refactor(bind9): git-ops to contain init cont

ref: #21

Author: jon-nfc

manifests/bind9/base/Deployment.yaml

@@ -67,17 +67,10 @@ spec:
               name: data
               subPath: logs
 
-            - mountPath: /root
-              name: home
-
       priorityClassName: cluster-low
       tolerations: []
       volumes:
 
         - name: data
           persistentVolumeClaim:
             claimName: bind
-
-        - name: home
-          emptyDir:
-            medium: Memory

manifests/bind9/components/git-ops/Deployment.yaml

@@ -24,69 +24,44 @@ spec:
 
               export KEY_FILE_PATH=~/.ssh/${SSH_REPOSITORY_OWNER}/${SSH_REPOSITORY_NAME};
 
-              mkdir -p "${KEY_FILE_PATH}";
-
-              echo "Env var KEY_FILE_PATH=[${KEY_FILE_PATH}] setup";
-
-              cat > ${KEY_FILE_PATH}/deploy <<EOF
-              $SSH_PRIVATE_KEY
-              EOF
-
               chmod 600 ${KEY_FILE_PATH}/deploy;
 
               export GIT_SSH_COMMAND="ssh -i $KEY_FILE_PATH/deploy";
 
-              ssh-keyscan "${SSH_REPOSITORY_HOST}" >> ~/.ssh/known_hosts
-
               while :; do
 
                 echo "Loop Start......";
 
-                if [ ! -d /git/source/.git ]; then
-
-                  export REPO_NAME_FULL="${SSH_REPOSITORY_HOST}:${SSH_REPOSITORY_OWNER}/${SSH_REPOSITORY_NAME}.git"
-
-                  echo "Env var REPO_NAME_FULL=[${REPO_NAME_FULL}] setup";
 
-                  if ssh -T "git@$SSH_REPOSITORY_HOST" -i  $KEY_FILE_PATH/deploy; then
+                cd /git;
 
-                    echo "Clonning repo";
+                if ssh -T "git@$SSH_REPOSITORY_HOST" -i $KEY_FILE_PATH/deploy; then
 
-                    git clone -b master git@${REPO_NAME_FULL} /git/source;
+                  echo "********************************************";
 
-                  else
+                  git status;
 
-                    echo "Not Authenticated, check ssh key. RC=[${?}]";
+                  echo "********************************************";
+                  
+                  echo "Checking for repo updates";
 
-                  fi
+                  git fetch -fpvt;
 
-                else
-
-                  cd /git/source;
-
-                  if ssh -T "git@$SSH_REPOSITORY_HOST" -i $KEY_FILE_PATH/deploy; then
+                  echo "Git reset....";
 
-                    echo "********************************************";
+                  git reset --hard;
 
-                    git status;
+                  echo "Pulling any changes....";
 
-                    echo "********************************************";
-                    
-                    echo "Checking for repo updates";
+                  git pull --rebase
 
-                    git fetch -fpvt;
-
-                    echo "Pulling any changes....";
-
-                    git pull --rebase
+                else
 
-                  else
+                  echo "Not Authenticated, check ssh key. RC=[${?}]";
 
-                    echo "Not Authenticated, check ssh key. RC=[${?}]";
+                fi
 
-                  fi
 
-                fi
 
                 echo "Loop Finish.";
 
@@ -115,6 +90,11 @@ spec:
                 secretKeyRef:
                   name: bind-config
                   key: SSH_REPOSITORY_NAME
+            - name: SSH_REPOSITORY_REF
+              valueFrom:
+                secretKeyRef:
+                  name: bind-config
+                  key: SSH_REPOSITORY_REF
 
           resources:
             limits:
@@ -128,6 +108,110 @@ spec:
               mountPath: /git
               subPath: git/
 
+            - name: data
+              mountPath: /root
+              subPath: home
+
             - mountPath: /var/dns-log
               name: data
               subPath: logs
+
+      initContainers:
+
+        - name: clone
+          image: alpine:3.23.2
+          command:
+            - sh
+            - -c
+            - |
+              echo "Start init";
+              if [ ! -d /git/.git ]; then
+
+
+                echo "Installing pre-reqs.....";
+
+                apk update;
+                apk add git openssh-client-default;
+
+                export KEY_FILE_PATH=~/.ssh/${SSH_REPOSITORY_OWNER}/${SSH_REPOSITORY_NAME};
+
+                mkdir -p "${KEY_FILE_PATH}";
+
+                echo "Env var KEY_FILE_PATH=[${KEY_FILE_PATH}] setup";
+
+                echo "$SSH_PRIVATE_KEY" > ${KEY_FILE_PATH}/deploy
+
+
+                chmod 600 ${KEY_FILE_PATH}/deploy;
+
+                export GIT_SSH_COMMAND="ssh -i $KEY_FILE_PATH/deploy";
+
+                ssh-keyscan "${SSH_REPOSITORY_HOST}" >> ~/.ssh/known_hosts
+
+
+                export REPO_NAME_FULL="${SSH_REPOSITORY_HOST}:${SSH_REPOSITORY_OWNER}/${SSH_REPOSITORY_NAME}.git"
+
+                echo "Env var REPO_NAME_FULL=[${REPO_NAME_FULL}] setup";
+
+
+                if ssh -T "git@$SSH_REPOSITORY_HOST" -i  $KEY_FILE_PATH/deploy; then
+
+                  echo "Clonning repo on branch=[${SSH_REPOSITORY_REF}]";
+
+                  git clone -b "${SSH_REPOSITORY_REF}" git@${REPO_NAME_FULL} /git;
+
+                else
+
+                  echo "Not Authenticated, check ssh key. RC=[${?}]";
+
+                  exit 1;
+
+                fi
+
+              fi
+
+              echo "Finish init";
+
+          env:
+            - name: SSH_PRIVATE_KEY
+              valueFrom:
+                secretKeyRef:
+                  name: bind-config
+                  key: SSH_PRIVATE_KEY
+            - name: SSH_REPOSITORY_HOST
+              valueFrom:
+                secretKeyRef:
+                  name: bind-config
+                  key: SSH_REPOSITORY_HOST
+            - name: SSH_REPOSITORY_OWNER
+              valueFrom:
+                secretKeyRef:
+                  name: bind-config
+                  key: SSH_REPOSITORY_OWNER
+            - name: SSH_REPOSITORY_NAME
+              valueFrom:
+                secretKeyRef:
+                  name: bind-config
+                  key: SSH_REPOSITORY_NAME
+            - name: SSH_REPOSITORY_REF
+              valueFrom:
+                secretKeyRef:
+                  name: bind-config
+                  key: SSH_REPOSITORY_REF
+
+          resources:
+            limits:
+              cpu: 1
+              memory: 500Mi
+            requests:
+              cpu: 50m
+              memory: 150Mi
+
+          volumeMounts:
+            - name: data
+              mountPath: /git
+              subPath: git
+
+            - name: data
+              mountPath: /root
+              subPath: home