wn/universal-data-ingest
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
universal-data-ingest/deployment/deploy.sh
Wolfgang Hottgenroth dae37100f5
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
Details
ci/woodpecker/tag/woodpecker Pipeline was successful
Details
fix ci, 4
2023-12-19 12:05:07 +01:00

100 lines
3.2 KiB
Bash
Executable File
Raw Blame History

#!/bin/bash
if [ "$IMAGE_TAG" == "" ]; then
echo "Make sure IMAGE_TAG is set"
exit 1
fi
IMAGE_NAME=gitea.hottis.de/wn/udi
CONFIG_FILE=config.json
DEPLOYMENT_DIR=$PWD/deployment
INSTANCES_DIR=$DEPLOYMENT_DIR/instances
pushd $DEPLOYMENT_DIR > /dev/null
./decrypt-secrets.sh || exit 1
. /tmp/secrets
rm /tmp/secrets
popd > /dev/null
for NAMESPACE_DIR in `find $INSTANCES_DIR -type d -mindepth 1 -maxdepth 1`; do
NAMESPACE=`basename $NAMESPACE_DIR`
echo "Namespace: $NAMESPACE"
kubectl create namespace $NAMESPACE \
--dry-run=client \
-o yaml | \
kubectl -f - apply
pushd $NAMESPACE_DIR > /dev/null
for INSTANCE_DIR in `find . -type d -mindepth 1 -maxdepth 1`; do
pushd $INSTANCE_DIR > /dev/null
INSTANCE=`basename $INSTANCE_DIR`
echo "Instance: $INSTANCE"
# set MQTT_PASSWORD as secret
MQTT_PASSWORD_VARIABLE="$NAMESPACE""_""$INSTANCE""_MQTT_PASSWORD"
MQTT_PASSWORD_VARIABLE=`echo $MQTT_PASSWORD_VARIABLE | tr - _`
MQTT_PASSWORD="${!MQTT_PASSWORD_VARIABLE}"
echo "MQTT_PASSWORD_VARIABLE: $MQTT_PASSWORD_VARIABLE"
echo "MQTT_PASSWORD: $MQTT_PASSWORD"
kubectl create secret generic $INSTANCE-mqtt-password \
--from-literal=MQTT_PASSWORD="$MQTT_PASSWORD" \
--dry-run=client \
-o yaml \
--save-config | \
kubectl apply -f - -n $NAMESPACE
# set database configuration as secret
## prepare configuration to access database to set udi database password
PGUSER=`kubectl get secret -n database timescaledb -o jsonpath="{.data.superuser-username}" | base64 -d`
PGHOST=`kubectl get services traefik -n system -o jsonpath="{.status.loadBalancer.ingress[0].ip}"`
PGPASSWORD=`kubectl get secret -n database timescaledb -o jsonpath="{.data.superuser-password}" | base64 -d`
PGSSLMODE=require
NEW_UDI_DB_LOGIN="udi""-""$NAMESPACE""-""$INSTANCE"
NEW_UDI_DB_PASSWORD=`tr -dc 'a-zA-Z0-9' < /dev/urandom | head -c 32`
NEW_UDI_DB_DATABASE="udi""-""$NAMESPACE""-""$INSTANCE"
NEW_UDI_DB_HOST=timescaledb.database.svc.cluster.local
DATABASE_MASTER_POD=`kubectl get pods -n database -l app=StackGresCluster -l role=master -o jsonpath='{.items[0].metadata.name}'`
kubectl exec -i $DATABASE_MASTER_POD -c postgres-util -n database -- psql <<EOF
BEGIN;
ALTER USER "$NEW_UDI_DB_LOGIN" WITH PASSWORD '$NEW_UDI_DB_PASSWORD';
COMMIT;
EOF
kubectl create secret generic $INSTANCE-udi-db-cred \
--dry-run=client \
-o yaml \
--save-config \
--from-literal=PGUSER="$NEW_UDI_DB_LOGIN" \
--from-literal=PGPASSWORD="$NEW_UDI_DB_PASSWORD" \
--from-literal=PGDATABASE="$NEW_UDI_DB_DATABASE" \
--from-literal=PGHOST="$NEW_UDI_DB_HOST" \
--from-literal=PGSSLMODE="require" | \
kubectl apply -f - -n $NAMESPACE
# set configuration as configMap
kubectl create configmap $INSTANCE-udi-conf \
--from-literal=UDI_CONF="`cat $CONFIG_FILE`" \
--dry-run=client \
-o yaml \
--save-config | \
kubectl apply -f - -n $NAMESPACE
# prepare k8s deployment statement
cat $DEPLOYMENT_DIR/deploy-yml.tmpl | \
sed -e 's,%IMAGE%,'$IMAGE_NAME':'$IMAGE_TAG','g | \
sed -e 's,%PRE%,'$INSTANCE','g | \
kubectl apply -f - -n $NAMESPACE
popd > /dev/null
done
popd > /dev/null
done
Reference in New Issue View Git Blame Copy Permalink