1
- #! /bin/bash
1
+ #! /bin/bash
2
2
3
3
# Copyright © 2020, SAS Institute Inc., Cary, NC, USA. All Rights Reserved.
4
4
# SPDX-License-Identifier: Apache-2.0
5
5
6
- cd " $( dirname $BASH_SOURCE ) /../.."
6
+ # shellcheck source=/dev/null
7
+ cd " $( dirname " $BASH_SOURCE " ) /../.." || exit 1
8
+ # shellcheck source=/dev/null
7
9
source logging/bin/common.sh
8
10
9
- this_script=` basename " $0 " `
11
+ # Fix SC2155: Declare and assign separately
12
+ this_script=$( basename " $0 " )
10
13
11
14
log_debug " Script [$this_script ] has started [$( date) ]"
12
15
@@ -15,32 +18,38 @@ FLUENT_BIT_ENABLED=${FLUENT_BIT_ENABLED:-true}
15
18
16
19
if [ " $FLUENT_BIT_ENABLED " != " true" ]; then
17
20
log_info " Environment variable [FLUENT_BIT_ENABLED] is not set to 'true'; existing WITHOUT deploying Fluent Bit"
18
- exit
21
+ exit 0
19
22
fi
20
23
21
-
22
24
set -e
23
25
24
26
HELM_DEBUG=" ${HELM_DEBUG:- false} "
27
+ helmDebug=" "
25
28
if [ " $HELM_DEBUG " == " true" ]; then
26
29
helmDebug=" --debug"
27
30
fi
28
31
29
- helm2ReleaseCheck fb-$LOG_NS
32
+ # Address SC2154: Ensure variables from common.sh are available or defined
33
+ # The following variables are expected to be set in common.sh:
34
+ # LOG_NS, TMP_DIR, USER_DIR, FB_FULL_IMAGE, FB_INITCONTAINER_FULL_IMAGE
35
+ # imageKeysFile, FLUENTBIT_HELM_CHART_REPO, FLUENTBIT_HELM_CHART_NAME, FLUENTBIT_HELM_CHART_VERSION
36
+
37
+ helm2ReleaseCheck " fb-$LOG_NS "
30
38
31
39
helmRepoAdd fluent https://fluent.github.io/helm-charts
32
40
33
41
# Confirm namespace exists
34
- if [ " $( kubectl get ns $LOG_NS -o name 2> /dev/null) " == " " ]; then
42
+ if [ " $( kubectl get ns " $LOG_NS " -o name 2> /dev/null) " == " " ]; then
35
43
log_error " The specified namespace [$LOG_NS ] does not exist."
36
44
exit 1
37
45
fi
38
46
39
47
log_info " Deploying Fluent Bit (Azure Monitor)"
40
48
41
- # Generate yaml file with all container-related keys#Generate yaml file with all container-related keys
42
- generateImageKeysFile " $FB_FULL_IMAGE " " logging/fb/fb_container_image.template"
43
- # Copy imageKeysFile since next call will replace existing one
49
+ # Generate yaml file with all container-related keys
50
+ generateImageKeysFile " $FB_FULL_IMAGE " " logging/fb/fb_container_image.template"
51
+ # Copy imageKeysFile since next call will replace existing one
52
+ # shellcheck disable=SC2154
44
53
cp " $imageKeysFile " " $TMP_DIR /fb_imagekeysfile.yaml"
45
54
46
55
generateImageKeysFile " $FB_INITCONTAINER_FULL_IMAGE " " logging/fb/fb_initcontainer_image.template" " " " true"
@@ -49,7 +58,7 @@ generateImageKeysFile "$FB_INITCONTAINER_FULL_IMAGE" "logging/fb/fb_initcontaine
49
58
FB_AZMONITOR_USER_YAML=" ${FB_AZMONITOR_USER_YAML:- $USER_DIR / logging/ user-values-fluent-bit-azmonitor.yaml} "
50
59
if [ ! -f " $FB_AZMONITOR_USER_YAML " ]; then
51
60
log_debug " [$FB_AZMONITOR_USER_YAML ] not found. Using $TMP_DIR /empty.yaml"
52
- FB_AZMONITOR_USER_YAML=$TMP_DIR /empty.yaml
61
+ FB_AZMONITOR_USER_YAML=" $TMP_DIR /empty.yaml"
53
62
fi
54
63
55
64
if [ -f " $USER_DIR /logging/fluent-bit_config.configmap_azmonitor.yaml" ]; then
59
68
# use copy in repo
60
69
FB_CONFIGMAP=" logging/fb/fluent-bit_config.configmap_azmonitor.yaml"
61
70
fi
62
- log_info " Using FB ConfigMap:" $FB_CONFIGMAP
63
-
71
+ log_info " Using FB ConfigMap: $FB_CONFIGMAP "
64
72
65
73
# Check/Create Connection Info Secret
66
- if [ " $( kubectl -n $LOG_NS get secret connection-info-azmonitor -o name 2> /dev/null) " == " " ]; then
74
+ if [ " $( kubectl -n " $LOG_NS " get secret connection-info-azmonitor -o name 2> /dev/null) " == " " ]; then
67
75
68
76
export AZMONITOR_CUSTOMER_ID=" ${AZMONITOR_CUSTOMER_ID:- NotProvided} "
69
77
export AZMONITOR_SHARED_KEY=" ${AZMONITOR_SHARED_KEY:- NotProvided} "
70
78
71
- if [ " $AZMONITOR_CUSTOMER_ID " != " NotProvided" ] && [ " $AZMONITOR_SHARED_KEY " != " NotProvided" ]; then
79
+ if [ " $AZMONITOR_CUSTOMER_ID " != " NotProvided" ] && [ " $AZMONITOR_SHARED_KEY " != " NotProvided" ]; then
72
80
log_info " Creating secret [connection-info-azmonitor] in [$LOG_NS ] namespace to hold Azure connection information."
73
81
kubectl -n " $LOG_NS " create secret generic connection-info-azmonitor --from-literal=customer_id=" $AZMONITOR_CUSTOMER_ID " --from-literal=shared_key=" $AZMONITOR_SHARED_KEY "
74
82
else
@@ -78,20 +86,28 @@ if [ "$(kubectl -n $LOG_NS get secret connection-info-azmonitor -o name 2>/dev/n
78
86
fi
79
87
else
80
88
log_info " Obtaining connection information from existing secret [$LOG_NS /connection-info-azmonitor]"
81
- export AZMONITOR_CUSTOMER_ID=$( kubectl -n " $LOG_NS " get secret connection-info-azmonitor -o=jsonpath=" {.data.customer_id}" | base64 --decode)
82
- export AZMONITOR_SHARED_KEY=$( kubectl -n " $LOG_NS " get secret connection-info-azmonitor -o=jsonpath=" {.data.shared_key}" | base64 --decode)
89
+ # Fix SC2155: Declare and assign separately
90
+ AZMONITOR_CUSTOMER_ID=$( kubectl -n " $LOG_NS " get secret connection-info-azmonitor -o=jsonpath=" {.data.customer_id}" | base64 --decode)
91
+ export AZMONITOR_CUSTOMER_ID
92
+ AZMONITOR_SHARED_KEY=$( kubectl -n " $LOG_NS " get secret connection-info-azmonitor -o=jsonpath=" {.data.shared_key}" | base64 --decode)
93
+ export AZMONITOR_SHARED_KEY
83
94
fi
84
95
85
96
# Check for an existing Helm release of stable/fluent-bit
86
- if helm3ReleaseExists fbaz $LOG_NS ; then
97
+ if helm3ReleaseExists fbaz " $LOG_NS " ; then
87
98
log_info " Removing an existing release of deprecated stable/fluent-bit Helm chart from from the [$LOG_NS ] namespace [$( date) ]"
88
- helm $helmDebug delete -n " $LOG_NS " fbaz
99
+ helm " $helmDebug " delete -n " $LOG_NS " fbaz
89
100
90
- if [ $( kubectl get servicemonitors -A | grep fluent-bit-v2 -c) -ge 1 ]; then
101
+ # Fix SC2155: Declare and assign separately
102
+ num_service_monitors_v2=$( kubectl get servicemonitors -A | grep -c fluent-bit-v2 || true)
103
+ if [ " $num_service_monitors_v2 " -ge 1 ]; then
91
104
log_debug " Updated serviceMonitor [fluent-bit-v2] appears to be deployed."
92
- elif [ $( kubectl get servicemonitors -A | grep fluent-bit -c) -ge 1 ]; then
93
- log_warn " You appear to have an obsolete service monitor in place for monitoring Fluent Bit."
94
- log_warn " Run monitoring/bin/deploy_monitoring_cluster.sh to deploy the current set of service monitors."
105
+ else
106
+ num_service_monitors=$( kubectl get servicemonitors -A | grep -c fluent-bit || true)
107
+ if [ " $num_service_monitors " -ge 1 ]; then
108
+ log_warn " You appear to have an obsolete service monitor in place for monitoring Fluent Bit."
109
+ log_warn " Run monitoring/bin/deploy_monitoring_cluster.sh to deploy the current set of service monitors."
110
+ fi
95
111
fi
96
112
else
97
113
log_debug " No existing release of the deprecated stable/fluent-bit Helm chart was found"
@@ -106,32 +122,34 @@ else
106
122
fi
107
123
108
124
# Create ConfigMap containing Fluent Bit configuration
109
- kubectl -n " $LOG_NS " apply -f $FB_CONFIGMAP
125
+ kubectl -n " $LOG_NS " apply -f " $FB_CONFIGMAP "
110
126
111
127
# Create ConfigMap containing Viya-customized parsers (delete it first)
112
128
kubectl -n " $LOG_NS " delete configmap fbaz-viya-parsers --ignore-not-found
113
- kubectl -n " $LOG_NS " create configmap fbaz-viya-parsers --from-file=logging/fb/viya-parsers.conf
129
+ kubectl -n " $LOG_NS " create configmap fbaz-viya-parsers --from-file=logging/fb/viya-parsers.conf
114
130
115
131
TRACING_ENABLE=" ${TRACING_ENABLE:- false} "
132
+ tracingValuesFile=" "
116
133
if [ " $TRACING_ENABLE " == " true" ]; then
117
134
# Create ConfigMap containing tracing config
118
135
kubectl -n " $LOG_NS " delete configmap fbaz-viya-tracing --ignore-not-found
119
- kubectl -n " $LOG_NS " create configmap fbaz-viya-tracing --from-file=logging/fb/viya-tracing.conf
136
+ kubectl -n " $LOG_NS " create configmap fbaz-viya-tracing --from-file=logging/fb/viya-tracing.conf
120
137
121
138
tracingValuesFile=" logging/fb/fluent-bit_helm_values_tracing.yaml"
122
- else
139
+ else
123
140
# Create empty ConfigMap for tracing since it is expected to exist in main config
124
141
kubectl -n " $LOG_NS " delete configmap fbaz-viya-tracing --ignore-not-found
125
- kubectl -n " $LOG_NS " create configmap fbaz-viya-tracing --from-file=" $TMP_DIR " /empty.yaml
142
+ kubectl -n " $LOG_NS " create configmap fbaz-viya-tracing --from-file=" $TMP_DIR " /empty.yaml
126
143
127
- tracingValuesFile=$TMP_DIR /empty.yaml
144
+ tracingValuesFile=" $TMP_DIR /empty.yaml"
128
145
fi
129
146
130
147
# Check for Kubernetes container runtime log format info
131
- KUBERNETES_RUNTIME_LOGFMT=" ${KUBERNETES_RUNTIME_LOGFMT} "
148
+ KUBERNETES_RUNTIME_LOGFMT=" ${KUBERNETES_RUNTIME_LOGFMT:- } "
132
149
if [ -z " $KUBERNETES_RUNTIME_LOGFMT " ]; then
150
+ # Fix SC2155: Declare and assign separately
133
151
somenode=$( kubectl get nodes | awk ' NR==2 { print $1 }' )
134
- runtime=$( kubectl get node $somenode -o jsonpath={.status.nodeInfo.containerRuntimeVersion} | awk -F: ' {print $1}' )
152
+ runtime=$( kubectl get node " $somenode " -o " jsonpath={.status.nodeInfo.containerRuntimeVersion}" | awk -F: ' {print $1}' )
135
153
log_debug " Kubernetes container runtime [$runtime ] found on node [$somenode ]"
136
154
case $runtime in
137
155
docker)
@@ -152,48 +170,48 @@ MON_NS="${MON_NS:-monitoring}"
152
170
# Create ConfigMap containing Kubernetes container runtime log format
153
171
kubectl -n " $LOG_NS " delete configmap fbaz-env-vars --ignore-not-found
154
172
kubectl -n " $LOG_NS " create configmap fbaz-env-vars \
155
- --from-literal=KUBERNETES_RUNTIME_LOGFMT=$KUBERNETES_RUNTIME_LOGFMT \
173
+ --from-literal=KUBERNETES_RUNTIME_LOGFMT=" $KUBERNETES_RUNTIME_LOGFMT " \
156
174
--from-literal=LOG_MULTILINE_PARSER=" ${LOG_MULTILINE_PARSER} " \
157
175
--from-literal=MON_NS=" ${MON_NS} "
158
176
159
- kubectl -n " $LOG_NS " label configmap fbaz-env-vars managed-by=v4m-es-script
177
+ kubectl -n " $LOG_NS " label configmap fbaz-env-vars managed-by=v4m-es-script
160
178
161
179
# Check to see if we are upgrading from earlier version requiring root access
162
- if [ " $( kubectl -n $LOG_NS get configmap fbaz-dbmigrate-script -o name --ignore-not-found) " != " configmap/fbaz-dbmigrate-script" ]; then
180
+ if [ " $( kubectl -n " $LOG_NS " get configmap fbaz-dbmigrate-script -o name --ignore-not-found) " != " configmap/fbaz-dbmigrate-script" ]; then
163
181
log_debug " Removing FB pods (if they exist) to allow migration."
164
182
kubectl -n " $LOG_NS " delete daemonset v4m-fbaz --ignore-not-found
165
183
fi
166
184
167
185
# Create ConfigMap containing Fluent Bit database migration script
168
186
kubectl -n " $LOG_NS " delete configmap fbaz-dbmigrate-script --ignore-not-found
169
- kubectl -n " $LOG_NS " create configmap fbaz-dbmigrate-script --from-file logging/fb/migrate_fbstate_db.sh
170
- kubectl -n " $LOG_NS " label configmap fbaz-dbmigrate-script managed-by=v4m-es-script
171
-
187
+ kubectl -n " $LOG_NS " create configmap fbaz-dbmigrate-script --from-file=logging/fb/migrate_fbstate_db.sh
188
+ kubectl -n " $LOG_NS " label configmap fbaz-dbmigrate-script managed-by=v4m-es-script
172
189
173
- # # Get Helm Chart Name
174
- log_debug " Fluent Bit Helm Chart: repo [$FLUENTBIT_HELM_CHART_REPO ] name [$FLUENTBIT_HELM_CHART_NAME ] version [$FLUENTBIT_HELM_CHART_VERSION ]"
175
- chart2install=" $( get_helmchart_reference $FLUENTBIT_HELM_CHART_REPO $FLUENTBIT_HELM_CHART_NAME $FLUENTBIT_HELM_CHART_VERSION ) "
176
- versionstring=" $( get_helm_versionstring $FLUENTBIT_HELM_CHART_VERSION ) "
177
- log_debug " Installing Helm chart from artifact [$chart2install ]"
190
+ # # Get Helm Chart Name
191
+ log_debug " Fluent Bit Helm Chart: repo [$FLUENTBIT_HELM_CHART_REPO ] name [$FLUENTBIT_HELM_CHART_NAME ] version [$FLUENTBIT_HELM_CHART_VERSION ]"
192
+ # Fix SC2155: Declare and assign separately
193
+ chart2install=$( get_helmchart_reference " $FLUENTBIT_HELM_CHART_REPO " " $FLUENTBIT_HELM_CHART_NAME " " $FLUENTBIT_HELM_CHART_VERSION " )
194
+ versionstring=$( get_helm_versionstring " $FLUENTBIT_HELM_CHART_VERSION " )
195
+ log_debug " Installing Helm chart from artifact [$chart2install ]"
178
196
179
197
# Deploy Fluent Bit via Helm chart
180
- helm $helmDebug upgrade --install v4m-fbaz --namespace $LOG_NS \
181
- $versionstring \
182
- --values $TMP_DIR /fb_imagekeysfile.yaml \
183
- --values $imageKeysFile \
198
+ helm " $helmDebug " upgrade --install v4m-fbaz --namespace " $LOG_NS " \
199
+ " $versionstring " \
200
+ --values " $TMP_DIR /fb_imagekeysfile.yaml" \
201
+ --values " $imageKeysFile " \
184
202
--values logging/fb/fluent-bit_helm_values_azmonitor.yaml \
185
- --values $FB_AZMONITOR_USER_YAML \
186
- --values $tracingValuesFile \
203
+ --values " $FB_AZMONITOR_USER_YAML " \
204
+ --values " $tracingValuesFile " \
187
205
--set fullnameOverride=v4m-fbaz \
188
- $chart2install
206
+ " $chart2install "
189
207
190
- # pause to allow migration script to complete (if necessary)
208
+ # pause to allow migration script to complete (if necessary)
191
209
sleep 20
192
210
193
- # Container Security: Disable Token Automounting at ServiceAccount; enable for Pod
194
- disable_sa_token_automount $LOG_NS v4m-fbaz
211
+ # Container Security: Disable Token Automounting at ServiceAccount; enable for Pod
212
+ disable_sa_token_automount " $LOG_NS " v4m-fbaz
195
213
# FB pods will restart after following call if automount is not already enabled
196
- enable_pod_token_automount $LOG_NS daemonset v4m-fbaz
214
+ enable_pod_token_automount " $LOG_NS " daemonset v4m-fbaz
197
215
198
216
# Force restart of daemonset to ensure we pick up latest config changes
199
217
# since Helm won't notice if the only changes are in the configMap
0 commit comments