diff --git a/hack/make/deps.mk b/hack/make/deps.mk index 51fa4be..2aa94f5 100644 --- a/hack/make/deps.mk +++ b/hack/make/deps.mk @@ -9,13 +9,6 @@ KUBECTL_SUM_arm64 := cd859449f54ad2cb05b491c490c13bb836cdd0886ae013c0aed3dd67ff7 # renovate-local: kubectl-amd64=v1.35.2 KUBECTL_SUM_amd64 := 924eb50779153f20cb668117d141440b95df2f325a64452d78dff9469145e277 -# renovate-local: kustomize-amd64 -KUSTOMIZE_VERSION := v5.7.1 -# renovate-local: kustomize-arm64=v5.7.1 -KUSTOMIZE_SUM_arm64 := 4261a040217df3bd6896597c3986d1465925726e4f22a945304b5233a4dcdbda -# renovate-local: kustomize-amd64=v5.7.1 -KUSTOMIZE_SUM_amd64 := ea375e7372f9aa029129d4b2d16c66b7750b7f1213c4f66f910d981c895818d8 - # renovate: datasource=github-release-attachments depName=derailed/k9s K9S_VERSION := v0.50.18 # renovate: datasource=github-release-attachments depName=derailed/k9s digestVersion=v0.50.18 @@ -26,5 +19,4 @@ K9S_SUM_amd64 := 0b697ed4aa80997f7de4deeed6f1fba73df191b28bf691b1f28d2f45fa2a9e9 # Reduces the code duplication on Makefile by keeping all args into a single variable. IMAGE_ARGS := --build-arg HELM_VERSION=$(HELM_VERSION) --build-arg HELM_SUM_arm64=$(HELM_SUM_arm64) --build-arg HELM_SUM_amd64=$(HELM_SUM_amd64) \ --build-arg KUBECTL_VERSION=$(KUBECTL_VERSION) --build-arg KUBECTL_SUM_arm64=$(KUBECTL_SUM_arm64) --build-arg KUBECTL_SUM_amd64=$(KUBECTL_SUM_amd64) \ - --build-arg KUSTOMIZE_VERSION=$(KUSTOMIZE_VERSION) --build-arg KUSTOMIZE_SUM_arm64=$(KUSTOMIZE_SUM_arm64) --build-arg KUSTOMIZE_SUM_amd64=$(KUSTOMIZE_SUM_amd64) \ --build-arg K9S_VERSION=$(K9S_VERSION) --build-arg K9S_SUM_arm64=$(K9S_SUM_arm64) --build-arg K9S_SUM_amd64=$(K9S_SUM_amd64) diff --git a/hack/test b/hack/test index fc40c58..ef1f67e 100755 --- a/hack/test +++ b/hack/test @@ -17,14 +17,14 @@ function expected_file(){ file="$1" owner="$2" perms="$3" - + actualPerms=$(stat '%a' "${file}") actualOwner=$(stat '%u:%g' "${file}") if [[ "${actualPerms}" != "${perms}" ]] || \ [[ "${actualOwner}" != "${owner}" ]]; then echo "${file}: expected (${owner} ${perms}) got (${actualOwner} ${actualPerms})" exit 1 - else + else echo "${file}: OK" fi } @@ -37,7 +37,6 @@ function check_files(){ expected_file "/usr/local/bin/kubectl" "0:0" "755" expected_file "/usr/local/bin/kustomize" "0:0" "755" expected_file "/usr/local/bin/welcome" "0:0" "755" - expected_file "/home/shell/kustomize.sh" "1000:1000" "755" } @@ -62,7 +61,6 @@ function expected_version(){ function check_versions(){ echo "checking command versions:" expected_version "helm" "${HELM_VERSION}" - expected_version "kustomize" "${KUSTOMIZE_VERSION}" expected_version "k9s" "${K9S_VERSION}" # --client=true is used so that it does not fail trying to # identify the server version. diff --git a/package/Dockerfile b/package/Dockerfile index 92bd6e6..855215f 100644 --- a/package/Dockerfile +++ b/package/Dockerfile @@ -7,7 +7,6 @@ RUN zypper -n install curl gzip tar # Define build arguments ARG KUBECTL_VERSION KUBECTL_SUM_arm64 KUBECTL_SUM_amd64 \ HELM_VERSION HELM_SUM_arm64 HELM_SUM_amd64 \ - KUSTOMIZE_VERSION KUSTOMIZE_SUM_arm64 KUSTOMIZE_SUM_amd64 \ K9S_VERSION K9S_SUM_arm64 K9S_SUM_amd64 ARG TARGETARCH @@ -26,13 +25,6 @@ ENV HELM_SUM="HELM_SUM_${TARGETARCH}" RUN echo "${!HELM_SUM} /tmp/helm.tar.gz" | sha256sum -c - && \ tar -xvzf /tmp/helm.tar.gz --strip-components=1 -C / "linux-${TARGETARCH}/helm" -# Stage kustomize into build -ADD "https://github.com/kubernetes-sigs/kustomize/releases/download/kustomize/${KUSTOMIZE_VERSION}/kustomize_${KUSTOMIZE_VERSION}_linux_${TARGETARCH}.tar.gz" \ - /tmp/kustomize.tar.gz -ENV KUSTOMIZE_SUM="KUSTOMIZE_SUM_${TARGETARCH}" -RUN echo "${!KUSTOMIZE_SUM} /tmp/kustomize.tar.gz" | sha256sum -c - && \ - tar -xvzf /tmp/kustomize.tar.gz -C / kustomize - # Stage k9s into build ADD "https://github.com/derailed/k9s/releases/download/${K9S_VERSION}/k9s_Linux_${TARGETARCH}.tar.gz" \ /tmp/k9s.tar.gz @@ -55,7 +47,7 @@ RUN zypper --non-interactive refresh && \ zypper --installroot /chroot -n in bash-completion jq vim curl && \ zypper --installroot /chroot clean -a && \ rm -rf /chroot/var/cache/zypp/* /chroot/var/log/zypp/* /chroot/etc/zypp/ /chroot/run/zypp.pid - + RUN echo 'shell:x:1000:1000:shell,,,:/home/shell:/bin/bash' > /chroot/etc/passwd && \ echo 'shell:x:1000:' > /chroot/etc/group && \ @@ -74,9 +66,8 @@ RUN echo 'shell:x:1000:1000:shell,,,:/home/shell:/bin/bash' > /chroot/etc/passwd FROM scratch COPY --from=zypper /chroot / -COPY --chown=root:root --chmod=0755 --from=build /kubectl /helm /k9s /kustomize* /usr/local/bin/ -COPY --chown=root:root --chmod=0755 package/helm-cmd package/welcome /usr/local/bin/ -COPY --chown=1000:1000 --chmod=0755 package/kustomize.sh /home/shell/ +COPY --chown=root:root --chmod=0755 --from=build /kubectl /helm /k9s /usr/local/bin/ +COPY --chown=root:root --chmod=0755 package/helm-cmd package/welcome package/kustomize /usr/local/bin/ USER 1000 diff --git a/package/helm-cmd b/package/helm-cmd index c54bc47..b7d75b2 100755 --- a/package/helm-cmd +++ b/package/helm-cmd @@ -15,14 +15,6 @@ for i in $(seq 1 20); do done for i in operation*; do - # If a kustomize yaml has been passed along with the operation - # it will have the same numerical suffix. - kustomization=$(echo $i.yaml | sed "s/operation/kustomization/g") - if [[ -f $kustomization ]]; then - # Renaming file because kustomize only supports the following filenames: - # kustomization.yaml, kustomization.yml, and Kustomization. - cp $kustomization kustomization.yaml - fi cat $i | xargs -0 -- echo helm cat $i | xargs -0 -- helm echo diff --git a/package/kustomize b/package/kustomize new file mode 100755 index 0000000..bd514d4 --- /dev/null +++ b/package/kustomize @@ -0,0 +1,38 @@ +#!/usr/bin/env bash + +declare TRACE +[[ "${TRACE}" == 1 ]] && set -o xtrace +set -o errexit +set -o nounset +set -o pipefail +set -o noclobber + +kustomize-proxy() { + exec kubectl kustomize "${@}" +} + +args-parse() { + if [[ "$#" -eq 0 ]]; then + 1>&2 printf "error: no subcommand given\n" + exit 1 + fi + + while [[ "$#" -gt 0 ]]; do + case "${1}" in + build) + shift + kustomize-proxy "${@}" + ;; + *) + 1>&2 printf "error: subcommand \`%s\` not supported, only \`build\` is available\n" "${1}" + exit 1 + ;; + esac + done +} + +main() { + args-parse "$@" +} + +main "$@" diff --git a/package/kustomize.sh b/package/kustomize.sh deleted file mode 100755 index 9e4a0fb..0000000 --- a/package/kustomize.sh +++ /dev/null @@ -1,5 +0,0 @@ -#!/bin/bash - -cat <&0 > /home/shell/helm-run/all.yaml - -kustomize build . && rm /home/shell/helm-run/all.yaml diff --git a/scripts/update-kustomize.sh b/scripts/update-kustomize.sh deleted file mode 100755 index 7ea4956..0000000 --- a/scripts/update-kustomize.sh +++ /dev/null @@ -1,99 +0,0 @@ -#!/usr/bin/env bash -# Updates KUSTOMIZE_VERSION, the renovate-local comment tags, and both architecture -# checksums in hack/make/deps.mk. -# -# Usage: -# ./scripts/update-kustomize.sh v5.7.0 -# ./scripts/update-kustomize.sh # re-hashes whatever KUSTOMIZE_VERSION is already set to - -set -euo pipefail - -SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" -DEPS_MK="${SCRIPT_DIR}/../hack/make/deps.mk" - -usage() { - echo "Usage: $0 [VERSION]" - echo " VERSION kustomize version to set, e.g. v5.7.0 (optional; defaults to current KUSTOMIZE_VERSION)" - exit 1 -} - -if [[ "${1:-}" == "-h" || "${1:-}" == "--help" ]]; then - usage -fi - -NEW_VERSION="${1:-}" - -# Read current version from the file -CURRENT_VERSION="$(grep -E '^KUSTOMIZE_VERSION :=' "${DEPS_MK}" | sed 's/KUSTOMIZE_VERSION := //')" - -if [[ -z "${NEW_VERSION}" ]]; then - NEW_VERSION="${CURRENT_VERSION}" - echo "No version supplied; re-hashing current version: ${NEW_VERSION}" -else - # Normalise: ensure leading 'v' - [[ "${NEW_VERSION}" == v* ]] || NEW_VERSION="v${NEW_VERSION}" -fi - -if [[ -z "${NEW_VERSION}" ]]; then - echo "ERROR: Could not determine kustomize version." >&2 - exit 1 -fi - -echo "Updating kustomize to ${NEW_VERSION} in ${DEPS_MK}" - -# ------------------------------------------------------------------ -# Fetch checksums from the GitHub release assets -# ------------------------------------------------------------------ -# Release URL format: https://github.com/kubernetes-sigs/kustomize/releases/download/kustomize%2Fv5.6.0/checksums.txt -# Checksum lines look like: kustomize_v5.6.0_linux_amd64.tar.gz - -fetch_sha256() { - local arch="$1" - local url="https://github.com/kubernetes-sigs/kustomize/releases/download/kustomize%2F${NEW_VERSION}/checksums.txt" - echo " Fetching ${arch} checksum from ${url}" >&2 - curl --silent --fail --location "${url}" \ - | grep "kustomize_${NEW_VERSION}_linux_${arch}\.tar\.gz" \ - | awk '{print $1}' -} - -SHA256_AMD64="$(fetch_sha256 amd64)" -SHA256_ARM64="$(fetch_sha256 arm64)" - -if [[ -z "${SHA256_AMD64}" || -z "${SHA256_ARM64}" ]]; then - echo "ERROR: Failed to retrieve one or both checksums." >&2 - exit 1 -fi - -echo " amd64: ${SHA256_AMD64}" -echo " arm64: ${SHA256_ARM64}" - -# ------------------------------------------------------------------ -# Update the file with a single sed invocation (BSD + GNU compat) -# ------------------------------------------------------------------ -# We target exactly the lines Renovate mis-manages: -# KUSTOMIZE_VERSION := -# # renovate-local: kustomize-arm64= -# KUSTOMIZE_SUM_arm64 := -# # renovate-local: kustomize-amd64= -# KUSTOMIZE_SUM_amd64 := - -# Use a temp file so we can validate before overwriting -TMP="$(mktemp)" -trap 'rm -f "${TMP}"' EXIT - -sed \ - -e "s|^KUSTOMIZE_VERSION :=.*|KUSTOMIZE_VERSION := ${NEW_VERSION}|" \ - -e "s|^# renovate-local: kustomize-arm64=.*|# renovate-local: kustomize-arm64=${NEW_VERSION}|" \ - -e "s|^KUSTOMIZE_SUM_arm64 :=.*|KUSTOMIZE_SUM_arm64 := ${SHA256_ARM64}|" \ - -e "s|^# renovate-local: kustomize-amd64=.*|# renovate-local: kustomize-amd64=${NEW_VERSION}|" \ - -e "s|^KUSTOMIZE_SUM_amd64 :=.*|KUSTOMIZE_SUM_amd64 := ${SHA256_AMD64}|" \ - "${DEPS_MK}" > "${TMP}" - -# Quick sanity check: the new version string must appear in the output -if ! grep -q "${NEW_VERSION}" "${TMP}"; then - echo "ERROR: Sanity check failed — version string not found in updated file." >&2 - exit 1 -fi - -cp "${TMP}" "${DEPS_MK}" -echo "Done. ${DEPS_MK} updated successfully." \ No newline at end of file