forked from flant/negentropy
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathbootstrap-kube.sh
48 lines (37 loc) · 2.27 KB
/
bootstrap-kube.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
#!/bin/bash
set -e
[ -z "$NS" ] && echo "NS env variable required" && exit 1
[ -z "$GIT_BRANCH" ] && echo "GIT_BRANCH env variable required" && exit 1
[ -z "$GIT_REPO" ] && GIT_REPO=https://github.com/flant/negentropy.git
[ -z "$REQUIRED_NUMBER_OF_SIGNATURES" ] && REQUIRED_NUMBER_OF_SIGNATURES=0
[ -z "$INITIAL_LAST_SUCCESSFULL_COMMIT" ] && INITIAL_LAST_SUCCESSFULL_COMMIT=""
[ -z "$GIT_POLL_PERIOD" ] && GIT_POLL_PERIOD=1m
echo "================= CONFIG ================"
echo "NAMESPACE: $NS"
echo "GIT_REPO: $GIT_REPO"
echo "GIT_BRANCH: $GIT_BRANCH"
echo "REQUIRED_NUMBER_OF_SIGNATURES: $REQUIRED_NUMBER_OF_SIGNATURES"
echo "INITIAL_LAST_SUCCESSFULL_COMMIT: $INITIAL_LAST_SUCCESSFULL_COMMIT"
echo "GIT_POLL_PERIOD: $GIT_POLL_PERIOD"
echo
echo "===== BEGIN NEGENTROPY BOOTSTRAPING ====="
echo
set -x
kubectl create ns $NS
kubectl -n $NS create configmap bootstrap --from-literal=GIT_REPO=$GIT_REPO --from-literal=GIT_BRANCH=$GIT_BRANCH --from-literal=REQUIRED_NUMBER_OF_SIGNATURES=$REQUIRED_NUMBER_OF_SIGNATURES --from-literal=GIT_POLL_PERIOD=$GIT_POLL_PERIOD --from-literal=INITIAL_LAST_SUCCESSFULL_COMMIT="$INITIAL_LAST_SUCCESSFULL_COMMIT"
kubectl -n $NS create sa deploy
kubectl -n $NS label sa deploy "app.kubernetes.io/managed-by"=Helm
kubectl -n $NS annotate sa deploy "meta.helm.sh/release-name"=negentropy
kubectl -n $NS annotate sa deploy "meta.helm.sh/release-namespace"=$NS
kubectl -n $NS create role deploy --verb='*' --resource='*.*'
kubectl -n $NS label role deploy "app.kubernetes.io/managed-by"=Helm
kubectl -n $NS annotate role deploy "meta.helm.sh/release-name"=negentropy
kubectl -n $NS annotate role deploy "meta.helm.sh/release-namespace"=$NS
kubectl -n $NS create rolebinding deploy --role=deploy --serviceaccount=$NS:deploy
kubectl -n $NS label rolebinding deploy "app.kubernetes.io/managed-by"=Helm
kubectl -n $NS annotate rolebinding deploy "meta.helm.sh/release-name"=negentropy
kubectl -n $NS annotate rolebinding deploy "meta.helm.sh/release-namespace"=$NS
(echo -e "metadata:\n name: bootstrap" ; curl -s https://raw.githubusercontent.com/flant/negentropy/$GIT_BRANCH/vault-plugins/flant_gitops/pkg/kube/job_template.yaml) | kubectl -n $NS create -f -
set +x
echo "========= BOOTSTRAP JOB RUNNING ========="
echo "To track deploy type: kubectl -n $NS logs job.batch/bootstrap -f"