Update deploy_packages.sh

This commit is contained in:
Benjamin A. Petersen 2023-09-11 16:31:03 -04:00
parent d99a43bd87
commit 65a54d39a5
No known key found for this signature in database
GPG Key ID: EF6EF83523A4BE46
4 changed files with 119 additions and 41 deletions

View File

@ -61,6 +61,15 @@ log_note "log-args.sh >>> app: ${app} tag: ${tag} 🦄 🦄 🦄 🦄 🦄
# from prepare-for-integration-tests.sh
api_group_suffix="pinniped.dev" # same default as in the values.yaml ytt file
registry="pinniped.local"
repo="test/build"
registry_repo="$registry/$repo"
tag=$(uuidgen) # always a new tag to force K8s to reload the image on redeploy
log_note "Deploying kapp-controller on kind cluster..." log_note "Deploying kapp-controller on kind cluster..."
kapp deploy --app kapp-controller --file https://github.com/vmware-tanzu/carvel-kapp-controller/releases/latest/download/release.yml -y kapp deploy --app kapp-controller --file https://github.com/vmware-tanzu/carvel-kapp-controller/releases/latest/download/release.yml -y
@ -178,11 +187,19 @@ EOF
done done
if [ "${app}" = "pinniped-supervisor" ]; then
resource_name="supervisor"
log_note "Deploying PackageInstall resources for pinniped supervisor and concierge packages..." # matching the hack/prepare-for-integration-tests.sh variables
for resource_name in "${arr[@]}" supervisor_app_name="pinniped-supervisor"
do supervisor_namespace="supervisor"
RESOURCE_NAMESPACE="${resource_name}" # to match the hack/prepare-for-integration-tests.sh file supervisor_custom_labels="{mySupervisorCustomLabelName: mySupervisorCustomLabelValue}"
log_level="debug"
service_https_nodeport_port="443"
service_https_nodeport_nodeport="31243"
service_https_clusterip_port="443"
# package install variables
INSTALL_NAME="${resource_name}-install" INSTALL_NAME="${resource_name}-install"
INSTALL_NAMESPACE="${INSTALL_NAME}-ns" INSTALL_NAMESPACE="${INSTALL_NAME}-ns"
PINNIPED_PACKAGE_RBAC_PREFIX="pinniped-package-rbac-${resource_name}" PINNIPED_PACKAGE_RBAC_PREFIX="pinniped-package-rbac-${resource_name}"
@ -190,6 +207,8 @@ do
PACKAGE_INSTALL_FILE_NAME="./${PACKAGE_INSTALL_DIR}/${resource_name}-pkginstall.yml" PACKAGE_INSTALL_FILE_NAME="./${PACKAGE_INSTALL_DIR}/${resource_name}-pkginstall.yml"
PACKAGE_INSTALL_FILE_PATH="${SCRIPT_DIR}/${PACKAGE_INSTALL_FILE_NAME}" PACKAGE_INSTALL_FILE_PATH="${SCRIPT_DIR}/${PACKAGE_INSTALL_FILE_NAME}"
SECRET_NAME="${resource_name}-package-install-secret" SECRET_NAME="${resource_name}-package-install-secret"
log_note "Deploying PackageInstall resources for ${resource_name}..."
# generate an install file to use
cat > "${PACKAGE_INSTALL_FILE_PATH}" << EOF cat > "${PACKAGE_INSTALL_FILE_PATH}" << EOF
--- ---
apiVersion: packaging.carvel.dev/v1alpha1 apiVersion: packaging.carvel.dev/v1alpha1
@ -216,16 +235,93 @@ metadata:
stringData: stringData:
values.yml: | values.yml: |
--- ---
namespace: "${RESOURCE_NAMESPACE}" app_name: $supervisor_app_name
app_name: "${resource_name}" # this affects services and things, needs to be just the resource name to match hack scripts namespace: $supervisor_namespace
replicas: 1 # keep logs testing easy api_group_suffix: $api_group_suffix
image_repo: $registry_repo
image_tag: $tag
log_level: $log_level
service_https_nodeport_port: $service_https_nodeport_port
service_https_nodeport_nodeport: $service_https_nodeport_nodeport
service_https_clusterip_port: $service_https_clusterip_port
EOF
# removed from above:
# custom_labels: $supervisor_custom_labels
KAPP_CONTROLLER_APP_NAME="${resource_name}-pkginstall"
log_note "deploying ${KAPP_CONTROLLER_APP_NAME}..."
kapp deploy --yes --app "$supervisor_app_name" --diff-changes --file "${PACKAGE_INSTALL_FILE_PATH}"
kubectl apply --dry-run=client -f "${PACKAGE_INSTALL_FILE_PATH}" # Validate manifest schema.
fi
if [ "${app}" = "pinniped-concierge" ]; then
resource_name="concierge"
# matching the hack/prepare-for-integration-tests.sh variables
concierge_app_name="pinniped-concierge"
concierge_namespace="concierge"
webhook_url="https://local-user-authenticator.local-user-authenticator.svc/authenticate"
webhook_ca_bundle="$(kubectl get secret local-user-authenticator-tls-serving-certificate --namespace local-user-authenticator -o 'jsonpath={.data.caCertificate}')"
discovery_url="$(TERM=dumb kubectl cluster-info | awk '/master|control plane/ {print $NF}')"
concierge_custom_labels="{myConciergeCustomLabelName: myConciergeCustomLabelValue}"
log_level="debug"
# package install variables
RESOURCE_NAMESPACE="${resource_name}" # to match the hack/prepare-for-integration-tests.sh file
INSTALL_NAME="${resource_name}-install"
INSTALL_NAMESPACE="${INSTALL_NAME}-ns"
PINNIPED_PACKAGE_RBAC_PREFIX="pinniped-package-rbac-${resource_name}"
RESOURCE_PACKGE_VERSION="${resource_name}.pinniped.dev"
PACKAGE_INSTALL_FILE_NAME="./${PACKAGE_INSTALL_DIR}/${resource_name}-pkginstall.yml"
PACKAGE_INSTALL_FILE_PATH="${SCRIPT_DIR}/${PACKAGE_INSTALL_FILE_NAME}"
SECRET_NAME="${resource_name}-package-install-secret"
log_note "Deploying PackageInstall resources for ${resource_name}..."
cat > "${PACKAGE_INSTALL_FILE_PATH}" << EOF
---
apiVersion: packaging.carvel.dev/v1alpha1
kind: PackageInstall
metadata:
# name, does not have to be versioned, versionSelection.constraints below will handle
name: ${INSTALL_NAME}
namespace: ${INSTALL_NAMESPACE}
spec:
serviceAccountName: "${PINNIPED_PACKAGE_RBAC_PREFIX}-sa-superadmin-dangerous"
packageRef:
refName: "${RESOURCE_PACKGE_VERSION}"
versionSelection:
constraints: "${PINNIPED_PACKAGE_VERSION}"
values:
- secretRef:
name: "${SECRET_NAME}"
---
apiVersion: v1
kind: Secret
metadata:
name: "${SECRET_NAME}"
namespace: ${INSTALL_NAMESPACE}
stringData:
values.yml: |
---
app_name: $concierge_app_name
namespace: $concierge_namespace
api_group_suffix: $api_group_suffix
log_level: $log_level
custom_labels: $concierge_custom_labels
image_repo: $registry_repo
image_tag: $tag
discovery_url: $discovery_url
EOF EOF
KAPP_CONTROLLER_APP_NAME="${resource_name}-pkginstall" KAPP_CONTROLLER_APP_NAME="${resource_name}-pkginstall"
log_note "deploying ${KAPP_CONTROLLER_APP_NAME}..." log_note "deploying ${KAPP_CONTROLLER_APP_NAME}..."
kapp deploy --app "${KAPP_CONTROLLER_APP_NAME}" --file "${PACKAGE_INSTALL_FILE_PATH}" -y # kapp deploy --app "${KAPP_CONTROLLER_APP_NAME}" --file "${PACKAGE_INSTALL_FILE_PATH}" -y
kapp deploy --yes --app "$concierge_app_name" --diff-changes --file "${PACKAGE_INSTALL_FILE_PATH}"
kubectl apply --dry-run=client -f "${PACKAGE_INSTALL_FILE_PATH}" # Validate manifest schema.
fi
done
log_note "Available Packages:" log_note "Available Packages:"
@ -240,7 +336,7 @@ kubectl get deploy -n concierge
# FLOW: # FLOW:
# kind delete cluster --name pinniped # kind delete cluster --name pinniped
# ./hack/prepare-for-integration-tests.sh --alternate-deploy-supervisor $(pwd)/deploy_carvel/deploy.sh --alternate-deploy-concierge $(pwd)/deploy_carvel/deploy.sh # ./hack/prepare-for-integration-tests.sh --alternate-deploy-supervisor $(pwd)/deploy_carvel/deploy-packges.sh --alternate-deploy-concierge $(pwd)/deploy_carvel/deploy-packges.sh
# ./hack/prepare-supervisor-on-kind.sh --oidc # ./hack/prepare-supervisor-on-kind.sh --oidc
# #
# TODO: # TODO:

View File

@ -1,28 +0,0 @@
---
apiVersion: packaging.carvel.dev/v1alpha1
kind: PackageInstall
metadata:
# name, does not have to be versioned, versionSelection.constraints below will handle
name: concierge-install
namespace: concierge-install-ns
spec:
serviceAccountName: "pinniped-package-rbac-concierge-sa-superadmin-dangerous"
packageRef:
refName: "concierge.pinniped.dev"
versionSelection:
constraints: "0.25.0"
values:
- secretRef:
name: "concierge-package-install-secret"
---
apiVersion: v1
kind: Secret
metadata:
name: "concierge-package-install-secret"
namespace: concierge-install-ns
stringData:
values.yml: |
---
namespace: "concierge"
app_name: "concierge" # this affects services and things, needs to be just the resource name to match hack scripts
replicas: 1 # keep logs testing easy

View File

@ -23,6 +23,13 @@ metadata:
stringData: stringData:
values.yml: | values.yml: |
--- ---
namespace: "supervisor" app_name: pinniped-supervisor
app_name: "supervisor" # this affects services and things, needs to be just the resource name to match hack scripts namespace: supervisor
replicas: 1 # keep logs testing easy api_group_suffix: pinniped.dev
image_repo: pinniped.local/test/build
image_tag: 879CCF7A-2F00-4355-80A6-76C713116D93
log_level: debug
service_https_nodeport_port: 443
service_https_nodeport_nodeport: 31243
service_https_clusterip_port: 443

View File

@ -0,0 +1,3 @@
# README
These are hand crafted files, not generated.