diff --git a/deploy.sh b/deploy.sh index 8031b3f..5776f34 100755 --- a/deploy.sh +++ b/deploy.sh @@ -1,63 +1,162 @@ #!/bin/sh -# eval "$(awk 'BEGIN{ -# for (i in ENVIRON) { -# if (i ~ /^(KUBE_)[a-zA-Z_][a-zA-Z0-9_]*$/) { -# printf "export " i "_B64="; -# system("echo \"$"i"\" | base64 -w0"); -# print; -# } -# } -# }' /dev/null)" - -function read_env_file() { - if [[ -f $1 ]]; then +read_env_file() { + if [ -f $1 ]; then set -a && source $1 && set +a; fi } -function build_secret_envs() { +build_secret_envs() { for i in $(env | grep -E '^KUBE_[a-zA-Z_][a-zA-Z0-9_]*=' | cut -d= -f1); do - eval "export ${i}_B64=$(echo ${!i} | base64 -w0)" + eval "export ${i}_B64=$(echo -n ${!i} | base64 -w0)" done } -function deploy_kubernetes() { +apply_template() { + echo -e "\n\n----------------------------------------------------\n" + echo -e "Applying: $1\n" + echo -e "----------------------------------------------------\n\n\n" + + envsubst < $1 | kubectl apply -f - +} + + +apply_deployment() { + for file in $(find $1 -type f); do + apply_template $file + done +} + + +configure_nginx_minikube() { + if [[ $1 == "true" ]]; then + minikube start --driver kvm2 --cpus 2 --memory 4Gib + fi + + minikube addons enable ingress-dns + minikube addons enable ingress +} + + +configure_nginx_ingress() { + helm upgrade --install ingress-nginx ingress-nginx \ + --repo https://kubernetes.github.io/ingress-nginx \ + --namespace ingress-nginx --create-namespace + + kubectl wait --namespace ingress-nginx \ + --for=condition=ready pod \ + --selector=app.kubernetes.io/component=controller \ + --timeout=120s +} + + +configure_cert_manager() { + helm repo add jetstack https://charts.jetstack.io --force-update + helm repo update + helm install cert-manager jetstack/cert-manager \ + --namespace cert-manager \ + --create-namespace \ + --version v1.14.2 \ + --set installCRDs=true \ + --timeout=600s || echo "Cert Manager already installed" +} + + +configure_postgres() { + helm repo add cnpg https://cloudnative-pg.github.io/charts + helm upgrade --install cnpg \ + --namespace ${KUBE_NAMESPACE} \ + --create-namespace \ + cnpg/cloudnative-pg + + kubectl wait --for=condition=available \ + --timeout=600s \ + deployment.apps/cnpg-cloudnative-pg \ + -n ${KUBE_NAMESPACE} + + apply_template "./template/postgres/cn-cluster.template.yaml" + kubectl wait --for=condition=Ready \ + --timeout=600s \ + cluster/postgres-cn-cluster \ + -n ${KUBE_NAMESPACE} +} + + +configure_ingress() { + apply_template "./template/nginx-ingress/nginx-ingress-root.template.yaml" + + if [[ $1 == "local" ]]; then + apply_template "./template/cert-manager/cert-manager-issuer-dev.yaml" + else + apply_template "./template/cert-manager/cert-manager-issuer.yaml" + fi + + apply_template "./template/cert-manager/cert-manager-certificate.template.yaml" +} + + +deploy_kubernetes() { + if [[ $1 == "local" ]]; then + configure_nginx_minikube $2 + else + configure_nginx_ingress + fi + + configure_cert_manager + KUBE_FILES=( "./template/portfolio-namespace.template.yaml" "./template/portfolio-secret.template.yml" ) for file in ${KUBE_FILES[@]}; do - echo -e "\n\n----------------------------------------------------\n" - echo -e "Deploying: $file\n" - echo -e "----------------------------------------------------\n\n\n" - - envsubst < $file + apply_template $file done + + configure_postgres + + apply_deployment "./template/redis" + + apply_deployment "./template/frontend" + + apply_deployment "./template/storage" + + apply_deployment "./template/backend" + + configure_ingress $1 } -function main() { +main() { build_secret_envs - deploy_kubernetes + deploy_kubernetes $@ } -while getopts ":f:" opt; do +environment="remote" +setup_minikube="false" + +while getopts ":f:e:m:h:" opt; do case ${opt} in - f ) + f) echo "Reading env file: ${OPTARG}" read_env_file ${OPTARG} ;; - \? ) - echo "Usage: deploy.sh [-f ]" + e) + [[ ${OPTARG} == "local" ]] && environment="local" + ;; + m) + setup_minikube="true" + ;; + *) + echo "Usage: deploy.sh [-f ] [-e ] [-m ]" + exit 1 ;; esac done -main \ No newline at end of file +main $environment $setup_minikube \ No newline at end of file diff --git a/deployment/portfolio-namespace.yaml b/deployment/portfolio-namespace.yaml deleted file mode 100644 index 5b9aa57..0000000 --- a/deployment/portfolio-namespace.yaml +++ /dev/null @@ -1,4 +0,0 @@ -apiVersion: v1 -kind: Namespace -metadata: - name: portfolio \ No newline at end of file diff --git a/deployment/backend/backend-config.yaml b/template/backend/backend-config.yaml similarity index 63% rename from deployment/backend/backend-config.yaml rename to template/backend/backend-config.yaml index f8b54f6..126b9b6 100644 --- a/deployment/backend/backend-config.yaml +++ b/template/backend/backend-config.yaml @@ -1,9 +1,9 @@ apiVersion: v1 kind: ConfigMap metadata: - namespace: portfolio + namespace: ${KUBE_NAMESPACE} name: backend-config data: backend_url: backend-service backend_port: "8070" - backend_db_name: portfolio \ No newline at end of file + backend_db_name: ${KUBE_DATABASE_NAME} \ No newline at end of file diff --git a/template/backend/backend.template.yaml b/template/backend/backend.template.yaml index 1bb8548..b86482f 100644 --- a/template/backend/backend.template.yaml +++ b/template/backend/backend.template.yaml @@ -1,7 +1,7 @@ apiVersion: apps/v1 kind: Deployment metadata: - namespace: portfolio + namespace: ${KUBE_NAMESPACE} name: backend-deployment spec: replicas: 1 @@ -43,49 +43,49 @@ spec: valueFrom: secretKeyRef: name: frontend-secret - key: frontendPath + key: frontendUrl - name: TOKEN_SECRET valueFrom: secretKeyRef: name: backend-secret - key: tokenSecret + key: backendTokenSecret - name: ACCESS_TOKEN_DURATION valueFrom: secretKeyRef: name: backend-secret - key: accessTokenDuration + key: backendAccessTokenDuration - name: REFRESH_TOKEN_DURATION valueFrom: secretKeyRef: name: backend-secret - key: refreshTokenDuration + key: backendRefreshTokenDuration - name: DEFAULT_USER_FULLNAME valueFrom: secretKeyRef: name: backend-secret - key: defaultUserFullName + key: backendDefaultUserFullName - name: DEFAULT_USER_EMAIL valueFrom: secretKeyRef: name: backend-secret - key: defaultUserEmail + key: backendDefaultUserEmail - name: DEFAULT_USER_USERNAME valueFrom: secretKeyRef: name: backend-secret - key: defaultUserUsername + key: backendDefaultUserUsername - name: DEFAULT_USER_PASSWORD valueFrom: secretKeyRef: name: backend-secret - key: defaultUserPassword + key: backendDefaultUserPassword - name: PORT valueFrom: @@ -97,37 +97,37 @@ spec: valueFrom: secretKeyRef: name: backend-secret - key: googleClientId + key: backendGoogleClientId - name: GOOGLE_CLIENT_SECRET valueFrom: secretKeyRef: name: backend-secret - key: googleClientSecret + key: backendGoogleClientSecret - name: GOOGLE_REDIRECT_URL valueFrom: secretKeyRef: name: backend-secret - key: googleRedirectUrl + key: backendGoogleRedirectUrl - name: GITHUB_CLIENT_ID valueFrom: secretKeyRef: name: backend-secret - key: githubClientId + key: backendGithubClientId - name: GITHUB_CLIENT_SECRET valueFrom: secretKeyRef: name: backend-secret - key: githubClientSecret + key: backendGithubClientSecret - name: GITHUB_REDIRECT_URL valueFrom: secretKeyRef: name: backend-secret - key: githubRedirectUrl + key: backendGithubRedirectUrl - name: POSTGRES_URL valueFrom: @@ -193,7 +193,7 @@ spec: apiVersion: v1 kind: Service metadata: - namespace: portfolio + namespace: ${KUBE_NAMESPACE} name: backend-service spec: selector: diff --git a/template/cert-manager/cert-manager-certificate.template.yaml b/template/cert-manager/cert-manager-certificate.template.yaml index 09d5a1b..7a25aa8 100644 --- a/template/cert-manager/cert-manager-certificate.template.yaml +++ b/template/cert-manager/cert-manager-certificate.template.yaml @@ -2,15 +2,15 @@ apiVersion: cert-manager.io/v1 kind: Certificate metadata: name: letsencrypt-cluster-certificate - namespace: portfolio + namespace: ${KUBE_NAMESPACE} spec: dnsNames: - - ${DOMAIN} - - ${API_DOMAIN} + - ${KUBE_DOMAIN} + - ${KUBE_API_DOMAIN} secretName: letsencrypt-cluster-certificate-tls issuerRef: name: cluster-certificate-issuer kind: ClusterIssuer subject: organizations: - - Hideyoshi \ No newline at end of file + - ${KUBE_DOMAIN_ORGANIZATION} \ No newline at end of file diff --git a/deployment/cert-manager/cert-manager-issuer-dev.yaml b/template/cert-manager/cert-manager-issuer-dev.yaml similarity index 100% rename from deployment/cert-manager/cert-manager-issuer-dev.yaml rename to template/cert-manager/cert-manager-issuer-dev.yaml diff --git a/deployment/cert-manager/cert-manager-issuer.yaml b/template/cert-manager/cert-manager-issuer.yaml similarity index 73% rename from deployment/cert-manager/cert-manager-issuer.yaml rename to template/cert-manager/cert-manager-issuer.yaml index 6936556..de0159f 100644 --- a/deployment/cert-manager/cert-manager-issuer.yaml +++ b/template/cert-manager/cert-manager-issuer.yaml @@ -4,8 +4,8 @@ metadata: name: cluster-certificate-issuer spec: acme: - server: https://acme-v02.api.letsencrypt.org/directory - email: vitor.h.n.batista@gmail.com + server: ${KUBE_CERT_SERVER} + email: ${KUBE_DOMAIN_EMAIL} privateKeySecretRef: name: cluster-certificate-issuer solvers: diff --git a/deployment/frontend/frontend-config.yaml b/template/frontend/frontend-config.yaml similarity index 76% rename from deployment/frontend/frontend-config.yaml rename to template/frontend/frontend-config.yaml index c8bf709..7ca5d0b 100644 --- a/deployment/frontend/frontend-config.yaml +++ b/template/frontend/frontend-config.yaml @@ -1,7 +1,7 @@ apiVersion: v1 kind: ConfigMap metadata: - namespace: portfolio + namespace: ${KUBE_NAMESPACE} name: frontend-config data: frontend_url: frontend-service \ No newline at end of file diff --git a/template/frontend/frontend.template.yaml b/template/frontend/frontend.template.yaml index 614619c..f092690 100644 --- a/template/frontend/frontend.template.yaml +++ b/template/frontend/frontend.template.yaml @@ -1,7 +1,7 @@ apiVersion: apps/v1 kind: Deployment metadata: - namespace: portfolio + namespace: ${KUBE_NAMESPACE} name: frontend-deployment labels: app: frontend @@ -47,23 +47,23 @@ spec: valueFrom: secretKeyRef: name: frontend-secret - key: backendUrl + key: frontendBackendUrl - name: BACKEND_OAUTH_URL valueFrom: secretKeyRef: name: frontend-secret - key: backendOAuthUrl + key: frontendOAuthUrl - name: GITHUB_USER valueFrom: secretKeyRef: name: frontend-secret - key: githubUser + key: frontendGithubUser --- apiVersion: v1 kind: Service metadata: - namespace: portfolio + namespace: ${KUBE_NAMESPACE} name: frontend-service spec: selector: diff --git a/template/nginx-ingress/nginx-ingress-root.template.yaml b/template/nginx-ingress/nginx-ingress-root.template.yaml index e752f56..64bd92d 100644 --- a/template/nginx-ingress/nginx-ingress-root.template.yaml +++ b/template/nginx-ingress/nginx-ingress-root.template.yaml @@ -1,7 +1,7 @@ apiVersion: networking.k8s.io/v1 kind: Ingress metadata: - namespace: portfolio + namespace: ${KUBE_NAMESPACE} name: nginx-ingress annotations: kubernetes.io/ingress.class: nginx @@ -10,11 +10,11 @@ metadata: spec: tls: - hosts: - - ${DOMAIN} - - ${API_DOMAIN} + - ${KUBE_DOMAIN} + - ${KUBE_API_DOMAIN} secretName: letsencrypt-cluster-certificate-tls rules: - - host: ${DOMAIN} + - host: ${KUBE_DOMAIN} http: paths: - path: / @@ -24,7 +24,7 @@ spec: name: frontend-service port: number: 5000 - - host: ${API_DOMAIN} + - host: ${KUBE_API_DOMAIN} http: paths: - path: / diff --git a/template/postgres/cn-cluster.template.yaml b/template/postgres/cn-cluster.template.yaml index 0ce2949..f53bffb 100644 --- a/template/postgres/cn-cluster.template.yaml +++ b/template/postgres/cn-cluster.template.yaml @@ -2,7 +2,7 @@ apiVersion: postgresql.cnpg.io/v1 kind: Cluster metadata: name: postgres-cn-cluster - namespace: portfolio + namespace: ${KUBE_NAMESPACE} spec: instances: 1 primaryUpdateStrategy: unsupervised diff --git a/deployment/redis/redis-config.yaml b/template/redis/redis-config.yaml similarity index 77% rename from deployment/redis/redis-config.yaml rename to template/redis/redis-config.yaml index a63391a..cd08cc9 100644 --- a/deployment/redis/redis-config.yaml +++ b/template/redis/redis-config.yaml @@ -1,7 +1,7 @@ apiVersion: v1 kind: ConfigMap metadata: - namespace: portfolio + namespace: ${KUBE_NAMESPACE} name: redis-config data: redis-url: redis-service diff --git a/deployment/redis/redis.yaml b/template/redis/redis.yaml similarity index 90% rename from deployment/redis/redis.yaml rename to template/redis/redis.yaml index 52908d9..93a1f40 100644 --- a/deployment/redis/redis.yaml +++ b/template/redis/redis.yaml @@ -1,7 +1,7 @@ apiVersion: apps/v1 kind: Deployment metadata: - namespace: portfolio + namespace: ${KUBE_NAMESPACE} name: redis-deployment spec: replicas: 1 @@ -15,7 +15,7 @@ spec: spec: containers: - name: redis - image: bitnami/redis + image: bitnami/redis:6.2.16 imagePullPolicy: "IfNotPresent" resources: requests: @@ -37,7 +37,7 @@ spec: apiVersion: v1 kind: Service metadata: - namespace: portfolio + namespace: ${KUBE_NAMESPACE} name: redis-service spec: selector: diff --git a/deployment/storage/storage-config.yaml b/template/storage/storage-config.yaml similarity index 79% rename from deployment/storage/storage-config.yaml rename to template/storage/storage-config.yaml index 229d64e..e3b0228 100644 --- a/deployment/storage/storage-config.yaml +++ b/template/storage/storage-config.yaml @@ -1,7 +1,7 @@ apiVersion: v1 kind: ConfigMap metadata: - namespace: portfolio + namespace: ${KUBE_NAMESPACE} name: storage-config data: storage_url: storage-service diff --git a/template/storage/storage-processor.template.yaml b/template/storage/storage-processor.template.yaml index 9677924..becbd58 100644 --- a/template/storage/storage-processor.template.yaml +++ b/template/storage/storage-processor.template.yaml @@ -1,7 +1,7 @@ apiVersion: apps/v1 kind: Deployment metadata: - namespace: portfolio + namespace: ${KUBE_NAMESPACE} name: storage-processor-deployment spec: replicas: 1 @@ -44,13 +44,13 @@ spec: valueFrom: secretKeyRef: name: frontend-secret - key: backendUrl + key: frontendBackendUrl - name: EXPIRES_IN valueFrom: secretKeyRef: name: backend-secret - key: accessTokenDuration + key: backendAccessTokenDuration - name: SERVER_PORT valueFrom: @@ -86,34 +86,34 @@ spec: valueFrom: secretKeyRef: name: storage-secret - key: awsAccessKeyId + key: storageAwsAccessKeyId - name: AWS_SECRET_ACCESS_KEY valueFrom: secretKeyRef: name: storage-secret - key: awsSecretAccessKey + key: storageAwsSecretAccessKey - name: AWS_REGION_NAME valueFrom: secretKeyRef: name: storage-secret - key: awsRegion + key: storageAwsRegion - name: AWS_BUCKET_NAME valueFrom: secretKeyRef: name: storage-secret - key: awsBucket + key: storageAwsBucket - name: VIRUS_CHECKER_TYPE valueFrom: secretKeyRef: name: storage-secret - key: virusCheckerType + key: storageVirusCheckerType - name: VIRUS_CHECKER_API_KEY valueFrom: secretKeyRef: name: storage-secret - key: virusCheckerApiKey + key: storageVirusCheckerApiKey diff --git a/template/storage/storage.template.yaml b/template/storage/storage.template.yaml index 9e10e0e..a408161 100644 --- a/template/storage/storage.template.yaml +++ b/template/storage/storage.template.yaml @@ -1,7 +1,7 @@ apiVersion: apps/v1 kind: Deployment metadata: - namespace: portfolio + namespace: ${KUBE_NAMESPACE} name: storage-deployment spec: replicas: 1 @@ -43,13 +43,13 @@ spec: valueFrom: secretKeyRef: name: frontend-secret - key: backendUrl + key: frontendBackendUrl - name: EXPIRES_IN valueFrom: secretKeyRef: name: backend-secret - key: accessTokenDuration + key: backendAccessTokenDuration - name: SERVER_PORT valueFrom: @@ -85,43 +85,43 @@ spec: valueFrom: secretKeyRef: name: storage-secret - key: awsAccessKeyId + key: storageAwsAccessKeyId - name: AWS_SECRET_ACCESS_KEY valueFrom: secretKeyRef: name: storage-secret - key: awsSecretAccessKey + key: storageAwsSecretAccessKey - name: AWS_REGION_NAME valueFrom: secretKeyRef: name: storage-secret - key: awsRegion + key: storageAwsRegion - name: AWS_BUCKET_NAME valueFrom: secretKeyRef: name: storage-secret - key: awsBucket + key: storageAwsBucket - name: VIRUS_CHECKER_TYPE valueFrom: secretKeyRef: name: storage-secret - key: virusCheckerType + key: storageVirusCheckerType - name: VIRUS_CHECKER_API_KEY valueFrom: secretKeyRef: name: storage-secret - key: virusCheckerApiKey + key: storageVirusCheckerApiKey --- apiVersion: v1 kind: Service metadata: - namespace: portfolio + namespace: ${KUBE_NAMESPACE} name: storage-service spec: selector: