Features 11017 and 11018: setup of mgmt cluster and git repo
This change incorporates the changes to setup a mgmt cluster for
cloud-native operations in OSM following a GitOps model, which includes
the setup of an internal git repository.
Change-Id: If828d18ad64d852a9a89ec9ba7c2d3a96d281565
Signed-off-by: garciadeblas <gerardo.garciadeblas@telefonica.com>
diff --git a/installers/mgmt-cluster/gitea/admin/add-collaborator-to-user-repo.sh b/installers/mgmt-cluster/gitea/admin/add-collaborator-to-user-repo.sh
new file mode 100755
index 0000000..352685f
--- /dev/null
+++ b/installers/mgmt-cluster/gitea/admin/add-collaborator-to-user-repo.sh
@@ -0,0 +1,35 @@
+#!/bin/bash
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+
+set -e
+
+HERE=$(dirname "$(readlink --canonicalize "$BASH_SOURCE")")
+. "$HERE/../library/functions.sh"
+. "$HERE/../library/trap.sh"
+
+SERVER_URL=$1
+USERNAME=$2
+TOKEN=$3
+REPO=$4
+COLLABORATOR=$5
+PERMISSION=${6:-"write"}
+
+"$HERE/api.sh" "${SERVER_URL}" "${TOKEN}" \
+ PUT \
+ "repos/${USERNAME}/${REPO}/collaborators/${COLLABORATOR}" \
+ "{\"permission\": \"${PERMISSION}\"}"
diff --git a/installers/mgmt-cluster/gitea/admin/api.sh b/installers/mgmt-cluster/gitea/admin/api.sh
new file mode 100755
index 0000000..de5b345
--- /dev/null
+++ b/installers/mgmt-cluster/gitea/admin/api.sh
@@ -0,0 +1,49 @@
+#!/bin/bash
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+
+set -e
+
+# Wrapper function for raw calls to Gitea API
+
+HERE=$(dirname "$(readlink --canonicalize "$BASH_SOURCE")")
+. "$HERE/../library/functions.sh"
+. "$HERE/../library/trap.sh"
+
+SERVER_URL=$1
+TOKEN=$2
+VERB=$3
+URI=$4
+DATA=$5
+
+if [ -z "$DATA" ]; then
+ kubectl exec statefulset/gitea --container=gitea --namespace=gitea --quiet -- \
+ curl --silent --fail \
+ "${SERVER_URL}/api/v1/${URI}" \
+ --request "${VERB}" \
+ --header "Authorization: token ${TOKEN}" \
+ --header 'Accept: application/json'
+else
+ kubectl exec statefulset/gitea --container=gitea --namespace=gitea --quiet -- \
+ curl --silent --fail \
+ --request "$VERB" \
+ "${SERVER_URL}/api/v1/${URI}" \
+ --header "Authorization: token ${TOKEN}" \
+ --header 'Accept: application/json' \
+ --header 'Content-Type: application/json' \
+ --data "${DATA}"
+fi
diff --git a/installers/mgmt-cluster/gitea/admin/create-api-access-token.sh b/installers/mgmt-cluster/gitea/admin/create-api-access-token.sh
new file mode 100755
index 0000000..f7679e6
--- /dev/null
+++ b/installers/mgmt-cluster/gitea/admin/create-api-access-token.sh
@@ -0,0 +1,52 @@
+#!/bin/bash
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+
+set -e
+
+HERE=$(dirname "$(readlink --canonicalize "$BASH_SOURCE")")
+. "$HERE/../library/functions.sh"
+. "$HERE/../library/trap.sh"
+
+SERVER_URL=$1
+USERNAME=$2
+PASSWORD=$3
+TOKEN_NAME=$4
+
+# Unfortunately this inconsistently spits out logs stdout, making it challenging to parse
+# "$HERE/gitea" admin user generate-access-token --username "$USERNAME" --raw | tail -1 > "$HERE/tokens/$USERNAME"
+
+# See: https://docs.gitea.io/en-us/api-usage/#generating-and-listing-api-tokens
+
+# Delete old "${TOKEN_NAME}" token (if existed)
+kubectl exec statefulset/gitea --container=gitea --namespace=gitea --quiet -- \
+curl --silent --fail \
+ "${SERVER_URL}/api/v1/users/$USERNAME/tokens/${TOKEN_NAME}" \
+ --user "$USERNAME:$PASSWORD" \
+ --request DELETE \
+ --header 'Accept: application/json' || true > /dev/null
+
+# Create new "${TOKEN_NAME}" token
+# (this is our only chance to retrieve the sha1)
+kubectl exec statefulset/gitea --container=gitea --namespace=gitea --quiet -- \
+curl --silent --fail \
+ "${SERVER_URL}/api/v1/users/$USERNAME/tokens" \
+ --user "$USERNAME:$PASSWORD" \
+ --request POST \
+ --header 'Accept: application/json' \
+ --header 'Content-Type: application/json' \
+ --data "{\"name\": \"${TOKEN_NAME}\"}" | jq --raw-output .sha1
diff --git a/installers/mgmt-cluster/gitea/admin/create-cmd-access-token.sh b/installers/mgmt-cluster/gitea/admin/create-cmd-access-token.sh
new file mode 100755
index 0000000..222b899
--- /dev/null
+++ b/installers/mgmt-cluster/gitea/admin/create-cmd-access-token.sh
@@ -0,0 +1,32 @@
+#!/bin/bash
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+
+set -e
+
+HERE=$(dirname "$(readlink --canonicalize "$BASH_SOURCE")")
+. "$HERE/../library/functions.sh"
+. "$HERE/../library/trap.sh"
+
+USERNAME=$1
+TOKEN_NAME=$2
+
+# gitea admin user generate-access-token --username myname --token-name mytoken
+"$HERE/gitea.sh" admin user generate-access-token \
+ --username "${USERNAME}" \
+ --token-name \'"${TOKEN_NAME}"\' \
+ "${@:4}"
diff --git a/installers/mgmt-cluster/gitea/admin/create-org-repository.sh b/installers/mgmt-cluster/gitea/admin/create-org-repository.sh
new file mode 100755
index 0000000..6cb591c
--- /dev/null
+++ b/installers/mgmt-cluster/gitea/admin/create-org-repository.sh
@@ -0,0 +1,39 @@
+#!/bin/bash
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+
+set -e
+
+HERE=$(dirname "$(readlink --canonicalize "$BASH_SOURCE")")
+. "$HERE/../library/functions.sh"
+. "$HERE/../library/trap.sh"
+
+USERNAME=$1
+PASSWORD=$2
+ORG=$3
+
+SERVER_URL=$1
+USERNAME=$2
+TOKEN=$3
+ORG=$4
+REPO=$5
+PRIVATE=${6:-true}
+
+"$HERE/api.sh" "${SERVER_URL}" "${TOKEN}" \
+ POST \
+ "orgs/${ORG}/repos" \
+ "{\"name\": \"${REPO}\", \"default_branch\": \"main\", \"private\": ${PRIVATE}}"
diff --git a/installers/mgmt-cluster/gitea/admin/create-org.sh b/installers/mgmt-cluster/gitea/admin/create-org.sh
new file mode 100755
index 0000000..02dfe7c
--- /dev/null
+++ b/installers/mgmt-cluster/gitea/admin/create-org.sh
@@ -0,0 +1,43 @@
+#!/bin/bash
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+
+set -e
+
+HERE=$(dirname "$(readlink --canonicalize "$BASH_SOURCE")")
+. "$HERE/../library/functions.sh"
+. "$HERE/../library/trap.sh"
+
+SERVER_URL=$1
+USERNAME=$2
+TOKEN=$3
+ORG=$4
+VISIBILITY=${5:-public}
+
+# Root organizations
+# ------------------
+"$HERE/api.sh" "${SERVER_URL}" "${TOKEN}" \
+ POST \
+ orgs \
+ "{\"username\": \"${ORG}\", \"visibility\": \"${VISIBILITY}\"}"
+
+# Organizations on user path
+# --------------------------
+# "$HERE/api.sh" "${SERVER_URL}" "${TOKEN}" \
+# POST \
+# admin/users/${USERNAME}/orgs \
+# "{\"username\": \"${ORG}\"}"
diff --git a/installers/mgmt-cluster/gitea/admin/create-user-repository.sh b/installers/mgmt-cluster/gitea/admin/create-user-repository.sh
new file mode 100755
index 0000000..686c1a9
--- /dev/null
+++ b/installers/mgmt-cluster/gitea/admin/create-user-repository.sh
@@ -0,0 +1,34 @@
+#!/bin/bash
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+
+set -e
+
+HERE=$(dirname "$(readlink --canonicalize "$BASH_SOURCE")")
+. "$HERE/../library/functions.sh"
+. "$HERE/../library/trap.sh"
+
+SERVER_URL=$1
+USERNAME=$2
+TOKEN=$3
+REPO=$4
+PRIVATE=${5:-true}
+
+"$HERE/api.sh" "${SERVER_URL}" "${TOKEN}" \
+ POST \
+ user/repos \
+ "{\"name\": \"${REPO}\", \"default_branch\": \"main\", \"private\": ${PRIVATE}}"
diff --git a/installers/mgmt-cluster/gitea/admin/create-user-ssh-key.sh b/installers/mgmt-cluster/gitea/admin/create-user-ssh-key.sh
new file mode 100755
index 0000000..7dc0661
--- /dev/null
+++ b/installers/mgmt-cluster/gitea/admin/create-user-ssh-key.sh
@@ -0,0 +1,43 @@
+#!/bin/bash
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+
+set -e
+
+HERE=$(dirname "$(readlink --canonicalize "$BASH_SOURCE")")
+. "$HERE/../library/functions.sh"
+. "$HERE/../library/trap.sh"
+
+# PARAMETERS:
+# ==========
+# 1) Server URL
+# 2) Username
+# 3) Token
+# 4) SSH key content
+# 5) SSH key name in Gitea's user profile
+# 6) Read only?
+SERVER_URL=$1
+USERNAME=$2
+TOKEN=$3
+SSH_KEY="${4}"
+KEY_NAME=$5
+READ_ONLY=${6:-false}
+
+"$HERE/api.sh" "${SERVER_URL}" "${TOKEN}" \
+ POST \
+ user/keys \
+ "{\"key\": \"${SSH_KEY}\", \"read_only\": ${READ_ONLY}, \"title\": \"${KEY_NAME}\"}"
diff --git a/installers/mgmt-cluster/gitea/admin/create-user.sh b/installers/mgmt-cluster/gitea/admin/create-user.sh
new file mode 100755
index 0000000..6812427
--- /dev/null
+++ b/installers/mgmt-cluster/gitea/admin/create-user.sh
@@ -0,0 +1,34 @@
+#!/bin/bash
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+
+set -e
+
+HERE=$(dirname "$(readlink --canonicalize "$BASH_SOURCE")")
+source "${HERE}/../library/functions.sh"
+source "${HERE}/../library/trap.sh"
+
+USERNAME=$1
+PASSWORD="${2}"
+EMAIL=$3
+
+"$HERE/gitea.sh" admin user create \
+ --username "$USERNAME" \
+ --password \'"${PASSWORD}"\' \
+ --email "$EMAIL" \
+ --must-change-password=false \
+ "${@:4}"
diff --git a/installers/mgmt-cluster/gitea/admin/delete-org-repository.sh b/installers/mgmt-cluster/gitea/admin/delete-org-repository.sh
new file mode 100755
index 0000000..ba3b796
--- /dev/null
+++ b/installers/mgmt-cluster/gitea/admin/delete-org-repository.sh
@@ -0,0 +1,37 @@
+#!/bin/bash
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+
+set -e
+
+HERE=$(dirname "$(readlink --canonicalize "$BASH_SOURCE")")
+. "$HERE/../library/functions.sh"
+. "$HERE/../library/trap.sh"
+
+USERNAME=$1
+PASSWORD=$2
+ORG=$3
+
+SERVER_URL=$1
+USERNAME=$2
+TOKEN=$3
+ORG=$4
+REPO=$5
+
+"$HERE/api.sh" "${SERVER_URL}" "${TOKEN}" \
+ DELETE \
+ repos/${ORG}/${REPO}
diff --git a/installers/mgmt-cluster/gitea/admin/delete-org.sh b/installers/mgmt-cluster/gitea/admin/delete-org.sh
new file mode 100755
index 0000000..66a2eba
--- /dev/null
+++ b/installers/mgmt-cluster/gitea/admin/delete-org.sh
@@ -0,0 +1,34 @@
+#!/bin/bash
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+
+set -e
+
+HERE=$(dirname "$(readlink --canonicalize "$BASH_SOURCE")")
+. "$HERE/../library/functions.sh"
+. "$HERE/../library/trap.sh"
+
+SERVER_URL=$1
+USERNAME=$2
+TOKEN=$3
+ORG=$4
+
+# Root organizations
+# ------------------
+"$HERE/api.sh" "${SERVER_URL}" "${TOKEN}" \
+ DELETE \
+ orgs/${ORG}
diff --git a/installers/mgmt-cluster/gitea/admin/delete-user-repository.sh b/installers/mgmt-cluster/gitea/admin/delete-user-repository.sh
new file mode 100755
index 0000000..2c403a2
--- /dev/null
+++ b/installers/mgmt-cluster/gitea/admin/delete-user-repository.sh
@@ -0,0 +1,32 @@
+#!/bin/bash
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+
+set -e
+
+HERE=$(dirname "$(readlink --canonicalize "$BASH_SOURCE")")
+. "$HERE/../library/functions.sh"
+. "$HERE/../library/trap.sh"
+
+SERVER_URL=$1
+USERNAME=$2
+TOKEN=$3
+REPO=$4
+
+"$HERE/api.sh" "${SERVER_URL}" "${TOKEN}" \
+ DELETE \
+ repos/${USERNAME}/${REPO}
diff --git a/installers/mgmt-cluster/gitea/admin/gitea.sh b/installers/mgmt-cluster/gitea/admin/gitea.sh
new file mode 100755
index 0000000..697f303
--- /dev/null
+++ b/installers/mgmt-cluster/gitea/admin/gitea.sh
@@ -0,0 +1,26 @@
+#!/bin/bash
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+
+set -e
+
+HERE=$(dirname "$(readlink --canonicalize "$BASH_SOURCE")")
+. "$HERE/../library/functions.sh"
+
+# Note: we cannot run "gitea" as root
+kubectl exec statefulset/gitea --container=gitea --namespace=gitea --quiet -- \
+su git -c "gitea --quiet $*"
diff --git a/installers/mgmt-cluster/gitea/admin/shell.sh b/installers/mgmt-cluster/gitea/admin/shell.sh
new file mode 100755
index 0000000..004b5fd
--- /dev/null
+++ b/installers/mgmt-cluster/gitea/admin/shell.sh
@@ -0,0 +1,24 @@
+#!/bin/bash
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+
+set -e
+
+HERE=$(dirname "$(readlink --canonicalize "$BASH_SOURCE")")
+. "$HERE/../library/functions.sh"
+
+kubectl exec statefulset/gitea --container=gitea --namespace=gitea --tty --stdin --quiet -- /bin/bash