ops(sol): add offline canary recovery path
All checks were successful
deploy-trade-r001-canary / apply (push) Successful in 6m45s
All checks were successful
deploy-trade-r001-canary / apply (push) Successful in 6m45s
This commit is contained in:
@@ -1,8 +1,10 @@
|
||||
#!/usr/bin/env bash
|
||||
set -euo pipefail
|
||||
|
||||
DEFAULT_SOURCE_DIR="${HOME}/.local/share/trade-bootstrap/sol/trade-r001-canary-secrets"
|
||||
SOURCE_HOST="${SOURCE_HOST:-mevnode_bot}"
|
||||
SOURCE_NAMESPACE="${SOURCE_NAMESPACE:-trade-staging}"
|
||||
SOURCE_DIR="${SOURCE_DIR:-}"
|
||||
TARGET_HOST="${TARGET_HOST:-mevnode}"
|
||||
TARGET_NAMESPACE="${TARGET_NAMESPACE:-trade-r001-canary}"
|
||||
|
||||
@@ -23,10 +25,23 @@ ssh_target() {
|
||||
ssh -o StrictHostKeyChecking=no "$TARGET_HOST" "$@"
|
||||
}
|
||||
|
||||
if [ -z "$SOURCE_DIR" ] && [ -d "$DEFAULT_SOURCE_DIR" ]; then
|
||||
SOURCE_DIR="$DEFAULT_SOURCE_DIR"
|
||||
fi
|
||||
|
||||
get_secret_json() {
|
||||
local secret_name="$1"
|
||||
if [ -n "$SOURCE_DIR" ]; then
|
||||
cat "${SOURCE_DIR}/${secret_name}.json"
|
||||
else
|
||||
ssh_source "sudo k3s kubectl -n ${SOURCE_NAMESPACE} get secret ${secret_name} -o json"
|
||||
fi
|
||||
}
|
||||
|
||||
ssh_target "sudo k3s kubectl get ns ${TARGET_NAMESPACE} >/dev/null 2>&1 || sudo k3s kubectl create ns ${TARGET_NAMESPACE} >/dev/null"
|
||||
|
||||
for secret_name in "${SECRETS[@]}"; do
|
||||
SECRET_JSON="$(ssh_source "sudo k3s kubectl -n ${SOURCE_NAMESPACE} get secret ${secret_name} -o json")"
|
||||
SECRET_JSON="$(get_secret_json "${secret_name}")"
|
||||
printf '%s' "$SECRET_JSON" \
|
||||
| jq --arg ns "$TARGET_NAMESPACE" 'del(.metadata.uid,.metadata.resourceVersion,.metadata.creationTimestamp,.metadata.managedFields,.metadata.ownerReferences,.metadata.selfLink,.metadata.annotations["kubectl.kubernetes.io/last-applied-configuration"]) | .metadata.namespace = $ns' \
|
||||
| ssh_target "sudo k3s kubectl apply -f - >/dev/null"
|
||||
|
||||
Reference in New Issue
Block a user