fix: make create cluster more flexible and robust
This commit is contained in:
Jonas Juselius
@@ -9,11 +9,6 @@ metadata:
|
||||
namespace: argocd
|
||||
type: Opaque
|
||||
stringData:
|
||||
config: '{"bearerToken": {{ .Files.Get "_token" }}, "tlsClientConfig": { "insecure" : true }}'
|
||||
config: '{"bearerToken": "token", "tlsClientConfig": { "insecure" : true }}'
|
||||
name: {{ $fullname }}
|
||||
server: https://{{ $fullname }}.{{ .Release.Namespace }}
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
+39
-11
@@ -1,5 +1,4 @@
|
||||
#!/usr/bin/env bash
|
||||
#
|
||||
|
||||
if [ ! $# -ge 1 ]; then
|
||||
echo "usage: $0 cluster [helm args]"
|
||||
@@ -17,16 +16,45 @@ name=$1
|
||||
ns=$name-vcluster
|
||||
shift
|
||||
|
||||
kubectl oidc-login get-token \
|
||||
--oidc-issuer-url=https://login.microsoftonline.com/3f737008-e9a0-4485-9d27-40329d288089/v2.0 \
|
||||
--oidc-client-id=9b6daef0-02fa-4574-8949-f7c1b5fccd15 \
|
||||
--oidc-client-secret=o~N8Q~0IvCN05RTohzpYI4yEJ815eKfnzkd9LbUt | jq .status.token > chart/_token
|
||||
yq ".clusters[]|select(.name|contains(\"$name-vcluster\")).name" ~/.kube/config | grep -q "$name"
|
||||
|
||||
$k get ns $ns >/dev/null 2>&1 || $k create ns $ns
|
||||
helm template -n $ns $@ $name ./chart | $k apply -f -
|
||||
if [ $? = 0 ]; then
|
||||
$k get ns $ns >/dev/null 2>&1 || $k create ns $ns
|
||||
helm template -n $ns $@ $name ./chart | $k apply -f -
|
||||
|
||||
$k wait -n $ns --for=condition=ready pod -l app=vcluster
|
||||
kubectl --context $name-vcluster -n dapr-system wait pod --for=condition=ready -l app=dapr-operator
|
||||
sleep 15
|
||||
kubectl kustomize ../resources/atlantis/manifests/staging | kubectl --context $name-vcluster apply -f-
|
||||
else
|
||||
cat << EOF
|
||||
***
|
||||
*** $name-vcluster must be defined in ~/.kube/config
|
||||
***
|
||||
clusters:
|
||||
- cluster:
|
||||
insecure-skip-tls-verify: true
|
||||
server: https://$name-vcluster.beta.oceanbox.io
|
||||
name: $name-vcluster
|
||||
contexts:
|
||||
- context:
|
||||
cluster: $name-vcluster
|
||||
namespace: atlantis
|
||||
user: oidc
|
||||
name: $name-vcluster
|
||||
users:
|
||||
- name: oidc
|
||||
user:
|
||||
exec:
|
||||
apiVersion: client.authentication.k8s.io/v1beta1
|
||||
args:
|
||||
- oidc-login
|
||||
- get-token
|
||||
- --oidc-issuer-url=https://login.microsoftonline.com/3f737008-e9a0-4485-9d27-40329d288089/v2.0
|
||||
- --oidc-client-id=9b6daef0-02fa-4574-8949-f7c1b5fccd15
|
||||
- --oidc-client-secret=[redacted]
|
||||
command: kubectl
|
||||
EOF
|
||||
fi
|
||||
|
||||
$k wait -n $ns --for=condition=ready pod -l app=vcluster
|
||||
kubectl --context $name-vcluster -n dapr-system wait pod --for=condition=ready -l app=dapr-operator
|
||||
sleep 10
|
||||
kubectl kustomize ../resources/atlantis/manifests/staging | kubectl --context $name-vcluster apply -f-
|
||||
|
||||
|
||||
Reference in New Issue
Block a user