-
Notifications
You must be signed in to change notification settings - Fork 0
/
bb.edn
96 lines (81 loc) · 2.89 KB
/
bb.edn
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
{:paths ["src"]
:deps {io.github.l3nz/cli-matic {:sha "ddbcad077ba63e0abb3597a7ec6f62c40f91c9e5"}}
:tasks
{:requires
([babashka.fs :as fs]
[clojure.string :as str]
[k3s-fleetops.core :as c])
apply-git-hooks
{:docs "Register git hooks"
:task (shell "git config core.hooksPath .githooks")}
apply-master-application
{:docs "Install 00-master argo application"
:task (shell "kubectl apply -f target/manifests/00-master.yaml")}
build
{:docs "Convert all edn files to yaml"
:task
(do
(shell "mkdir -p target/argo-applications")
(shell "touch target/argo-applications/.gitkeep")
(c/build))}
clean
{:task (shell "rm -rf target")}
create-forgejo-password-secret
{:task (c/create-sealed-secret :forgejo)}
create-harbor-password-secret
{:task (c/create-sealed-secret :harbor)}
create-keycloak-password-secret
{:task (c/create-sealed-secret :keycloak)}
create-sealed-secret
{:task (c/create-sealed-secret)}
delete-secret-controller
{:docs "Delete the sealed secrets controller"
:task
(let [namespace "sealed-secrets"
command (str "kubectl -n \"" namespace "\" delete pod -l name=sealed-secrets-controller")]
(shell command))}
forward-argocd
{:docs "Forward the argocd port"
:task (shell "kubectl port-forward svc/argocd-server -n argocd 8080:443")}
forward-traefik-dashboard
{:docs "Expose traefik dashboard"
:task
(do
(let [get-name-command "kubectl get pods --selector \"app.kubernetes.io/name=traefik\" --output=name"
pod-name (shell get-name-command)
command (str "kubectl port-forward " pod-name " 9000:9000")]
(shell command)))}
;; https://github.com/bitnami-labs/sealed-secrets/blob/main/docs/bring-your-own-certificates.md
install-sealed-key
{:docs "Upload sealed secrets key"
:task
(let [dry-run? false
namespace "sealed-secrets"
secret-name "imported-secret"
public-key "tls.crt"
private-key "tls.key"
command (str
"kubectl "
"-n \"" namespace "\" "
"create secret tls "
"\"" secret-name "\" "
"--cert=\"" public-key "\" "
"--key=\"" private-key "\" ")]
(if dry-run?
(println command)
(shell command)))}
generate-key-file
{:task (shell "openssl rand -out keepass.keyx 256")}
k3d-create
{:description "Create a k3d cluster"
:task (c/k3d-create)}
apply-sealed-key-label
{:docs "Marked the sealed key as active"
:task
(let [dry-run? false
namespace "sealed-secrets"
secret-name "imported-secret"
command (str "kubectl -n \"" namespace "\" label secret \"" secret-name "\" sealedsecrets.bitnami.com/sealed-secrets-key=active")]
(if dry-run?
(println command)
(shell command)))}}}