From 3c2a619c3267851208dfdcf8b0cf6758078b5c5c Mon Sep 17 00:00:00 2001
From: Pete Moore <pmoore@mozilla.com>
Date: Fri, 1 Apr 2022 10:56:39 +0200
Subject: [PATCH 1/5] Fetch root credentials from pass when running tc-admin

---
 imagesets/README.md | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/imagesets/README.md b/imagesets/README.md
index 8ed1f3a5..efd8e422 100644
--- a/imagesets/README.md
+++ b/imagesets/README.md
@@ -147,14 +147,19 @@ complete:
    pip3 install -e .
    which tc-admin
    pass git pull
-   TASKCLUSTER_ROOT_URL=https://community-tc.services.mozilla.com tc-admin diff || true
+   TASKCLUSTER_ROOT_URL=https://community-tc.services.mozilla.com
+   TASKCLUSTER_CLIENT_ID=static/taskcluster/root
+   TASKCLUSTER_ACCESS_TOKEN="$(pass show community-tc/root)"
+   unset TASKCLUSTER_CERTIFICATE
+   tc-admin diff || true
+   tc-admin diff --ids-only || true
    echo
    echo 'Applying in 60 seconds (Ctrl-C to abort)....'
    echo
    sleep 60
    echo 'Applying!'
    echo
-   TASKCLUSTER_ROOT_URL=https://community-tc.services.mozilla.com tc-admin apply
+   tc-admin apply
    cd ../..
    rm -rf tc-admin
    ```

From 2280630cfa65d76363a00cee57357efdf28aa377 Mon Sep 17 00:00:00 2001
From: Pete Moore <pmoore@mozilla.com>
Date: Tue, 12 Apr 2022 16:16:30 +0200
Subject: [PATCH 2/5] Work in progress

---
 {imagesets/docker => docker}/Dockerfile |  0
 {imagesets/docker => docker}/TAG        |  0
 {imagesets/docker => docker}/build.sh   |  0
 run-tc-admin.sh                         | 71 +++++++++++++++++++++++++
 4 files changed, 71 insertions(+)
 rename {imagesets/docker => docker}/Dockerfile (100%)
 rename {imagesets/docker => docker}/TAG (100%)
 rename {imagesets/docker => docker}/build.sh (100%)
 create mode 100755 run-tc-admin.sh

diff --git a/imagesets/docker/Dockerfile b/docker/Dockerfile
similarity index 100%
rename from imagesets/docker/Dockerfile
rename to docker/Dockerfile
diff --git a/imagesets/docker/TAG b/docker/TAG
similarity index 100%
rename from imagesets/docker/TAG
rename to docker/TAG
diff --git a/imagesets/docker/build.sh b/docker/build.sh
similarity index 100%
rename from imagesets/docker/build.sh
rename to docker/build.sh
diff --git a/run-tc-admin.sh b/run-tc-admin.sh
new file mode 100755
index 00000000..076586c3
--- /dev/null
+++ b/run-tc-admin.sh
@@ -0,0 +1,71 @@
+#!/usr/bin/env bash
+
+set -eu
+set -o pipefail
+
+function tc_admin {
+  apt update
+  apt install -y python3-pip python3.8-venv
+  pip install --upgrade pip
+
+  export TEMP_DIR="$(mktemp -d -t password-store.XXXXXXXXXX)"
+  export PASSWORD_STORE_DIR="${TEMP_DIR}/.password-store"
+  cd "${TEMP_DIR}"
+  python3 -m venv tc-admin-venv
+  source tc-admin-venv/bin/activate
+  pip3 install pytest
+  pip3 install --upgrade pip
+  git clone https://github.com/mozilla/community-tc-config
+  cd community-tc-config
+  pip3 install -e .
+  which tc-admin
+  git clone ssh://gitolite3@git-internal.mozilla.org/taskcluster/secrets.git "${PASSWORD_STORE_DIR}"
+  TASKCLUSTER_ROOT_URL=https://community-tc.services.mozilla.com
+  TASKCLUSTER_CLIENT_ID=static/taskcluster/root
+  TASKCLUSTER_ACCESS_TOKEN="$(pass show community-tc/root | head -n 1)"
+  unset TASKCLUSTER_CERTIFICATE
+  tc-admin diff || true
+  tc-admin diff --ids-only || true
+  echo
+  echo 'Applying in 60 seconds (Ctrl-C to abort)....'
+  echo
+  done=false
+  while ! ${done}; do
+    read -p "Apply changes (yes/no)? " choice
+    case "$choice" in
+      yes)
+        echo
+        echo 'Applying!'
+        echo
+        tc-admin apply
+        done=true;;
+      no)
+        echo "Ok ok 🐥"
+        done=true;;
+      *)
+        echo "Invalid response: '${choice}'. Please answer 'yes' or 'no'.";;
+    esac
+  done
+  cd /
+  rm -rf "${TEMP_DIR}"
+}
+
+################## Entry point ##################
+
+cd "$(dirname "${0}")"
+
+if [ "${1-}" == "native" ]; then
+  tc_admin
+else
+  TAG="$(cat docker/TAG)"
+  echo docker run \
+    --rm \
+    -ti \
+    -v "$(pwd):/community-tc-config" \
+    -v ~/.config:/root/.config \
+    -v ~/.gitconfig:/root/.gitconfig \
+    -v ~/.gnupg:/root/.gnupg \
+    -v ~/.ssh:/root/.ssh \
+    "${TAG}" \
+    /community-tc-config/run-tc-admin.sh native
+fi

From b69a98bb0da02ff6217c96e8c6778cb89ca23522 Mon Sep 17 00:00:00 2001
From: Pete Moore <pmoore@mozilla.com>
Date: Wed, 18 May 2022 16:38:43 +0200
Subject: [PATCH 3/5] wip

---
 imagesets/README.md   | 37 ++-----------------------------------
 imagesets/imageset.sh |  3 ++-
 run-tc-admin.sh       | 25 +++++++++++++------------
 3 files changed, 17 insertions(+), 48 deletions(-)

diff --git a/imagesets/README.md b/imagesets/README.md
index 0329007c..8d2377a2 100644
--- a/imagesets/README.md
+++ b/imagesets/README.md
@@ -125,41 +125,8 @@ complete:
    updating image references in `/config/imagesets.yml`. Make sure to push this
    commit upstream (i.e. to `git@github.com:mozilla/community-tc-config.git`).
 
-2) Apply the config changes by running `tc-admin`. Note, here is a script that
-   does this, if you have not already set something up:
-
-
-   ```bash
-   #!/bin/bash -e
-   rm -rf tc-admin
-   mkdir tc-admin
-   pip3 install --upgrade pip
-   cd tc-admin
-   python3 -m venv tc-admin-venv
-   source tc-admin-venv/bin/activate
-   pip3 install pytest
-   pip3 install --upgrade pip
-   git clone https://github.com/mozilla/community-tc-config
-   cd community-tc-config
-   pip3 install -e .
-   which tc-admin
-   pass git pull
-   TASKCLUSTER_ROOT_URL=https://community-tc.services.mozilla.com
-   TASKCLUSTER_CLIENT_ID=static/taskcluster/root
-   TASKCLUSTER_ACCESS_TOKEN="$(pass show community-tc/root)"
-   unset TASKCLUSTER_CERTIFICATE
-   tc-admin diff || true
-   tc-admin diff --ids-only || true
-   echo
-   echo 'Applying in 60 seconds (Ctrl-C to abort)....'
-   echo
-   sleep 60
-   echo 'Applying!'
-   echo
-   tc-admin apply
-   cd ../..
-   rm -rf tc-admin
-   ```
+2) Apply the config changes by running `run-tc-admin.sh` in the root folder of
+   this repository.
 
 3) Don't forget to test your image set changes! Try rerunning some tasks that
    previously ran successfully.
diff --git a/imagesets/imageset.sh b/imagesets/imageset.sh
index e30dd0e2..aa0c026d 100755
--- a/imagesets/imageset.sh
+++ b/imagesets/imageset.sh
@@ -176,7 +176,8 @@ function deploy {
   git push "${OFFICIAL_GIT_REPO}" "+HEAD:refs/heads/main"
   log 'Deployment of image sets successful!'
   log ''
-  log 'Be sure to run tc-admin in the community-tc-config repo to apply changes to the community cluster!'
+  cd ../..
+  log 'Be sure to run tc-admin to apply changes to the community cluster!'" There is a utility script for doing this: $(pwd)/run-tc-admin.sh"
 }
 
 ################## AWS ##################
diff --git a/run-tc-admin.sh b/run-tc-admin.sh
index 076586c3..09df796f 100755
--- a/run-tc-admin.sh
+++ b/run-tc-admin.sh
@@ -20,33 +20,34 @@ function tc_admin {
   pip3 install -e .
   which tc-admin
   git clone ssh://gitolite3@git-internal.mozilla.org/taskcluster/secrets.git "${PASSWORD_STORE_DIR}"
-  TASKCLUSTER_ROOT_URL=https://community-tc.services.mozilla.com
-  TASKCLUSTER_CLIENT_ID=static/taskcluster/root
-  TASKCLUSTER_ACCESS_TOKEN="$(pass show community-tc/root | head -n 1)"
+  export TASKCLUSTER_ROOT_URL='https://community-tc.services.mozilla.com'
+  export TASKCLUSTER_CLIENT_ID='static/taskcluster/root'
+  export TASKCLUSTER_ACCESS_TOKEN="$(pass show community-tc/root | head -n 1)"
   unset TASKCLUSTER_CERTIFICATE
   tc-admin diff || true
   tc-admin diff --ids-only || true
   echo
-  echo 'Applying in 60 seconds (Ctrl-C to abort)....'
-  echo
   done=false
-  while ! ${done}; do
+  while true; do
     read -p "Apply changes (yes/no)? " choice
-    case "$choice" in
+    case "${choice}" in
       yes)
         echo
         echo 'Applying!'
         echo
         tc-admin apply
-        done=true;;
+        break
+        ;;
       no)
-        echo "Ok ok 🐥"
-        done=true;;
+        echo "Ok, ok, 🐥."
+        break
+        ;;
       *)
-        echo "Invalid response: '${choice}'. Please answer 'yes' or 'no'.";;
+        echo "Invalid response: '${choice}'. Please answer 'yes' or 'no'."
+        ;;
     esac
   done
-  cd /
+  cd
   rm -rf "${TEMP_DIR}"
 }
 

From b38f744629bcaba9de40da15da9fe946a357a2d1 Mon Sep 17 00:00:00 2001
From: Pete Moore <pmoore@mozilla.com>
Date: Wed, 18 May 2022 16:42:27 +0200
Subject: [PATCH 4/5] whoops

---
 run-tc-admin.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/run-tc-admin.sh b/run-tc-admin.sh
index 09df796f..9bf24fc8 100755
--- a/run-tc-admin.sh
+++ b/run-tc-admin.sh
@@ -59,7 +59,7 @@ if [ "${1-}" == "native" ]; then
   tc_admin
 else
   TAG="$(cat docker/TAG)"
-  echo docker run \
+  docker run \
     --rm \
     -ti \
     -v "$(pwd):/community-tc-config" \

From 23a85ce0ae7667c926dac764e4eb727805fa3cf5 Mon Sep 17 00:00:00 2001
From: Pete Moore <pmoore@mozilla.com>
Date: Wed, 18 May 2022 16:51:11 +0200
Subject: [PATCH 5/5] wip

---
 run-tc-admin.sh | 14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)

diff --git a/run-tc-admin.sh b/run-tc-admin.sh
index 9bf24fc8..d8ce1309 100755
--- a/run-tc-admin.sh
+++ b/run-tc-admin.sh
@@ -4,17 +4,23 @@ set -eu
 set -o pipefail
 
 function tc_admin {
+
+
+  ################################################
+  # this is temporarily in here while i work out what is needed, then it will be moved into docker image itself...
   apt update
   apt install -y python3-pip python3.8-venv
   pip install --upgrade pip
+  python3 -m venv tc-admin-venv
+  pip3 install pytest
+  pip3 install --upgrade pip
+  ################################################
+
 
+  source tc-admin-venv/bin/activate
   export TEMP_DIR="$(mktemp -d -t password-store.XXXXXXXXXX)"
   export PASSWORD_STORE_DIR="${TEMP_DIR}/.password-store"
   cd "${TEMP_DIR}"
-  python3 -m venv tc-admin-venv
-  source tc-admin-venv/bin/activate
-  pip3 install pytest
-  pip3 install --upgrade pip
   git clone https://github.com/mozilla/community-tc-config
   cd community-tc-config
   pip3 install -e .