add scripts

2024-03-16 13:13:52 +08:00 · 2024-03-16 13:13:52 +08:00 · 019257c8f9
commit 019257c8f9
parent 548ba2d2a3
6 changed files with 162 additions and 0 deletions
--- a/scripts/backup_docker_registry_secret.sh
+++ b/scripts/backup_docker_registry_secret.sh
@ -0,0 +1,21 @@
+#!/bin/sh
+
+check_not_empty() {
+  if [[ -z $1 ]]; then
+    echo "Error: $2 is empty. Please provide a value."
+    exit 1
+  fi
+}
+
+function backup_docker_registry_secret()
+{
+
+  # 检查参数是否为空
+  check_not_empty "$1" "cluster" && local cluster=$1
+  check_not_empty "$2" "namespace" && local namespace=$2
+  check_not_empty "$3" "secret" && local secret=$3
+
+  mkdir -pv ~/Backups/
+  kubectl config set-context --current --namespace $namespace
+  kubectl get secret $secret -n $namespace -o yaml > ~/Backups/$cluster-$namespace-$secret.yaml
+}
--- a/scripts/check_docker_registry_secret.sh
+++ b/scripts/check_docker_registry_secret.sh
@ -0,0 +1,21 @@
+#!/bin/sh
+
+check_not_empty() {
+  if [[ -z $1 ]]; then
+    echo "Error: $2 is empty. Please provide a value."
+    exit 1
+  fi
+}
+
+function run()
+{
+
+  # 检查参数是否为空
+  check_not_empty "$1" "cluster" && local cluster=$1
+  check_not_empty "$2" "namespace" && local namespace=$2
+  check_not_empty "$3" "secret" && local secret=$3
+
+  kubectl config set-context --current --namespace $namespace
+  echo $cluster $namespace $secret
+  kubectl get secret $secret -n $namespace --output="jsonpath={.data.\.dockerconfigjson}" | base64 --decode || true
+}
--- a/scripts/list_cluster_namespace_map.sh
+++ b/scripts/list_cluster_namespace_map.sh
@ -0,0 +1,6 @@
+clusters=( $(ls) )
+
+for cluster in "${clusters[@]}"; do
+    namespaces=$(grep -ir namespace $cluster | awk -Fnamespace: '{print $2}' | sort | uniq)
+    echo "$cluster $namespaces"
+done
--- a/scripts/renew_docker_registry_secret_with_kubectl.sh
+++ b/scripts/renew_docker_registry_secret_with_kubectl.sh
@ -0,0 +1,30 @@
+#!/bin/sh
+
+check_not_empty() {
+  if [[ -z $1 ]]; then
+    echo "Error: $2 is empty. Please provide a value."
+    exit 1
+  fi
+}
+
+function renew_docker_registry_secret()
+{
+
+  # 检查参数是否为空
+  check_not_empty "$1" "cluster" && local cluster=$1
+  check_not_empty "$2" "namespace" && local namespace=$2
+  check_not_empty "$3" "secret" && local secret=$3
+  check_not_empty "$4" "username" && local username=$4
+  check_not_empty "$5" "password" && local password=$5
+
+  fuze k8s clusters connect $cluster && kubectl config set-context --current --namespace $namespace
+  kubectl delete secret $secret -n $namespace || true
+  kubectl create secret docker-registry $secret   \
+  --docker-server=artifact.onwalk.net             \
+  --docker-username=$username                     \
+  --docker-password=$password                     \
+  --docker-email=manbzuhe2009@qq.com              \
+  -n $namespace
+
+  kubectl get secret $secret -n $namespace --output="jsonpath={.data.\.dockerconfigjson}" | base64 --decode || true
+}
--- a/scripts/rollout_docker_registry_secret.sh
+++ b/scripts/rollout_docker_registry_secret.sh
@ -0,0 +1,21 @@
+#!/bin/sh
+
+check_not_empty() {
+  if [[ -z $1 ]]; then
+    echo "Error: $2 is empty. Please provide a value."
+    exit 1
+  fi
+}
+
+function rollout_docker_registry_secret()
+{
+
+  # 检查参数是否为空
+  check_not_empty "$1" "cluster" && local cluster=$1
+  check_not_empty "$2" "namespace" && local namespace=$2
+  check_not_empty "$3" "secret" && local secret=$3
+
+  mkdir -pv ~/Backups/
+  kubectl config set-context --current --namespace $namespace
+  kubectl apply -f ~/Backups/~/Backups/$cluster-$namespace-$secret.yaml
+}
--- a/scripts/verify_rew_docker_registry_secret.sh
+++ b/scripts/verify_rew_docker_registry_secret.sh
@ -0,0 +1,63 @@
+
+#!/bin/sh
+
+GREEN='\033[0;32m'
+RED='\033[0;31m'
+NC='\033[0m'
+
+check_not_empty() {
+  if [[ -z $1 ]]; then
+    echo "Error: $2 is empty. Please provide a value."
+    exit 1
+  fi
+}
+
+function verify_docker_registry_secret()
+{
+
+  # 检查参数是否为空
+  check_not_empty "$1" "cluster" && local cluster=$1
+  check_not_empty "$2" "namespace" && local namespace=$2
+  check_not_empty "$3" "secret" && local secret=$3
+
+  kubectl config set-context --current --namespace $namespace
+  kubectl get secret $secret -n $namespace --output="jsonpath={.data.\.dockerconfigjson}" | base64 --decode || true
+
+cat <<EOF | kubectl apply -f -
+apiVersion: v1
+kind: Pod
+metadata:
+  name: image-pull-test
+  namespace: $namespace
+spec:
+  containers:
+  - name: image-pull-test
+    image: private.artifact.onwalk.net/nginx:stable-alpine
+    imagePullPolicy: Always
+    resources:
+      limits:
+        cpu: 200m
+        memory: 200Mi
+      requests:
+        cpu: 100m
+        memory: 100Mi
+  imagePullSecrets:
+  - name: $secret
+EOF
+
+# 等待 pod 运行成功
+
+sleep 5
+
+#  确认pod 镜像拉取成功
+kubectl get pods image-pull-test -n $namespace
+if [[ $? == 0 ]]; then
+  echo -e "${GREEN}image-pull-test is PASS ${NC}"
+else
+  echo -e "${RED}image-pull-test is Faild${NC}"
+fi
+
+echo -e "clean up image-pull-test pod$"
+kubectl delete pods image-pull-test -n $namespace || true
+
+}