@@ -4,45 +4,205 @@ set -e
44# This script is the entrypoint for the GitHub Action Docker container.
55# It sets up the Kubeconfig for EKS access and then executes the commands passed to the action.
66
7+ # Function to log errors
8+ log_error () {
9+ echo " ❌ ERROR: $1 " >&2
10+ }
11+
12+ # Function to log info
13+ log_info () {
14+ echo " ℹ️ INFO: $1 "
15+ }
16+
17+ # Function to log success
18+ log_success () {
19+ echo " ✅ SUCCESS: $1 "
20+ }
21+
22+ echo " --- Pre-flight Checks ---"
23+
24+ # Check if required environment variables are set
25+ log_info " Checking required environment variables..."
26+
27+ if [ -z " $REGION_CODE " ; then
28+ log_error " REGION_CODE environment variable is not set"
29+ exit 1
30+ fi
31+
32+ if [ -z " $CLUSTER_NAME " ; then
33+ log_error " CLUSTER_NAME environment variable is not set"
34+ exit 1
35+ fi
36+
37+ log_success " Required environment variables are set"
38+ log_info " Region: $REGION_CODE "
39+ log_info " Cluster: $CLUSTER_NAME "
40+
41+ # Check AWS credentials
42+ log_info " Checking AWS credentials..."
43+
44+ if [ -z " $AWS_ACCESS_KEY_ID " && [ -z " $AWS_PROFILE " && [ ! -f ~ /.aws/credentials ]; then
45+ log_error " AWS credentials not found. Please set AWS_ACCESS_KEY_ID/AWS_SECRET_ACCESS_KEY or configure AWS_PROFILE"
46+ exit 1
47+ fi
48+
49+ # Test AWS credentials by calling STS get-caller-identity
50+ if ! aws sts get-caller-identity > /dev/null 2>&1 ; then
51+ log_error " AWS credentials are invalid or insufficient permissions"
52+ log_error " Please ensure your AWS credentials have EKS access permissions"
53+ exit 1
54+ fi
55+
56+ log_success " AWS credentials are valid"
57+
58+ # Check if AWS CLI can access the EKS cluster
59+ log_info " Checking EKS cluster accessibility..."
60+
61+ if ! aws eks describe-cluster --region " $REGION_CODE " " $CLUSTER_NAME " > /dev/null 2>&1 ; then
62+ log_error " Cannot access EKS cluster '$CLUSTER_NAME ' in region '$REGION_CODE '"
63+ log_error " Please check:"
64+ log_error " - Cluster name is correct"
65+ log_error " - Region is correct"
66+ log_error " - AWS credentials have EKS permissions"
67+ log_error " - Cluster exists and is accessible"
68+ exit 1
69+ fi
70+
71+ log_success " EKS cluster is accessible"
72+
773echo " --- Configuring AWS EKS Kubeconfig ---"
874
975# Export CA_CERT: Fetches the certificate authority data for the EKS cluster.
10- # This is crucial for kubectl to trust the EKS API server.
11- # REGION_CODE and CLUSTER_NAME are expected to be set as environment variables
12- # by the GitHub Actions workflow (e.g., via the `env` block in `action.yml`).
13- export CA_CERT=$( aws eks describe-cluster --region " $REGION_CODE " " $CLUSTER_NAME " " cluster.certificateAuthority.data" )
14- if [ -z " $CA_CERT " ; then
15- echo " Error: Could not retrieve EKS cluster certificate authority data. Check REGION_CODE and CLUSTER_NAME."
16- exit 1
76+ log_info " Retrieving EKS cluster certificate authority data..."
77+ export CA_CERT=$( aws eks describe-cluster --region " $REGION_CODE " " $CLUSTER_NAME " " cluster.certificateAuthority.data" 2> /dev/null)
78+ if [ -z " $CA_CERT " || [ " $CA_CERT " = " None" ; then
79+ log_error " Could not retrieve EKS cluster certificate authority data"
80+ log_error " This might indicate insufficient permissions or cluster configuration issues"
81+ exit 1
1782fi
1883
1984# Export ENDPOINT_URL: Fetches the endpoint URL for the EKS cluster.
20- export ENDPOINT_URL=$( aws eks describe-cluster --region " $REGION_CODE " " $CLUSTER_NAME " " cluster.endpoint" )
21- if [ -z " $ENDPOINT_URL " ; then
22- echo " Error: Could not retrieve EKS cluster endpoint URL. Check REGION_CODE and CLUSTER_NAME."
23- exit 1
85+ log_info " Retrieving EKS cluster endpoint URL..."
86+ export ENDPOINT_URL=$( aws eks describe-cluster --region " $REGION_CODE " " $CLUSTER_NAME " " cluster.endpoint" 2> /dev/null)
87+ if [ -z " $ENDPOINT_URL " || [ " $ENDPOINT_URL " = " None" ; then
88+ log_error " Could not retrieve EKS cluster endpoint URL"
89+ log_error " This might indicate insufficient permissions or cluster configuration issues"
90+ exit 1
2491fi
2592
26- echo " EKS Cluster Endpoint: $ENDPOINT_URL "
93+ log_success " Retrieved EKS cluster configuration"
94+ log_info " EKS Cluster Endpoint: $ENDPOINT_URL "
2795
2896# Generate Kubernetes configuration file (/opt/kubernetes/config)
29- # This file tells kubectl how to connect to the EKS cluster.
30- # It uses /config.template (expected to be present in the Docker image)
31- # and substitutes environment variables (CA_CERT, ENDPOINT_URL).
32- # The KUBECONFIG environment variable is already set in the Dockerfile
33- # to point to this location.
34- cat /config.template | envsubst > /opt/kubernetes/config
35-
36- # Verify the generated Kubeconfig (optional, for debugging)
37- echo " Generated Kubeconfig:"
38- cat /opt/kubernetes/config
39- echo " ----------------------"
97+ log_info " Generating Kubernetes configuration file..."
98+ if ! cat /config.template | envsubst > /opt/kubernetes/config; then
99+ log_error " Failed to generate Kubernetes configuration file"
100+ exit 1
101+ fi
102+
103+ # Verify the generated Kubeconfig
104+ if [ ! -f /opt/kubernetes/config ]; then
105+ log_error " Kubernetes configuration file was not created"
106+ exit 1
107+ fi
108+
109+ log_success " Kubernetes configuration file generated successfully"
40110
41111# Ensure KUBECONFIG environment variable is correctly set for subsequent commands
42112export KUBECONFIG=/opt/kubernetes/config
43113
44- echo " --- Executing Helm Commands ---"
45- # Execute the commands passed as arguments to the action (e.g., Helm commands)
46- # The "$@" expands to all positional parameters passed to the script,
47- # which corresponds to the `args` input in your `action.yml`.
48- exec " $@ "
114+ # Test kubectl connectivity
115+ log_info " Testing kubectl connectivity to EKS cluster..."
116+ if ! kubectl cluster-info --request-timeout=10s > /dev/null 2>&1 ; then
117+ log_error " Cannot connect to Kubernetes cluster"
118+ log_error " Please check:"
119+ log_error " - EKS cluster is running"
120+ log_error " - AWS credentials have kubernetes access permissions"
121+ log_error " - Network connectivity to the cluster"
122+ exit 1
123+ fi
124+
125+ log_success " Successfully connected to Kubernetes cluster"
126+
127+ # Check for Helm registry credentials if any helm registry login commands are present
128+ log_info " Checking for Helm registry credentials..."
129+ helm_login_required=false
130+ for cmd in " $@ " ; do
131+ if echo " $cmd " | grep -q " helm registry login" ; then
132+ helm_login_required=true
133+ break
134+ fi
135+ done
136+
137+ if [ " $helm_login_required " = true ]; then
138+ log_info " Helm registry login detected in commands"
139+
140+ # Extract registry from the command to provide better error messages
141+ for cmd in " $@ " ; do
142+ if echo " $cmd " | grep -q " helm registry login" ; then
143+ registry=$( echo " $cmd " | grep -o " helm registry login [^ ]*" | cut -d' ' )
144+ log_info " Will attempt to login to registry: $registry "
145+
146+ # Check if credentials are available (this is a basic check)
147+ if echo " $cmd " | grep -q " \$ .*USERNAME" && echo " $cmd " | grep -q " \$ .*PASSWORD" ; then
148+ log_info " Registry credentials will be read from environment variables"
149+ # Note: We can't validate the actual values here as they're in variables
150+ else
151+ log_error " Helm registry login command found but credentials format is unclear"
152+ log_error " Expected format: helm registry login <registry> --username \$ USERNAME --password \$ PASSWORD"
153+ fi
154+ fi
155+ done
156+ fi
157+
158+ echo " --- Executing Commands ---"
159+
160+ # Execute each argument as a separate command
161+ # This allows passing multiple commands line by line
162+ command_count=0
163+ for cmd in " $@ " ; do
164+ command_count=$(( command_count + 1 ))
165+ log_info " Executing command $command_count : $cmd "
166+
167+ # Execute the command and capture both stdout and stderr
168+ if eval " $cmd " ; then
169+ log_success " Command $command_count completed successfully"
170+ else
171+ exit_code=$?
172+ log_error " Command $command_count failed with exit code $exit_code "
173+ log_error " Failed command: $cmd "
174+
175+ # Provide specific error guidance based on command type
176+ if echo " $cmd " | grep -q " helm registry login" ; then
177+ log_error " Helm registry login failed. Please check:"
178+ log_error " - Registry URL is correct and accessible"
179+ log_error " - Username and password environment variables are set correctly"
180+ log_error " - Network connectivity to the registry"
181+ elif echo " $cmd " | grep -q " helm install" ; then
182+ log_error " Helm install failed. Please check:"
183+ log_error " - Chart name and version are correct"
184+ log_error " - Namespace exists or --create-namespace is used"
185+ log_error " - Sufficient permissions in the cluster"
186+ log_error " - Chart repository is accessible"
187+ elif echo " $cmd " | grep -q " helm uninstall" ; then
188+ log_error " Helm uninstall failed. Please check:"
189+ log_error " - Release name exists in the specified namespace"
190+ log_error " - Sufficient permissions to delete resources"
191+ elif echo " $cmd " | grep -q " kubectl" ; then
192+ log_error " Kubectl command failed. Please check:"
193+ log_error " - Kubernetes cluster connectivity"
194+ log_error " - Sufficient permissions for the operation"
195+ log_error " - Resource names and namespaces are correct"
196+ fi
197+
198+ exit $exit_code
199+ fi
200+
201+ # Add a small delay between commands for better logging readability
202+ sleep 1
203+ done
204+
205+ log_success " All commands completed successfully!"
206+ echo " --- Execution Summary ---"
207+ log_info " Total commands executed: $command_count "
208+ log_success " All operations completed without errors"
0 commit comments