bluejay/bluejay-infra
1
0
Fork 0
Code Issues Pull Requests 14 Actions Packages Projects Releases Wiki Activity

Fix K8s sync script: use grep instead of python3

Browse Source 
bitnami/kubectl image doesn't have python3. Replaced all python3
JSON parsing with grep/cut for auth token and connection data.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Andrew Stoltz
2026-04-10 23:02:02 -05:00
parent cf572c167f
commit 53234bfcc8
1 changed files with 18 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files

52
apps/guacamole/guacamole.yaml
View File

@@ -516,50 +516,34 @@ data:
#!/bin/bash #!/bin/bash
set -euo pipefail set -euo pipefail
GUAC_API="${GUAC_URL}/guacamole/api" GUAC_API="${GUAC_URL}/guacamole/api"
DATASOURCE="mysql" DS="mysql"
echo "[k8s-sync] Starting pod connection sync" echo "[k8s-sync] Starting pod connection sync"
TOKEN=$(curl -sf -d "username=${GUAC_ADMIN_USER}&password=${GUAC_ADMIN_PASSWORD}" \ # Auth using grep (no python3/jq in bitnami/kubectl)
"${GUAC_API}/tokens" | python3 -c "import sys,json; print(json.load(sys.stdin)['authToken'])") AUTH_RESP=$(curl -sf -d "username=${GUAC_ADMIN_USER}&password=${GUAC_ADMIN_PASSWORD}" "${GUAC_API}/tokens")
TOKEN=$(echo "$AUTH_RESP" | grep -o '"authToken":"[^"]*"' | cut -d'"' -f4)
if [ -z "$TOKEN" ]; then echo "[k8s-sync] ERROR: Auth failed"; exit 1; fi if [ -z "$TOKEN" ]; then echo "[k8s-sync] ERROR: Auth failed"; exit 1; fi
# Find Kubernetes group echo "[k8s-sync] Authenticated"
K8S_GROUP_ID=$(curl -sf "${GUAC_API}/session/data/${DATASOURCE}/connectionGroups/ROOT/tree?token=${TOKEN}" \ CONNS=$(curl -sf "${GUAC_API}/session/data/${DS}/connections?token=${TOKEN}")
| python3 -c "
import sys, json
tree = json.load(sys.stdin)
for g in tree.get('childConnectionGroups', []):
if g.get('name') == 'Kubernetes':
print(g['identifier']); sys.exit(0)
print('')")
if [ -z "$K8S_GROUP_ID" ]; then echo "[k8s-sync] No Kubernetes group"; exit 0; fi
# Get existing connections
EXISTING=$(curl -sf "${GUAC_API}/session/data/${DATASOURCE}/connections?token=${TOKEN}" \
| python3 -c "
import sys, json
conns = json.load(sys.stdin)
for k,v in conns.items():
if v.get('protocol') == 'kubernetes':
params = v.get('parameters', {})
print(f'{k}\t{params.get(\"namespace\",\"\")}\t{params.get(\"pod\",\"\")}')" 2>/dev/null || echo "")
IFS=',' read -ra NAMESPACES <<< "$TARGET_NAMESPACES" IFS=',' read -ra NAMESPACES <<< "$TARGET_NAMESPACES"
UPDATED=0 UPDATED=0
for NS in "${NAMESPACES[@]}"; do for NS in "${NAMESPACES[@]}"; do
PODS=$(kubectl get pods -n "$NS" --field-selector=status.phase=Running \ PODS=$(kubectl get pods -n "$NS" --field-selector=status.phase=Running \
-o jsonpath='{range .items[*]}{.metadata.name}{"\t"}{.spec.containers[0].name}{"\n"}{end}' 2>/dev/null || echo "") -o jsonpath='{range .items[*]}{.metadata.name} {.spec.containers[0].name}{"\n"}{end}' 2>/dev/null || echo "")
while IFS=$'\t' read -r POD CONTAINER; do while read -r POD CONTAINER; do
[ -z "$POD" ] && continue [ -z "$POD" ] && continue
# Check if a connection exists for this namespace+container combo CONN_IDS=$(echo "$CONNS" | grep -o "\"[0-9]*\":{\"name\":\"k8s: ${CONTAINER}\"" | grep -o '"[0-9]*"' | tr -d '"' || echo "")
CONN_ID=$(echo "$EXISTING" | grep " ${NS} " | head -1 | cut -f1) for CID in $CONN_IDS; do
if [ -n "$CONN_ID" ]; then PARAMS=$(curl -sf "${GUAC_API}/session/data/${DS}/connections/${CID}/parameters?token=${TOKEN}")
# Update existing connection pod name CURR_NS=$(echo "$PARAMS" | grep -o '"namespace":"[^"]*"' | cut -d'"' -f4)
OLD_POD=$(echo "$EXISTING" | grep "^${CONN_ID} " | cut -f3) CURR_POD=$(echo "$PARAMS" | grep -o '"pod":"[^"]*"' | cut -d'"' -f4)
if [ "$OLD_POD" != "$POD" ]; then if [ "$CURR_NS" = "$NS" ] && [ "$CURR_POD" != "$POD" ]; then
echo "[k8s-sync] Updating ${NS}/${CONTAINER}: ${OLD_POD} -> ${POD}" echo "[k8s-sync] Updating $NS/$CONTAINER: $CURR_POD -> $POD"
curl -sf -X PUT -H "Content-Type: application/json" \ curl -sf -X PUT -H "Content-Type: application/json" \
-d "{\"name\":\"k8s: ${CONTAINER}\",\"parentIdentifier\":\"ROOT\",\"protocol\":\"kubernetes\",\"parameters\":{\"hostname\":\"localhost\",\"port\":\"8001\",\"namespace\":\"${NS}\",\"pod\":\"${POD}\",\"container\":\"${CONTAINER}\",\"use-ssl\":\"false\",\"exec-command\":\"/bin/sh\",\"font-size\":\"14\",\"color-scheme\":\"gray-black\",\"scrollback-size\":\"5000\"},\"attributes\":{\"max-connections\":\"2\",\"max-connections-per-user\":\"1\"}}" \ -d "{\"name\":\"k8s: $CONTAINER\",\"parentIdentifier\":\"ROOT\",\"protocol\":\"kubernetes\",\"parameters\":{\"hostname\":\"localhost\",\"port\":\"8001\",\"namespace\":\"$NS\",\"pod\":\"$POD\",\"container\":\"$CONTAINER\",\"use-ssl\":\"false\",\"exec-command\":\"/bin/sh\",\"font-size\":\"14\",\"color-scheme\":\"gray-black\",\"scrollback-size\":\"5000\"},\"attributes\":{\"max-connections\":\"2\",\"max-connections-per-user\":\"1\"}}" \
"${GUAC_API}/session/data/${DATASOURCE}/connections/${CONN_ID}?token=${TOKEN}" > /dev/null "${GUAC_API}/session/data/${DS}/connections/${CID}?token=${TOKEN}" > /dev/null
UPDATED=$((UPDATED + 1)) UPDATED=$((UPDATED + 1))
fi fi
fi done
done <<< "$PODS" done <<< "$PODS"
done done
echo "[k8s-sync] Done: ${UPDATED} updated" echo "[k8s-sync] Done: ${UPDATED} updated"