From 6398c1978fc39cdc80fa9526f3aad5cfefc169da Mon Sep 17 00:00:00 2001
From: Wolfgang Hottgenroth <wolfgang.hottgenroth@icloud.com>
Date: Mon, 18 Dec 2023 18:16:01 +0100
Subject: [PATCH] deploy script

---
 deployment/deploy.sh                          | 93 +++++++++++++++++++
 .../instances/udi-pg/default/config.json      | 21 +++++
 2 files changed, 114 insertions(+)
 create mode 100755 deployment/deploy.sh
 create mode 100644 deployment/instances/udi-pg/default/config.json

diff --git a/deployment/deploy.sh b/deployment/deploy.sh
new file mode 100755
index 0000000..917fa60
--- /dev/null
+++ b/deployment/deploy.sh
@@ -0,0 +1,93 @@
+#!/bin/bash
+
+if [ "$IMAGE_TAG" == "" ]; then
+  echo "Make sure IMAGE_TAG is set"
+  exit 1
+fi
+
+IMAGE_NAME=gitea.hottis.de/wn/udi
+
+CONFIG_FILE=config.json
+
+
+DEPLOYMENT_DIR=$PWD/deployment
+INSTANCES_DIR=$DEPLOYMENT_DIR/instances
+
+
+for NAMESPACE_DIR in `find $INSTANCES_DIR -type d -depth 1`; do
+  NAMESPACE=`basename $NAMESPACE_DIR`
+  echo "Namespace: $NAMESPACE"
+
+  kubectl create namespace $NAMESPACE \
+    --dry-run=client \
+    -o yaml | \
+    kubectl -f - apply
+
+  pushd $NAMESPACE_DIR > /dev/null
+  for INSTANCE_DIR in `find . -type d -depth 1`; do
+    pushd $INSTANCE_DIR > /dev/null
+    INSTANCE=`basename $INSTANCE_DIR`
+    echo "Instance: $INSTANCE"
+
+    # set MQTT_PASSWORD as secret
+    MQTT_PASSWORD_VARIABLE="$NAMESPACE""_""$INSTANCE""_MQTT_PASSWORD"
+    MQTT_PASSWORD_VARIABLE=`echo $MQTT_PASSWORD_VARIABLE | tr - _`
+    MQTT_PASSWORD="${!MQTT_PASSWORD_VARIABLE}"
+    echo "MQTT_PASSWORD_VARIABLE: $MQTT_PASSWORD_VARIABLE"
+    echo "MQTT_PASSWORD: $MQTT_PASSWORD"
+    kubectl create secret generic $INSTANCE-mqtt-password \
+      --from-literal=MQTT_PASSWORD="$MQTT_PASSWORD" \
+      --dry-run=client \
+      -o yaml \
+      --save-config | \
+    kubectl apply -f - -n $NAMESPACE
+
+    # set database configuration as secret
+    ## prepare configuration to access database to set udi database password
+    PGUSER=`kubectl get secret -n database timescaledb -o jsonpath="{.data.superuser-username}" | base64 --decode`
+    PGHOST=`kubectl get services traefik -n system -o jsonpath="{.status.loadBalancer.ingress[0].ip}"`
+    PGPASSWORD=`kubectl get secret -n database timescaledb -o jsonpath="{.data.superuser-password}" | base64 --decode`
+    PGSSLMODE=require
+
+    NEW_UDI_DB_LOGIN="udi""-""$NAMESPACE""-""$INSTANCE"
+    NEW_UDI_DB_PASSWORD=`openssl rand -base64 32`
+    NEW_UDI_DB_DATABASE="udi""-""$NAMESPACE""-""$INSTANCE"
+    NEW_UDI_DB_HOST=timescaledb.database.svc.cluster.local
+
+    DATABASE_MASTER_POD=`kubectl get pods -n database -l app=StackGresCluster -l role=master -o jsonpath='{.items[0].metadata.name}'`
+    kubectl exec -i $DATABASE_MASTER_POD -c postgres-util -n database -- psql <<EOF
+    BEGIN;
+    ALTER USER "$NEW_UDI_DB_LOGIN" WITH PASSWORD '$NEW_UDI_DB_PASSWORD';
+    COMMIT;
+EOF
+
+    kubectl create secret generic $INSTANCE-udi-db-cred \
+      --dry-run=client \
+      -o yaml \
+      --save-config \
+      --from-literal=PGUSER="$NEW_UDI_DB_LOGIN" \
+      --from-literal=PGPASSWORD="$NEW_UDI_DB_PASSWORD" \
+      --from-literal=PGDATABASE="$NEW_UDI_DB_DATABASE" \
+      --from-literal=PGHOST="$NEW_UDI_DB_HOST" \
+      --from-literal=PGSSLMODE="require" | \
+      kubectl apply -f - -n $NAMESPACE
+
+    # set configuration as configMap
+    kubectl create configmap $INSTANCE-udi-conf \
+      --from-literal=UDI_CONF="`cat $CONFIG_FILE`" \
+      --dry-run=client \
+      -o yaml \
+      --save-config | \
+      kubectl apply -f - -n $NAMESPACE
+
+    # prepare k8s deployment statement
+    cat $DEPLOYMENT_DIR/deploy-yml.tmpl | \
+      sed -e 's,%IMAGE%,'$IMAGE_NAME':'$IMAGE_TAG','g | \
+      sed -e 's,%PRE%,'$INSTANCE','g | \
+      kubectl apply -f - -n $NAMESPACE
+
+    popd > /dev/null
+  done
+  popd > /dev/null
+done
+
diff --git a/deployment/instances/udi-pg/default/config.json b/deployment/instances/udi-pg/default/config.json
new file mode 100644
index 0000000..01b2bb7
--- /dev/null
+++ b/deployment/instances/udi-pg/default/config.json
@@ -0,0 +1,21 @@
+{
+  "mqtt": {
+    "broker": "ssl://eu1.cloud.thethings.network:8883",
+    "username": "com-passavant-geiger-poc@ttn",
+    "tlsEnable": "true"
+  },
+  "topicMappings": [
+    {
+      "topics": [ "v3/com-passavant-geiger-poc@ttn/devices/#" ],
+      "handler": "TTN",
+      "id": "TTN0",
+      "config": {
+        "attributes": {
+        }
+      }
+    }
+  ],
+  "archiver": {
+    "dir": "/archive"
+  }
+}