From 64e1a8ea484b67cc310de33c79606da298b9f9b7 Mon Sep 17 00:00:00 2001
From: garciadeblas <gerardo.garciadeblas@telefonica.com>
Date: Thu, 27 Nov 2025 17:47:18 +0100
Subject: [PATCH] Install client tools (flux,kubectl,etc.) in osmclient docker
 image

Change-Id: Iffd6548c1377137b775180d35db3004a30691d8e
Signed-off-by: garciadeblas <gerardo.garciadeblas@telefonica.com>
---
 Dockerfile.production           |   6 +-
 charm.sh => scripts/charm.sh    |   0
 scripts/install-client-tools.sh | 113 ++++++++++++++++++++++++++++++++
 3 files changed, 118 insertions(+), 1 deletion(-)
 rename charm.sh => scripts/charm.sh (100%)
 create mode 100755 scripts/install-client-tools.sh

diff --git a/Dockerfile.production b/Dockerfile.production
index 3b2bdaf8..9d99ea21 100644
--- a/Dockerfile.production
+++ b/Dockerfile.production
@@ -94,7 +94,11 @@ COPY --from=builder --chown=appuser:appuser /app/osmclient/.venv /app/osmclient/
 
 # Copy OSM binaries
 COPY --from=builder /app/osmclient/.venv/bin/osm /usr/local/bin/osm
-COPY charm.sh /usr/sbin/charm
+COPY scripts/charm.sh /usr/sbin/charm
+
+# Add additional client tools
+COPY scripts/install-client-tools.sh /tmp/install-client-tools.sh
+RUN bash /tmp/install-client-tools.sh
 
 # Create app user
 RUN addgroup -g 1000 appuser && \
diff --git a/charm.sh b/scripts/charm.sh
similarity index 100%
rename from charm.sh
rename to scripts/charm.sh
diff --git a/scripts/install-client-tools.sh b/scripts/install-client-tools.sh
new file mode 100755
index 00000000..48a0153b
--- /dev/null
+++ b/scripts/install-client-tools.sh
@@ -0,0 +1,113 @@
+#!/bin/bash
+#
+#   Licensed under the Apache License, Version 2.0 (the "License");
+#   you may not use this file except in compliance with the License.
+#   You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+#   Unless required by applicable law or agreed to in writing, software
+#   distributed under the License is distributed on an "AS IS" BASIS,
+#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#   See the License for the specific language governing permissions and
+#   limitations under the License.
+#
+
+set -e -o pipefail
+
+apk add --no-cache curl tar
+
+# Helm
+HELM_VERSION="v3.15.1"
+# Helm releases can be found here: https://github.com/helm/helm/releases
+if ! [[ "$(helm version --short 2>/dev/null)" =~ ^v3.* ]]; then
+    # Helm is not installed. Install helm
+    echo "Helm3 is not installed, installing ..."
+    curl https://get.helm.sh/helm-${HELM_VERSION}-linux-amd64.tar.gz -o helm-${HELM_VERSION}.tar.gz
+    tar -zxvf helm-${HELM_VERSION}.tar.gz
+    mv linux-amd64/helm /usr/local/bin/helm
+    rm -r linux-amd64
+    rm helm-${HELM_VERSION}.tar.gz
+else
+    echo "Helm3 is already installed. Skipping installation..."
+fi
+helm version || FATAL_TRACK k8scluster "Could not obtain helm version. Maybe helm client was not installed"
+helm repo add stable https://charts.helm.sh/stable || FATAL_TRACK k8scluster "Helm repo stable could not be added"
+helm repo update || FATAL_TRACK k8scluster "Helm repo stable could not be updated"
+echo "helm installed"
+
+# Install kubectl client
+K8S_CLIENT_VERSION="v1.29.3"
+curl -LO "https://dl.k8s.io/release/${K8S_CLIENT_VERSION}/bin/linux/amd64/kubectl"
+install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl
+rm kubectl
+echo "kubectl installed"
+
+# Install `gnupg` and `gpg` - Typically pre-installed in Ubuntu
+apk add --no-cache gnupg gpg
+echo "gnupg and gpg installed"
+
+# Install `sops`
+curl -LO https://github.com/getsops/sops/releases/download/v3.8.1/sops-v3.8.1.linux.amd64
+mv sops-v3.8.1.linux.amd64 /usr/local/bin/sops
+chmod +x /usr/local/bin/sops
+echo "sops client installed"
+
+# Install `envsubst`
+apk add --no-cache envsubst
+echo "envsubst installed"
+
+# Install `age`
+AGE_VERSION="v1.1.0"
+curl -LO https://github.com/FiloSottile/age/releases/download/${AGE_VERSION}/age-${AGE_VERSION}-linux-amd64.tar.gz
+tar xvfz age-${AGE_VERSION}-linux-amd64.tar.gz
+mv age/age age/age-keygen /usr/local/bin/
+chmod +x /usr/local/bin/age*
+rm -rf age age-${AGE_VERSION}-linux-amd64.tar.gz
+echo "age installed"
+
+# (Only for Gitea) Install `apg`
+apk add --no-cache apg
+echo "apg installed"
+
+# # (Only for Minio) `kubectl minio` plugin and Minio Client
+MINIO_CLIENT_VERSION="5.0.12"
+if [ -n "${INSTALL_MINIO}" ]; then
+    curl https://github.com/minio/operator/releases/download/v${MINIO_CLIENT_VERSION}/kubectl-minio_${MINIO_CLIENT_VERSION}_linux_amd64 -Lo kubectl-minio
+    curl https://dl.min.io/client/mc/release/linux-amd64/mc -o minioc
+    chmod +x kubectl-minio minioc
+    mv kubectl-minio minioc /usr/local/bin/
+    # (Only for HTTPS Ingress for Minio tenant) Install `openssl`
+    apk add --no-cache openssl
+fi
+echo "minio client installed"
+
+# Flux client
+FLUX_CLI_VERSION="2.4.0"
+curl -s https://fluxcd.io/install.sh | FLUX_VERSION=${FLUX_CLI_VERSION} bash
+# Autocompletion
+. <(flux completion bash)
+echo "flux client installed"
+
+# Argo client
+ARGO_VERSION="v3.5.7"
+curl -sLO https://github.com/argoproj/argo-workflows/releases/download/${ARGO_VERSION}/argo-linux-amd64.gz
+gunzip argo-linux-amd64.gz
+chmod +x argo-linux-amd64
+mv ./argo-linux-amd64 /usr/local/bin/argo
+echo "argo client installed"
+
+# Kustomize
+KUSTOMIZE_VERSION="5.4.3"
+curl -s "https://raw.githubusercontent.com/kubernetes-sigs/kustomize/master/hack/install_kustomize.sh" | bash -s -- ${KUSTOMIZE_VERSION}
+install -o root -g root -m 0755 kustomize /usr/local/bin/kustomize
+rm kustomize
+echo "kustomized installed"
+
+# yq
+VERSION=v4.33.3
+BINARY=yq_linux_amd64
+curl -L https://github.com/mikefarah/yq/releases/download/${VERSION}/${BINARY} -o yq
+mv yq /usr/local/bin/yq
+chmod +x /usr/local/bin/yq
+echo "yq installed"
-- 
2.25.1