Merge pull request #1028 from jvanzyl/main
Minimal changes to allow an alternate deployment mechanism
This commit is contained in:
commit
541811a7a6
@ -51,6 +51,7 @@ clean_kind=no
|
|||||||
api_group_suffix="pinniped.dev" # same default as in the values.yaml ytt file
|
api_group_suffix="pinniped.dev" # same default as in the values.yaml ytt file
|
||||||
skip_chromedriver_check=no
|
skip_chromedriver_check=no
|
||||||
get_active_directory_vars="" # specify a filename for a script to get AD related env variables
|
get_active_directory_vars="" # specify a filename for a script to get AD related env variables
|
||||||
|
alternate_deploy="undefined"
|
||||||
|
|
||||||
while (("$#")); do
|
while (("$#")); do
|
||||||
case "$1" in
|
case "$1" in
|
||||||
@ -90,6 +91,15 @@ while (("$#")); do
|
|||||||
get_active_directory_vars=$1
|
get_active_directory_vars=$1
|
||||||
shift
|
shift
|
||||||
;;
|
;;
|
||||||
|
--alternate-deploy)
|
||||||
|
shift
|
||||||
|
if [[ "$#" == "0" || "$1" == -* ]]; then
|
||||||
|
log_error "--alternate-deploy requires a script path to be specified"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
alternate_deploy=$1
|
||||||
|
shift
|
||||||
|
;;
|
||||||
-*)
|
-*)
|
||||||
log_error "Unsupported flag $1" >&2
|
log_error "Unsupported flag $1" >&2
|
||||||
if [[ "$1" == *"active-directory"* ]]; then
|
if [[ "$1" == *"active-directory"* ]]; then
|
||||||
@ -115,6 +125,7 @@ if [[ "$help" == "yes" ]]; then
|
|||||||
log_note " -g, --api-group-suffix: deploy Pinniped with an alternate API group suffix"
|
log_note " -g, --api-group-suffix: deploy Pinniped with an alternate API group suffix"
|
||||||
log_note " -s, --skip-build: reuse the most recently built image of the app instead of building"
|
log_note " -s, --skip-build: reuse the most recently built image of the app instead of building"
|
||||||
log_note " --get-active-directory-vars: specify a script that exports active directory environment variables"
|
log_note " --get-active-directory-vars: specify a script that exports active directory environment variables"
|
||||||
|
log_note " --alternate-deploy: specify an alternate deploy script to install Pinniped"
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
@ -217,26 +228,32 @@ fi
|
|||||||
log_note "Loading the app's container image into the kind cluster..."
|
log_note "Loading the app's container image into the kind cluster..."
|
||||||
kind load docker-image "$registry_repo_tag" --name pinniped
|
kind load docker-image "$registry_repo_tag" --name pinniped
|
||||||
|
|
||||||
manifest=/tmp/manifest.yaml
|
|
||||||
|
|
||||||
#
|
#
|
||||||
# Deploy local-user-authenticator
|
# Deploy local-user-authenticator
|
||||||
#
|
#
|
||||||
pushd deploy/local-user-authenticator >/dev/null
|
pushd deploy/local-user-authenticator >/dev/null
|
||||||
|
|
||||||
log_note "Deploying the local-user-authenticator app to the cluster..."
|
manifest=/tmp/pinniped-local-user-authenticator.yaml
|
||||||
|
|
||||||
|
if [ "$alternate_deploy" != "undefined" ]; then
|
||||||
|
log_note "The Pinniped local-user-authenticator will be deployed with $alternate_deploy local-user-authenticator $tag..."
|
||||||
|
$alternate_deploy local-user-authenticator $tag
|
||||||
|
else
|
||||||
|
log_note "Deploying the local-user-authenticator app to the cluster using kapp..."
|
||||||
ytt --file . \
|
ytt --file . \
|
||||||
--data-value "image_repo=$registry_repo" \
|
--data-value "image_repo=$registry_repo" \
|
||||||
--data-value "image_tag=$tag" >"$manifest"
|
--data-value "image_tag=$tag" >"$manifest"
|
||||||
|
|
||||||
kapp deploy --yes --app local-user-authenticator --diff-changes --file "$manifest"
|
kapp deploy --yes --app local-user-authenticator --diff-changes --file "$manifest"
|
||||||
kubectl apply --dry-run=client -f "$manifest" # Validate manifest schema.
|
kubectl apply --dry-run=client -f "$manifest" # Validate manifest schema.
|
||||||
|
fi
|
||||||
|
|
||||||
popd >/dev/null
|
popd >/dev/null
|
||||||
|
|
||||||
#
|
#
|
||||||
# Deploy Tools
|
# Deploy Tools
|
||||||
#
|
#
|
||||||
|
manifest=/tmp/pinniped-tools.yaml
|
||||||
dex_test_password="$(openssl rand -hex 16)"
|
dex_test_password="$(openssl rand -hex 16)"
|
||||||
ldap_test_password="$(openssl rand -hex 16)"
|
ldap_test_password="$(openssl rand -hex 16)"
|
||||||
pushd test/deploy/tools >/dev/null
|
pushd test/deploy/tools >/dev/null
|
||||||
@ -268,26 +285,37 @@ kubectl create secret generic "$test_username" \
|
|||||||
#
|
#
|
||||||
# Deploy the Pinniped Supervisor
|
# Deploy the Pinniped Supervisor
|
||||||
#
|
#
|
||||||
|
manifest=/tmp/pinniped-supervisor.yaml
|
||||||
supervisor_app_name="pinniped-supervisor"
|
supervisor_app_name="pinniped-supervisor"
|
||||||
supervisor_namespace="supervisor"
|
supervisor_namespace="supervisor"
|
||||||
supervisor_custom_labels="{mySupervisorCustomLabelName: mySupervisorCustomLabelValue}"
|
supervisor_custom_labels="{mySupervisorCustomLabelName: mySupervisorCustomLabelValue}"
|
||||||
|
log_level="debug"
|
||||||
|
service_http_nodeport_port="80"
|
||||||
|
service_http_nodeport_nodeport="31234"
|
||||||
|
service_https_nodeport_port="443"
|
||||||
|
service_https_nodeport_nodeport="31243"
|
||||||
|
service_https_clusterip_port="443"
|
||||||
|
|
||||||
pushd deploy/supervisor >/dev/null
|
pushd deploy/supervisor >/dev/null
|
||||||
|
|
||||||
log_note "Deploying the Pinniped Supervisor app to the cluster..."
|
if [ "$alternate_deploy" != "undefined" ]; then
|
||||||
|
log_note "The Pinniped Supervisor will be deployed with $alternate_deploy pinniped-supervisor $tag..."
|
||||||
|
$alternate_deploy pinniped-supervisor $tag
|
||||||
|
else
|
||||||
|
log_note "Deploying the Pinniped Supervisor app to the cluster using kapp..."
|
||||||
ytt --file . \
|
ytt --file . \
|
||||||
--data-value "app_name=$supervisor_app_name" \
|
--data-value "app_name=$supervisor_app_name" \
|
||||||
--data-value "namespace=$supervisor_namespace" \
|
--data-value "namespace=$supervisor_namespace" \
|
||||||
--data-value "api_group_suffix=$api_group_suffix" \
|
--data-value "api_group_suffix=$api_group_suffix" \
|
||||||
--data-value "image_repo=$registry_repo" \
|
--data-value "image_repo=$registry_repo" \
|
||||||
--data-value "image_tag=$tag" \
|
--data-value "image_tag=$tag" \
|
||||||
--data-value "log_level=debug" \
|
--data-value "log_level=$log_level" \
|
||||||
--data-value-yaml "custom_labels=$supervisor_custom_labels" \
|
--data-value-yaml "custom_labels=$supervisor_custom_labels" \
|
||||||
--data-value-yaml 'service_http_nodeport_port=80' \
|
--data-value-yaml "service_http_nodeport_port=$service_http_nodeport_port" \
|
||||||
--data-value-yaml 'service_http_nodeport_nodeport=31234' \
|
--data-value-yaml "service_http_nodeport_nodeport=$service_http_nodeport_nodeport" \
|
||||||
--data-value-yaml 'service_https_nodeport_port=443' \
|
--data-value-yaml "service_https_nodeport_port=$service_https_nodeport_port" \
|
||||||
--data-value-yaml 'service_https_nodeport_nodeport=31243' \
|
--data-value-yaml "service_https_nodeport_nodeport=$service_https_nodeport_nodeport" \
|
||||||
--data-value-yaml 'service_https_clusterip_port=443' \
|
--data-value-yaml "service_https_clusterip_port=$service_https_clusterip_port" \
|
||||||
>"$manifest"
|
>"$manifest"
|
||||||
# example of how to disable the http endpoint
|
# example of how to disable the http endpoint
|
||||||
# this is left enabled for now because our integration tests still rely on it
|
# this is left enabled for now because our integration tests still rely on it
|
||||||
@ -295,34 +323,42 @@ ytt --file . \
|
|||||||
|
|
||||||
kapp deploy --yes --app "$supervisor_app_name" --diff-changes --file "$manifest"
|
kapp deploy --yes --app "$supervisor_app_name" --diff-changes --file "$manifest"
|
||||||
kubectl apply --dry-run=client -f "$manifest" # Validate manifest schema.
|
kubectl apply --dry-run=client -f "$manifest" # Validate manifest schema.
|
||||||
|
fi
|
||||||
|
|
||||||
popd >/dev/null
|
popd >/dev/null
|
||||||
|
|
||||||
#
|
#
|
||||||
# Deploy the Pinniped Concierge
|
# Deploy the Pinniped Concierge
|
||||||
#
|
#
|
||||||
|
manifest=/tmp/pinniped-concierge.yaml
|
||||||
concierge_app_name="pinniped-concierge"
|
concierge_app_name="pinniped-concierge"
|
||||||
concierge_namespace="concierge"
|
concierge_namespace="concierge"
|
||||||
webhook_url="https://local-user-authenticator.local-user-authenticator.svc/authenticate"
|
webhook_url="https://local-user-authenticator.local-user-authenticator.svc/authenticate"
|
||||||
webhook_ca_bundle="$(kubectl get secret local-user-authenticator-tls-serving-certificate --namespace local-user-authenticator -o 'jsonpath={.data.caCertificate}')"
|
webhook_ca_bundle="$(kubectl get secret local-user-authenticator-tls-serving-certificate --namespace local-user-authenticator -o 'jsonpath={.data.caCertificate}')"
|
||||||
discovery_url="$(TERM=dumb kubectl cluster-info | awk '/master|control plane/ {print $NF}')"
|
discovery_url="$(TERM=dumb kubectl cluster-info | awk '/master|control plane/ {print $NF}')"
|
||||||
concierge_custom_labels="{myConciergeCustomLabelName: myConciergeCustomLabelValue}"
|
concierge_custom_labels="{myConciergeCustomLabelName: myConciergeCustomLabelValue}"
|
||||||
|
log_level="debug"
|
||||||
|
|
||||||
pushd deploy/concierge >/dev/null
|
pushd deploy/concierge >/dev/null
|
||||||
|
|
||||||
log_note "Deploying the Pinniped Concierge app to the cluster..."
|
if [ "$alternate_deploy" != "undefined" ]; then
|
||||||
|
log_note "The Pinniped Concierge will be deployed with $alternate_deploy pinniped-concierge $tag..."
|
||||||
|
$alternate_deploy pinniped-concierge $tag
|
||||||
|
else
|
||||||
|
log_note "Deploying the Pinniped Concierge app to the cluster using kapp..."
|
||||||
ytt --file . \
|
ytt --file . \
|
||||||
--data-value "app_name=$concierge_app_name" \
|
--data-value "app_name=$concierge_app_name" \
|
||||||
--data-value "namespace=$concierge_namespace" \
|
--data-value "namespace=$concierge_namespace" \
|
||||||
--data-value "api_group_suffix=$api_group_suffix" \
|
--data-value "api_group_suffix=$api_group_suffix" \
|
||||||
--data-value "log_level=debug" \
|
--data-value "log_level=$log_level" \
|
||||||
--data-value-yaml "custom_labels=$concierge_custom_labels" \
|
--data-value-yaml "custom_labels=$concierge_custom_labels" \
|
||||||
--data-value "image_repo=$registry_repo" \
|
--data-value "image_repo=$image_repo" \
|
||||||
--data-value "image_tag=$tag" \
|
--data-value "image_tag=$tag" \
|
||||||
--data-value "discovery_url=$discovery_url" >"$manifest"
|
--data-value "discovery_url=$discovery_url" >"$manifest"
|
||||||
|
|
||||||
kapp deploy --yes --app "$concierge_app_name" --diff-changes --file "$manifest"
|
kapp deploy --yes --app "$concierge_app_name" --diff-changes --file "$manifest"
|
||||||
kubectl apply --dry-run=client -f "$manifest" # Validate manifest schema.
|
kubectl apply --dry-run=client -f "$manifest" # Validate manifest schema.
|
||||||
|
fi
|
||||||
|
|
||||||
popd >/dev/null
|
popd >/dev/null
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user