From 2179e180fe6c5d0e20f19f5ee9e8674c7775f079 Mon Sep 17 00:00:00 2001
From: Wolfgang Hottgenroth <wolfgang.hottgenroth@icloud.com>
Date: Sat, 13 Jan 2024 18:43:57 +0100
Subject: [PATCH] still database stuff

---
 .woodpecker.yml                               |  6 ++-
 .../{install-yml.tmpl => deploy-yml.tmpl}     |  8 ++--
 deployment/deploy.sh                          | 39 +++++++++++++++++++
 3 files changed, 47 insertions(+), 6 deletions(-)
 rename deployment/{install-yml.tmpl => deploy-yml.tmpl} (83%)
 create mode 100755 deployment/deploy.sh

diff --git a/.woodpecker.yml b/.woodpecker.yml
index 11a6591..10849b1 100644
--- a/.woodpecker.yml
+++ b/.woodpecker.yml
@@ -19,10 +19,14 @@ steps:
     secrets:
       - source: kube_config
         target: KUBE_CONFIG_CONTENT
+      - source: encryption_key
+        target: ENCRYPTION_KEY
+      - source: secrets_checksum
+        target: MD5_CHECKSUM
     commands:
       - export IMAGE_TAG=$CI_COMMIT_TAG
       - printf "$KUBE_CONFIG_CONTENT" > /tmp/kubeconfig
       - export KUBECONFIG=/tmp/kubeconfig
-      - cat ./deployment/install-yml.tmpl | sed -e 's,%IMAGETAG%,'$IMAGE_TAG','g | kubectl apply -f -
+      - ./deployment/deploy.sh
     when:
       - event: tag
diff --git a/deployment/install-yml.tmpl b/deployment/deploy-yml.tmpl
similarity index 83%
rename from deployment/install-yml.tmpl
rename to deployment/deploy-yml.tmpl
index 939a719..1a4002d 100644
--- a/deployment/install-yml.tmpl
+++ b/deployment/deploy-yml.tmpl
@@ -1,8 +1,3 @@
-apiVersion: v1
-kind: Namespace
-metadata:
-  name: homea
----
 apiVersion: apps/v1
 kind: Deployment
 metadata:
@@ -23,6 +18,9 @@ spec:
       containers:
         - name: locsrv
           image: gitea.hottis.de/wn/locsrv:%IMAGETAG%
+          envFrom:
+            - secretRef: 
+                name: locsrv-db-cred
           ports:
             - containerPort: 8080
               protocol: TCP
diff --git a/deployment/deploy.sh b/deployment/deploy.sh
new file mode 100755
index 0000000..65e07ad
--- /dev/null
+++ b/deployment/deploy.sh
@@ -0,0 +1,39 @@
+#!/bin/bash
+
+if [ "$IMAGE_TAG" == "" ]; then
+  echo "Make sure IMAGE_TAG is set"
+  exit 1
+fi
+
+
+IMAGE_NAME=gitea.hottis.de/wn/locsrv
+NAMESPACE=homea
+DEPLOYMENT_DIR=$PWD/deployment
+
+pushd $DEPLOYMENT_DIR > /dev/null
+./decrypt-secrets.sh || exit 1 
+. /tmp/secrets
+rm /tmp/secrets
+
+kubectl create namespace $NAMESPACE \
+  --dry-run=client \
+  -o yaml | \
+  kubectl -f - apply
+
+kubectl create secret generic locsrv-db-cred \
+  --dry-run=client \
+  -o yaml \
+  --save-config \
+  --from-literal=PGUSER="$PGUSER" \
+  --from-literal=PGPASSWORD="$PGPASSWORD" \
+  --from-literal=PGDATABASE="$PGDATABASE" \
+  --from-literal=PGHOST="timescaledb.database.svc.cluster.local" \
+  --from-literal=PGSSLMODE="require" | \
+  kubectl apply -f - -n $NAMESPACE
+
+cat $DEPLOYMENT_DIR/deploy-yml.tmpl | \
+  sed -e 's,%IMAGE%,'$IMAGE_NAME':'$IMAGE_TAG','g | \
+  kubectl apply -f - -n $NAMESPACE
+
+popd > /dev/null
+