@colisweb/rescript-toolkit 4.22.0 → 4.22.2

package/.secure_files/ci-functions-v17.0.3

@@ -1,2422 +0,0 @@
-#!/usr/bin/env bash
-
-#VARIABLES
-export SCRIPT_FULL_PATH=$(dirname "$0")
-
-##FUNCTIONS
-# https://stackoverflow.com/questions/1527049/how-can-i-join-elements-of-an-array-in-bash
-join_by() {
-  local d=${1-} f=${2-}
-  if shift 2; then
-    printf %s "$f" "${@/#/$d}"
-  fi
-}
-
-mkstring() {
-	local start=$1
-	local separator=$2
-	local end=$3
-	shift 3
-
-	if [ $# -gt 0 ]; then
-    printf $start
-    join_by $separator $*
-    printf $end
-  fi
-}
-
-md5all() {
-    all_hash=$(mktemp)
-    for name in $*; do
-        find $name -type f -exec cat {} \; | md5sum | cut -f1 -d ' ' >> $all_hash
-    done;
-    cat $all_hash | md5sum | cut -f1 -d ' '
-}
-
-log() {
-  echo "$*" >&2
-}
-#!/usr/bin/env bash
-
-check_args() {
-  if [ -z $2 ] || [ "$1" != "$2" ]; then
-    echo >&2 "missing argument $1"
-    return 1
-  fi
-}
-
-check_env_vars() {
-  ArgsCount=$1 && shift
-  for ((i = 0; i < $ArgsCount; i++)); do
-    if [[ -z "${!1}" ]]; then
-      echo >&2 "missing ENV $1"
-      return 1
-    fi
-    shift
-  done
-}
-
-extract_arg() {
-  name=$1
-  passed=$2
-  value=$3
-  if [ "--$name" != "$passed" ]; then
-    echo "missing argument $name"
-    exit 1
-  fi
-  eval $name='$value'
-}
-
-extract_args() {
-  declare -a Array_Args
-  ArgsCount=$1 && shift
-  for ((i = 0; i < $ArgsCount; i++)); do
-    Array_Args[i]=$1 && shift
-  done
-  for ArgName in "${Array_Args[@]}"; do
-    extract_arg "$ArgName" $* && shift 2
-  done
-}
-
-#!/usr/bin/env bash
-
-aws_ecr_login() {
-  PATH=/root/.local/bin:$PATH
-
-  aws ecr get-login-password \
-    | docker login --username AWS --password-stdin 949316342391.dkr.ecr.eu-west-1.amazonaws.com \
-    || (echo "you should update to AWS CLI version 2 https://docs.aws.amazon.com/cli/latest/userguide/install-cliv2-mac.html " $(aws ecr get-login --region=eu-west-1 --no-include-email) )
-}
-
-aws_ecr_token() {
-  aws ecr get-authorization-token --region=eu-west-1 --output text --query 'authorizationData[].authorizationToken'
-}
-
-# you will need jq to use these commands. You can install it using "brew install jq"
-# delete_images colisweb_api 8
-# will delete images older than 8 weeks
-delete_images() {
-
-  REPO=$1
-  WEEKS=${2:-16}
-
-  WEEKS_AGO=$(date -j -v-${WEEKS}w +%s)
-
-  #Get all ecr images
-  IMAGES=$(aws ecr describe-images --repository-name $REPO --output json)
-
-  #Filter unnecessary values and map `imagePushedAt` to EPOCH
-  TIMED_IMAGES=$(echo $IMAGES | jq .'[]' | jq "map({imagePushedAt: (.imagePushedAt[0:19]+\"Z\" | fromdateiso8601), imageDigest: .imageDigest}) | sort_by(.imagePushedAt) | .[:-1]")
-
-  #Filter on EPOCH
-  OLD_IMAGES=$(echo $TIMED_IMAGES | jq "map(select (.imagePushedAt < $WEEKS_AGO)) | .[] " | jq -r '.imageDigest')
-
-  while IFS= read -r IMAGE; do
-    if [ "$IMAGE" != "" ]; then
-      echo "Deleting $IMAGE from $REPO"
-      AWS_PAGER="" aws  ecr batch-delete-image --repository-name $REPO --image-ids imageDigest=$IMAGE
-    fi
-  done <<< "$OLD_IMAGES"
-}
-
-# delete_images_all_repos 12
-# will delete images in all repositories older than 12 weeks
-delete_images_all_repos() {
-  REPOSITORIES=$(aws ecr describe-repositories --output json | jq -r '.[]|.[].repositoryName')
-
-  while IFS= read -r REPO; do
-    echo "processing ECR repository $REPO"
-    delete_images $REPO $1
-  done <<< "$REPOSITORIES"
-}
-
-#!/usr/bin/env bash
-
-# If gitlab is down or pipeline are stuck, hotfixes need to be available
-# This script will publish docker images to ECR using your current git HEAD, then deploy them to a given environment.
-# Some local files (git-commit.conf and sentry.properties) will be updated, take caution.
-# No trace of this will appear on Gitlab (no releases, no pipelines, no tags).
-# create_hotfix_scala $ENVIRONMENT $CHART_NAME [ $MODULE_NAME $MODULE_PATH $DEPLOYMENT ]
-# create_hotfix_scala testing crm main modules/3-executables/main crm
-# create_hotfix_scala testing notification \
-#   main-http modules/3-executables/main-http notification-http \
-#   main-consumer modules/3-executables/main-consumer notification-consumer
-
-create_hotfix_scala() {
-
-  ENVIRONMENT=$1
-  CHART_NAME=$2
-  shift 2
-
-  SHORT_SHA=$(git rev-parse --short HEAD)
-  HOTFIX_TAG="hotfix-$SHORT_SHA"
-
-  gum confirm "Preparing $HOTFIX_TAG for $CHART_NAME ?" || exit
-  prepare_hotfix_scala $HOTFIX_TAG
-
-  gum confirm "Building $HOTFIX_TAG for $CHART_NAME ?" || exit
-  while [[ $# -gt 2 ]] ; do
-    build_hotfix_scala $HOTFIX_TAG "$1" "$2" "$3"
-    shift 3
-  done
-
-  gum confirm "Deploying $HOTFIX_TAG for $CHART_NAME ?" || exit
-  deploy_hotfix $CHART_NAME $ENVIRONMENT $HOTFIX_TAG
-}
-
-# Update local git-commit.conf and sentry.properties files using git short sha
-prepare_hotfix_scala() {
-  HOTFIX_TAG=$1
-
-  git secret reveal -f
-  aws_ecr_login
-
-  COMMIT_CONF_FILES=$(find . -name "git-commit.conf")
-  SENTRY_PROPERTIES_FILES=$(find . -name "sentry.properties")
-
-  for file in $(echo "$COMMIT_CONF_FILES\n$SENTRY_PROPERTIES_FILES"); do
-      sed -i '' -e 's&GIT_COMMIT&'"$HOTFIX_TAG&" $file
-  done
-
-}
-
-# Build docker images locally and publish them to AWS ECR.
-build_hotfix_scala() {
-
-  HOTFIX_TAG=$1
-  SBT_MODULE=$2
-  DOCKER_PATH=$3
-  DEPLOYMENT=$4
-
-  DOCKER_REGISTRY_ID="949316342391"
-  DOCKER_REGISTRY="$DOCKER_REGISTRY_ID.dkr.ecr.eu-west-1.amazonaws.com"
-  DOCKER_IMAGE=$DOCKER_REGISTRY/$DEPLOYMENT
-  HOTFIX_IMAGE=$DOCKER_IMAGE:$HOTFIX_TAG
-
-  #Build
-  sbt "project $SBT_MODULE" "Docker / stage"
-
-  #Publish
-  docker build --platform "linux/amd64" -t $HOTFIX_IMAGE --cache-from $DOCKER_IMAGE "$DOCKER_PATH/target/docker/stage"
-  docker push $HOTFIX_IMAGE
-
-  echo "Created hotfix $HOTFIX_IMAGE"
-}
-
-# Deploy the project in the given environment
-deploy_hotfix() {
-  source $colisweb_scripts/ci/helm.sh
-
-  CHART_NAME=$1
-  ENVIRONMENT=$2
-  HOTFIX_TAG=$3
-
-  CONFIG_PATH=deploy
-  CHART_PATH=$CONFIG_PATH/$CHART_NAME
-  ROOT_PATH=$(pwd)
-
-  # Unset Kubectl configuration made via the KUBECONFIG env variable
-  #  it would override the config made by configure_kubectl_for
-  #  for example, using Gitlab runners in Kubernetes sets this variable and causes conflict
-  unset KUBECONFIG
-
-  # Configure Kubectl
-  configure_kubectl_for $ENVIRONMENT
-
-  # Avoiding "no local-index.yaml" or "empty local-index.yaml" error
-  cat > $HOME/Library/Caches/helm/repository/local-index.yaml <<EOT
-apiVersion: v1
-entries:
-  cronjob:
-EOT
-
-  # helm3 stable repo have changed and must be updated manually, in versions < v2.17.0
-  helm3 repo add colisweb s3://colisweb-helm-charts/colisweb  --force-update
-  helm3 repo add stable https://charts.helm.sh/stable --force-update
-  helm3 repo update
-  helm3 dependency update ${ROOT_PATH}/${CHART_PATH}
-
-  # Gather values/*.yaml files
-  VALUES_PATH="${ROOT_PATH}/${CHART_NAME}/values"
-  VALUES_FILES=''
-  [ -d $VALUES_PATH ] && VALUES_FILES=$(find $VALUES_PATH -type f -maxdepth 1 -name "*.yaml" | sed 's/^/ -f /' | tr -d \\n | sed 's/%//')
-
-  # Deploy
-  helm3 upgrade --install \
-    --namespace ${ENVIRONMENT} \
-    ${VALUES_FILES} \
-    -f ${ROOT_PATH}/${CONFIG_PATH}/common.yaml \
-    -f ${ROOT_PATH}/${CONFIG_PATH}/${ENVIRONMENT}.yaml \
-    -f ${ROOT_PATH}/${CONFIG_PATH}/${ENVIRONMENT}-secrets.yaml \
-    --set global.version=$HOTFIX_TAG \
-    ${CHART_NAME} ${ROOT_PATH}/${CHART_PATH}
-
-
-  verify_deployments_v3 -t 10m $ENVIRONMENT $CHART_NAME
-
-}
-
-#!/usr/bin/env bash
-
-image_exists() {
-  set -e
-
-  REGISTRY=$1
-  REPOSITORY=$2
-  IMAGE=$3
-
-  TAGGED_IMAGE="$REGISTRY/$REPOSITORY:$IMAGE"
-
-  aws ecr describe-images --registry-id $REGISTRY --repository-name $REPOSITORY --image-ids "imageTag=$IMAGE"
-
-  if [ $? -eq 0 ]
-  then
-    echo "Image $TAGGED_IMAGE already present in distant repo"
-    return 0
-  else
-    echo "Image $TAGGED_IMAGE NOT present in distant repo"
-    return 1
-  fi
-}
-#!/usr/bin/env bash
-
-gmm() {
-  git checkout $1
-  git pull
-  git checkout $2
-  git pull
-  git merge $1
-  git push
-}
-
-git_damn_merge() {
-  git checkout $1
-  git pull
-  git checkout $2
-  git dammit
-  git merge $1
-  git push
-}
-
-git_prune_local_branches() {
-  git branch -r |
-    awk '{print $1}' |
-    egrep -v -f /dev/fd/0 <(git branch -vv | grep origin) |
-    awk '{print $1}' |
-    xargs git branch -d
-}
-
-gum_checkout() {
-  git branch -a | cut -f3- -d "/" | gum filter | xargs git checkout
-}
-
-# useful option :
-#  export GIT_SUBLINE_MERGE_NON_INTERACTIVE_MODE=TRUE
-# see https://github.com/paulaltin/git-subline-merge
-setup_subline_merge() {
-  location=${1:-"--local"}
-
-  case $location in
-  --local)
-    if [ -d ".git" ]; then
-      echo "* merge=subline" >>.git/info/attributes
-    else
-      echo "Cannot use local option, not in a git repository"
-      return 1
-    fi
-    ;;
-  --global)
-    echo "* merge=subline" >>~/.gitattributes
-    ;;
-  *)
-    echo "unknown argument $location"
-    return 2
-    ;;
-  esac
-
-  git config $location merge.conflictStyle diff3
-  git config $location merge.subline.driver "$colisweb_scripts/shell-session/shell/dev/git-subline-merge %O %A %B %L %P"
-  git config $location merge.subline.recursive binary
-}
-
-rebase_from_ancestor() {
-  set -x
-  branch=$1
-  tip=$(git rev-parse HEAD)
-  ancestor=$(git merge-base $branch $tip)
-  commits=$(git log $ancestor..$tip)
-  git reset --hard $ancestor
-  git merge --squash $tip
-  git commit -m "squashed commmits $commits" || echo "nothing committed"
-  git rebase $branch -Xtheirs
-}
-
-#!/usr/bin/env bash
-
-import_all_pgp_keys() {
-  echo "importing all PGP keys"
-  gpg --import $SCRIPT_FULL_PATH/pgp_keys/*.key
-}
-
-remove_all_persons_from_secrets() {
-    echo "cleanup git secret"
-    WHO_KNOWS=($(git secret whoknows))
-    git secret removeperson $WHO_KNOWS
-    echo "Removed secrets access for $WHO_KNOWS"
-}
-
-all_pgp_emails() {
-  gpg --show-key $SCRIPT_FULL_PATH/pgp_keys/*.key | sed -rn "s/.*<(.*)>/\1/p"
-}
-
-set_all_secret_keys() {
-
-  import_all_pgp_keys
-
-  git secret reveal -f
-
-  remove_all_persons_from_secrets
-
-  if [ $# -eq 0 ]; then
-    echo "No emails supplied, using dev-tools pgp keys as source"
-    IN_THE_KNOW=($(gum choose --no-limit $(all_pgp_emails)))
-  else
-    IN_THE_KNOW=($*)
-  fi
-
-  git secret tell $IN_THE_KNOW
-  git secret hide
-  git secret whoknows
-
-  echo "all secrets updated, you'll need to commit the changes"
-}
-
-#!/usr/bin/env bash
-
-start_ssh_bastion() {
-  ENV=$1
-  SSH_LOCAL_PORT=$2
-  POD_NAME=ssh-bastion-$USERNAME
-  CONFIG_MAP_NAME=ssh-bastion-$USERNAME
-  configure_kubectl_for $ENV
-  kubectl get pods -o name | grep pod/$POD_NAME
-  if [ $? -eq 0 ]; then
-    echo "$POD_NAME is already running"
-  else
-  	#configmap
-    kubectl get configmap $CONFIG_MAP_NAME && kubectl delete configmap $CONFIG_MAP_NAME
-    tempdir=$(mktemp -d)
-    cat <<EOF  > $tempdir/sshd_config
-AllowTcpForwarding yes
-Port 2222
-PermitRootLogin yes
-AuthorizedKeysFile /etc/ssh/authorized_keys
-EOF
-	cp ~/.ssh/id_rsa.pub $tempdir/authorized_keys
-    kubectl create configmap $CONFIG_MAP_NAME --from-file=$tempdir
-
-	#pod
-    kubectl get pod  $POD_NAME && kubectl delete pod $POD_NAME
-    cat <<EOF | kubectl create -f -
-
-    apiVersion: v1
-    kind: Pod
-    metadata:
-      name: $POD_NAME
-    spec:
-      containers:
-      - name: $POD_NAME
-        image: sickp/alpine-sshd:7.4
-        ports:
-        - containerPort: 2222
-        volumeMounts:
-        - mountPath: /etc/ssh/sshd_config
-          name: ssh-config
-          subPath: sshd_config
-        - mountPath: /etc/ssh/authorized_keys
-          name: ssh-config
-          subPath: authorized_keys
-      volumes:
-      - name: ssh-config
-        configMap:
-          name: $CONFIG_MAP_NAME
-EOF
-
-  fi
-
-  # You need a recent kubectl for wait to work (1.15 works), install or upgrade
-  # with brew :
-  # brew install kubernetes-cli
-  # brew upgrade kubernetes-cli
-  kubectl wait --for=condition=Ready pod/$POD_NAME
-
-  # kube port-forward
-  lsof -ti  tcp:$SSH_LOCAL_PORT | xargs kill
-  kubectl port-forward $POD_NAME $SSH_LOCAL_PORT:2222 &
-  while ! nc -z 127.0.0.1 $SSH_LOCAL_PORT; do
-    sleep 1
-  done
-  echo "forwarding ssh via local port $SSH_LOCAL_PORT"
-  echo "remember to terminate the bastion with 'stop_ssh_bastion'"
-}
-
-stop_ssh_bastion() {
-  POD_NAME=ssh-bastion-$USERNAME
-  kubectl delete pod $POD_NAME
-}
-
-#!/usr/bin/env bash
-
-configure_kubectl_for() {
-  local infra_env="$1"
-  local valid_envs="[testing][staging][production][performance][tests][recette]"
-  echo "$valid_envs" | grep -q "\[$infra_env\]"
-
-  if [ $? -ne 0 ]; then
-    echo "Cannot configure kubectl for invalid env : $infra_env"
-    echo "choose one of $valid_envs"
-    return 1
-  fi
-
-  aws eks update-kubeconfig --name "toutatis-$infra_env-eks" >&2
-}
-
-#!/usr/bin/env bash
-
-# WARNING : never try to do a dump directly from the database_production_ca
-# this could cause lot of lock database issues.
-# always use database_production_read_replica_ca instead
-database_k8s() {
-  MODE=$1
-  case $MODE in
-  	 "tests") SSH_LOCAL_PORT=2224;PG_LOCAL_PORT=24440;CA_LOCAL_PORT=25430;ENV="tests";;
-	   "testing") SSH_LOCAL_PORT=2225;PG_LOCAL_PORT=24441;CA_LOCAL_PORT=25431;ENV="testing";;
-	   "staging") SSH_LOCAL_PORT=2226;PG_LOCAL_PORT=24442;CA_LOCAL_PORT=25432;ENV="staging";;
-	   "production") SSH_LOCAL_PORT=2227;PG_LOCAL_PORT=24443;CA_LOCAL_PORT=25433;ENV="production";;
-	   "production_rw") SSH_LOCAL_PORT=2227;PG_LOCAL_PORT=24444;CA_LOCAL_PORT=25434;ENV="production";;
-	   "recette") SSH_LOCAL_PORT=2228;PG_LOCAL_PORT=24446;CA_LOCAL_PORT=25436;ENV="recette";;
-	   *) echo "Unsupported ENV : $MODE"; return 1 ;;
-  esac
-
-  start_ssh_bastion $ENV $SSH_LOCAL_PORT
-
-  lsof -ti  tcp:$PG_LOCAL_PORT | xargs kill
-
-  bastion_config=$(mktemp)
-  cat > "$bastion_config" <<EOF
-	  UserKnownHostsFile /dev/null
-	  StrictHostKeyChecking no
-	  User root
-	  Host bastion_tests
-    HostName 127.0.0.1
-    Port 2224
-    LocalForward 24440 toutatis-tests-db.ca0rjdmnxf1x.eu-west-1.rds.amazonaws.com:5432
-	  Host bastion_testing
-		HostName 127.0.0.1
-		Port 2225
-		LocalForward 24441 toutatis-testing-db.ca0rjdmnxf1x.eu-west-1.rds.amazonaws.com:5432
-		LocalForward 25431 testapirds.ca0rjdmnxf1x.eu-west-1.rds.amazonaws.com:3306
-	  Host bastion_staging
-		HostName 127.0.0.1
-		Port 2226
-		LocalForward 24442 toutatis-staging-db.ca0rjdmnxf1x.eu-west-1.rds.amazonaws.com:5432
-		LocalForward 25432 testapirds.ca0rjdmnxf1x.eu-west-1.rds.amazonaws.com:3306
-    Host bastion_recette
-		HostName 127.0.0.1
-		Port 2228
-		LocalForward 24446 toutatis-recette-db.ca0rjdmnxf1x.eu-west-1.rds.amazonaws.com:5432
-		LocalForward 25436 testapirds.ca0rjdmnxf1x.eu-west-1.rds.amazonaws.com:3306
-	  Host bastion_production
-		HostName 127.0.0.1
-		Port 2227
-    LocalForward 24443 toutatis-production-db-replica.ca0rjdmnxf1x.eu-west-1.rds.amazonaws.com:5432
-    LocalForward 25433 api-production-rds-read-replica.ca0rjdmnxf1x.eu-west-1.rds.amazonaws.com:3306
-    LocalForward 25435 archive-ca.ca0rjdmnxf1x.eu-west-1.rds.amazonaws.com:3306
-EOF
-  if [ "$MODE" = "production_rw" ] ; then
-    cat >> "$bastion_config" <<EOF
-      LocalForward 24444 toutatis-production-db.ca0rjdmnxf1x.eu-west-1.rds.amazonaws.com:5432
-      LocalForward 25434 api-production-rds.ca0rjdmnxf1x.eu-west-1.rds.amazonaws.com:3306
-EOF
-  fi
-
-  ssh -f -N \
-  	-F "$bastion_config" \
-  	"bastion_$ENV"
-
-  echo "sample command : 'psql postgres://postgres@127.0.0.1:$PG_LOCAL_PORT'"
-  echo "sample command : 'mysql -u colisweb -h 127.0.0.1 -P $CA_LOCAL_PORT -p db_name'"
-
-  echo "run 'kubectl delete pod $POD_NAME' when you have finished"
-}
-
-psql_on_k8() {
-  NAMESPACE=$1
-  SERVICE=$2
-  CONNECTION=$3
-  shift 3
-
-  kubectl -n $NAMESPACE run ${SERVICE}-database-init \
-    --image jbergknoff/postgresql-client \
-    --restart=Never \
-    --attach --rm \
-    -- \
-    postgresql://${CONNECTION} \
-    "$*"
-}
-
-mysql_on_k8() {
-  local namespace=$1
-  local db_host=$2
-  local db_port=$3
-  local db_init_username=$4
-  local db_init_password=$5
-  local query=$6
-
-  kubectl -n ${namespace} run datadog-database-init \
-    --image widdpim/mysql-client \
-    --restart=Never \
-    --attach --rm \
-    -- \
-    mysql --host=$db_host --user=$db_init_username --password=$db_init_password --port=$db_port --execute="$query"
-}
-#!/usr/bin/env bash
-
-kube_init_database_once() {
-
-  extract_args 8 namespace db_host db_port db_init_username db_init_password db_database db_username db_password $*
-
-  echo "======================="
-  echo " Initializing Database '$db_database' for namespace $namespace"
-  echo "======================="
-
-  set -x
-
-  echo "Checking if Database '$db_database' exists"
-  set +e
-  psql_on_k8 $namespace once "$db_init_username:$db_init_password@$db_host:$db_port" -lqtA | cut -d\| -f1 | grep "^$db_database$"
-  return_code=$?
-  set -e
-
-  if [ ${return_code} -eq 0 ]; then
-    echo "Database $db_database already exists - nothing to do"
-  else
-    echo "Database $db_database does not exist - initializing"
-
-    psql_on_k8 $namespace once "$db_init_username:$db_init_password@$db_host:$db_port" -c 'CREATE DATABASE '"$db_database"';'
-    echo "DB created $db_database"
-
-    psql_on_k8 $namespace once "$db_init_username:$db_init_password@$db_host:$db_port" -c 'CREATE USER '"$db_username"' WITH ENCRYPTED PASSWORD '"'$db_password'"';'
-    echo "USER created $db_username"
-
-    psql_on_k8 $namespace once "$db_init_username:$db_init_password@$db_host:$db_port" -c 'GRANT ALL PRIVILEGES ON DATABASE '"$db_database"' TO '"$db_username"';'
-    echo "Granted all privileges for $db_username on $db_database"
-  fi
-
-  echo "======================="
-  echo " Database '$db_database' Initialization complete for namespace $namespace"
-  echo "======================="
-}
-
-kube_init_database_readonly_account() {
-
-  extract_args 6 namespace service db_connection db_database db_readonly_username db_readonly_password $*
-
-  echo "======================="
-  echo " Initializing Readonly Account '$db_readonly_username' for '$db_database' for namespace $namespace"
-  echo "======================="
-
-  # Print commands before execution, except echo
-  trap '[[ $BASH_COMMAND != echo* ]] && echo $BASH_COMMAND' DEBUG
-
-  echo "Checking if Readonly account '$db_readonly_username' for '$db_database' exists"
-  set +e
-  psql_on_k8 $namespace $service $db_connection -qtAc 'SELECT rolname FROM pg_roles;' | grep "^$db_readonly_username$"
-  return_code=$?
-  set -e
-
-  if [ ${return_code} -eq 0 ]; then
-    echo "Account $db_readonly_username already exists - nothing to do"
-  else
-    echo "Account $db_readonly_username does not exist - creating"
-
-    psql_on_k8 $namespace $service $db_connection -c 'CREATE USER '"$db_readonly_username"' WITH ENCRYPTED PASSWORD '"'$db_readonly_password'"';'
-    psql_on_k8 $namespace $service $db_connection -c 'GRANT CONNECT ON DATABASE '"$db_database"' TO '"$db_readonly_username"';'
-    psql_on_k8 $namespace $service $db_connection -c 'GRANT USAGE ON SCHEMA public TO '"$db_readonly_username"';'
-    psql_on_k8 $namespace $service $db_connection -c 'GRANT SELECT ON ALL TABLES IN SCHEMA public TO '"$db_readonly_username"';'
-    psql_on_k8 $namespace $service $db_connection -c 'ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT ON TABLES TO '"$db_readonly_username"';'
-
-    echo "Created user with read-only permissions for $db_readonly_username on $db_database (schema public)"
-  fi
-}
-
-kube_init_datadog_in_database() {
-  extract_args 8 namespace db_host db_port db_init_username db_init_password db_datadog_username db_datadog_password db_datadog_schema $*
-
-  echo "======================="
-  echo " Initializing Datadog Agent Requiement for namespace $namespace"
-  echo "======================="
-
-  set -x
-
-  echo "Checking if User  '$db_datadog_username' exists"
-  set +e
-  mysql_on_k8 $namespace $db_host $db_port $db_init_username $db_init_password 'SELECT user FROM mysql.user;' | grep "^$db_datadog_username$"
-  return_code=$?
-  set -e
-
-  if [ ${return_code} -eq 0 ]; then
-    echo "User $db_datadog_username already exists - nothing to do"
-  else
-    echo "User $db_datadog_username does not exist - initializing"
-
-    # All the query come from this docs : https://docs.datadoghq.com/fr/database_monitoring/setup_mysql/selfhosted/?tab=mysql56
-
-    mysql_on_k8 $namespace $db_host $db_port $db_init_username $db_init_password 'CREATE USER '"$db_datadog_username"'@"%" IDENTIFIED BY '"'$db_datadog_password'"';'
-    echo "USER created $db_datadog_username"
-
-    mysql_on_k8 $namespace $db_host $db_port $db_init_username $db_init_password 'GRANT REPLICATION CLIENT ON *.* TO datadog@"%" WITH MAX_USER_CONNECTIONS 5;'
-    echo "ALTER USER $db_datadog_username"
-
-    mysql_on_k8 $namespace $db_host $db_port $db_init_username $db_init_password 'GRANT PROCESS ON *.* TO '"$db_datadog_username"'@"%";'
-    echo "Granted PROCESS for $db_datadog_username"
-
-    mysql_on_k8 $namespace $db_host $db_port $db_init_username $db_init_password 'GRANT SELECT ON performance_schema.* TO '"$db_datadog_username"'@"%";'
-    echo "Granted SELECT on performance_schema for $db_datadog_username"
-
-    mysql_on_k8 $namespace $db_host $db_port $db_init_username $db_init_password 'CREATE SCHEMA IF NOT EXISTS datadog;'
-    echo "CREATE SCHEMA datadog"
-
-    mysql_on_k8 $namespace $db_host $db_port $db_init_username $db_init_password 'GRANT EXECUTE ON datadog.* to '"$db_datadog_username"'@"%";'
-    echo "Granted 'GRANT EXECUTE for $db_datadog_username on datadog"
-
-    mysql_on_k8 $namespace $db_host $db_port $db_init_username $db_init_password 'GRANT CREATE TEMPORARY TABLES ON datadog.* TO '"$db_datadog_username"'@"%";'
-    echo "Granted  CREATE TEMPORARY TABLES for $db_datadog_username"
-
-
-    mysql_on_k8 $namespace $db_host $db_port $db_init_username $db_init_password 'DROP PROCEDURE IF EXISTS datadog.explain_statement;
-                  DELIMITER $$
-                  CREATE PROCEDURE datadog.explain_statement(IN query TEXT)
-                      SQL SECURITY DEFINER
-                  BEGIN
-                      SET @explain := CONCAT("EXPLAIN FORMAT=json ", query);
-                      PREPARE stmt FROM @explain;
-                      EXECUTE stmt;
-                      DEALLOCATE PREPARE stmt;
-                  END $$
-                  DELIMITER ;'
-   echo "CREATE PROCEDURE PROCEDURE datadog.explain_statement"
-
-    mysql_on_k8 $namespace $db_host $db_port $db_init_username $db_init_password 'DROP PROCEDURE IF EXISTS '"$db_datadog_username"'.explain_statement;
-                    DELIMITER $$
-                    CREATE PROCEDURE '"$db_datadog_username"'.explain_statement(IN query TEXT)
-                        SQL SECURITY DEFINER
-                    BEGIN
-                        SET @explain := CONCAT("EXPLAIN FORMAT=json ", query);
-                        PREPARE stmt FROM @explain;
-                        EXECUTE stmt;
-                        DEALLOCATE PREPARE stmt;
-                    END $$
-                    DELIMITER ;
-                    GRANT EXECUTE ON PROCEDURE '"$db_datadog_username"'.explain_statement TO datadog@"%";'
-    echo "CREATE PROCEDURE on SCHEMA $db_datadog_schema for $db_datadog_username"
-
-    mysql_on_k8 $namespace $db_host $db_port $db_init_username $db_init_password 'DROP PROCEDURE IF EXISTS datadog.enable_events_statements_consumers;
-                  DELIMITER $$
-                  CREATE PROCEDURE datadog.enable_events_statements_consumers()
-                      SQL SECURITY DEFINER
-                  BEGIN
-                      UPDATE performance_schema.setup_consumers SET enabled="YES" WHERE name LIKE "events_statements_%";
-                  END $$
-                  DELIMITER ;
-                  GRANT EXECUTE ON PROCEDURE datadog.enable_events_statements_consumers TO datadog@"%";'
-
-    echo "CREATE PROCEDURE on datadog.enable_events_statements_consumers"
-  fi
-
-  echo "======================="
-  echo " Database '$db_datadog_schema' Initialization complete for namespace $namespace"
-  echo "======================="
-}
-
-kube_init_service_database() {
-
-  extract_args 9 namespace service db_host db_port db_init_username db_init_password db_database db_username db_password $*
-
-  local db_connection="$db_init_username:$db_init_password@$db_host:$db_port"
-
-  set -x
-
-  echo "Checking if Database '$db_database' exists"
-  set +e
-  psql_on_k8 $namespace $service $db_connection -lqtA | cut -d\| -f1 | grep "^$db_database$"
-  return_code=$?
-  set -e
-
-  if [ ${return_code} -eq 0 ]; then
-    echo "Database $db_database already exists - nothing to do"
-  else
-    echo "Database $db_database does not exist - initializing"
-
-    psql_on_k8 $namespace $service $db_connection -c 'CREATE DATABASE '"$db_database"';'
-    echo "DB created $db_database"
-
-    psql_on_k8 $namespace $service $db_connection -c 'CREATE USER '"$db_datadog_username"' WITH ENCRYPTED PASSWORD '"'$db_password'"';'
-    echo "USER created $db_datadog_username"
-
-    psql_on_k8 $namespace $service $db_connection -c 'GRANT ALL PRIVILEGES ON DATABASE '"$db_database"' TO '"$db_datadog_username"';'
-    echo "Granted all privileges for $db_datadog_username on $db_database"
-  fi
-
-  echo "======================="
-  echo " Database '$db_database' Initialization complete for namespace $namespace"
-  echo "======================="
-}
-#!/usr/bin/env bash
-
-# Port forward on the first matching pod
-# Ex :
-# pod_forward testing notification-http
-# pod_forward testing colisweb-api-web 3333 3000
-pod_forward() {
-  ENV=$1
-  POD_FILTER=$2
-  LOCAL_PORT=${3:-8080}
-  POD_PORT=${4:-8080}
-
-  if PID=$(lsof -ti tcp:$LOCAL_PORT); then
-    echo "killing process $PID which uses port $LOCAL_PORT"
-    kill $PID
-  fi
-
-  configure_kubectl_for $ENV
-
-  POD=`pick_pod $ENV $POD_FILTER`
-
-  echo "setting up forwarding to $POD"
-  kubectl -n $ENV port-forward $POD $LOCAL_PORT:$POD_PORT &
-  PID=$!
-
-  while ! echo exit | nc localhost $LOCAL_PORT > /dev/null; do
-    sleep 1
-    echo "waiting for port $LOCAL_PORT to be open locally"
-  done
-  echo "port $LOCAL_PORT is now available on localhost, forwarding to $ENV $POD:$POD_PORT"
-  echo 'you can terminate it with "kill '$PID'" or "kill $(lsof -ti tcp:'$LOCAL_PORT')"'
-}
-
-# prompts to pick a pod and run a command like bash inside
-# pod_exec testing
-# pod_exec testing bash
-# pod_exec testing bash colisweb-api
-pod_exec() {
-  ENV=$1
-  COMMAND=${2:-bash}
-  configure_kubectl_for $ENV
-  POD_FILTER=$3
-  POD=`pick_pod $ENV $POD_FILTER`
-  echo "running $COMMAND inside $POD"
-  kubectl -n $ENV exec -ti $POD -- $COMMAND
-}
-
-# prompts to pick a pod and copy from a local file to the pod
-# pod_copy_to testing localfile remotefile
-# pod_copy_to testing localfile remotefile colisweb-api
-pod_copy_to() {
-  ENV=$1
-  LOCAL_FILE=$2
-  REMOTE_FILE=$3
-  configure_kubectl_for $ENV
-  POD_FILTER=$4
-  POD=`pick_pod $ENV $POD_FILTER`
-  kubectl cp $LOCAL_FILE $ENV/$POD:$REMOTE_FILE
-}
-
-
-pick_pod() {
-  ENV=$1
-  POD_FILTER="pod/$2"
-  configure_kubectl_for $ENV
-
-  if [ -z "$2" ] ; then
-    kubectl -n $ENV get pods | gum filter | cut -f1 -d" "
-  else
-      if PODS=$(kubectl -n $ENV get pods -o=name | grep "$POD_FILTER"); then
-        echo $PODS | head -1 | sed -e 's/pod\///'
-      else
-        echo "no pods found on $ENV matching $POD_FILTER" >&2
-      fi
-  fi
-}
-
-#!/usr/bin/env bash
-
-redis_k8s() {
-  MODE=$1
-  case $MODE in
-	   "testing") SSH_LOCAL_PORT=2225;REDIS_LOCAL_PORT=63791;ENV="testing";;
-	   "staging") SSH_LOCAL_PORT=2226;REDIS_LOCAL_PORT=63792;ENV="staging";;
-	   "production") SSH_LOCAL_PORT=2227;REDIS_LOCAL_PORT=63793;ENV="production";;
-	   *) echo "Unsupported ENV : $MODE"; return 1 ;;
-  esac
-
-  start_ssh_bastion $ENV $SSH_LOCAL_PORT
-
-  lsof -ti  tcp:$REDIS_LOCAL_PORT | xargs kill
-
-  bastion_config=$(mktemp)
-  cat > "$bastion_config" <<EOF
-	  UserKnownHostsFile /dev/null
-	  StrictHostKeyChecking no
-	  User root
-	  Host bastion_testing
-		HostName 127.0.0.1
-		Port 2225
-		LocalForward 63791 redis-testing.xufte6.0001.euw1.cache.amazonaws.com:6379
-	  Host bastion_staging
-		HostName 127.0.0.1
-		Port 2226
-		LocalForward 63792 redis-sandbox.xufte6.0001.euw1.cache.amazonaws.com:6379
-	  Host bastion_production
-		HostName 127.0.0.1
-		Port 2227
-    LocalForward 63793 redis-prod.xufte6.0001.euw1.cache.amazonaws.com:6379
-EOF
-
-  ssh -f -N \
-  	-F "$bastion_config" \
-  	"bastion_$ENV"
-
-  echo "sample command : 'redis-cli -p $REDIS_LOCAL_PORT'"
-  echo "run 'kubectl delete pod $POD_NAME' when you have finished"
-
-  redis-cli -p $REDIS_LOCAL_PORT
-}
-
-#!/usr/bin/env bash
-
-#Create a k8s cron jobs that will be run regularly
-#See run_cron_job_k8s -h for more details
-
-run_cron_job_k8s() {
-
-  #default values
-  local namespace="testing"
-  local name="$USERNAME"
-  local SCHEDULE="00 05 * * *"
-  local secret=""
-  local amm_folder=""
-  local amm_script=""
-
-  while getopts ":e:c:p:f:s:t:h" opt; do
-    case $opt in
-      e)
-        namespace="$OPTARG" >&2
-        ;;
-      t)
-        SCHEDULE="$OPTARG" >&2
-        ;;
-      p)
-        name="$OPTARG" >&2
-        ;;
-      c)
-        secret="$OPTARG" >&2
-        ;;
-      f)
-        amm_folder="$OPTARG" >&2
-        ;;
-      s)
-        amm_script="$OPTARG" >&2
-        ;;
-      h)
-        show_help_cron_job
-        return 0
-        ;;
-      :)
-        echo "Option -$OPTARG requires an argument. Run run_cron_job_k8s -h for help" >&2
-        return 0
-        ;;
-      \?)
-        echo "Invalid option: -$OPTARG. Run run_cron_job_k8s -h for help" >&2
-        return 0
-        ;;
-    esac
-  done
-
-  if [ -z "$amm_script" ]; then
-          echo 'Missing -s. Run run_cron_job_k8s -h for help' >&2
-          return 0
-  fi
-
-  shift "$((OPTIND-1))"
-
-  local script_args=$(
-    if [ "$#" -gt 0 ] ; then
-      printf '"'
-      join_by '", "' $*
-      printf '"'
-    fi
-  )
-
-  local IMAGE="lolhens/ammonite:2.5.4"
-  local CRONJOB_NAME="cronjob-ammonite-$name"
-
-
-  configure_kubectl_for $namespace
-
-    if [[ ! -r "$amm_script" ]]; then
-      echo "ammonite script not found $amm_script"
-      return 2
-    else
-      local CONFIG_MAP="config-$CRONJOB_NAME"
-      local SECRET_MAP="secret-$CRONJOB_NAME"
-      local CONFIG_MAP_DIR="$(mktemp -d)"
-
-      if [[ ! -z $amm_folder && -d $amm_folder ]] ; then
-        cp -r "$amm_folder/" "$CONFIG_MAP_DIR"
-      fi
-      cp "$amm_script" "$CONFIG_MAP_DIR/script.sc"
-
-      kubectl -n $namespace get configmap $CONFIG_MAP && kubectl -n $namespace delete configmap $CONFIG_MAP
-      kubectl -n $namespace create configmap $CONFIG_MAP --from-file="$CONFIG_MAP_DIR"
-
-      kubectl -n $namespace get secret $SECRET_MAP && kubectl -n $namespace delete secret $SECRET_MAP
-      kubectl -n $namespace create secret generic $SECRET_MAP --from-file="$secret"
-
-      kubectl -n $namespace get cronjob $CRONJOB_NAME && kubectl -n $namespace delete cronjob $CRONJOB_NAME
-
-      echo "starting $CRONJOB_NAME with $IMAGE"
-
-JOB_DEFINITION='
-apiVersion: batch/v1
-kind: CronJob
-metadata:
-  name: '$CRONJOB_NAME'
-  namespace: '$namespace'
-spec:
-  schedule: "'$SCHEDULE'"
-  concurrencyPolicy: Forbid
-  jobTemplate:
-    spec:
-      backoffLimit: 0
-      template:
-        spec:
-          nodeSelector:
-            workType: "workers"
-          restartPolicy: Never
-          volumes:
-          - name: config
-            configMap:
-              name: '$CONFIG_MAP'
-          - name: secret
-            secret:
-              secretName: '$SECRET_MAP'
-          containers:
-             - name: '$CRONJOB_NAME'
-               command: ["amm", "/code/script.sc"]
-               image: '$IMAGE'
-               imagePullPolicy: IfNotPresent
-               args: ['$script_args']
-               env:
-                - name: POD_NAME
-                  valueFrom:
-                    fieldRef:
-                      apiVersion: v1
-                      fieldPath: metadata.name
-                - name: POD_NAMESPACE
-                  valueFrom:
-                    fieldRef:
-                      apiVersion: v1
-                      fieldPath: metadata.namespace
-                - name: HOST_IP
-                  valueFrom:
-                    fieldRef:
-                      apiVersion: v1
-                      fieldPath: status.hostIP
-               volumeMounts:
-                - name: config
-                  mountPath: /code
-                - name: secret
-                  mountPath: /conf
-                  readOnly: true
-               resources:
-                 requests:
-                   cpu: 500m
-                   memory: 256Mi
-                 limits:
-                   cpu: 4000m
-                   memory: 512Mi
-               envFrom:
-                 - configMapRef:
-                     name: '$CONFIG_MAP'
-                 - secretRef:
-                     name: '$SECRET_MAP'
-'
-
-    echo $JOB_DEFINITION > /tmp/job.yaml
-
-    kubectl -n $namespace  apply -f /tmp/job.yaml
-
-  fi
-}
-
-# Usage info
-show_help_cron_job() {
-  #p:f:s
-local help="""Usage: run_cron_job_k8s -s SCRIPT [-t TIME] [-e ENV] [-c CONFIG] [-p POD] [-f FOLDER] [ARGS]
-Create a k8s cron job that will be run a script regularly
-
-    -h          display this help and exit
-    -s SCRIPT   run script SCRIPT on a pod (SCRIPT must be a .sc file)
-    -t TIME     opt. time when the job will be launched. TIME should be in CRON syntax (default to 00 05 * * *, ie 5AM UTC)
-    -e ENV      opt. set execution environment (default to testing)
-    -c CONFIG   opt. secret file needed for the script (must be a .sc file, not a .secret file)
-    -p POD      opt. name of the pod to create (default to $USERNAME)
-    -f FOLDER   opt. name of the folder containing the scripts to execute (if SCRIPT needs other files)
-    ARGS        opt. additional arguments for SCRIPT
-"""
-echo "$help"
-}
-
-#!/usr/bin/env bash
-
-# Usage info
-show_help_job() {
-  local help="""Usage: run_job_k8s -s SCRIPT [-e ENV] [-c CONFIG] [-p POD] [-f FOLDER] [ARGS]
-  Create a k8s job executing a script
-
-      -h          display this help and exit
-      -s SCRIPT   run script SCRIPT on a pod (SCRIPT must be a .sc file)
-      -e ENV      opt. set execution environment (default to testing)
-      -c CONFIG   opt. secret file needed for the script (must be a .sc file, not a .secret file)
-      -p POD      opt. name of the pod to create (default to $USERNAME)
-      -f FOLDER   opt. name of the folder containing the scripts to execute (if SCRIPT needs other files)
-      ARGS        opt. additional arguments for SCRIPT
-
-  The organisation of the files must be the same locally as on the pod :
-    - /code containing the script to execute (arg -s) and the other needed files (if the arg -f is used, it must reference this directory)
-    - /conf containing the secret file (arg -c if used)
-  E.g. in the script \"/code/script.sc\", to use a secret file \"/conf/secret.sc\", the import should look like \"import \$file.^.conf.secret.sc\"
-  """
-  echo "$help"
-}
-
-run_job_k8s() {
-
-  #default values
-  local namespace="testing"
-  local name="$USERNAME"
-  local secret=""
-  local amm_folder=""
-  local amm_script=""
-
-  while getopts ":e:c:p:f:s:h" opt; do
-    case $opt in
-      e)
-        namespace="$OPTARG" >&2
-        ;;
-      p)
-        name="$OPTARG" >&2
-        ;;
-      c)
-        secret="$OPTARG" >&2
-        ;;
-      f)
-        amm_folder="$OPTARG" >&2
-        ;;
-      s)
-        amm_script="$OPTARG" >&2
-        ;;
-      h)
-        show_help_job
-        return 0
-        ;;
-      :)
-        echo "Option -$OPTARG requires an argument. Run run_cron_job_k8s -h for help" >&2
-        return 0
-        ;;
-      \?)
-        echo "Invalid option: -$OPTARG. Run run_cron_job_k8s -h for help" >&2
-        return 0
-        ;;
-    esac
-  done
-
-  if [ -z "$amm_script" ]; then
-          echo 'Missing -s. Run run_job_k8s -h for help' >&2
-          return 0
-  fi
-
-  shift "$((OPTIND-1))"
-
-  local script_args=$(
-      if [ "$#" -gt 0 ] ; then
-        printf '"'
-        join_by '", "' $*
-        printf '"'
-      fi
-    )
-
-  local IMAGE="lolhens/ammonite:2.5.4"
-  local JOB_NAME="job-ammonite-$name"
-
-    if [[ ! -r "$amm_script" ]]; then
-      echo "ammonite script not found $amm_script"
-      return 2
-    else
-      local CONFIG_MAP="config-$JOB_NAME"
-      local CONFIG_MAP_DIR="$(mktemp -d)"
-      local SECRET_MAP="secret-$JOB_NAME"
-
-      configure_kubectl_for $namespace
-
-      if [[ ! -z $amm_folder && -d $amm_folder ]] ; then
-        cp -r "$amm_folder/" "$CONFIG_MAP_DIR"
-      fi
-      cp "$amm_script" "$CONFIG_MAP_DIR/script.sc"
-
-      kubectl -n $namespace get configmap $CONFIG_MAP && kubectl -n $namespace delete configmap $CONFIG_MAP
-      kubectl -n $namespace create configmap $CONFIG_MAP --from-file="$CONFIG_MAP_DIR"
-
-      kubectl -n $namespace get secret $SECRET_MAP && kubectl -n $namespace delete secret $SECRET_MAP
-      kubectl -n $namespace create secret generic $SECRET_MAP --from-file="$secret"
-
-      kubectl -n $namespace get job $JOB_NAME && kubectl -n $namespace delete job $JOB_NAME
-
-      echo "starting $JOB_NAME with $IMAGE"
-    fi
-
-      JOB_DEFINITION='
-apiVersion: batch/v1
-kind: Job
-metadata:
-  name: '$JOB_NAME'
-  namespace: '$namespace'
-spec:
-  template:
-    spec:
-      containers:
-      - name: '$JOB_NAME'
-        command: ["amm", "/code/script.sc"]
-        image: '$IMAGE'
-        args: ['$script_args']
-        env:
-        - name: POD_NAME
-          valueFrom:
-            fieldRef:
-              apiVersion: v1
-              fieldPath: metadata.name
-        - name: POD_NAMESPACE
-          valueFrom:
-            fieldRef:
-              apiVersion: v1
-              fieldPath: metadata.namespace
-        - name: HOST_IP
-          valueFrom:
-            fieldRef:
-              apiVersion: v1
-              fieldPath: status.hostIP
-        volumeMounts:
-        - name: config
-          mountPath: /code
-        - name: secret
-          mountPath: /conf
-          readOnly: true
-        resources:
-          requests:
-            cpu: 500m
-            memory: 256Mi
-          limits:
-            cpu: 4000m
-            memory: 1Gi
-      nodeSelector:
-        workType: workers
-      restartPolicy: Never
-      volumes:
-      - name: config
-        configMap:
-          name: '$CONFIG_MAP'
-      - name: secret
-        secret:
-          secretName: '$SECRET_MAP'
-     '
-
-
-     echo $JOB_DEFINITION > /tmp/job.yaml
-
-      kubectl -n $namespace  apply -f /tmp/job.yaml
-
-}
-
-
-#!/usr/bin/env bash
-
-run_task() {
-  set -e
-
-  check_args "--namespace" $1
-  shift
-  NAMESPACE=$1
-  shift
-  check_args "--image" $1
-  shift
-  IMAGE=$1
-  shift
-  check_args "--name" $1
-  shift
-  NAME=$1
-  shift
-
-  set -x
-
-  kubectl -n ${NAMESPACE} run ${NAME} \
-    --image ${IMAGE} \
-    --restart=Never \
-    --attach --rm \
-    $*
-}
-geocode_address() {
-  ADDRESS=$(sed -e 's: :%20:g' <(echo "$*"))
-  URL="https://maps.googleapis.com/maps/api/geocode/json?address=${ADDRESS}&key=${GOOGLE_API_KEY}"
-  curl $URL
-}
-
-search_business() {
-  SIREN=$1
-  shift
-  QUERY=$(sed -e 's: :+:g' <(echo "$*"))
-  URL="https://data.opendatasoft.com/api/records/1.0/search/?dataset=sirene_v3%40public&q=${QUERY}&sort=datederniertraitementetablissement&facet=trancheeffectifsetablissement&facet=libellecommuneetablissement&facet=departementetablissementi&refine.siren=${SIREN}"
-  curl $URL
-}
-
-#!/usr/bin/env bash
-
-# possible syntax:
-# login
-# login testing
-# login testing userid
-login() {
-  ENV=${1:-`gum choose testing staging production recette`} && \
-  USER=${2:-`gum input --placeholder username`} && \
-  PASSWORD=`gum input --password --placeholder password` && \
-  TOKEN=`$SCRIPT_FULL_PATH/scala/auth.sc login --env $ENV --user $USER --password $PASSWORD` && \
-  export TOKEN_$ENV=$TOKEN && \
-  echo "login success for $USER on $ENV" >&2
-}
-
-# you need to call login first (see above)
-# possible syntax:
-# recompute_tour
-# recompute_tour testing
-# recompute_tour testing draft
-# recompute_tour testing draft 28bf9967-b5f3-4294-8855-cfd2fa36ec09
-# recompute_tour testing draft 28bf9967-b5f3-4294-8855-cfd2fa36ec09 TODAY
-# recompute_tour testing draft 28bf9967-b5f3-4294-8855-cfd2fa36ec09 FRIDAY
-recompute_tour() {
-  ENV=${1:-`gum choose testing staging production recette`}
-  MODE=${2:-`gum choose draft definitive`}
-  PROJECT_ID=${3:-`pick_project $ENV`}
-  DAY=${4:-`gum choose TODAY MONDAY TUESDAY WEDNESDAY THURSDAY FRIDAY SATURDAY SUNDAY`}
-  jwt_token $ENV
-  scala/tour_config.sc $MODE -t $TOKEN -p $PROJECT_ID -d $DAY
-}
-
-pick_project() {
-  ENV=${1:-`gum choose testing staging production recette`}
-  jwt_token $ENV
-  scala/tour_config.sc list -t $TOKEN -e $ENV | gum filter | cut -f1
-}
-
-jwt_token() {
-  ENV=${1:-`gum choose testing staging production recette`}
-  eval 'TOKEN=$TOKEN_'$ENV
-  if ! $SCRIPT_FULL_PATH/scala/auth.sc check -t $TOKEN -e $ENV ; then
-    login $ENV
-  fi
-}
-
-#!/usr/bin/env bash
-
-ftp_ikea_k8s() {
-  SSH_LOCAL_PORT=2230
-  FTP_LOCAL_PORT=25500
-  start_ssh_bastion testing $SSH_LOCAL_PORT
-
-  lsof -ti  tcp:$FTP_LOCAL_PORT | xargs kill
-
-  bastion_config=$(mktemp)
-  cat > "$bastion_config" <<EOF
-	  UserKnownHostsFile /dev/null
-	  StrictHostKeyChecking no
-	  User root
-	  Host bastion_ftp
-		HostName 127.0.0.1
-		Port 2230
-		LocalForward 25500 ft.centiro.ikea.com:22
-EOF
-
-  ssh -f -N \
-  	-F "$bastion_config" \
-  	"bastion_ftp"
-
-  sftp -P $FTP_LOCAL_PORT colisweb.fr@127.0.0.1
-}
-
-#!/usr/bin/env bash
-
-# usage:
-# jconsole_k8s testing colisweb-api-web
-
-jconsole_k8s() {
-  ENV=$1
-  NAME=$2
-
-  start_ssh_bastion $ENV 2242
-  POD_IP=$( \
-    kubectl -n $ENV get pods -o jsonpath='{range .items[*]}{.metadata.name}{" "}{.status.podIP}{"\n"}{end}' \
-    | grep "$NAME" | cut -d' ' -f2 | head -1 \
-  )
-  echo "selected POD with ip $POD_IP"
-  echo "use 'root' as password"
-  ssh -f -N -oUserKnownHostsFile=/dev/null -oStrictHostKeyChecking=no -D 7777 root@127.0.0.1 -p 2242
-
-  jconsole \
-    -J-DsocksProxyHost=localhost \
-    -J-DsocksProxyPort=7777 \
-    -J-DsocksNonProxyHosts= \
-    service:jmx:rmi:///jndi/rmi://$POD_IP:7199/jmxrmi \
-    &
-
-  echo "remember to stop with 'stop_ssh_bastion'"
-
-}
-
-#!/usr/bin/env bash
-
-# Interactive console on an existing pod. See also run_ruby_k8s
-# Ex :
-# railsc_k8s_old production
-# railsc_k8s_old production "User.where(email:'toni@colisweb.com')"
-railsc_k8s_old() {
-  ENV=$1
-  COMMAND=$2
-  configure_kubectl_for $ENV
-  POD=$(kubectl -n $ENV get pods -o=name | grep colisweb-api-web | head -1 | sed -e 's/pod\///')
-  KUBERAILS="kubectl -n $ENV exec -ti $POD -- /usr/src/app/bin/rails c"
-  [ -z "$COMMAND" ] && eval $KUBERAILS || echo $COMMAND | eval $KUBERAILS
-}
-
-# Interactive console on an new pod. See also run_ruby_k8s
-# Ex :
-# railsc_k8s production
-railsc_k8s() {
-  ENV=$1
-  [[ $ENV = "production" || $ENV = "staging" ]] && default_tag="master-latest" || default_tag="${ENV}-latest"
-  local image_tag=${5:-$default_tag}
-  local IMAGE="949316342391.dkr.ecr.eu-west-1.amazonaws.com/colisweb-api:$image_tag"
-  local POD_NAME="colisweb-api-rails-console-$image_tag-$USERNAME"
-
-  kubectl -n $ENV get pod $POD_NAME && kubectl -n $ENV delete pod $POD_NAME
-
-  configure_kubectl_for $ENV
-  echo "starting with $IMAGE"
-
-  kubectl -n $ENV run $POD_NAME \
-       --image $IMAGE \
-       --restart=Never \
-       --overrides='{
-       "spec":{
-          "nodeSelector":{
-            "workType": "workers"
-          },
-          "containers":[
-             {
-                "name":"'$POD_NAME'",
-                "image":"'$IMAGE'",
-                "imagePullPolicy":"Always",
-                "command":[
-                  "sleep",
-                  "infinity"
-                ],
-                "resources":{
-                  "limits":{
-                    "memory": "2048Mi"
-                  }
-                },
-                "envFrom": [ {
-                     "configMapRef": {
-                         "name": "colisweb-api"
-                     }
-                   }, {
-                     "secretRef": {
-                         "name": "colisweb-api"
-                     }
-                   }
-                ]
-             }
-          ]
-       }
-    }
-    '
-
-  sleep 5
-  kubectl -n $ENV exec -it $POD_NAME -- /usr/src/app/bin/rails c
-
-  print "End of $POD_NAME "
-  kubectl -n $ENV delete pods $POD_NAME
-}
-
-# Ex :
-# create_user testing claire.lien@colisweb.com super_admin clairemdp
-create_user() {
-  ENV=$1
-  EMAIL=$2
-  ROLE=$3
-  PASSWORD=$4
-  railsc_k8s $ENV "User.where(email:'$EMAIL', role:'$ROLE').first_or_create.update_attributes!(password: '$PASSWORD')"
-}
-
-# Ex :
-# delete_user testing claire.lien@colisweb.com 
-delete_user() {
-  ENV=$1
-  EMAIL=$2
-  railsc_k8s $ENV "User.find_by(email:'$EMAIL').destroy"
-}
-
-# NON Interactive console on an new pod, for long-running tasks (a few minutes)
-# See also railsc_k8s
-# file.txt will be available from /conf/data.txt in the ruby code
-# examples :
-# run_ruby_k8s testing demo <(echo "pp JSON.parse(File.read('/conf/data.txt'))")  <(echo '{ "content": 123 }')
-# run_ruby_k8s testing demo ~/.oh-my-zsh/custom/dev-tools/shell-session/ruby/demo.rb  <(echo '{ "content": 123 }')
-run_ruby_k8s() {
-  if [ $# -lt 4 ]; then
-    echo "usage : run_ruby_k8s production name-for-pod script.rb file.txt"
-    return 1
-  fi
-  local namespace=$1
-  local name=$2
-  local ruby_script=$3
-  local input_data=$4
-  [[ $namespace = "production" || $namespace = "staging" ]] && default_tag="master-latest" || default_tag="${namespace}-latest"
-  local image_tag=${5:-$default_tag}
-
-  if [ ! -r "$ruby_script" ]; then
-    echo "ruby script not found $ruby_script"
-    return 2
-  fi
-
-  if [ ! -r "$input_data" ]; then
-    echo "data not found $input_data"
-    return 3
-  fi
-
-
-  local IMAGE="949316342391.dkr.ecr.eu-west-1.amazonaws.com/colisweb-api:$image_tag"
-  local POD_NAME="colisweb-api-script-$name"
-  local CONFIG_MAP="config-$POD_NAME"
-  local CONFIG_MAP_DIR="$(mktemp -d)"
-
-
-  configure_kubectl_for $namespace
-
-
-  cp "$ruby_script" "$CONFIG_MAP_DIR/script.rb"
-  cp "$input_data" "$CONFIG_MAP_DIR/data.txt"
-
-  kubectl -n $namespace get configmap $CONFIG_MAP && kubectl -n $namespace delete configmap $CONFIG_MAP
-  kubectl -n $namespace create configmap $CONFIG_MAP --from-file="$CONFIG_MAP_DIR"
-
-  kubectl -n $namespace get pod $POD_NAME && kubectl -n $namespace delete pod $POD_NAME
-
-  echo "starting with $IMAGE"
-  kubectl -n $namespace run $POD_NAME \
-     --image $IMAGE \
-     -ti \
-     --restart=Never \
-     --attach \
-     --rm \
-     --overrides='{
-     "spec":{
-        "nodeSelector":{
-          "workType": "workers"
-        },
-        "containers":[
-           {
-              "name":"'$POD_NAME'",
-              "image":"'$IMAGE'",
-              "imagePullPolicy":"Always",
-              "command":[
-                "/usr/src/app/bin/rails",
-                "r",
-                "/conf/script.rb"
-              ],
-              "resources":{
-                "limits":{
-                  "memory": "4096Mi"
-                }
-              },
-              "volumeMounts":[
-                 {
-                    "name":"conf",
-                    "mountPath":"/conf"
-                 }
-              ],
-              "envFrom": [ {
-                   "configMapRef": {
-                       "name": "colisweb-api"
-                   }
-                 }, {
-                   "secretRef": {
-                       "name": "colisweb-api"
-                   }
-                 }
-              ]
-           }
-        ],
-          "volumes":[
-           {
-              "name":"conf",
-              "configMap":{ "name":"'$CONFIG_MAP'" }
-           }
-        ]
-     }
-  }
-  '
-
-  kubectl -n $namespace delete configmap $CONFIG_MAP
-}
-
-# example:
-# update_pickup_cp testing <( echo '{"wrong_cp": "59123", "corrected_cp": "59223", "delivery_ids": ["4192421", "4192425"]}' )
-update_pickup_cp() {
-	run_ruby_k8s $1 update-pickup-cp "$SCRIPT_FULL_PATH/ruby/update_pickup_cp.rb" $2
-}
-
-
-
-update_all_prices() {
-  local namespace=$1
-  local json_prices=$2
-
-  local json_size=$(wc -c < "$json_prices")
-
-  if ((json_size > 940000)); then
-	command -v jq || (echo "jq not found (use brew install jq)" && return 1)
-    local max_lines=3000
-    local total_lines=$(jq '. | length' $json_prices)
-    local iterations=$((total_lines / max_lines + 1))
-    echo "$json_prices is too big, I'll split it for you in blocks of $max_lines lines. It will take $iterations runs"
-    for (( i = 0 ; i < iterations ; i++ )) ; do
-      local start=$((i * max_lines))
-      local end=$(( (i + 1) * max_lines))
-      local split_file=$(mktemp)
-      jq -c ".[$start:$end]" $json_prices > $split_file
-      local split_lines=$(jq '. | length' $split_file)
-      echo "starting iteration $i from $start to $end with $split_file command -v has $split_lines lines"
-      run_ruby_k8s $namespace "update-prices-$i" "$SCRIPT_FULL_PATH/ruby/update_prices.rb" $split_file
-    done
-  else
-  	run_ruby_k8s $namespace "update-prices" "$SCRIPT_FULL_PATH/ruby/update_prices.rb" $json_prices
-  fi
-}
-
-
-update_surveys() {
-  local namespace=$1
-  local csv_surveys=$2
-
-  local csv_size=$(wc -c < "$csv_surveys")
-
-
-  if ((csv_size > 940000)); then
-    local max_lines=400
-    local total_lines=$(wc -l < $csv_surveys)
-    local iterations=$((total_lines / max_lines + 1))
-    echo "$csv_surveys is too big, I'll split it for you in blocks of $max_lines lines. It will take $iterations runs"
-    for (( i = 0 ; i < iterations ; i++ )) ; do
-      local start=$((i * max_lines + 2))
-      local end=$(( (i + 1) * max_lines + 1))
-      local split_file=$(mktemp)
-      head -1 $csv_surveys > $split_file
-      sed -n ''"$start,${end}p" $csv_surveys >> $split_file
-
-
-      local split_lines=$(wc -l < $split_file)
-      echo "starting iteration $i from $start to $end with $split_file command -v has $split_lines lines"
-      run_ruby_k8s $namespace "reimport-surveys-$i" "$SCRIPT_FULL_PATH/ruby/feedback_kpi_reuploader.rb" $split_file
-    done
-  else
-  	run_ruby_k8s $namespace "reimport-surveys" "$SCRIPT_FULL_PATH/ruby/feedback_kpi_reuploader.rb" $csv_surveys
-  fi
-}
-
-#!/usr/bin/env bash
-
-configure_gitlab_ssh() {
-  tmp_dir=$(mktemp -d)
-  ssh-keyscan gitlab.com > $tmp_dir/known_hosts
-  echo "$SSH_PRIVATE_KEY" > $tmp_dir/id_rsa
-  chmod 600 $tmp_dir/id_rsa
-  ssh -i $tmp_dir/id_rsa -T git@gitlab.com
-  rm -Rf $tmp_dir
-}
-
-
-configure_gitlab_ssh_home() {
-  mkdir ~/.ssh
-  ssh-keyscan gitlab.com >> ~/.ssh/known_hosts
-  echo "$SSH_PRIVATE_KEY" > ~/.ssh/id_rsa
-  chmod 600 ~/.ssh/id_rsa
-  ssh -T git@gitlab.com
-}
-#!/usr/bin/env bash
-
-datadog_schedule_downtime() {
-  SERVICES=$1
-  DOWNTIME_MINUTES=${2:-30}
-
-  if [[ "$ENVIRONMENT" == "production" ]] ; then
-    log "scheduling downtime for $SERVICES in $ENVIRONMENT"
-  else
-    return 0
-  fi
-
-  for SERVICE in $SERVICES ; do
-    datadog_schedule_downtime_single $SERVICE $DOWNTIME_MINUTES
-  done
-}
-
-datadog_schedule_downtime_single() {
-  local SERVICE=$1
-  local DOWNTIME_MINUTES=$2
-
-  START=$(date +%s)
-  END=$((START + 60 * DOWNTIME_MINUTES))
-
-  log "scheduling a downtime on datadog for $SERVICE ($DOWNTIME_MINUTES minutes)"
-  curl -X POST "https://api.datadoghq.com/api/v1/downtime" \
-    -H "Content-Type: application/json" \
-    -H "DD-API-KEY: ${DD_API_KEY}" \
-    -H "DD-APPLICATION-KEY: ${DD_APP_KEY}" \
-    -d '
-      {
-        "active": true,
-          "downtime_type": 0,
-          "start": $START,
-          "end": $END,
-          "message": "CA Deployment - performance for $SERVICE may be lower for next $DOWNTIME_MINUTES min",
-          "monitor_tags": [
-            "service:$SERVICE",
-            "performance"
-          ],
-          "scope": [
-            "env:production"
-          ],
-          "timezone": "Europe/Paris"
-      }
-      '
-}
-#!/usr/bin/env bash
-
-docker_build_push() {
-  read -r -a BUILD_ARGS <<< "$1"
-  DOCKER_BUILD_ARGS="--build-arg VCS_REF=$(git rev-parse --short HEAD)"
-  for ARG_NAME in "${BUILD_ARGS[@]}"
-  do
-     DOCKER_BUILD_ARGS="$DOCKER_BUILD_ARGS --build-arg $ARG_NAME=${!ARG_NAME}"
-  done
-
-  if ! image_exists $DOCKER_REGISTRY_ID $APPLICATION $CI_COMMIT_SHORT_SHA ; then
-    docker pull $DOCKER_IMAGE || true
-    docker build $DOCKER_BUILD_ARGS -t $DOCKER_IMAGE_SHA --cache-from $DOCKER_IMAGE $DOCKER_STAGE_PATH
-    docker push $DOCKER_IMAGE_SHA
-  fi
-}
-
-docker_promote() {
-   # inspired by https://dille.name/blog/2018/09/20/how-to-tag-docker-images-without-pulling-them/
-   OLD_TAG=${1//[^0-9a-zA-Z-.]/_}
-   NEW_TAG=${2//[^0-9a-zA-Z-.]/_}
-   echo "promoting from $OLD_TAG to $NEW_TAG"
-   TOKEN=$(aws_ecr_token)
-   CONTENT_TYPE="application/vnd.docker.distribution.manifest.v2+json"
-   MANIFESTS_API="https://${DOCKER_REGISTRY}/v2/${APPLICATION}/manifests"
-
-   if MANIFEST=$(curl --fail -H "Authorization: Basic $TOKEN" -H "Accept: ${CONTENT_TYPE}" "$MANIFESTS_API/${OLD_TAG}"); then
-     echo "authenticated on $MANIFESTS_API"
-   else
-     return 1
-   fi
-   if curl --fail -H "Authorization: Basic $TOKEN" -X PUT -H "Content-Type: ${CONTENT_TYPE}" -d "${MANIFEST}" "$MANIFESTS_API/$NEW_TAG" ; then
-     echo "promoted ${APPLICATION} from $OLD_TAG to $NEW_TAG"
-   else
-     return 2
-   fi
- }
-
- ensure_images_exists() {
-   for IMAGE_TO_CHECK in $(echo $1 | tr "," "\n"); do
-     image_exists ${DOCKER_REGISTRY_ID} ${IMAGE_TO_CHECK} ${VERSION} || return 1
-   done
- }
-#!/usr/bin/env bash
-
-extract_yaml_config_variable() {
-  set +e
-  set +x
-
-  check_args "--environment" $1
-  shift
-  ENVIRONMENT=$1
-  shift
-
-  check_args "--configs-path" $1
-  shift
-  CONFIGS_PATH=$1
-  shift
-
-  check_args "--variable" $1
-  shift
-  VARIABLE=$1
-  shift
-
-  [[ "$1" == "--optional" ]] && OPTIONAL=true || OPTIONAL=false
-
-  if [ ! -f ${CONFIGS_PATH}/common.yaml ]; then
-    echo >&2 "Missing $CONFIGS_PATH/common.yaml configuration file"
-    exit 1
-  fi
-  if [ ! -f ${CONFIGS_PATH}/${ENVIRONMENT}.yaml ]; then
-    echo >&2 "Missing $CONFIGS_PATH/$ENVIRONMENT.yaml configuration file"
-    exit 1
-  fi
-  if [ ! -f ${CONFIGS_PATH}/${ENVIRONMENT}-secrets.yaml ]; then
-    echo >&2 "Missing $CONFIGS_PATH/$ENVIRONMENT-secrets.yaml configuration file"
-    exit 1
-  fi
-
-  result=$(yq -r ${VARIABLE} "$CONFIGS_PATH/$ENVIRONMENT-secrets.yaml")
-  if [ $? -ne 0 ] || [ "$result" = "null" ]; then
-    result=$(yq -r ${VARIABLE} "$CONFIGS_PATH/$ENVIRONMENT.yaml")
-    if [ $? -ne 0 ] || [ "$result" = "null" ]; then
-      result=$(yq -r ${VARIABLE} "$CONFIGS_PATH/common.yaml")
-      if [ $? -ne 0 ] || [ "$result" = "null" ]; then
-        if [ $OPTIONAL = true ]; then
-          echo ""
-          exit 0
-        else
-          echo >&2 "Missing path $VARIABLE in $CONFIGS_PATH/$ENVIRONMENT-secrets.yaml, $CONFIGS_PATH/$ENVIRONMENT.yaml or $CONFIGS_PATH/common.yaml"
-          exit 1
-        fi
-      fi
-    fi
-  fi
-  echo ${result}
-}
-#!/usr/bin/env bash
-
-flyway_clean() {
-  HOST="$1"
-  PORT="$2"
-  DATABASE="$3"
-  USER="$4"
-  PASSWORD="$5"
-
-  kubectl run -it --rm flywayclean \
-  --image=flyway/flyway \
-  --restart=Never \
-  -- \
-  -cleanDisabled=false \
-  -url="jdbc:postgresql://$HOST:$PORT/$DATABASE" \
-  -user="$USER" \
-  -password="$PASSWORD" \
-  clean
-}
-
-#!/usr/bin/env bash
-
-FLYWAY_VERSION="5.2.4"
-
-
-get_yaml_variable() {
-  extract_yaml_config_variable --environment ${ENVIRONMENT} --configs-path $(pwd)/deploy --variable $@
-}
-
-init_migrate_db() {
-  set -e
-
-  check_env_vars 4 "APPLICATION" "ENVIRONMENT" "FLYWAY_VERSION" "MIGRATION_SQL_PATH"
-
-  PG_YAML_PATH=".${APPLICATION}config.postgres"
-
-  DB_PORT="5432"
-  DB_HOST=$(get_yaml_variable "${PG_YAML_PATH}.host")
-  DB_INIT_USERNAME=$(get_yaml_variable "${PG_YAML_PATH}.initUsername")
-  DB_INIT_PASSWORD=$(get_yaml_variable "${PG_YAML_PATH}.initPassword")
-  DB_DATABASE=$(get_yaml_variable "${PG_YAML_PATH}.database")
-  DB_USER=$(get_yaml_variable "${PG_YAML_PATH}.user")
-  DB_PASSWORD=$(get_yaml_variable "${PG_YAML_PATH}.password")
-  DB_URL="jdbc:postgresql://${DB_HOST}:${DB_PORT}/${DB_DATABASE}"
-
-  DB_RO_USER=$(get_yaml_variable "${PG_YAML_PATH}.readOnlyUser" --optional)
-  DB_RO_PASSWORD=$(get_yaml_variable "${PG_YAML_PATH}.readOnlyPassword" --optional)
-
-  unset KUBECONFIG
-
-  configure_kubectl_for_ci ${ENVIRONMENT}
-
-  kube_init_service_database \
-    --namespace ${ENVIRONMENT} \
-    --service ${APPLICATION} \
-    --db_host ${DB_HOST} \
-    --db_port ${DB_PORT} \
-    --db_init_username ${DB_INIT_USERNAME} \
-    --db_init_password ${DB_INIT_PASSWORD} \
-    --db_database ${DB_DATABASE} \
-    --db_username ${DB_USER} \
-    --db_password ${DB_PASSWORD}
-
-  if [[ ! -z "$DB_RO_USER" ]] && [[ ! -z "$DB_RO_USER" ]]; then
-    kube_init_database_readonly_account \
-      --namespace ${ENVIRONMENT} \
-      --service ${APPLICATION} \
-      --db_connection "$DB_INIT_USERNAME:$DB_INIT_PASSWORD@$DB_HOST:$DB_PORT" \
-      --db_database ${DB_DATABASE} \
-      --db_readonly_username ${DB_RO_USER} \
-      --db_readonly_password ${DB_RO_PASSWORD}
-  fi
-
-  flyway_migrate \
-    --environment ${ENVIRONMENT} \
-    --namespace ${ENVIRONMENT} \
-    --service ${APPLICATION} \
-    --db_url ${DB_URL} \
-    --db_user ${DB_USER} \
-    --db_password ${DB_PASSWORD} \
-    --flyway_version ${FLYWAY_VERSION} \
-    --flyway_sql_folder $(pwd)/${MIGRATION_SQL_PATH}
-}
-
-flyway_migrate() {
-  set -e
-
-  extract_args 8 \
-    environment namespace service db_url db_user db_password flyway_version flyway_sql_folder $*
-
-  echo "running flyway migrations for service $service in environment $environment namespace $namespace for db_url $db_url with user $db_user"
-  echo "migration files expected in $flyway_sql_folder"
-
-  CONFIGMAP_NAME="$service-flyway-migration-sql"
-  POD_NAME="$service-flyway-migration"
-
-  configure_kubectl_for_ci $environment
-
-  kubectl -n $namespace delete configmap $CONFIGMAP_NAME --ignore-not-found
-  kubectl -n $namespace delete pod $POD_NAME --ignore-not-found
-  kubectl -n $namespace create configmap $CONFIGMAP_NAME --from-file=$flyway_sql_folder
-
-  kubectl -n $namespace run $POD_NAME --image ignored -ti --restart=Never --attach --rm --overrides='
-{
-   "spec":{
-      "containers":[
-         {
-            "name":"'$POD_NAME'",
-            "image":"boxfuse/flyway:'$flyway_version'",
-            "command":["flyway", "-url='$db_url'", "-user='$db_user'", "-password='$db_password'", "migrate"],
-            "volumeMounts":[
-               {
-                  "name":"sql",
-                  "mountPath":"/flyway/sql"
-               }
-            ]
-         }
-      ],
-      "volumes":[
-         {
-            "name":"sql",
-            "configMap":{
-               "name":"'$CONFIGMAP_NAME'"
-            }
-         }
-      ]
-   }
-}
-'
-
-  kubectl -n $namespace delete configmap $CONFIGMAP_NAME
-}
-
-#!/usr/bin/env bash
-
-record_git_commit() {
-    for file in $GIT_COMMIT_FILES; do
-      sed -i 's&GIT_COMMIT&'"${CI_COMMIT_REF_SLUG}-${CI_COMMIT_SHORT_SHA}&" "$file"
-    done
-}
-
-gitlab_import_pgp_key() {
-  if [ "$GITLAB_PGP_PRIVATE_KEY" != "" ]
-  then
-    KEY_FOLDER=<(echo "$GITLAB_PGP_PRIVATE_KEY")
-    gpg --import $KEY_FOLDER > /dev/null
-  else
-    echo '$GITLAB_PGP_PRIVATE_KEY is not set'
-    return 1
-  fi
-}
-
-git_reveal() {
-  gitlab_import_pgp_key
-  gpg --decrypt $1
-}
-#!/usr/bin/env bash
-
-helm_deploy_v3() {
-  APPLICATION=$1
-  ENVIRONMENT=$2
-  VERSION=$3
-  deploy_chart_v3 \
-    --path_configs deploy \
-    --path_chart deploy/$APPLICATION \
-    --application $APPLICATION \
-    --environment $ENVIRONMENT \
-    --namespace $ENVIRONMENT \
-    --helm_extra_args --set global.version=$VERSION
-}
-
-deploy_chart_v3() {
-  set -e
-  set -x
-
-  # Rigid parsing, but all args are mandatory (expect last) and flexible order is unnecessary
-  check_args "--path_configs" $1; shift
-  path_configs=$1; shift
-  check_args "--path_chart" $1; shift
-  path_chart=$1; shift
-  check_args "--application" $1; shift
-  application=$1; shift
-  check_args "--environment" $1; shift
-  environment=$1; shift
-  check_args "--namespace" $1; shift
-  namespace=$1; shift
-  if [ $# -ne 0 ]; then
-    check_args "--helm_extra_args" $1; shift
-    helm_extra_args=$*
-  fi
-
-  echo "================================"
-  echo " Deploying $application"
-  echo " - Environment: $environment"
-  echo " - Namespace: $namespace"
-  echo "================================"
-
-  root_path=$(pwd)
-
-  # Check the configs exists
-
-  check_config_file ${root_path}/${path_configs}/common.yaml
-  check_config_file ${root_path}/${path_configs}/${namespace}.yaml
-  check_config_file ${root_path}/${path_configs}/${namespace}-secrets.yaml
-
-  # Check the chart exists
-  if [ ! -d ${root_path}/${path_chart} ] || [ ! -f ${root_path}/${path_chart}/Chart.yaml ]; then
-      echo "Bad Chart $root_path/$path_chart : does not exists or missing Chart.yaml"
-      print_usage
-      exit 1
-  fi
-
-  # Unset Kubectl configuration made via the KUBECONFIG env variable
-  #  it would override the config made by configure_kubectl_for
-  #  for example, using Gitlab runners in Kubernetes sets this variable and causes conflict
-  unset KUBECONFIG
-
-  # Configure Kubectl
-  configure_kubectl_for_ci ${environment}
-
-  # Configure helm3
-  helm3 version --namespace ${namespace} || true
-  # helm3 stable repo have changed and must be updated manually, in versions < v2.17.0
-  helm3 repo add colisweb s3://colisweb-helm-charts/colisweb
-  helm3 repo add stable https://charts.helm.sh/stable
-  helm3 repo update
-  helm3 dependency update ${root_path}/${path_chart}
-
-  # Gather values/*.yaml files
-  values_path="${root_path}/${path_chart}/values"
-  values_files=''
-  [ -d $values_path ] && values_files=$(find $values_path -type f -maxdepth 1 -name "*.yaml" | sed 's/^/ -f /' | tr -d \\n | sed 's/%//')
-
-  # Deploy
-  helm3 upgrade --install \
-    --namespace ${namespace} \
-    ${values_files} \
-    -f ${root_path}/${path_configs}/common.yaml \
-    -f ${root_path}/${path_configs}/${namespace}.yaml \
-    -f ${root_path}/${path_configs}/${namespace}-secrets.yaml \
-    ${helm_extra_args} \
-    ${application} ${root_path}/${path_chart}
-
-  #send event to dd
-  PUBLISHED_VERSION="$CI_COMMIT_REF_NAME-$CI_COMMIT_SHA"
-  emit_datadog_deploy_event  --environment $environment --service $application  --version $PUBLISHED_VERSION
-
-  echo "================================"
-  echo " Deployed $application"
-  echo " - Environment: $environment"
-  echo " - Namespace: $namespace"
-  echo "================================"
-
-  set +x
-}
-
-verify_deployments_v3() {
-  set -e
-
-  # usage :
-  # verify_deployments staging price
-  # verify_deployments -t 15m testing price
-
-  if [ "$1" = "-t" ] ; then
-    TIMEOUT=$2
-    shift
-    shift
-  else
-    TIMEOUT=5m
-  fi
-
-  NAMESPACE=$1
-  RELEASE=$2
-
-  # Get all Deployments names from the deployed chart
-  DEPLOYMENTS=(
-    $(helm3 get manifest --namespace $NAMESPACE $RELEASE | yq -rs '.[] | select(.kind=="Deployment") | .metadata.name')
-  )
-
-  echo "verifying on $NAMESPACE deployments ${DEPLOYMENTS[@]} with a timeout of $TIMEOUT"
-
-  PIDS=()
-  for D in "${DEPLOYMENTS[@]}"; do
-    kubectl -n ${NAMESPACE} rollout status deployment ${D} --timeout=${TIMEOUT} &
-    PIDS+=($!)
-  done
-
-  for P in ${PIDS[@]}; do
-    wait $P
-
-    if [ $? -ne 0 ]; then
-      echo "at least one deployment failed or timed out (after $TIMEOUT)"
-      exit 1
-    fi
-  done
-
-}
-
-print_usage() {
-  echo "Usage:"
-  echo "deploy_chart \\"
-  echo "  --path_configs <path to .yaml namespaces and secret config files>"
-  echo "  --path_chart <path to Helm Chart>"
-  echo "  --application <application name used by Helm>"
-  echo "  --environment <infrastructure environment>"
-  echo "  --namespace <namespace>"
-  echo "  --helm-extra-args <extra args to pass to helm, ex: --set my.value=42 --set your.setting=on>"
-  echo ""
-}
-
-check_config_file() {
-    local filename=$1
-    if [ ! -f ${filename} ]; then
-        echo "Missing $filename configuration file"
-        print_usage
-        exit 1
-    fi
-}
-
-#!/usr/bin/env bash
-
-configure_kubectl_for_ci() {
-  if [ -z ${GITLAB_PAT} ]; then
-    echo "Cannot configure kubectl: no GITLAB_PAT configured"
-    exit 1
-  fi
-
-  infra_env="$1"
-  valid_envs="[testing][staging][production][performance][tests][recette]"
-  echo "$valid_envs" | grep -q "\[$infra_env\]"
-
-  if [ $? -ne 0 ]; then
-    echo "Cannot configure kubectl for invalid env : $infra_env"
-    echo "choose one of $valid_envs"
-    exit 1
-  fi
-
-  mkdir -p ~/.kube
-  curl -fsS \
-  --header "PRIVATE-TOKEN: $GITLAB_PAT" \
-  "https://gitlab.com/api/v4/projects/8141053/jobs/artifacts/$infra_env/raw/$infra_env.kubeconfig?job=4_kubernetes_config_output" \
-  > ~/.kube/$infra_env.kubeconfig
-
-  curl_return_code=$?
-  if [ ${curl_return_code} -ne 0 ]; then
-    echo "Cannot configure kubectl for $infra_env, get configuration failed with code $curl_return_code"
-    exit ${curl_return_code}
-  fi
-
-  rm -f ~/.kube/config
-  ln -s ~/.kube/$infra_env.kubeconfig ~/.kube/config
-  echo "Configured kubectl for env : $infra_env"
-}
-notify_new_deployment() {
-  jq --version || (apt update && apt install -y jq)
-
-  CHAT_URL=${1:-$DEFAULT_CHAT_URL}
-
-  STATUS=$(echo $CI_JOB_STATUS | tr '[:lower:]' '[:upper:]' )
-  ENV_NAME=$(echo $ENVIRONMENT | tr '[:lower:]' '[:upper:]' )
-
-  JOB_LINK="<$CI_JOB_URL| $CI_JOB_NAME $CI_JOB_ID>"
-
-  DESCRIPTION="
-  $STATUS : Deployment for $CI_PROJECT_NAME on $ENV_NAME
-  $JOB_LINK
-  $CI_COMMIT_TITLE
-  "
-
-  JSON_MESSAGE=$(jq -n --arg text "$DESCRIPTION" '{text: $text }')
-  curl -X POST $CHAT_URL \
-  --header "Content-Type: application/json" \
-  --data "$JSON_MESSAGE"
-}
-notify_new_version() {
-
-  ! test -z $CI_COMMIT_TAG || exit 0
-
-  jq --version || (apt update && apt install -y jq)
-
-  KIND=$1
-  CHAT_URL=${2:-$DEFAULT_CHAT_URL}
-
-  STATUS=$(echo $CI_JOB_STATUS | tr '[:lower:]' '[:upper:]' )
-  ENV_NAME=$(echo $ENVIRONMENT | tr '[:lower:]' '[:upper:]' )
-  TITLE="$ENV_NAME *$STATUS* $KIND for version *$CI_COMMIT_TAG* of *$CI_PROJECT_NAME* "
-
-  RELEASE_URL="https://gitlab.com/api/v4/projects/$CI_PROJECT_ID/releases/$CI_COMMIT_TAG"
-
-  NOTES=$(curl --header "PRIVATE-TOKEN: $GITLAB_TOKEN" $RELEASE_URL |
-    jq .description |
-    sed -e 's/^"//' -e 's/"$//' |
-    sed -E 's/\[([^]]+)\]\(([^)]+)\)/<\2|\1>/g' |
-    sed -E 's/\\n/\'$'\n/g')
-
-  JOB_LINK="<$CI_JOB_URL| $CI_JOB_NAME $CI_JOB_ID>"
-
-  DESCRIPTION="
-  $TITLE
-  $JOB_LINK
-  $NOTES
-  "
-
-  JSON_MESSAGE=$(jq -n --arg text "$DESCRIPTION" '{text: $text }')
-  curl -X POST $CHAT_URL \
-    --header "Content-Type: application/json" \
-    --data "$JSON_MESSAGE"
-}
-#!/usr/bin/env bash
-
-skip_sbt_compile_cache() {
-  COMPARED_BRANCH="${CI_MERGE_REQUEST_TARGET_BRANCH_NAME:-$CI_DEFAULT_BRANCH}"
-  echo "branch to compare to: $COMPARED_BRANCH"
-  git fetch origin $COMPARED_BRANCH
-  echo "fetched $COMPARED_BRANCH"
-  [[ "$CI_COMMIT_REF_NAME" =~ ^(master|develop)$ || $(git diff origin/$COMPARED_BRANCH --exit-code -- project) ]]
-}
-#!/usr/bin/env bash
-
-# in case of trouble with functions for update history during import
-# https://stackoverflow.com/questions/56729192/pg-restore-fails-when-trying-to-create-function-referencing-table-that-does-not
-
-# example: clone_databases --source_env testing --destination_env recette --services "order,notification,parcel,ikea"
-clone_databases() {
-  export USERNAME="database-cloner"
-
-  set -e
-
-  extract_args 3 source_env destination_env services $*
-
-  dump_databases "$source_env" "$services"
-  import_databases "$destination_env" "$services"
-}
-
-dump_databases() {
-  local env="$1"
-  local services=$(echo -n "$2" | tr ',' '\n')
-
-  database_k8s_output_dump_path="/tmp/database_k8s_output_dump"
-
-  configure_kubectl_for "$env"
-  set +e
-  database_k8s "$env" > "$database_k8s_output_dump_path"
-  set -e
-
-  source_pg_local_port=$(extract_pg_local_port "$database_k8s_output_dump_path")
-
-  for service in $services
-  do
-    service_path="/tmp/$service"
-
-    set +e
-    git clone "git@gitlab.com:colisweb/back/$service.git" "$service_path"
-    set -e
-
-    if cd "$service_path"; then
-      echo "dump the database for service $service.."
-
-      git secret reveal -f
-
-      PG_YAML_PATH=".${service}config.postgres"
-
-      SOURCE_DB_DATABASE=$(extract_yaml_config_variable --environment "$env" --configsPath ./deploy --variable "${PG_YAML_PATH}.database")
-      SOURCE_DB_USER=$(extract_yaml_config_variable --environment "$env" --configsPath ./deploy --variable "${PG_YAML_PATH}.user")
-      SOURCE_DB_PASSWORD=$(extract_yaml_config_variable --environment "$env" --configsPath ./deploy --variable "${PG_YAML_PATH}.password")
-
-      export PGPASSWORD="$SOURCE_DB_PASSWORD"
-
-      DUMP_PATH="/tmp/db_dump_${service}.sql"
-      pg_dump --no-owner -h localhost -p "$source_pg_local_port" -U "$SOURCE_DB_USER" "$SOURCE_DB_DATABASE" > "$DUMP_PATH"
-
-      cd ..
-      rm -rf "$service_path"
-    else
-      echo "WARN: failed to clone $service - skipping"
-    fi
-  done
-}
-
-import_databases() {
-  local env="$1"
-  local services=$(echo -n "$2" | tr ',' '\n')
-
-  database_k8s_output_import_path="/tmp/database_k8s_output_import"
-
-  configure_kubectl_for "$env"
-  set +e
-  database_k8s "$env" > "$database_k8s_output_import_path"
-  set -e
-
-  destination_pg_local_port=$(extract_pg_local_port "$database_k8s_output_import_path")
-
-  for service in $services
-  do
-    service_path="/tmp/$service"
-
-    set +e
-    git clone "git@gitlab.com:colisweb/back/$service.git" "$service_path"
-    set -e
-
-    if cd "$service_path"; then
-      echo "create and import database for $service.."
-
-      git secret reveal -f
-
-      PG_YAML_PATH=".${service}config.postgres"
-
-      DB_PORT="5432"
-      DB_HOST=$(extract_yaml_config_variable --environment "$env" --configsPath ./deploy --variable "${PG_YAML_PATH}.host")
-      DB_INIT_USERNAME=$(extract_yaml_config_variable --environment "$env" --configsPath ./deploy --variable "${PG_YAML_PATH}.initUsername")
-      DB_INIT_PASSWORD=$(extract_yaml_config_variable --environment "$env" --configsPath ./deploy --variable "${PG_YAML_PATH}.initPassword")
-      DB_DATABASE=$(extract_yaml_config_variable --environment "$env" --configsPath ./deploy --variable "${PG_YAML_PATH}.database")
-      DB_USER=$(extract_yaml_config_variable --environment "$env" --configsPath ./deploy --variable "${PG_YAML_PATH}.user")
-      DB_PASSWORD=$(extract_yaml_config_variable --environment "$env" --configsPath ./deploy --variable "${PG_YAML_PATH}.password")
-
-      kube_init_service_database \
-        --namespace ${env} \
-        --service ${service} \
-        --db_host ${DB_HOST} \
-        --db_port ${DB_PORT} \
-        --db_init_username ${DB_INIT_USERNAME} \
-        --db_init_password ${DB_INIT_PASSWORD} \
-        --db_database ${DB_DATABASE} \
-        --db_username ${DB_USER} \
-        --db_password ${DB_PASSWORD}
-
-      echo "WARN: A complete clean of $DB_DATABASE on $DB_HOST will be operated"
-      read -rsn1 -p"Press any key to continue";echo
-      flyway_clean "$DB_HOST" "$DB_PORT" "$DB_DATABASE" "$DB_USER" "$DB_PASSWORD"
-
-      DUMP_PATH="/tmp/db_dump_${service}.sql"
-      export PGPASSWORD="$DB_PASSWORD"
-      set +e
-      psql "postgres://$DB_USER@127.0.0.1:$destination_pg_local_port" -p "$DB_DATABASE" -f "$DUMP_PATH"
-      set -e
-
-      cd ..
-      rm -rf "$service_path"
-    else
-      echo "WARN: failed to clone $service - skipping"
-    fi
-  done
-}
-
-extract_pg_local_port() {
-  cat "$1" | grep 'postgres@127.0.0.1:' | sed 's/.*postgres@127.0.0.1:\(.*[0-9]\).*/\1/g'
-}
-#!/usr/bin/env bash
-
-emit_datadog_deploy_event() {
-  extract_args 3 environment service version $*
-  check_env_vars 1 "DD_API_KEY"
-
-  response=$(
-    curl -X POST -H "Content-type: application/json" \
-      -d '{
-              "title": "deploying '"$service"' to '"$environment"'",
-              "text": "deploying '"$service"' version '"$version"' to '"$environment"'",
-              "priority": "normal",
-              "tags": ["service:'"$service"' ", "env:'"$environment"'" ,"action:'"deployment"'"] ,
-
-              "alert_type": "Info"
-        }' \
-      "https://api.datadoghq.com/api/v1/events?api_key=$DD_API_KEY"
-  )
-
-  #echo $response
-  EventID=$(echo $response | jq ".event.id")
-  url=$(echo $response | jq ".event.url")
-
-  if [[ $EventID -ne 0 ]]; then
-    echo "event successfully created check in datadog UI : $url"
-  else
-    echo " failed to create event "
-    exit 1
-  fi
-}
-
-#!/usr/bin/env bash
-
-# DEPRECATED
-emit_datadog_error_events() {
-  set -e
-  extract_args 4 title text priority environment $*
-  check_env_vars 1 "DD_API_KEY"
-
-  curl -X POST -H "Content-type: application/json" \
-    -d '{
-              "title": "'"$title"'",
-              "text": "'"$text"'",
-              "priority": "'"$priority"'",
-              "tags": ["environment:'"$environment"'"],
-              "alert_type": "Error"
-        }' \
-    "https://api.datadoghq.com/api/v1/events?api_key=$DD_API_KEY"
-}
-
-#!/usr/bin/env bash
-terraform_init() {
-  SECTION=$1
-  ENV=$2
-  cd $SECTION
-  terraform init -input=false
-  terraform workspace select $ENV || terraform workspace new $ENV
-}