Skip to content

Add RC version of gitops.sh #107

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
lukeheath merged 1 commit into from
Mar 9, 2026
Merged

Add RC version of gitops.sh #107

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 4 additions & 4 deletions .github/gitops-action-rc/action.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,8 +11,8 @@ inputs:
dry-run-only:
description: 'Whether to only run the fleetctl gitops commands in dry-run mode.'
default: 'false'
delete-other-teams:
description: 'Whether to delete other teams in Fleet which are not part of the gitops config.'
delete-other-fleets:
description: 'Whether to delete other fleets in Fleet which are not part of the gitops config.'
default: 'true'

runs:
Expand Down Expand Up @@ -44,5 +44,5 @@ runs:
working-directory: ${{ inputs.working-directory }}
env:
FLEET_DRY_RUN_ONLY: ${{ inputs.dry-run-only }}
FLEET_DELETE_OTHER_TEAMS: ${{ inputs.delete-other-teams }}
run: ./gitops.sh
FLEET_DELETE_OTHER_FLEETS: ${{ inputs.delete-other-fleets }}
run: ./gitops-rc.sh
59 changes: 59 additions & 0 deletions gitops-rc.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,59 @@
#!/usr/bin/env bash

# -e: Immediately exit if any command has a non-zero exit status.
# -x: Print all executed commands to the terminal.
# -u: Exit if an undefined variable is used.
# -o pipefail: Exit if any command in a pipeline fails.
set -exuo pipefail

FLEET_GITOPS_DIR="${FLEET_GITOPS_DIR:-.}"
FLEET_GLOBAL_FILE="${FLEET_GLOBAL_FILE:-$FLEET_GITOPS_DIR/default.yml}"
FLEETCTL="${FLEETCTL:-fleetctl}"
FLEET_DRY_RUN_ONLY="${FLEET_DRY_RUN_ONLY:-false}"
FLEET_DELETE_OTHER_FLEETS="${FLEET_DELETE_OTHER_FLEETS:-true}"

# Check for existence of the global file in case the script is used
# on repositories with fleet only yamls.
if [ -f "$FLEET_GLOBAL_FILE" ]; then
# Validate that global file contains org_settings
grep -Exq "^org_settings:.*" "$FLEET_GLOBAL_FILE"
else
FLEET_DELETE_OTHER_FLEETS=false
fi

# If you are using secrets to manage SSO metadata for Fleet SSO login or MDM SSO login, uncomment the below:

# FLEET_SSO_METADATA=$( sed '2,$s/^/ /' <<< "${FLEET_MDM_SSO_METADATA}")
# FLEET_MDM_SSO_METADATA=$( sed '2,$s/^/ /' <<< "${FLEET_MDM_SSO_METADATA}")

# Copy/pasting raw SSO metadata into GitHub secrets will result in malformed yaml.
# Adds spaces to all but the first line of metadata keeps the multiline string in bounds.

if compgen -G "$FLEET_GITOPS_DIR"/fleets/*.yml > /dev/null; then
# Validate that every fleet has a unique name.
# This is a limited check that assumes all fleet files contain the phrase: `name: <fleet_name>`
! perl -nle 'print $1 if /^name:\s*(.+)$/' "$FLEET_GITOPS_DIR"/fleets/*.yml | sort | uniq -d | grep . -cq
fi

args=()
if [ -f "$FLEET_GLOBAL_FILE" ]; then
args=(-f "$FLEET_GLOBAL_FILE")
fi

for fleet_file in "$FLEET_GITOPS_DIR"/fleets/*.yml; do
if [ -f "$fleet_file" ]; then
args+=(-f "$fleet_file")
fi
done
if [ "$FLEET_DELETE_OTHER_FLEETS" = true ]; then
args+=(--delete-other-fleets)
fi

# Dry run
$FLEETCTL gitops "${args[@]}" --dry-run
if [ "$FLEET_DRY_RUN_ONLY" = true ]; then
exit 0
fi

# Real run
$FLEETCTL gitops "${args[@]}"