fix: make create cluster more flexible and robust
This commit is contained in:
Jonas Juselius
@@ -9,11 +9,6 @@ metadata:
|
|||||||
namespace: argocd
|
namespace: argocd
|
||||||
type: Opaque
|
type: Opaque
|
||||||
stringData:
|
stringData:
|
||||||
config: '{"bearerToken": {{ .Files.Get "_token" }}, "tlsClientConfig": { "insecure" : true }}'
|
config: '{"bearerToken": "token", "tlsClientConfig": { "insecure" : true }}'
|
||||||
name: {{ $fullname }}
|
name: {{ $fullname }}
|
||||||
server: https://{{ $fullname }}.{{ .Release.Namespace }}
|
server: https://{{ $fullname }}.{{ .Release.Namespace }}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|||||||
+39
-11
@@ -1,5 +1,4 @@
|
|||||||
#!/usr/bin/env bash
|
#!/usr/bin/env bash
|
||||||
#
|
|
||||||
|
|
||||||
if [ ! $# -ge 1 ]; then
|
if [ ! $# -ge 1 ]; then
|
||||||
echo "usage: $0 cluster [helm args]"
|
echo "usage: $0 cluster [helm args]"
|
||||||
@@ -17,16 +16,45 @@ name=$1
|
|||||||
ns=$name-vcluster
|
ns=$name-vcluster
|
||||||
shift
|
shift
|
||||||
|
|
||||||
kubectl oidc-login get-token \
|
yq ".clusters[]|select(.name|contains(\"$name-vcluster\")).name" ~/.kube/config | grep -q "$name"
|
||||||
--oidc-issuer-url=https://login.microsoftonline.com/3f737008-e9a0-4485-9d27-40329d288089/v2.0 \
|
|
||||||
--oidc-client-id=9b6daef0-02fa-4574-8949-f7c1b5fccd15 \
|
|
||||||
--oidc-client-secret=o~N8Q~0IvCN05RTohzpYI4yEJ815eKfnzkd9LbUt | jq .status.token > chart/_token
|
|
||||||
|
|
||||||
$k get ns $ns >/dev/null 2>&1 || $k create ns $ns
|
if [ $? = 0 ]; then
|
||||||
helm template -n $ns $@ $name ./chart | $k apply -f -
|
$k get ns $ns >/dev/null 2>&1 || $k create ns $ns
|
||||||
|
helm template -n $ns $@ $name ./chart | $k apply -f -
|
||||||
|
|
||||||
|
$k wait -n $ns --for=condition=ready pod -l app=vcluster
|
||||||
|
kubectl --context $name-vcluster -n dapr-system wait pod --for=condition=ready -l app=dapr-operator
|
||||||
|
sleep 15
|
||||||
|
kubectl kustomize ../resources/atlantis/manifests/staging | kubectl --context $name-vcluster apply -f-
|
||||||
|
else
|
||||||
|
cat << EOF
|
||||||
|
***
|
||||||
|
*** $name-vcluster must be defined in ~/.kube/config
|
||||||
|
***
|
||||||
|
clusters:
|
||||||
|
- cluster:
|
||||||
|
insecure-skip-tls-verify: true
|
||||||
|
server: https://$name-vcluster.beta.oceanbox.io
|
||||||
|
name: $name-vcluster
|
||||||
|
contexts:
|
||||||
|
- context:
|
||||||
|
cluster: $name-vcluster
|
||||||
|
namespace: atlantis
|
||||||
|
user: oidc
|
||||||
|
name: $name-vcluster
|
||||||
|
users:
|
||||||
|
- name: oidc
|
||||||
|
user:
|
||||||
|
exec:
|
||||||
|
apiVersion: client.authentication.k8s.io/v1beta1
|
||||||
|
args:
|
||||||
|
- oidc-login
|
||||||
|
- get-token
|
||||||
|
- --oidc-issuer-url=https://login.microsoftonline.com/3f737008-e9a0-4485-9d27-40329d288089/v2.0
|
||||||
|
- --oidc-client-id=9b6daef0-02fa-4574-8949-f7c1b5fccd15
|
||||||
|
- --oidc-client-secret=[redacted]
|
||||||
|
command: kubectl
|
||||||
|
EOF
|
||||||
|
fi
|
||||||
|
|
||||||
$k wait -n $ns --for=condition=ready pod -l app=vcluster
|
|
||||||
kubectl --context $name-vcluster -n dapr-system wait pod --for=condition=ready -l app=dapr-operator
|
|
||||||
sleep 10
|
|
||||||
kubectl kustomize ../resources/atlantis/manifests/staging | kubectl --context $name-vcluster apply -f-
|
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user