From 1e2146acacecea162a5fa3bbe87d0907e7372bb3 Mon Sep 17 00:00:00 2001
From: Ajo Augustine <ajoaugustine@gmail.com>
Date: Wed, 5 Jun 2024 14:43:41 -0500
Subject: [PATCH 1/7] check and update image for fence jobs

---
 gen3/bin/gitops.sh | 37 +++++++++++++++++++++++++++++++++++++
 1 file changed, 37 insertions(+)

diff --git a/gen3/bin/gitops.sh b/gen3/bin/gitops.sh
index bc0358499..04cdf2914 100644
--- a/gen3/bin/gitops.sh
+++ b/gen3/bin/gitops.sh
@@ -461,6 +461,43 @@ gen3_gitops_sync() {
       # update fence ConfigMap before roll-all
       if [[ "$fence_roll" = true ]]; then
           gen3 update_config manifest-fence "$(gen3 gitops folder)/manifests/fence/fence-config-public.yaml"
+
+          # Extract the fence image from the ConfigMap manifest-versions
+          fence_image=$(kubectl get cm manifest-versions -o yaml | grep -oP '(?<=fence: ).*')
+
+          # List of fence-related cronjobs
+          fence_cronjobs=(
+          "fence-delete-expired-clients"
+          "fence-cleanup-expired-ga4gh-info"
+          )
+
+          # Check and update cronjobs
+          update_cronjob() {
+          local cronjob_name=$1
+          local manifest_image=$2
+
+          gen3_log_info "Checking cronjob $cronjob_name..."
+
+          cronjob_info=$(kubectl get cronjobs.batch $cronjob_name -o yaml)
+
+          if [[ -z "$cronjob_info" ]]; then
+          gen3_log_info "Cronjob $cronjob_name does not exist."
+          return
+          fi
+
+          current_image=$(echo "$cronjob_info" | grep -oP '(?<=image: ).*')
+          cronjob_schedule=$(echo "$cronjob_info" | grep -oP '(?<=schedule: ).*')
+
+          if [[ "$current_image" != "$manifest_image" ]]; then
+          gen3_log_info "Updating cronjob $cronjob_name to use image $manifest_image..."
+          gen3 job cron $cronjob_name "$cronjob_schedule"
+          fi
+          }
+
+          # Loop through each fence-related cronjob and check/update if needed
+          for cronjob in "${fence_cronjobs[@]}"; do
+          update_cronjob "$cronjob" "$fence_image"
+          done
       fi
 
       if [[ "$covid_cronjob_roll" = true ]]; then

From dc41f55c60cca107d875acb7f753bc702c810764 Mon Sep 17 00:00:00 2001
From: Ajo Augustine <ajoaugustine@gmail.com>
Date: Wed, 5 Jun 2024 17:09:30 -0500
Subject: [PATCH 2/7] check and update image for fence jobs

---
 gen3/bin/gitops.sh | 26 +++++++-------------------
 1 file changed, 7 insertions(+), 19 deletions(-)

diff --git a/gen3/bin/gitops.sh b/gen3/bin/gitops.sh
index 04cdf2914..a9ca833d4 100644
--- a/gen3/bin/gitops.sh
+++ b/gen3/bin/gitops.sh
@@ -462,41 +462,29 @@ gen3_gitops_sync() {
       if [[ "$fence_roll" = true ]]; then
           gen3 update_config manifest-fence "$(gen3 gitops folder)/manifests/fence/fence-config-public.yaml"
 
-          # Extract the fence image from the ConfigMap manifest-versions
-          fence_image=$(kubectl get cm manifest-versions -o yaml | grep -oP '(?<=fence: ).*')
 
           # List of fence-related cronjobs
-          fence_cronjobs=(
-          "fence-delete-expired-clients"
-          "fence-cleanup-expired-ga4gh-info"
-          )
+          local fence_cronjobs=("fence-delete-expired-clients" "fence-cleanup-expired-ga4gh-info")
 
           # Check and update cronjobs
           update_cronjob() {
           local cronjob_name=$1
-          local manifest_image=$2
 
           gen3_log_info "Checking cronjob $cronjob_name..."
-
-          cronjob_info=$(kubectl get cronjobs.batch $cronjob_name -o yaml)
-
-          if [[ -z "$cronjob_info" ]]; then
-          gen3_log_info "Cronjob $cronjob_name does not exist."
-          return
+          local cronjob_schedule=$(kubectl get cronjobs.batch $cronjob_name -o yaml | grep -oP '(?<=schedule: ).*')
+          if [[ -z "$cronjob_schedule" ]]; then
+            gen3_log_info "Cronjob $cronjob_name does not exist or has no schedule."
+            return
           fi
 
-          current_image=$(echo "$cronjob_info" | grep -oP '(?<=image: ).*')
-          cronjob_schedule=$(echo "$cronjob_info" | grep -oP '(?<=schedule: ).*')
-
-          if [[ "$current_image" != "$manifest_image" ]]; then
-          gen3_log_info "Updating cronjob $cronjob_name to use image $manifest_image..."
+          gen3_log_info "Updating cronjob $cronjob_name ..."
           gen3 job cron $cronjob_name "$cronjob_schedule"
           fi
           }
 
           # Loop through each fence-related cronjob and check/update if needed
           for cronjob in "${fence_cronjobs[@]}"; do
-          update_cronjob "$cronjob" "$fence_image"
+          update_cronjob "$cronjob"
           done
       fi
 

From 0a5efc7fe528632d1a3e0deee47e977231432713 Mon Sep 17 00:00:00 2001
From: Ajo Augustine <ajoaugustine@gmail.com>
Date: Thu, 6 Jun 2024 11:14:22 -0500
Subject: [PATCH 3/7] Update gitops.sh

---
 gen3/bin/gitops.sh | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/gen3/bin/gitops.sh b/gen3/bin/gitops.sh
index a9ca833d4..cd79c179d 100644
--- a/gen3/bin/gitops.sh
+++ b/gen3/bin/gitops.sh
@@ -462,14 +462,12 @@ gen3_gitops_sync() {
       if [[ "$fence_roll" = true ]]; then
           gen3 update_config manifest-fence "$(gen3 gitops folder)/manifests/fence/fence-config-public.yaml"
 
-
           # List of fence-related cronjobs
           local fence_cronjobs=("fence-delete-expired-clients" "fence-cleanup-expired-ga4gh-info")
 
           # Check and update cronjobs
           update_cronjob() {
           local cronjob_name=$1
-
           gen3_log_info "Checking cronjob $cronjob_name..."
           local cronjob_schedule=$(kubectl get cronjobs.batch $cronjob_name -o yaml | grep -oP '(?<=schedule: ).*')
           if [[ -z "$cronjob_schedule" ]]; then
@@ -479,7 +477,6 @@ gen3_gitops_sync() {
 
           gen3_log_info "Updating cronjob $cronjob_name ..."
           gen3 job cron $cronjob_name "$cronjob_schedule"
-          fi
           }
 
           # Loop through each fence-related cronjob and check/update if needed

From 00e90b0ec9d81f971b191ef179a2cc6cb96aa0d5 Mon Sep 17 00:00:00 2001
From: Ajo Augustine <ajoaugustine@gmail.com>
Date: Thu, 6 Jun 2024 12:41:37 -0500
Subject: [PATCH 4/7] Update gitops.sh

---
 gen3/bin/gitops.sh | 16 +++++++++-------
 1 file changed, 9 insertions(+), 7 deletions(-)

diff --git a/gen3/bin/gitops.sh b/gen3/bin/gitops.sh
index cd79c179d..80a8de5cd 100644
--- a/gen3/bin/gitops.sh
+++ b/gen3/bin/gitops.sh
@@ -458,23 +458,20 @@ gen3_gitops_sync() {
           gen3 job run etl --wait ETL_FORCED TRUE
       fi
 
-      # update fence ConfigMap before roll-all
-      if [[ "$fence_roll" = true ]]; then
-          gen3 update_config manifest-fence "$(gen3 gitops folder)/manifests/fence/fence-config-public.yaml"
-
+      # update fence jobs
+      if [[ "$versions_roll" = true ]]; then
           # List of fence-related cronjobs
           local fence_cronjobs=("fence-delete-expired-clients" "fence-cleanup-expired-ga4gh-info")
 
-          # Check and update cronjobs
+          # function to check and update cronjobs
           update_cronjob() {
           local cronjob_name=$1
           gen3_log_info "Checking cronjob $cronjob_name..."
-          local cronjob_schedule=$(kubectl get cronjobs.batch $cronjob_name -o yaml | grep -oP '(?<=schedule: ).*')
+          local cronjob_schedule=$(kubectl get cronjobs.batch $cronjob_name -o jsonpath='{.spec.schedule}')
           if [[ -z "$cronjob_schedule" ]]; then
             gen3_log_info "Cronjob $cronjob_name does not exist or has no schedule."
             return
           fi
-
           gen3_log_info "Updating cronjob $cronjob_name ..."
           gen3 job cron $cronjob_name "$cronjob_schedule"
           }
@@ -485,6 +482,11 @@ gen3_gitops_sync() {
           done
       fi
 
+      # update fence ConfigMap before roll-all
+      if [[ "$fence_roll" = true ]]; then
+          gen3 update_config manifest-fence "$(gen3 gitops folder)/manifests/fence/fence-config-public.yaml"
+      fi      
+
       if [[ "$covid_cronjob_roll" = true ]]; then
         if g3k_config_lookup '.global."covid19_data_bucket"'; then
           s3Bucket_url=$(kubectl get configmap manifest-global -o json | jq .data.covid19_data_bucket | tr -d \" )

From d3c4cce91aa87f205b8feb326f0ff169d2437cf5 Mon Sep 17 00:00:00 2001
From: Ajo Augustine <ajoaugustine@gmail.com>
Date: Thu, 6 Jun 2024 13:11:46 -0500
Subject: [PATCH 5/7] Update gitops.sh

---
 gen3/bin/gitops.sh | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/gen3/bin/gitops.sh b/gen3/bin/gitops.sh
index 80a8de5cd..fcafb0110 100644
--- a/gen3/bin/gitops.sh
+++ b/gen3/bin/gitops.sh
@@ -469,8 +469,8 @@ gen3_gitops_sync() {
           gen3_log_info "Checking cronjob $cronjob_name..."
           local cronjob_schedule=$(kubectl get cronjobs.batch $cronjob_name -o jsonpath='{.spec.schedule}')
           if [[ -z "$cronjob_schedule" ]]; then
-            gen3_log_info "Cronjob $cronjob_name does not exist or has no schedule."
-            return
+              gen3_log_info "Cronjob $cronjob_name does not exist or has no schedule."
+              return
           fi
           gen3_log_info "Updating cronjob $cronjob_name ..."
           gen3 job cron $cronjob_name "$cronjob_schedule"
@@ -485,7 +485,7 @@ gen3_gitops_sync() {
       # update fence ConfigMap before roll-all
       if [[ "$fence_roll" = true ]]; then
           gen3 update_config manifest-fence "$(gen3 gitops folder)/manifests/fence/fence-config-public.yaml"
-      fi      
+      fi 
 
       if [[ "$covid_cronjob_roll" = true ]]; then
         if g3k_config_lookup '.global."covid19_data_bucket"'; then

From 4d6b57b4d7fee8be6cd01ea20eea28c41d26cb0c Mon Sep 17 00:00:00 2001
From: Ajo Augustine <ajoaugustine@gmail.com>
Date: Thu, 6 Jun 2024 15:36:11 -0500
Subject: [PATCH 6/7] update-fence-cronjobs added to gitops.sh

---
 gen3/bin/gitops.sh | 68 ++++++++++++++++++++++++++++++----------------
 1 file changed, 44 insertions(+), 24 deletions(-)

diff --git a/gen3/bin/gitops.sh b/gen3/bin/gitops.sh
index fcafb0110..975cf6e0d 100644
--- a/gen3/bin/gitops.sh
+++ b/gen3/bin/gitops.sh
@@ -458,30 +458,6 @@ gen3_gitops_sync() {
           gen3 job run etl --wait ETL_FORCED TRUE
       fi
 
-      # update fence jobs
-      if [[ "$versions_roll" = true ]]; then
-          # List of fence-related cronjobs
-          local fence_cronjobs=("fence-delete-expired-clients" "fence-cleanup-expired-ga4gh-info")
-
-          # function to check and update cronjobs
-          update_cronjob() {
-          local cronjob_name=$1
-          gen3_log_info "Checking cronjob $cronjob_name..."
-          local cronjob_schedule=$(kubectl get cronjobs.batch $cronjob_name -o jsonpath='{.spec.schedule}')
-          if [[ -z "$cronjob_schedule" ]]; then
-              gen3_log_info "Cronjob $cronjob_name does not exist or has no schedule."
-              return
-          fi
-          gen3_log_info "Updating cronjob $cronjob_name ..."
-          gen3 job cron $cronjob_name "$cronjob_schedule"
-          }
-
-          # Loop through each fence-related cronjob and check/update if needed
-          for cronjob in "${fence_cronjobs[@]}"; do
-          update_cronjob "$cronjob"
-          done
-      fi
-
       # update fence ConfigMap before roll-all
       if [[ "$fence_roll" = true ]]; then
           gen3 update_config manifest-fence "$(gen3 gitops folder)/manifests/fence/fence-config-public.yaml"
@@ -527,6 +503,10 @@ gen3_gitops_sync() {
         fi
         curl -X POST --data-urlencode "payload={\"text\": \"Gitops-sync Cron: ${resStr} - Syncing dict and images on ${tmpHostname}\", \"attachments\": [{${dictAttachment}}, {${versionsAttachment}}, {${portalAttachment}}, {${fenceAttachment}}, {${etlAttachment}}, {${covidAttachment}}]}" "${slackWebHook}"
       fi
+      # update fence jobs
+      if [[ "$versions_roll" = true ]]; then
+          gen3_gitops_update_fence_cron_jobs
+      fi
     else
       echo "no changes detected, not rolling"
     fi
@@ -551,6 +531,43 @@ gen3_gitops_rsync() {
   ssh "$target" "bash -ic 'gen3 gitops sync'"
 }
 
+#
+# Update fence cronjobs
+#
+gen3_gitops_update_fence_cron_jobs() {
+  # Fetch the manifest-versions ConfigMap and extract the fence image
+  local fence_manifest_image=$(kubectl get cm manifest-versions -o jsonpath='{.data.fence}')
+
+  # List of fence-related cronjobs
+  local fence_cronjobs=("fence-delete-expired-clients" "fence-cleanup-expired-ga4gh-info")
+
+  # Function to check and update cronjobs
+  update_cronjob() {
+    local cronjob_name=$1
+    local manifest_image=$2
+
+    gen3_log_info "Checking cronjob $cronjob_name..."
+
+    # Extract cronjob schedule directly using kubectl with jsonpath
+    local cronjob_schedule=$(kubectl get cronjobs.batch $cronjob_name -o jsonpath='{.spec.schedule}')
+
+    # Check if the cronjob exists
+    if [[ -z "$cronjob_schedule" ]]; then
+      gen3_log_info "Cronjob $cronjob_name does not exist."
+      return
+    fi
+
+    # Update cronjob with the image in manifest-versions ConfigMap
+    gen3_log_info "Updating cronjob $cronjob_name to use image $manifest_image..."
+    gen3 job cron $cronjob_name "$cronjob_schedule"
+  }
+
+  # Loop through each fence-related cronjob and check/update if needed
+  for cronjob in "${fence_cronjobs[@]}"; do
+    update_cronjob "$cronjob" "$fence_manifest_image"
+  done
+}
+
 #
 # Get the local manifest and cloud-automation folders in sync with github
 #
@@ -1129,6 +1146,9 @@ if [[ -z "$GEN3_SOURCE_ONLY" ]]; then
     "sync")
       gen3_gitops_sync "$@"
       ;;
+    "update-fence-cronjobs")
+      gen3_gitops_update_fence_cron_jobs "$@"
+      ;;      
     "taglist")
       gen3_gitops_repo_taglist "$@"
       ;;

From bb4a7f48752c25a33d0406878edfc5098ebfe9f0 Mon Sep 17 00:00:00 2001
From: Ajo Augustine <ajoaugustine@gmail.com>
Date: Thu, 6 Jun 2024 15:59:40 -0500
Subject: [PATCH 7/7] update gitops.sh documentation

---
 doc/gitops.md | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/doc/gitops.md b/doc/gitops.md
index 64c30597b..e860fb390 100644
--- a/doc/gitops.md
+++ b/doc/gitops.md
@@ -176,3 +176,10 @@ It takes a module as argument, like: vpc, eks.
 ```
 gen3 gitops tfapply eks
 ```
+
+### update-fence-cronjobs
+Checks and updates the image for specific fence-related cronjobs (`fence-delete-expired-clients` and `fence-cleanup-expired-ga4gh-info`), if they do not match the image specified in the `manifest-versions` ConfigMap.
+
+```
+gen3 gitops update-fence-cronjobs
+```