-
Notifications
You must be signed in to change notification settings - Fork 309
/
03-configurations.sh
executable file
·209 lines (159 loc) · 6.3 KB
/
03-configurations.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
#!/bin/sh
set -e
gum style \
--foreground 212 --border-foreground 212 --border double \
--margin "1 2" --padding "2 4" \
'Setup for the Configuration Packages chapter'
gum confirm '
Are you ready to start?
Select "Yes" only if you did NOT follow the story from the start (if you jumped straight into this chapter).
Feel free to say "No" and inspect the script if you prefer setting up resources manually.
' || exit 0
echo "
## You will need following tools installed:
|Name |Required |More info |
|----------------|---------------------|---------------------------------------------------|
|Linux Shell |Yes |Use WSL if you are running Windows |
|Docker |Yes |'https://docs.docker.com/engine/install' |
|kind CLI |Yes |'https://kind.sigs.k8s.io/docs/user/quick-start/#installation'|
|kubectl CLI |Yes |'https://kubernetes.io/docs/tasks/tools/#kubectl' |
|crossplane CLI |Yes |'https://docs.crossplane.io/latest/cli' |
|up CLI |Yes |'https://docs.upbound.io/reference/cli' |
|yq CLI |Yes |'https://github.com/mikefarah/yq#install' |
|Google Cloud account with admin permissions|If using Google Cloud|'https://cloud.google.com'|
|Google Cloud CLI|If using Google Cloud|'https://cloud.google.com/sdk/docs/install' |
|AWS account with admin permissions|If using AWS|'https://aws.amazon.com' |
|AWS CLI |If using AWS |'https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html'|
|Azure account with admin permissions|If using Azure|'https://azure.microsoft.com' |
|az CLI |If using Azure |'https://learn.microsoft.com/cli/azure/install-azure-cli'|
If you are running this script from **Nix shell**, most of the requirements are already set with the exception of **Docker** and the **hyperscaler account**.
" | gum format
gum confirm "
Do you have those tools installed?
" || exit 0
rm -f .env
set +e
git fetch upstream
git merge upstream/main
set -e
#########################
# Control Plane Cluster #
#########################
kind create cluster --config kind.yaml
kubectl create namespace a-team
##############
# Crossplane #
##############
helm upgrade --install crossplane crossplane \
--repo https://charts.crossplane.io/stable \
--namespace crossplane-system --create-namespace --wait
echo "## Which Hyperscaler do you want to use?" | gum format
HYPERSCALER=$(gum choose "google" "aws" "azure")
echo "export HYPERSCALER=$HYPERSCALER" >> .env
if [ "$HYPERSCALER" = "google" ]; then
gcloud auth login
PROJECT_ID=dot-$(date +%Y%m%d%H%M%S)
echo "export PROJECT_ID=$PROJECT_ID" >> .env
gcloud projects create ${PROJECT_ID}
echo "## Open https://console.cloud.google.com/billing/linkedaccount?project=$PROJECT_ID and link a billing account" \
| gum format
gum input --placeholder "Press the enter key to continue."
echo "## Open https://console.cloud.google.com/apis/library/sqladmin.googleapis.com?project=$PROJECT_ID and *ENABLE* the API" \
| gum format
gum input --placeholder "Press the enter key to continue."
export SA_NAME=devops-toolkit
export SA="${SA_NAME}@${PROJECT_ID}.iam.gserviceaccount.com"
gcloud iam service-accounts create $SA_NAME \
--project $PROJECT_ID
gcloud projects add-iam-policy-binding \
--role roles/admin $PROJECT_ID \
--member serviceAccount:$SA
gcloud iam service-accounts keys create gcp-creds.json \
--project $PROJECT_ID --iam-account $SA
kubectl --namespace crossplane-system \
create secret generic gcp-creds \
--from-file creds=./gcp-creds.json
yq --inplace ".spec.projectID = \"$PROJECT_ID\"" \
providers/google-config.yaml
elif [ "$HYPERSCALER" = "aws" ]; then
AWS_ACCESS_KEY_ID=$(gum input \
--placeholder "AWS Access Key ID" \
--value "$AWS_ACCESS_KEY_ID")
echo "export AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY_ID" >> .env
AWS_SECRET_ACCESS_KEY=$(gum input \
--placeholder "AWS Secret Access Key" \
--value "$AWS_SECRET_ACCESS_KEY" --password)
echo "export AWS_SECRET_ACCESS_KEY=$AWS_SECRET_ACCESS_KEY" >> .env
AWS_ACCOUNT_ID=$(gum input --placeholder "AWS Account ID" \
--value "$AWS_ACCOUNT_ID")
echo "export AWS_ACCOUNT_ID=$AWS_ACCOUNT_ID" >> .env
echo "[default]
aws_access_key_id = $AWS_ACCESS_KEY_ID
aws_secret_access_key = $AWS_SECRET_ACCESS_KEY
" >aws-creds.conf
kubectl --namespace crossplane-system \
create secret generic aws-creds \
--from-file creds=./aws-creds.conf
else
AZURE_TENANT_ID=$(gum input --placeholder "Azure Tenant ID" \
--value "$AZURE_TENANT_ID")
az login --tenant $AZURE_TENANT_ID
export SUBSCRIPTION_ID=$(az account show --query id -o tsv)
az ad sp create-for-rbac --sdk-auth --role Owner \
--scopes /subscriptions/$SUBSCRIPTION_ID \
| tee azure-creds.json
kubectl --namespace crossplane-system \
create secret generic azure-creds \
--from-file creds=./azure-creds.json
DB_NAME=my-db-$(date +%Y%m%d%H%M%S)
echo "---
apiVersion: v1
kind: Secret
metadata:
name: my-db-password
data:
password: T1QrOXZQcDhMdXhoeFVQWVpLSk1kUG1YM04xTzBTd3YzWG5ZVjI0UFZzcz0=
---
apiVersion: devopstoolkitseries.com/v1alpha1
kind: SQLClaim
metadata:
name: my-db
annotations:
organization: DevOps Toolkit
author: Viktor Farcic <viktor@farcic.com>
spec:
id: $DB_NAME
compositionSelector:
matchLabels:
provider: azure
db: postgresql
parameters:
version: \"11\"
size: small" \
| tee examples/azure-sql-v6.yaml
echo "---
apiVersion: v1
kind: Secret
metadata:
name: $DB_NAME-password
data:
password: T1QrOXZQcDhMdXhoeFVQWVpLSk1kUG1YM04xTzBTd3YzWG5ZVjI0UFZzcz0=
---
apiVersion: devopstoolkitseries.com/v1alpha1
kind: SQLClaim
metadata:
name: my-db
annotations:
organization: DevOps Toolkit
author: Viktor Farcic <viktor@farcic.com>
spec:
id: $DB_NAME
compositionSelector:
matchLabels:
provider: azure
db: postgresql
parameters:
version: \"11\"
size: small" \
| tee examples/azure-sql-v7.yaml
fi