This repository has been archived by the owner on Jun 2, 2022. It is now read-only.
/
wrapper.sh
executable file
·123 lines (108 loc) · 2.59 KB
/
wrapper.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
#!/usr/bin/env bash
set -ueo pipefail
# Redirect fds so that output to &3 is real stdout, and &1 goes to stderr
# instead; this prevents accidentially intermixing with what helm sends to
# stdout.
exec 3>&1
exec 1>&2
# colors
RED='\033[0;31m'
#GREEN='\033[0;32m'
BLUE='\033[0;34m'
YELLOW='\033[1;33m'
NOC='\033[0m'
# set your own options
: ${DECRYPT_CHARTS:=false}
MATCH_ARGS="[-.*]"
MATCH_FILES_ARGS=".*secrets.y*"
DEC_SUFFIX=".dec"
COUNT_CHART_FAILED=0
COUNT_FILES_FAILED=0
COUNT_CHART=0
COUNT_FILES=0
CURRENT_COMMAND="${1:-}"
case "$0" in
helm-wrapper)
WRAPPER_PATH="$(command -v helm-wrapper)"
;;
*)
WRAPPER_PATH="$0"
;;
esac
HELM_CMD="$(dirname $WRAPPER_PATH)/helm"
decrypt_chart() {
local chart="$file"
if [[ ! "$chart" =~ $MATCH_ARGS ]];
then
if [ -d "$chart" ];
then
if [ ! "$DECRYPT_CHARTS" = true ];
then
"$HELM_CMD" secrets dec-deps "$chart"
fi
echo -e "${YELLOW}>>>>>>${NOC} ${BLUE}Dependencies build and package${NOC}"
"$HELM_CMD" dep build "$chart" && "$HELM_CMD" package "$chart"
(( ++COUNT_CHART ))
else
(( ++COUNT_CHART_FAILED ))
return
fi
fi
}
decrypt_helm_vars() {
if [[ "$file" =~ $MATCH_FILES_ARGS ]];
then
if [ -f "$file" ];
then
echo -e "${YELLOW}>>>>>>${NOC} ${BLUE}Decrypt${NOC}"
"$HELM_CMD" secrets dec "$file"
(( ++COUNT_FILES ))
else
(( ++COUNT_FILES_FAILED ))
return
fi
fi
}
function cleanup {
case "${CURRENT_COMMAND}" in
install|upgrade|rollback|template)
echo -e "${YELLOW}>>>>>>${NOC} ${BLUE}Cleanup${NOC}"
for file in "${@}";
do
if [[ "$file" =~ $MATCH_FILES_ARGS ]];
then
"$HELM_CMD" secrets clean "${file}${DEC_SUFFIX}"
fi
done
esac
}
function helm_cmd {
echo ""
$(echo "${HELM_CMD} $*" | sed -e 's/secrets.yaml/secrets.yaml.dec/g') >&3
local status=$?
if [ "$status" -ne 0 ]; then
echo ""
cleanup "$@"
exit 1
else
echo ""
cleanup "$@"
exit 0
fi
}
case "${CURRENT_COMMAND}" in
install|upgrade|rollback|template)
for file in "$@"
do
decrypt_helm_vars "$file"
decrypt_chart "$file"
done
;;
esac
if [ "$COUNT_CHART" -eq 0 ] && [ "$COUNT_FILES" -eq 0 ] && [ "$COUNT_CHART_FAILED" -gt 0 ] && [ "$COUNT_FILES_FAILED" -gt 0 ];
then
echo -e "${RED}Error no secrets found. No secret files in chart or secrets files defined${NOC}"
exit 1
fi
# Run helm
helm_cmd "$@"