diff --git a/.github/workflows/offline-package-argocd-installer.yaml b/.github/workflows/offline-package-argocd-installer.yaml index c47a615..c49ddc2 100644 --- a/.github/workflows/offline-package-argocd-installer.yaml +++ b/.github/workflows/offline-package-argocd-installer.yaml @@ -53,14 +53,7 @@ jobs: id: resolve env: OVERRIDE_CHART_VERSION: ${{ github.event.inputs.chart_version }} - run: | - set -euo pipefail - if [ -n "${OVERRIDE_CHART_VERSION}" ]; then - CHART_VERSION="${OVERRIDE_CHART_VERSION}" - else - CHART_VERSION=$(helm search repo argo/argo-cd --versions | awk 'NR==2{print $2}') - fi - echo "chart_version=${CHART_VERSION}" >> "$GITHUB_OUTPUT" + run: bash scripts/offline-argocd/resolve_chart_version.sh - name: Prepare directories run: | @@ -71,45 +64,7 @@ jobs: - name: Stage installer script env: CHART_VERSION: ${{ steps.resolve.outputs.chart_version }} - run: | - set -euo pipefail - cat <<'SCRIPT' > argocd-offline-package/scripts/install-argocd.sh -#!/usr/bin/env bash -set -euo pipefail - -ROOT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)" -CHART_DIR="${ROOT_DIR}/charts/argo-cd" -IMAGES_DIR="${ROOT_DIR}/images" -RELEASE_NAME="${RELEASE_NAME:-argo-cd}" -NAMESPACE="${NAMESPACE:-argocd}" - -if command -v nerdctl >/dev/null 2>&1; then - LOADER="nerdctl" -elif command -v docker >/dev/null 2>&1; then - LOADER="docker" -else - echo "Either docker or nerdctl is required to load images." >&2 - exit 1 -fi - -for tar in "${IMAGES_DIR}"/*.tar; do - [ -f "$tar" ] || continue - echo "Loading image: $tar" - "$LOADER" load -i "$tar" -done - -echo "Installing/Upgrading Argo CD release ${RELEASE_NAME} in namespace ${NAMESPACE}" -helm upgrade --install "${RELEASE_NAME}" "${CHART_DIR}" \ - --namespace "${NAMESPACE}" \ - --create-namespace \ - "$@" -SCRIPT - chmod +x argocd-offline-package/scripts/install-argocd.sh - cat < argocd-offline-package/metadata/INFO -chart: argo/argo-cd -chart_version: ${CHART_VERSION} -created_at: $(date -u +%Y-%m-%dT%H:%M:%SZ) -EOFMETA + run: bash scripts/offline-argocd/stage_installer.sh - name: Download nerdctl binary for ${{ matrix.arch }} run: | @@ -120,25 +75,8 @@ EOFMETA - name: Pull & export required images env: CHART_VERSION: ${{ steps.resolve.outputs.chart_version }} - run: | - set -euo pipefail - PLATFORM="linux/${{ matrix.arch }}" - helm template argo argo/argo-cd --version "${CHART_VERSION}" > manifest.yaml - mapfile -t images < <(grep -oP 'image:\s*"?\K([^"\s]+)' manifest.yaml | sort -u || true) - rm -f manifest.yaml - for img in "${images[@]}"; do - [ -n "$img" ] || continue - if [[ "$img" == *"{{"* ]]; then - continue - fi - echo "Pulling $img for ${PLATFORM}" - if ! docker pull --platform "${PLATFORM}" "$img"; then - echo "::warning::Failed to pull $img for ${PLATFORM}, skipping" >&2 - continue - fi - safe=$(echo "$img" | tr '/:' '-_') - docker save "$img" -o "argocd-offline-package/images/${safe}.tar" - done + MATRIX_ARCH: ${{ matrix.arch }} + run: bash scripts/offline-argocd/pull_and_export_images.sh - name: Download Helm chart env: @@ -238,15 +176,7 @@ EOFMETA ssh-keyscan -H "$VPS_HOST" >> ~/.ssh/known_hosts - name: Rsync release assets to remote - run: | - set -euo pipefail - REMOTE_DIR="${REMOTE_ROOT}/${TAG_NAME}" - ssh -i ~/.ssh/id_rsa "${RSYNC_SSH_USER}@${VPS_HOST}" "mkdir -p '${REMOTE_DIR}'" - echo "Rsync -> ${VPS_HOST}:${REMOTE_DIR}/" - rsync -av -e "ssh -i ~/.ssh/id_rsa" \ - release-artifacts/amd64/offline-package-argocd-amd64.tar.gz \ - release-artifacts/arm64/offline-package-argocd-arm64.tar.gz \ - "${RSYNC_SSH_USER}@${VPS_HOST}:${REMOTE_DIR}/" + run: bash scripts/offline-argocd/rsync_release_assets.sh retention: name: Remote retention (keep latest 3) @@ -267,20 +197,4 @@ EOFMETA ssh-keyscan -H "$VPS_HOST" >> ~/.ssh/known_hosts - name: Prune old versions on remote (keep 3) - run: | - set -euo pipefail - ssh -i ~/.ssh/id_rsa "${RSYNC_SSH_USER}@${VPS_HOST}" bash -lc ' - set -euo pipefail - cd "'"${REMOTE_ROOT}"'" || exit 0 - keep=3 - mapfile -t all < <(ls -1 | grep -E "^(offline-argocd-|v[0-9]+\.)" | sort -V -r || true) - if [ "${#all[@]}" -le "$keep" ]; then - echo "Nothing to prune. Count=${#all[@]}" - exit 0 - fi - to_delete=("${all[@]:keep}") - echo "Pruning old versions: ${to_delete[*]}" - for d in "${to_delete[@]}"; do - rm -rf -- "$d" - done - ' + run: bash scripts/offline-argocd/prune_remote_versions.sh diff --git a/.github/workflows/offline-package-fluxcd-installer.yaml b/.github/workflows/offline-package-fluxcd-installer.yaml index 5a96053..6e2c53c 100644 --- a/.github/workflows/offline-package-fluxcd-installer.yaml +++ b/.github/workflows/offline-package-fluxcd-installer.yaml @@ -53,14 +53,7 @@ jobs: id: resolve env: OVERRIDE_CHART_VERSION: ${{ github.event.inputs.chart_version }} - run: | - set -euo pipefail - if [ -n "${OVERRIDE_CHART_VERSION}" ]; then - CHART_VERSION="${OVERRIDE_CHART_VERSION}" - else - CHART_VERSION=$(helm search repo fluxcd-community/flux2 --versions | awk 'NR==2{print $2}') - fi - echo "chart_version=${CHART_VERSION}" >> "$GITHUB_OUTPUT" + run: script/offline-fluxcd/resolve-chart-version.sh - name: Prepare directories run: | @@ -71,45 +64,7 @@ jobs: - name: Stage installer script env: CHART_VERSION: ${{ steps.resolve.outputs.chart_version }} - run: | - set -euo pipefail - cat <<'SCRIPT' > offline-installer/scripts/install-fluxcd.sh -#!/usr/bin/env bash -set -euo pipefail - -ROOT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)" -CHART_DIR="${ROOT_DIR}/charts/flux2" -IMAGES_DIR="${ROOT_DIR}/images" -RELEASE_NAME="${RELEASE_NAME:-flux-system}" -NAMESPACE="${NAMESPACE:-flux-system}" - -if command -v nerdctl >/dev/null 2>&1; then - LOADER="nerdctl" -elif command -v docker >/dev/null 2>&1; then - LOADER="docker" -else - echo "Either docker or nerdctl is required to load images." >&2 - exit 1 -fi - -for tar in "${IMAGES_DIR}"/*.tar; do - [ -f "$tar" ] || continue - echo "Loading image: $tar" - "$LOADER" load -i "$tar" -done - -echo "Installing/Upgrading FluxCD release ${RELEASE_NAME} in namespace ${NAMESPACE}" -helm upgrade --install "${RELEASE_NAME}" "${CHART_DIR}" \ - --namespace "${NAMESPACE}" \ - --create-namespace \ - "$@" -SCRIPT - chmod +x offline-installer/scripts/install-fluxcd.sh - cat < offline-installer/metadata/INFO -chart: fluxcd-community/flux2 -chart_version: ${CHART_VERSION} -created_at: $(date -u +%Y-%m-%dT%H:%M:%SZ) -EOFMETA + run: script/offline-fluxcd/stage-installer.sh - name: Download nerdctl binary for ${{ matrix.arch }} run: | @@ -120,25 +75,8 @@ EOFMETA - name: Pull & export required images env: CHART_VERSION: ${{ steps.resolve.outputs.chart_version }} - run: | - set -euo pipefail - PLATFORM="linux/${{ matrix.arch }}" - helm template flux fluxcd-community/flux2 --version "${CHART_VERSION}" > manifest.yaml - mapfile -t images < <(grep -oP 'image:\s*"?\K([^"\s]+)' manifest.yaml | sort -u || true) - rm -f manifest.yaml - for img in "${images[@]}"; do - [ -n "$img" ] || continue - if [[ "$img" == *"{{"* ]]; then - continue - fi - echo "Pulling $img for ${PLATFORM}" - if ! docker pull --platform "${PLATFORM}" "$img"; then - echo "::warning::Failed to pull $img for ${PLATFORM}, skipping" >&2 - continue - fi - safe=$(echo "$img" | tr '/:' '-_') - docker save "$img" -o "offline-installer/images/${safe}.tar" - done + MATRIX_ARCH: ${{ matrix.arch }} + run: script/offline-fluxcd/pull-and-export-images.sh - name: Download Helm chart env: diff --git a/.github/workflows/offline-package-gitlab-installer.yaml b/.github/workflows/offline-package-gitlab-installer.yaml index df66c26..60d65e6 100644 --- a/.github/workflows/offline-package-gitlab-installer.yaml +++ b/.github/workflows/offline-package-gitlab-installer.yaml @@ -36,12 +36,7 @@ jobs: - uses: actions/checkout@v4 - name: Install deps (curl, jq, helm) - run: | - set -euo pipefail - sudo apt-get update -y - sudo apt-get install -y curl jq - curl -fsSL https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | bash - helm version + run: script/install-offline-gitlab-deps.sh - name: Add helm repo run: | @@ -53,14 +48,7 @@ jobs: id: resolve env: OVERRIDE_CHART_VERSION: ${{ github.event.inputs.chart_version }} - run: | - set -euo pipefail - if [ -n "${OVERRIDE_CHART_VERSION}" ]; then - CHART_VERSION="${OVERRIDE_CHART_VERSION}" - else - CHART_VERSION=$(helm search repo gitlab/gitlab --versions | awk 'NR==2{print $2}') - fi - echo "chart_version=${CHART_VERSION}" >> "$GITHUB_OUTPUT" + run: script/resolve-gitlab-chart-version.sh - name: Prepare directories run: | @@ -71,45 +59,7 @@ jobs: - name: Stage installer script env: CHART_VERSION: ${{ steps.resolve.outputs.chart_version }} - run: | - set -euo pipefail - cat <<'SCRIPT' > offline-installer/scripts/install-gitlab.sh -#!/usr/bin/env bash -set -euo pipefail - -ROOT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)" -CHART_DIR="${ROOT_DIR}/charts/gitlab" -IMAGES_DIR="${ROOT_DIR}/images" -RELEASE_NAME="${RELEASE_NAME:-gitlab}" -NAMESPACE="${NAMESPACE:-gitlab}" - -if command -v nerdctl >/dev/null 2>&1; then - LOADER="nerdctl" -elif command -v docker >/dev/null 2>&1; then - LOADER="docker" -else - echo "Either docker or nerdctl is required to load images." >&2 - exit 1 -fi - -for tar in "${IMAGES_DIR}"/*.tar; do - [ -f "$tar" ] || continue - echo "Loading image: $tar" - "$LOADER" load -i "$tar" -done - -echo "Installing/Upgrading GitLab release ${RELEASE_NAME} in namespace ${NAMESPACE}" -helm upgrade --install "${RELEASE_NAME}" "${CHART_DIR}" \ - --namespace "${NAMESPACE}" \ - --create-namespace \ - "$@" -SCRIPT - chmod +x offline-installer/scripts/install-gitlab.sh - cat < offline-installer/metadata/INFO -chart: gitlab/gitlab -chart_version: ${CHART_VERSION} -created_at: $(date -u +%Y-%m-%dT%H:%M:%SZ) -EOFMETA + run: script/stage-gitlab-offline-installer.sh - name: Download nerdctl binary for ${{ matrix.arch }} run: | @@ -120,25 +70,8 @@ EOFMETA - name: Pull & export required images env: CHART_VERSION: ${{ steps.resolve.outputs.chart_version }} - run: | - set -euo pipefail - PLATFORM="linux/${{ matrix.arch }}" - helm template gitlab gitlab/gitlab --version "${CHART_VERSION}" > manifest.yaml - mapfile -t images < <(grep -oP 'image:\s*"?\K([^"\s]+)' manifest.yaml | sort -u || true) - rm -f manifest.yaml - for img in "${images[@]}"; do - [ -n "$img" ] || continue - if [[ "$img" == *"{{"* ]]; then - continue - fi - echo "Pulling $img for ${PLATFORM}" - if ! docker pull --platform "${PLATFORM}" "$img"; then - echo "::warning::Failed to pull $img for ${PLATFORM}, skipping" >&2 - continue - fi - safe=$(echo "$img" | tr '/:' '-_') - docker save "$img" -o "offline-installer/images/${safe}.tar" - done + ARCH: ${{ matrix.arch }} + run: script/pull-and-export-gitlab-images.sh - name: Download Helm chart env: diff --git a/.github/workflows/offline-package-pulumi-installer.yaml b/.github/workflows/offline-package-pulumi-installer.yaml index db7f1b3..d264a84 100644 --- a/.github/workflows/offline-package-pulumi-installer.yaml +++ b/.github/workflows/offline-package-pulumi-installer.yaml @@ -47,8 +47,10 @@ jobs: - name: Build offline Pulumi package env: + ARCH: ${{ matrix.arch }} PULUMI_VERSION: ${{ steps.resolve.outputs.version }} MATRIX_ARCH: ${{ matrix.arch }} + run: script/build-offline-pulumi-package.sh - name: Upload artifact @@ -81,8 +83,10 @@ jobs: - name: Verify Pulumi bundle env: + ARCH: ${{ matrix.arch }} PULUMI_VERSION: ${{ needs.build-offline-installer.outputs.version }} MATRIX_ARCH: ${{ matrix.arch }} + run: script/verify-pulumi-bundle.sh publish-release: diff --git a/script/build-offline-pulumi-package.sh b/script/build-offline-pulumi-package.sh index 40b2ddc..3ca0869 100755 --- a/script/build-offline-pulumi-package.sh +++ b/script/build-offline-pulumi-package.sh @@ -1,9 +1,16 @@ #!/usr/bin/env bash set -euo pipefail + ARCH="${MATRIX_ARCH:-}" if [[ -z "${ARCH}" ]]; then echo "MATRIX_ARCH environment variable is required" >&2 + +PULUMI_VERSION="${PULUMI_VERSION:?PULUMI_VERSION is required}" +ARCH="${ARCH:-}" + +if [ -z "${ARCH}" ]; then + echo "ARCH environment variable is required" >&2 exit 1 fi diff --git a/script/install-offline-gitlab-deps.sh b/script/install-offline-gitlab-deps.sh new file mode 100755 index 0000000..8882914 --- /dev/null +++ b/script/install-offline-gitlab-deps.sh @@ -0,0 +1,7 @@ +#!/usr/bin/env bash +set -euo pipefail + +sudo apt-get update -y +sudo apt-get install -y curl jq +curl -fsSL https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | bash +helm version diff --git a/script/offline-fluxcd/pull-and-export-images.sh b/script/offline-fluxcd/pull-and-export-images.sh new file mode 100755 index 0000000..3239ca2 --- /dev/null +++ b/script/offline-fluxcd/pull-and-export-images.sh @@ -0,0 +1,24 @@ +#!/usr/bin/env bash +set -euo pipefail + +: "${CHART_VERSION?CHART_VERSION is required}" +: "${MATRIX_ARCH?MATRIX_ARCH is required}" + +PLATFORM="linux/${MATRIX_ARCH}" +helm template flux fluxcd-community/flux2 --version "${CHART_VERSION}" > manifest.yaml +mapfile -t images < <(grep -oP 'image:\s*"?\K([^"\s]+)' manifest.yaml | sort -u || true) +rm -f manifest.yaml + +for img in "${images[@]}"; do + [[ -n "$img" ]] || continue + if [[ "$img" == *"{{"* ]]; then + continue + fi + echo "Pulling $img for ${PLATFORM}" + if ! docker pull --platform "${PLATFORM}" "$img"; then + echo "::warning::Failed to pull $img for ${PLATFORM}, skipping" >&2 + continue + fi + safe=$(echo "$img" | tr '/:' '-_') + docker save "$img" -o "offline-installer/images/${safe}.tar" +done diff --git a/script/offline-fluxcd/resolve-chart-version.sh b/script/offline-fluxcd/resolve-chart-version.sh new file mode 100755 index 0000000..ee9d77c --- /dev/null +++ b/script/offline-fluxcd/resolve-chart-version.sh @@ -0,0 +1,11 @@ +#!/usr/bin/env bash +set -euo pipefail + +OVERRIDE_CHART_VERSION="${OVERRIDE_CHART_VERSION:-}" # compatibility +if [[ -n "${OVERRIDE_CHART_VERSION}" ]]; then + CHART_VERSION="${OVERRIDE_CHART_VERSION}" +else + CHART_VERSION=$(helm search repo fluxcd-community/flux2 --versions | awk 'NR==2{print $2}') +fi + +echo "chart_version=${CHART_VERSION}" >> "${GITHUB_OUTPUT}" diff --git a/script/offline-fluxcd/stage-installer.sh b/script/offline-fluxcd/stage-installer.sh new file mode 100755 index 0000000..9428662 --- /dev/null +++ b/script/offline-fluxcd/stage-installer.sh @@ -0,0 +1,47 @@ +#!/usr/bin/env bash +set -euo pipefail + +: "${CHART_VERSION?CHART_VERSION is required}" + +rm -f offline-installer/scripts/install-fluxcd.sh +override_dir="offline-installer" +mkdir -p "${override_dir}/scripts" "${override_dir}/metadata" + +cat <<'SCRIPT' > "${override_dir}/scripts/install-fluxcd.sh" +#!/usr/bin/env bash +set -euo pipefail + +ROOT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)" +CHART_DIR="${ROOT_DIR}/charts/flux2" +IMAGES_DIR="${ROOT_DIR}/images" +RELEASE_NAME="${RELEASE_NAME:-flux-system}" +NAMESPACE="${NAMESPACE:-flux-system}" + +if command -v nerdctl >/dev/null 2>&1; then + LOADER="nerdctl" +elif command -v docker >/dev/null 2>&1; then + LOADER="docker" +else + echo "Either docker or nerdctl is required to load images." >&2 + exit 1 +fi + +for tar in "${IMAGES_DIR}"/*.tar; do + [ -f "$tar" ] || continue + echo "Loading image: $tar" + "$LOADER" load -i "$tar" +done + +echo "Installing/Upgrading FluxCD release ${RELEASE_NAME} in namespace ${NAMESPACE}" +helm upgrade --install "${RELEASE_NAME}" "${CHART_DIR}" \ + --namespace "${NAMESPACE}" \ + --create-namespace \ + "$@" +SCRIPT +chmod +x "${override_dir}/scripts/install-fluxcd.sh" + +cat < "${override_dir}/metadata/INFO" +chart: fluxcd-community/flux2 +chart_version: ${CHART_VERSION} +created_at: $(date -u +%Y-%m-%dT%H:%M:%SZ) +EOF_META diff --git a/script/prune-remote-versions.sh b/script/prune-remote-versions.sh index 26f67fe..0dd2e62 100755 --- a/script/prune-remote-versions.sh +++ b/script/prune-remote-versions.sh @@ -12,6 +12,7 @@ ssh -i ~/.ssh/id_rsa "${RSYNC_SSH_USER}@${VPS_HOST}" bash -lc ' keep=3 mapfile -t all < <(ls -1 | grep -E "^(offline-pulumi-|v[0-9]+\.)" | sort -V -r || true) if [[ "${#all[@]}" -le "${keep}" ]]; then + echo "Nothing to prune. Count=${#all[@]}" exit 0 fi diff --git a/script/pull-and-export-gitlab-images.sh b/script/pull-and-export-gitlab-images.sh new file mode 100755 index 0000000..cc0bc8b --- /dev/null +++ b/script/pull-and-export-gitlab-images.sh @@ -0,0 +1,24 @@ +#!/usr/bin/env bash +set -euo pipefail + +CHART_VERSION="${CHART_VERSION:?CHART_VERSION is required}" +ARCH="${ARCH:?ARCH is required}" +PLATFORM="linux/${ARCH}" + +helm template gitlab gitlab/gitlab --version "${CHART_VERSION}" > manifest.yaml +mapfile -t images < <(grep -oP 'image:\s*"?\K([^"\s]+)' manifest.yaml | sort -u || true) +rm -f manifest.yaml + +for img in "${images[@]}"; do + [ -n "$img" ] || continue + if [[ "$img" == *"{{"* ]]; then + continue + fi + echo "Pulling $img for ${PLATFORM}" + if ! docker pull --platform "${PLATFORM}" "$img"; then + echo "::warning::Failed to pull $img for ${PLATFORM}, skipping" >&2 + continue + fi + safe=$(echo "$img" | tr '/:' '-_') + docker save "$img" -o "offline-installer/images/${safe}.tar" +done diff --git a/script/resolve-gitlab-chart-version.sh b/script/resolve-gitlab-chart-version.sh new file mode 100755 index 0000000..1347ccd --- /dev/null +++ b/script/resolve-gitlab-chart-version.sh @@ -0,0 +1,12 @@ +#!/usr/bin/env bash +set -euo pipefail + +OVERRIDE_CHART_VERSION="${OVERRIDE_CHART_VERSION:-}" + +if [[ -n "${OVERRIDE_CHART_VERSION}" ]]; then + CHART_VERSION="${OVERRIDE_CHART_VERSION}" +else + CHART_VERSION=$(helm search repo gitlab/gitlab --versions | awk 'NR==2{print $2}') +fi + +echo "chart_version=${CHART_VERSION}" >> "${GITHUB_OUTPUT}" diff --git a/script/rsync-release-assets.sh b/script/rsync-release-assets.sh index fa78896..1e7912c 100755 --- a/script/rsync-release-assets.sh +++ b/script/rsync-release-assets.sh @@ -1,11 +1,13 @@ #!/usr/bin/env bash set -euo pipefail + if [[ -z "${REMOTE_ROOT:-}" || -z "${TAG_NAME:-}" || -z "${RSYNC_SSH_USER:-}" || -z "${VPS_HOST:-}" ]]; then echo "Missing required environment variables" >&2 exit 1 fi + REMOTE_DIR="${REMOTE_ROOT}/${TAG_NAME}" ssh -i ~/.ssh/id_rsa "${RSYNC_SSH_USER}@${VPS_HOST}" "mkdir -p '${REMOTE_DIR}'" echo "Rsync -> ${VPS_HOST}:${REMOTE_DIR}/" diff --git a/script/stage-gitlab-offline-installer.sh b/script/stage-gitlab-offline-installer.sh new file mode 100755 index 0000000..c963a1f --- /dev/null +++ b/script/stage-gitlab-offline-installer.sh @@ -0,0 +1,44 @@ +#!/usr/bin/env bash +set -euo pipefail + +CHART_VERSION="${CHART_VERSION:?CHART_VERSION is required}" + +cat <<'SCRIPT' > offline-installer/scripts/install-gitlab.sh +#!/usr/bin/env bash +set -euo pipefail + +ROOT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)" +CHART_DIR="${ROOT_DIR}/charts/gitlab" +IMAGES_DIR="${ROOT_DIR}/images" +RELEASE_NAME="${RELEASE_NAME:-gitlab}" +NAMESPACE="${NAMESPACE:-gitlab}" + +if command -v nerdctl >/dev/null 2>&1; then + LOADER="nerdctl" +elif command -v docker >/dev/null 2>&1; then + LOADER="docker" +else + echo "Either docker or nerdctl is required to load images." >&2 + exit 1 +fi + +for tar in "${IMAGES_DIR}"/*.tar; do + [ -f "$tar" ] || continue + echo "Loading image: $tar" + "$LOADER" load -i "$tar" +done + +echo "Installing/Upgrading GitLab release ${RELEASE_NAME} in namespace ${NAMESPACE}" +helm upgrade --install "${RELEASE_NAME}" "${CHART_DIR}" \ + --namespace "${NAMESPACE}" \ + --create-namespace \ + "$@" +SCRIPT + +chmod +x offline-installer/scripts/install-gitlab.sh + +cat < offline-installer/metadata/INFO +chart: gitlab/gitlab +chart_version: ${CHART_VERSION} +created_at: $(date -u +%Y-%m-%dT%H:%M:%SZ) +EOFMETA diff --git a/script/verify-pulumi-bundle.sh b/script/verify-pulumi-bundle.sh index f1de301..bf70241 100755 --- a/script/verify-pulumi-bundle.sh +++ b/script/verify-pulumi-bundle.sh @@ -1,6 +1,7 @@ #!/usr/bin/env bash set -euo pipefail + ARCH="${MATRIX_ARCH:-}" if [[ -z "${ARCH}" ]]; then echo "MATRIX_ARCH environment variable is required" >&2 @@ -11,6 +12,7 @@ cd test-dir/pulumi-offline-package test -f VERSION + if [[ "${ARCH}" == "amd64" ]]; then ./bin/pulumi version ./bin/pulumi version | grep "v${PULUMI_VERSION}" diff --git a/scripts/offline-argocd/prune_remote_versions.sh b/scripts/offline-argocd/prune_remote_versions.sh new file mode 100755 index 0000000..6c263bc --- /dev/null +++ b/scripts/offline-argocd/prune_remote_versions.sh @@ -0,0 +1,22 @@ +#!/usr/bin/env bash +set -euo pipefail + +SSH_USER="${RSYNC_SSH_USER:?RSYNC_SSH_USER environment variable is required}" +HOST="${VPS_HOST:?VPS_HOST environment variable is required}" +REMOTE_ROOT="${REMOTE_ROOT:?REMOTE_ROOT environment variable is required}" + +ssh -i ~/.ssh/id_rsa "${SSH_USER}@${HOST}" REMOTE_ROOT="${REMOTE_ROOT}" 'bash -s' <<'EOS' +set -euo pipefail +cd "${REMOTE_ROOT}" || exit 0 +keep=3 +mapfile -t all < <(ls -1 | grep -E "^(offline-argocd-|v[0-9]+\.)" | sort -V -r || true) +if [ "${#all[@]}" -le "$keep" ]; then + echo "Nothing to prune. Count=${#all[@]}" + exit 0 +fi +to_delete=("${all[@]:keep}") +echo "Pruning old versions: ${to_delete[*]}" +for d in "${to_delete[@]}"; do + rm -rf -- "$d" +done +EOS diff --git a/scripts/offline-argocd/pull_and_export_images.sh b/scripts/offline-argocd/pull_and_export_images.sh new file mode 100755 index 0000000..8da9ef1 --- /dev/null +++ b/scripts/offline-argocd/pull_and_export_images.sh @@ -0,0 +1,27 @@ +#!/usr/bin/env bash +set -euo pipefail + +CHART_VERSION="${CHART_VERSION:?CHART_VERSION environment variable is required}" +MATRIX_ARCH="${MATRIX_ARCH:?MATRIX_ARCH environment variable is required}" + +PLATFORM="linux/${MATRIX_ARCH}" + +temp_manifest=$(mktemp) +trap 'rm -f "${temp_manifest}"' EXIT + +helm template argo argo/argo-cd --version "${CHART_VERSION}" > "${temp_manifest}" +mapfile -t images < <(grep -oP 'image:\s*"?\K([^"\s]+)' "${temp_manifest}" | sort -u || true) + +for img in "${images[@]}"; do + [ -n "$img" ] || continue + if [[ "$img" == *"{{"* ]]; then + continue + fi + echo "Pulling $img for ${PLATFORM}" + if ! docker pull --platform "${PLATFORM}" "$img"; then + echo "::warning::Failed to pull $img for ${PLATFORM}, skipping" >&2 + continue + fi + safe=$(echo "$img" | tr '/:' '-_') + docker save "$img" -o "argocd-offline-package/images/${safe}.tar" +done diff --git a/scripts/offline-argocd/resolve_chart_version.sh b/scripts/offline-argocd/resolve_chart_version.sh new file mode 100755 index 0000000..08d6722 --- /dev/null +++ b/scripts/offline-argocd/resolve_chart_version.sh @@ -0,0 +1,16 @@ +#!/usr/bin/env bash +set -euo pipefail + +OVERRIDE_CHART_VERSION="${OVERRIDE_CHART_VERSION:-}" +if [[ -n "${OVERRIDE_CHART_VERSION}" ]]; then + CHART_VERSION="${OVERRIDE_CHART_VERSION}" +else + CHART_VERSION=$(helm search repo argo/argo-cd --versions | awk 'NR==2{print $2}') +fi + +if [[ -z "${GITHUB_OUTPUT:-}" ]]; then + echo "GITHUB_OUTPUT environment variable is not set" >&2 + exit 1 +fi + +echo "chart_version=${CHART_VERSION}" >> "${GITHUB_OUTPUT}" diff --git a/scripts/offline-argocd/rsync_release_assets.sh b/scripts/offline-argocd/rsync_release_assets.sh new file mode 100755 index 0000000..dd1265c --- /dev/null +++ b/scripts/offline-argocd/rsync_release_assets.sh @@ -0,0 +1,13 @@ +#!/usr/bin/env bash +set -euo pipefail + +REMOTE_DIR="${REMOTE_ROOT:?REMOTE_ROOT environment variable is required}/${TAG_NAME:?TAG_NAME environment variable is required}" +SSH_USER="${RSYNC_SSH_USER:?RSYNC_SSH_USER environment variable is required}" +HOST="${VPS_HOST:?VPS_HOST environment variable is required}" + +ssh -i ~/.ssh/id_rsa "${SSH_USER}@${HOST}" "mkdir -p '${REMOTE_DIR}'" +echo "Rsync -> ${HOST}:${REMOTE_DIR}/" +rsync -av -e "ssh -i ~/.ssh/id_rsa" \ + release-artifacts/amd64/offline-package-argocd-amd64.tar.gz \ + release-artifacts/arm64/offline-package-argocd-arm64.tar.gz \ + "${SSH_USER}@${HOST}:${REMOTE_DIR}/" diff --git a/scripts/offline-argocd/stage_installer.sh b/scripts/offline-argocd/stage_installer.sh new file mode 100755 index 0000000..5e682a1 --- /dev/null +++ b/scripts/offline-argocd/stage_installer.sh @@ -0,0 +1,44 @@ +#!/usr/bin/env bash +set -euo pipefail + +CHART_VERSION="${CHART_VERSION:?CHART_VERSION environment variable is required}" + +cat <<'SCRIPT' > argocd-offline-package/scripts/install-argocd.sh +#!/usr/bin/env bash +set -euo pipefail + +ROOT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)" +CHART_DIR="${ROOT_DIR}/charts/argo-cd" +IMAGES_DIR="${ROOT_DIR}/images" +RELEASE_NAME="${RELEASE_NAME:-argo-cd}" +NAMESPACE="${NAMESPACE:-argocd}" + +if command -v nerdctl >/dev/null 2>&1; then + LOADER="nerdctl" +elif command -v docker >/dev/null 2>&1; then + LOADER="docker" +else + echo "Either docker or nerdctl is required to load images." >&2 + exit 1 +fi + +for tar in "${IMAGES_DIR}"/*.tar; do + [ -f "$tar" ] || continue + echo "Loading image: $tar" + "$LOADER" load -i "$tar" +done + +echo "Installing/Upgrading Argo CD release ${RELEASE_NAME} in namespace ${NAMESPACE}" +helm upgrade --install "${RELEASE_NAME}" "${CHART_DIR}" \ + --namespace "${NAMESPACE}" \ + --create-namespace \ + "$@" +SCRIPT + +chmod +x argocd-offline-package/scripts/install-argocd.sh + +cat < argocd-offline-package/metadata/INFO +chart: argo/argo-cd +chart_version: ${CHART_VERSION} +created_at: $(date -u +%Y-%m-%dT%H:%M:%SZ) +EOFMETA