Refactor fluxcd offline workflow scripts

.github/workflows/offline-package-fluxcd-installer.yaml

@@ -53,14 +53,7 @@ jobs:
         id: resolve
         env:
           OVERRIDE_CHART_VERSION: ${{ github.event.inputs.chart_version }}
-        run: |
+        run: script/offline-fluxcd/resolve-chart-version.sh
-          set -euo pipefail
-          if [ -n "${OVERRIDE_CHART_VERSION}" ]; then
-            CHART_VERSION="${OVERRIDE_CHART_VERSION}"
-          else
-            CHART_VERSION=$(helm search repo fluxcd-community/flux2 --versions | awk 'NR==2{print $2}')
-          fi
-          echo "chart_version=${CHART_VERSION}" >> "$GITHUB_OUTPUT"
 
       - name: Prepare directories
         run: |
@@ -71,45 +64,7 @@ jobs:
       - name: Stage installer script
         env:
           CHART_VERSION: ${{ steps.resolve.outputs.chart_version }}
-        run: |
+        run: script/offline-fluxcd/stage-installer.sh
-          set -euo pipefail
-          cat <<'SCRIPT' > offline-installer/scripts/install-fluxcd.sh
-#!/usr/bin/env bash
-set -euo pipefail
-
-ROOT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)"
-CHART_DIR="${ROOT_DIR}/charts/flux2"
-IMAGES_DIR="${ROOT_DIR}/images"
-RELEASE_NAME="${RELEASE_NAME:-flux-system}"
-NAMESPACE="${NAMESPACE:-flux-system}"
-
-if command -v nerdctl >/dev/null 2>&1; then
-  LOADER="nerdctl"
-elif command -v docker >/dev/null 2>&1; then
-  LOADER="docker"
-else
-  echo "Either docker or nerdctl is required to load images." >&2
-  exit 1
-fi
-
-for tar in "${IMAGES_DIR}"/*.tar; do
-  [ -f "$tar" ] || continue
-  echo "Loading image: $tar"
-  "$LOADER" load -i "$tar"
-done
-
-echo "Installing/Upgrading FluxCD release ${RELEASE_NAME} in namespace ${NAMESPACE}"
-helm upgrade --install "${RELEASE_NAME}" "${CHART_DIR}" \
-  --namespace "${NAMESPACE}" \
-  --create-namespace \
-  "$@"
-SCRIPT
-          chmod +x offline-installer/scripts/install-fluxcd.sh
-          cat <<EOFMETA > offline-installer/metadata/INFO
-chart: fluxcd-community/flux2
-chart_version: ${CHART_VERSION}
-created_at: $(date -u +%Y-%m-%dT%H:%M:%SZ)
-EOFMETA
 
       - name: Download nerdctl binary for ${{ matrix.arch }}
         run: |
@@ -120,25 +75,8 @@ EOFMETA
       - name: Pull & export required images
         env:
           CHART_VERSION: ${{ steps.resolve.outputs.chart_version }}
-        run: |
+          MATRIX_ARCH: ${{ matrix.arch }}
-          set -euo pipefail
+        run: script/offline-fluxcd/pull-and-export-images.sh
-          PLATFORM="linux/${{ matrix.arch }}"
-          helm template flux fluxcd-community/flux2 --version "${CHART_VERSION}" > manifest.yaml
-          mapfile -t images < <(grep -oP 'image:\s*"?\K([^"\s]+)' manifest.yaml | sort -u || true)
-          rm -f manifest.yaml
-          for img in "${images[@]}"; do
-            [ -n "$img" ] || continue
-            if [[ "$img" == *"{{"* ]]; then
-              continue
-            fi
-            echo "Pulling $img for ${PLATFORM}"
-            if ! docker pull --platform "${PLATFORM}" "$img"; then
-              echo "::warning::Failed to pull $img for ${PLATFORM}, skipping" >&2
-              continue
-            fi
-            safe=$(echo "$img" | tr '/:' '-_')
-            docker save "$img" -o "offline-installer/images/${safe}.tar"
-          done
 
       - name: Download Helm chart
         env:

script/offline-fluxcd/pull-and-export-images.sh

@@ -0,0 +1,24 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+: "${CHART_VERSION?CHART_VERSION is required}"
+: "${MATRIX_ARCH?MATRIX_ARCH is required}"
+
+PLATFORM="linux/${MATRIX_ARCH}"
+helm template flux fluxcd-community/flux2 --version "${CHART_VERSION}" > manifest.yaml
+mapfile -t images < <(grep -oP 'image:\s*"?\K([^"\s]+)' manifest.yaml | sort -u || true)
+rm -f manifest.yaml
+
+for img in "${images[@]}"; do
+  [[ -n "$img" ]] || continue
+  if [[ "$img" == *"{{"* ]]; then
+    continue
+  fi
+  echo "Pulling $img for ${PLATFORM}"
+  if ! docker pull --platform "${PLATFORM}" "$img"; then
+    echo "::warning::Failed to pull $img for ${PLATFORM}, skipping" >&2
+    continue
+  fi
+  safe=$(echo "$img" | tr '/:' '-_')
+  docker save "$img" -o "offline-installer/images/${safe}.tar"
+done

script/offline-fluxcd/resolve-chart-version.sh

@@ -0,0 +1,11 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+OVERRIDE_CHART_VERSION="${OVERRIDE_CHART_VERSION:-}" # compatibility
+if [[ -n "${OVERRIDE_CHART_VERSION}" ]]; then
+  CHART_VERSION="${OVERRIDE_CHART_VERSION}"
+else
+  CHART_VERSION=$(helm search repo fluxcd-community/flux2 --versions | awk 'NR==2{print $2}')
+fi
+
+echo "chart_version=${CHART_VERSION}" >> "${GITHUB_OUTPUT}"

script/offline-fluxcd/stage-installer.sh

@@ -0,0 +1,47 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+: "${CHART_VERSION?CHART_VERSION is required}"
+
+rm -f offline-installer/scripts/install-fluxcd.sh
+override_dir="offline-installer"
+mkdir -p "${override_dir}/scripts" "${override_dir}/metadata"
+
+cat <<'SCRIPT' > "${override_dir}/scripts/install-fluxcd.sh"
+#!/usr/bin/env bash
+set -euo pipefail
+
+ROOT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)"
+CHART_DIR="${ROOT_DIR}/charts/flux2"
+IMAGES_DIR="${ROOT_DIR}/images"
+RELEASE_NAME="${RELEASE_NAME:-flux-system}"
+NAMESPACE="${NAMESPACE:-flux-system}"
+
+if command -v nerdctl >/dev/null 2>&1; then
+  LOADER="nerdctl"
+elif command -v docker >/dev/null 2>&1; then
+  LOADER="docker"
+else
+  echo "Either docker or nerdctl is required to load images." >&2
+  exit 1
+fi
+
+for tar in "${IMAGES_DIR}"/*.tar; do
+  [ -f "$tar" ] || continue
+  echo "Loading image: $tar"
+  "$LOADER" load -i "$tar"
+done
+
+echo "Installing/Upgrading FluxCD release ${RELEASE_NAME} in namespace ${NAMESPACE}"
+helm upgrade --install "${RELEASE_NAME}" "${CHART_DIR}" \
+  --namespace "${NAMESPACE}" \
+  --create-namespace \
+  "$@"
+SCRIPT
+chmod +x "${override_dir}/scripts/install-fluxcd.sh"
+
+cat <<EOF_META > "${override_dir}/metadata/INFO"
+chart: fluxcd-community/flux2
+chart_version: ${CHART_VERSION}
+created_at: $(date -u +%Y-%m-%dT%H:%M:%SZ)
+EOF_META