template -n istio-system -f values.yaml --version $VERSION istiod istio/istiod | yq e '.| select(.kind == "ConfigMap" and .metadata.name == "istio-sidecar-injector") | .data.config' - > injector.yaml
helm template -n istio-system -f values.yaml --version $VERSION istiod istio/istiod | yq e '.| select(.kind == "ConfigMap" and .metadata.name == "istio") | .data.mesh' - > mesh.yaml
helm template -n istio-system -f values.yaml --version $VERSION istiod istio/istiod | yq e '.| select(.kind == "ConfigMap" and .metadata.name == "istio-sidecar-injector") | .data.values' - > inj-values.yaml
python -m pip install jsonpatch
inject() {
NAME="${1%.*}"
echo "name =$NAME"
EXTENSION="${1##*.}"
echo "ext =$EXTENSION"
istioctl kube-inject \
--injectConfigFile injector.yaml \
--meshConfigFile mesh.yaml \
--valuesFile inj-values.yaml \
-f $1 -o $NAME.gen.$EXTENSION
# injected yaml ends with '---', so remove before converting to json
yq -N eval '.' $NAME.gen.$EXTENSION | yq -N -o json eval > $NAME.gen.json
yq eval -o=json $NAME.$EXTENSION > $NAME.json
python ./.github/workflows/jsondiff.py "$(pwd)""${NAME#.}".json "$(pwd)"/$NAME.gen.json > $NAME.patch.json
yq eval -P $NAME.patch.json > $NAME.patch.$EXTENSION
rm $NAME.gen.$EXTENSION
rm $NAME.json
rm $NAME.gen.json
rm $NAME.patch.json
}
export -f inject
find . -not -path "*/istio-$ISTIO_VERSION/*" \
-not -path "*/.git*/*" -not -path "*/clusters/*" -name "*.yaml" \
-not -path "*/istio/operator/manifests.yaml" -name "*deployment.yaml" \
-print0 | xargs -0 -I{} bash -c "inject {}"
rm inj-values.yaml injector.yaml values.yaml mesh.yaml
if [[ $(git diff --stat) != '' ]]; then
echo ::set-output name=version::${ISTIO_VERSION}
fi
- name: Create Pull Request
uses: peter-evans/create-pull-request@v3
if: steps.inject.outputs.version
with:
token: ${{ secrets.GH_ADMIN_TOKEN }}
committer: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
author: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
commit-message: Update Sidecars to ${{ env.ISTIO_VERSION }}
title: Update Istio sidecar ${{ env.ISTIO_VERSION }}
body: |
Istio sidecar v${{ env.ISTIO_VERSION }}
branch: update-sidecar-${{ env.ISTIO_VERSION }}