From d999b39dc26cc7961ceb7242828c535d78f3e31b Mon Sep 17 00:00:00 2001 From: Jpeedroza Date: Wed, 11 Aug 2021 11:52:27 -0300 Subject: [PATCH 01/12] =?UTF-8?q?Atualizac=C3=A3o=20da=20instalac=C3=A3o?= =?UTF-8?q?=20do=20cert-manager?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../cert-manager/install/src/unix/formula/formula.sh | 12 +++++++++--- vkpr/cert-manager/install/src/utils/cert-manager.sh | 2 +- .../cert-manager/install/src/utils/cluster-issuer.sh | 9 ++++----- vkpr/cert-manager/install/src/utils/token-dns.sh | 8 ++++++++ vkpr/cert-manager/remove/src/unix/formula/formula.sh | 1 - 5 files changed, 22 insertions(+), 10 deletions(-) create mode 100644 vkpr/cert-manager/install/src/utils/token-dns.sh diff --git a/vkpr/cert-manager/install/src/unix/formula/formula.sh b/vkpr/cert-manager/install/src/unix/formula/formula.sh index 1dc78775..d9f23377 100755 --- a/vkpr/cert-manager/install/src/unix/formula/formula.sh +++ b/vkpr/cert-manager/install/src/unix/formula/formula.sh @@ -4,11 +4,13 @@ runFormula() { VKPR_HOME=~/.vkpr VKPR_CERT_VALUES=$VKPR_HOME/values/cert-manager/cert-manager.yaml VKPR_CERT_ISSUER=$VKPR_HOME/configs/cert-manager/cluster-issuer.yaml + VKPR_CERT_TOKEN=$VKPR_HOME/configs/cert-manager/token-dns.yaml mkdir -p $VKPR_HOME/configs/cert-manager/ $VKPR_HOME/values/cert-manager/ + add_token_dns install_crds - add_cluster_issuer add_repo_certmanager + add_cluster_issuer install_certmanager } @@ -17,6 +19,12 @@ add_repo_certmanager() { $VKPR_HOME/bin/helm repo update } +add_token_dns(){ + export VKPR_ACCESS_TOKEN_INPUT=$INPUT_API_AT_CLUSTER_ISSUER + . $(dirname "$0")/utils/token-dns.sh $VKPR_CERT_TOKEN + echo $VKPR_ACCESS_TOKEN_INPUT | base64 >> $VKPR_CERT_TOKEN +} + install_crds() { echoColor "yellow" "Adicionando CRDS do cert-manager..." $VKPR_HOME/bin/kubectl apply -f https://github.com/jetstack/cert-manager/releases/download/v1.4.2/cert-manager.crds.yaml @@ -25,8 +33,6 @@ install_crds() { add_cluster_issuer() { echoColor "yellow" "Adicionando Cluster Issuer do cert-manager..." export VKPR_EMAIL_INPUT=$INPUT_EMAIL_CLUSTER_ISSUER - export VKPR_ACCESS_TOKEN_INPUT=$INPUT_API_AT_CLUSTER_ISSUER - . $(dirname "$0")/utils/cluster-issuer.sh $VKPR_EMAIL_INPUT $VKPR_ACCESS_TOKEN_INPUT $VKPR_CERT_ISSUER $VKPR_HOME/bin/kubectl apply -f $VKPR_CERT_ISSUER } diff --git a/vkpr/cert-manager/install/src/utils/cert-manager.sh b/vkpr/cert-manager/install/src/utils/cert-manager.sh index c257a076..7c8fee5e 100644 --- a/vkpr/cert-manager/install/src/utils/cert-manager.sh +++ b/vkpr/cert-manager/install/src/utils/cert-manager.sh @@ -3,5 +3,5 @@ printf \ "installCRDs: false ingressShim: defaultIssuerName: letsencrypt-staging - defaultIssuerKind: ClusterIssuer + defaultIssuerKind: Issuer defaultIssuerGroup: cert-manager.io" > $1 \ No newline at end of file diff --git a/vkpr/cert-manager/install/src/utils/cluster-issuer.sh b/vkpr/cert-manager/install/src/utils/cluster-issuer.sh index 62f5ffad..630ac36f 100755 --- a/vkpr/cert-manager/install/src/utils/cluster-issuer.sh +++ b/vkpr/cert-manager/install/src/utils/cluster-issuer.sh @@ -1,7 +1,7 @@ #!/bin/sh printf \ "apiVersion: cert-manager.io/v1 -kind: ClusterIssuer +kind: Issuer metadata: name: letsencrypt-staging spec: @@ -15,15 +15,14 @@ spec: digitalocean: tokenSecretRef: name: digitalocean-dns - key: $2 + key: access-token --- apiVersion: cert-manager.io/v1 -kind: ClusterIssuer +kind: Issuer metadata: name: letsencrypt-production spec: acme: - # Change this email address to yours email: $1 server: https://acme-v02.api.letsencrypt.org/directory privateKeySecretRef: @@ -33,4 +32,4 @@ spec: digitalocean: tokenSecretRef: name: digitalocean-dns - key: $2" > $3 \ No newline at end of file + key: access-token" > $2 \ No newline at end of file diff --git a/vkpr/cert-manager/install/src/utils/token-dns.sh b/vkpr/cert-manager/install/src/utils/token-dns.sh new file mode 100644 index 00000000..ca777e68 --- /dev/null +++ b/vkpr/cert-manager/install/src/utils/token-dns.sh @@ -0,0 +1,8 @@ +#!/bin/sh +printf \ +"apiVersion: v1 +kind: Secret +metadata: + name: digitalocean-dns +data: + access-token: " > $1 \ No newline at end of file diff --git a/vkpr/cert-manager/remove/src/unix/formula/formula.sh b/vkpr/cert-manager/remove/src/unix/formula/formula.sh index 85e13121..66eb2f95 100755 --- a/vkpr/cert-manager/remove/src/unix/formula/formula.sh +++ b/vkpr/cert-manager/remove/src/unix/formula/formula.sh @@ -5,7 +5,6 @@ runFormula() { echoColor "yellow" "Removendo Cert-manager do cluster..." rm -rf $VKPR_HOME/configs/cert-manager/ $VKPR_HOME/values/cert-manager/ $VKPR_HOME/bin/helm uninstall cert-manager - $VKPR_HOME/bin/kubectl delete ns cert-manager } echoColor() { From 3a8844ec1c9a5d2f993d68641661cf80e9603214 Mon Sep 17 00:00:00 2001 From: Jpeedroza Date: Wed, 11 Aug 2021 14:19:17 -0300 Subject: [PATCH 02/12] Att do remove dos CRDS --- vkpr/cert-manager/remove/src/unix/formula/formula.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/vkpr/cert-manager/remove/src/unix/formula/formula.sh b/vkpr/cert-manager/remove/src/unix/formula/formula.sh index 66eb2f95..21a9409d 100755 --- a/vkpr/cert-manager/remove/src/unix/formula/formula.sh +++ b/vkpr/cert-manager/remove/src/unix/formula/formula.sh @@ -3,6 +3,7 @@ runFormula() { VKPR_HOME=~/.vkpr echoColor "yellow" "Removendo Cert-manager do cluster..." + $VKPR_HOME/bin/kubectl delete crd $($VKPR_HOME/bin/kubectl get crd -o name | grep cert | cut -d"/" -f2) rm -rf $VKPR_HOME/configs/cert-manager/ $VKPR_HOME/values/cert-manager/ $VKPR_HOME/bin/helm uninstall cert-manager } From 278a3f1db183dc701ba287193376d266b148c90a Mon Sep 17 00:00:00 2001 From: Jpeedroza Date: Wed, 11 Aug 2021 14:20:50 -0300 Subject: [PATCH 03/12] Att do issuer do cert-manager --- .../install/src/unix/formula/formula.sh | 7 ++-- .../install/src/utils/cluster-issuer.sh | 35 ------------------- vkpr/cert-manager/install/src/utils/issuer.sh | 21 +++++++++++ 3 files changed, 25 insertions(+), 38 deletions(-) delete mode 100755 vkpr/cert-manager/install/src/utils/cluster-issuer.sh create mode 100755 vkpr/cert-manager/install/src/utils/issuer.sh diff --git a/vkpr/cert-manager/install/src/unix/formula/formula.sh b/vkpr/cert-manager/install/src/unix/formula/formula.sh index d9f23377..87d9658b 100755 --- a/vkpr/cert-manager/install/src/unix/formula/formula.sh +++ b/vkpr/cert-manager/install/src/unix/formula/formula.sh @@ -3,14 +3,14 @@ runFormula() { VKPR_HOME=~/.vkpr VKPR_CERT_VALUES=$VKPR_HOME/values/cert-manager/cert-manager.yaml - VKPR_CERT_ISSUER=$VKPR_HOME/configs/cert-manager/cluster-issuer.yaml + VKPR_CERT_ISSUER=$VKPR_HOME/configs/cert-manager/issuer.yaml VKPR_CERT_TOKEN=$VKPR_HOME/configs/cert-manager/token-dns.yaml mkdir -p $VKPR_HOME/configs/cert-manager/ $VKPR_HOME/values/cert-manager/ add_token_dns install_crds add_repo_certmanager - add_cluster_issuer + add_issuer install_certmanager } @@ -30,9 +30,10 @@ install_crds() { $VKPR_HOME/bin/kubectl apply -f https://github.com/jetstack/cert-manager/releases/download/v1.4.2/cert-manager.crds.yaml } -add_cluster_issuer() { +add_issuer() { echoColor "yellow" "Adicionando Cluster Issuer do cert-manager..." export VKPR_EMAIL_INPUT=$INPUT_EMAIL_CLUSTER_ISSUER + . $(dirname $0)/utils/issuer.sh $VKPR_EMAIL_INPUT $VKPR_CERT_ISSUER $VKPR_HOME/bin/kubectl apply -f $VKPR_CERT_ISSUER } diff --git a/vkpr/cert-manager/install/src/utils/cluster-issuer.sh b/vkpr/cert-manager/install/src/utils/cluster-issuer.sh deleted file mode 100755 index 630ac36f..00000000 --- a/vkpr/cert-manager/install/src/utils/cluster-issuer.sh +++ /dev/null @@ -1,35 +0,0 @@ -#!/bin/sh -printf \ -"apiVersion: cert-manager.io/v1 -kind: Issuer -metadata: - name: letsencrypt-staging -spec: - acme: - email: $1 - server: https://acme-staging-v02.api.letsencrypt.org/directory - privateKeySecretRef: - name: acme-staging-issuer-account-key - solvers: - - dns01: - digitalocean: - tokenSecretRef: - name: digitalocean-dns - key: access-token ---- -apiVersion: cert-manager.io/v1 -kind: Issuer -metadata: - name: letsencrypt-production -spec: - acme: - email: $1 - server: https://acme-v02.api.letsencrypt.org/directory - privateKeySecretRef: - name: acme-production-issuer-account-key - solvers: - - dns01: - digitalocean: - tokenSecretRef: - name: digitalocean-dns - key: access-token" > $2 \ No newline at end of file diff --git a/vkpr/cert-manager/install/src/utils/issuer.sh b/vkpr/cert-manager/install/src/utils/issuer.sh new file mode 100755 index 00000000..274c6a55 --- /dev/null +++ b/vkpr/cert-manager/install/src/utils/issuer.sh @@ -0,0 +1,21 @@ +#!/bin/sh +printf \ +"apiVersion: cert-manager.io/v1 +kind: Issuer +metadata: + name: letsencrypt-staging +spec: + acme: + email: $1 + server: https://acme-staging-v02.api.letsencrypt.org/directory + privateKeySecretRef: + name: acme-staging-issuer-account-key + solvers: + - selector: + dnsZones: + - '"whoami.vkpr-dev.vertigo.com.br"' + dns01: + digitalocean: + tokenSecretRef: + name: digitalocean-dns + key: access-token" > $2 \ No newline at end of file From 056842e136d6777deed271c450bffd563862fbdb Mon Sep 17 00:00:00 2001 From: Jpeedroza Date: Wed, 11 Aug 2021 15:14:13 -0300 Subject: [PATCH 04/12] Att dos secrets da DO --- .../install/src/unix/formula/formula.sh | 1 + .../install/src/utils/cert-manager.sh | 2 +- vkpr/cert-manager/install/src/utils/issuer.sh | 2 +- vkpr/whoami/install/src/utils/whoami.sh | 24 +++++++++---------- 4 files changed, 15 insertions(+), 14 deletions(-) diff --git a/vkpr/cert-manager/install/src/unix/formula/formula.sh b/vkpr/cert-manager/install/src/unix/formula/formula.sh index 87d9658b..079c2a9d 100755 --- a/vkpr/cert-manager/install/src/unix/formula/formula.sh +++ b/vkpr/cert-manager/install/src/unix/formula/formula.sh @@ -23,6 +23,7 @@ add_token_dns(){ export VKPR_ACCESS_TOKEN_INPUT=$INPUT_API_AT_CLUSTER_ISSUER . $(dirname "$0")/utils/token-dns.sh $VKPR_CERT_TOKEN echo $VKPR_ACCESS_TOKEN_INPUT | base64 >> $VKPR_CERT_TOKEN + $VKPR_HOME/bin/kubectl apply -f $VKPR_CERT_TOKEN } install_crds() { diff --git a/vkpr/cert-manager/install/src/utils/cert-manager.sh b/vkpr/cert-manager/install/src/utils/cert-manager.sh index 7c8fee5e..c257a076 100644 --- a/vkpr/cert-manager/install/src/utils/cert-manager.sh +++ b/vkpr/cert-manager/install/src/utils/cert-manager.sh @@ -3,5 +3,5 @@ printf \ "installCRDs: false ingressShim: defaultIssuerName: letsencrypt-staging - defaultIssuerKind: Issuer + defaultIssuerKind: ClusterIssuer defaultIssuerGroup: cert-manager.io" > $1 \ No newline at end of file diff --git a/vkpr/cert-manager/install/src/utils/issuer.sh b/vkpr/cert-manager/install/src/utils/issuer.sh index 274c6a55..2dc9ed51 100755 --- a/vkpr/cert-manager/install/src/utils/issuer.sh +++ b/vkpr/cert-manager/install/src/utils/issuer.sh @@ -1,7 +1,7 @@ #!/bin/sh printf \ "apiVersion: cert-manager.io/v1 -kind: Issuer +kind: ClusterIssuer metadata: name: letsencrypt-staging spec: diff --git a/vkpr/whoami/install/src/utils/whoami.sh b/vkpr/whoami/install/src/utils/whoami.sh index 8b68a118..960d0cba 100644 --- a/vkpr/whoami/install/src/utils/whoami.sh +++ b/vkpr/whoami/install/src/utils/whoami.sh @@ -1,15 +1,15 @@ #!/bin/sh printf \ "ingress: -enabled: true -annotations: - kubernetes.io/ingress.class: nginx - kubernetes.io/tls-acme: '"true"' -pathType: Prefix -hosts: - - host: whoami.vkpr-dev.vertigo.com.br - paths: ['"/"'] -tls: -- hosts: - - whoami.vkpr-dev.vertigo.com.br - secretName: whoami-cert" > $1 \ No newline at end of file + enabled: true + annotations: + kubernetes.io/ingress.class: nginx + kubernetes.io/tls-acme: '"true"' + pathType: Prefix + hosts: + - host: whoami.vkpr-dev.vertigo.com.br + paths: ['"/"'] + tls: + - hosts: + - whoami.vkpr-dev.vertigo.com.br + secretName: whoami-cert" > $1 \ No newline at end of file From a429cacbdae48fda6c2eaf131de23c7a9fa0b675 Mon Sep 17 00:00:00 2001 From: Andre Fernandes Date: Wed, 11 Aug 2021 15:21:22 -0300 Subject: [PATCH 05/12] fix registry-mirror bug in formula --- vkpr/infra/up/src/unix/formula/formula.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/vkpr/infra/up/src/unix/formula/formula.sh b/vkpr/infra/up/src/unix/formula/formula.sh index 182cf0a2..dd41b1a5 100755 --- a/vkpr/infra/up/src/unix/formula/formula.sh +++ b/vkpr/infra/up/src/unix/formula/formula.sh @@ -51,13 +51,13 @@ startCluster() { startRegistry() { # local registry - if ! $(k3d registry list | grep -q "k3d-mirror.localhost"); then + if ! $(k3d registry list | grep -q "k3d-registry\.localhost"); then k3d registry create registry.localhost -p 5000 else echoColor "yellow" "Registry already started, skipping." fi # docker hub mirror - if ! $(k3d registry list | grep -q "k3d-registry.localhost"); then + if ! $(k3d registry list | grep -q "k3d-mirror\.localhost"); then k3d registry create mirror.localhost -i vertigo/registry-mirror -p 5001 else echoColor "yellow" "Mirror already started, skipping." From 8d222bb5c1371ee15664949f2ad37292b4292d6a Mon Sep 17 00:00:00 2001 From: Andre Fernandes Date: Wed, 11 Aug 2021 15:33:44 -0300 Subject: [PATCH 06/12] k3d exposes https port at 8001 --- vkpr/infra/up/src/unix/formula/formula.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/vkpr/infra/up/src/unix/formula/formula.sh b/vkpr/infra/up/src/unix/formula/formula.sh index dd41b1a5..340b121c 100755 --- a/vkpr/infra/up/src/unix/formula/formula.sh +++ b/vkpr/infra/up/src/unix/formula/formula.sh @@ -38,6 +38,7 @@ startCluster() { if ! $(k3d cluster list | grep -q "vkpr-local"); then k3d cluster create vkpr-local \ -p "8000:80@loadbalancer" \ + -p "8001:443@loadbalancer" \ --k3s-server-arg '--no-deploy=traefik' \ --registry-use k3d-registry.localhost \ --registry-config $VKPR_HOME/config/registry.yaml From 29fab41cbf4bb8b9bc35052ce9b032368937b4b8 Mon Sep 17 00:00:00 2001 From: Andre Fernandes Date: Thu, 12 Aug 2021 13:52:21 -0300 Subject: [PATCH 07/12] VKPR-110 #comment fix staging certificate gerenation --- vkpr/cert-manager/install/config.json | 7 +- .../install/src/unix/formula/formula.sh | 88 ++++++++++++++----- ...rt-manager.sh => cert-manager-values.yaml} | 8 +- .../src/utils/{issuer.sh => issuers.yaml} | 15 ++-- .../install/src/utils/token-dns.sh | 8 -- .../install/src/utils/token-dns.yaml | 7 ++ .../remove/src/unix/formula/formula.sh | 8 +- .../install/src/unix/formula/formula.sh | 40 +++++---- vkpr/whoami/install/src/utils/whoami.sh | 15 ---- vkpr/whoami/install/src/utils/whoami.yaml | 13 +++ 10 files changed, 122 insertions(+), 87 deletions(-) rename vkpr/cert-manager/install/src/utils/{cert-manager.sh => cert-manager-values.yaml} (50%) rename vkpr/cert-manager/install/src/utils/{issuer.sh => issuers.yaml} (54%) delete mode 100644 vkpr/cert-manager/install/src/utils/token-dns.sh create mode 100644 vkpr/cert-manager/install/src/utils/token-dns.yaml delete mode 100644 vkpr/whoami/install/src/utils/whoami.sh create mode 100644 vkpr/whoami/install/src/utils/whoami.yaml diff --git a/vkpr/cert-manager/install/config.json b/vkpr/cert-manager/install/config.json index 5d75ce05..3d34714b 100755 --- a/vkpr/cert-manager/install/config.json +++ b/vkpr/cert-manager/install/config.json @@ -5,15 +5,12 @@ "label": "Type your email to use to generate certificates: ", "name": "input_email_cluster_issuer", "required": true, - "tutorial": "@.com", + "tutorial": "@", "type": "text" }, { - "label": "Type your API Access Token from the Digital Ocean", "name": "input_API_AT_cluster_issuer", - "required": true, - "tutorial": "", - "type": "text" + "type": "CREDENTIAL_DIGITALOCEAN_TOKEN" } ], "template": "shell-bat", diff --git a/vkpr/cert-manager/install/src/unix/formula/formula.sh b/vkpr/cert-manager/install/src/unix/formula/formula.sh index 079c2a9d..5a626f95 100755 --- a/vkpr/cert-manager/install/src/unix/formula/formula.sh +++ b/vkpr/cert-manager/install/src/unix/formula/formula.sh @@ -2,16 +2,45 @@ runFormula() { VKPR_HOME=~/.vkpr - VKPR_CERT_VALUES=$VKPR_HOME/values/cert-manager/cert-manager.yaml - VKPR_CERT_ISSUER=$VKPR_HOME/configs/cert-manager/issuer.yaml - VKPR_CERT_TOKEN=$VKPR_HOME/configs/cert-manager/token-dns.yaml - mkdir -p $VKPR_HOME/configs/cert-manager/ $VKPR_HOME/values/cert-manager/ + VKPR_CERT_VERSION="v1.5.0" + + get_cert_values + get_credentials + VKPR_CERT_ISSUER=$(dirname "$0")/utils/issuers.yaml + VKPR_CERT_TOKEN=$(dirname "$0")/utils/token-dns.yaml + #mkdir -p $VKPR_HOME/configs/cert-manager/ $VKPR_HOME/values/cert-manager/ - add_token_dns install_crds add_repo_certmanager - add_issuer install_certmanager + add_token_dns + add_issuer +} + +get_credentials() { + # CREDENTIAL INPUT NOT WORKING IN SHELL FORMULA + # PARSING FILE DIRECTLY AND IGNORING INPUT ("-r" is important!!!) + VKPR_ACCESS_TOKEN_INPUT=$(jq -r .credential.token ~/.rit/credentials/default/digitalocean) + if [ -z "$VKPR_ACCESS_TOKEN_INPUT" ]; then + echo "yellow" "No digitalocean token found in rit credentials. Falling back to DO_AUTH_TOKEN env variable." + VKPR_ACCESS_TOKEN_INPUT="$DO_AUTH_TOKEN" + fi + if [ -z "$VKPR_ACCESS_TOKEN_INPUT" ]; then + echoColor "red" "No digitalocean token found in both rit credentials or DO_AUTH_TOKEN env variable." + echoColor "red" "Cert-manager will fail to negotiate certificates unless you provide the digitalocean-dns secret manually." + echoColor "red" "Please check https://cert-manager.io/docs/configuration/acme/dns01/digitalocean/" + fi +} + +get_cert_values() { + # checking local values + VKPR_CERT_VALUES="$CURRENT_PWD/.vkpr/cert-manager-values.yaml" + if [ ! -f "$VKPR_CERT_VALUES" ]; then + VKPR_CERT_VALUES=$(dirname "$0")/utils/cert-manager-values.yaml + echoColor "yellow" "Reading cert-manager values from formula default file" + else + echoColor "green" "Reading cert-manager values from project local file '.vkpr/cert-manager-values.yaml'" + fi } add_repo_certmanager() { @@ -19,32 +48,45 @@ add_repo_certmanager() { $VKPR_HOME/bin/helm repo update } -add_token_dns(){ - export VKPR_ACCESS_TOKEN_INPUT=$INPUT_API_AT_CLUSTER_ISSUER - . $(dirname "$0")/utils/token-dns.sh $VKPR_CERT_TOKEN - echo $VKPR_ACCESS_TOKEN_INPUT | base64 >> $VKPR_CERT_TOKEN - $VKPR_HOME/bin/kubectl apply -f $VKPR_CERT_TOKEN +add_token_dns() { + # detect OS for proper base64 args + BASE64_ARGS="" + if [[ "$OSTYPE" != "darwin"* ]]; then + BASE64_ARGS="-w0" + fi + if [ -z "$VKPR_ACCESS_TOKEN_INPUT" ]; then + echo "red" "No token available, skipping digitalocean-dns secret deployment." + else + # replaces token in VKPR_CERT_TOKEN template + VKPR_ACCESS_TOKEN_INPUT_BASE64=$(echo "$VKPR_ACCESS_TOKEN_INPUT" | base64 $BASE64_ARGS) \ + ~/.vkpr/bin/yq eval '.data.access-token = env(VKPR_ACCESS_TOKEN_INPUT_BASE64) | .data.access-token style = "double"' "$VKPR_CERT_TOKEN" \ + | $VKPR_HOME/bin/kubectl apply -f - + fi } install_crds() { - echoColor "yellow" "Adicionando CRDS do cert-manager..." - $VKPR_HOME/bin/kubectl apply -f https://github.com/jetstack/cert-manager/releases/download/v1.4.2/cert-manager.crds.yaml + echoColor "yellow" "Installing cert-manager CRDS beforehand..." + $VKPR_HOME/bin/kubectl apply -f "https://github.com/jetstack/cert-manager/releases/download/$VKPR_CERT_VERSION/cert-manager.crds.yaml" } add_issuer() { - echoColor "yellow" "Adicionando Cluster Issuer do cert-manager..." - export VKPR_EMAIL_INPUT=$INPUT_EMAIL_CLUSTER_ISSUER - . $(dirname $0)/utils/issuer.sh $VKPR_EMAIL_INPUT $VKPR_CERT_ISSUER - $VKPR_HOME/bin/kubectl apply -f $VKPR_CERT_ISSUER + echoColor "yellow" "Installing Issuers and/or ClusterIssuers..." + VKPR_EMAIL_INPUT="$INPUT_EMAIL_CLUSTER_ISSUER" \ + ~/.vkpr/bin/yq eval '.spec.acme.email = env(VKPR_EMAIL_INPUT)' "$VKPR_CERT_ISSUER" \ + | $VKPR_HOME/bin/kubectl apply -f - } install_certmanager() { - echoColor "yellow" "Instalando o cert-manager..." - if [[ ! -e $VKPR_CERT_VALUES ]]; then - echoColor "red" "Não identificado nenhum values para a aplicacão, será utilizado um values padrão" - . $(dirname $0)/utils/cert-manager.sh $VKPR_CERT_VALUES - fi - $VKPR_HOME/bin/helm upgrade -i -f $VKPR_CERT_VALUES cert-manager jetstack/cert-manager + echoColor "yellow" "Installing cert-manager..." + # if [[ ! -e $VKPR_CERT_VALUES ]]; then + # echoColor "red" "Não identificado nenhum values para a aplicacão, será utilizado um values padrão" + # . $(dirname $0)/utils/cert-manager.sh $VKPR_CERT_VALUES + # fi + # namespace cert-manager mandatory + $VKPR_HOME/bin/helm upgrade -i -f "$VKPR_CERT_VALUES" \ + --namespace cert-manager --create-namespace \ + --version "$VKPR_CERT_VERSION" \ + cert-manager jetstack/cert-manager } echoColor() { diff --git a/vkpr/cert-manager/install/src/utils/cert-manager.sh b/vkpr/cert-manager/install/src/utils/cert-manager-values.yaml similarity index 50% rename from vkpr/cert-manager/install/src/utils/cert-manager.sh rename to vkpr/cert-manager/install/src/utils/cert-manager-values.yaml index c257a076..453a5cf9 100644 --- a/vkpr/cert-manager/install/src/utils/cert-manager.sh +++ b/vkpr/cert-manager/install/src/utils/cert-manager-values.yaml @@ -1,7 +1,7 @@ -#!/bin/sh -printf \ -"installCRDs: false +installCRDs: false ingressShim: defaultIssuerName: letsencrypt-staging defaultIssuerKind: ClusterIssuer - defaultIssuerGroup: cert-manager.io" > $1 \ No newline at end of file + defaultIssuerGroup: cert-manager.io +prometheus: + enabled: false diff --git a/vkpr/cert-manager/install/src/utils/issuer.sh b/vkpr/cert-manager/install/src/utils/issuers.yaml similarity index 54% rename from vkpr/cert-manager/install/src/utils/issuer.sh rename to vkpr/cert-manager/install/src/utils/issuers.yaml index 2dc9ed51..4ac7aef1 100755 --- a/vkpr/cert-manager/install/src/utils/issuer.sh +++ b/vkpr/cert-manager/install/src/utils/issuers.yaml @@ -1,21 +1,18 @@ -#!/bin/sh -printf \ -"apiVersion: cert-manager.io/v1 +apiVersion: cert-manager.io/v1 kind: ClusterIssuer metadata: name: letsencrypt-staging + namespace: cert-manager spec: acme: - email: $1 + email: user@example.com server: https://acme-staging-v02.api.letsencrypt.org/directory privateKeySecretRef: - name: acme-staging-issuer-account-key + name: letsencrypt-staging-key solvers: - - selector: - dnsZones: - - '"whoami.vkpr-dev.vertigo.com.br"' + - selector: {} dns01: digitalocean: tokenSecretRef: name: digitalocean-dns - key: access-token" > $2 \ No newline at end of file + key: access-token diff --git a/vkpr/cert-manager/install/src/utils/token-dns.sh b/vkpr/cert-manager/install/src/utils/token-dns.sh deleted file mode 100644 index ca777e68..00000000 --- a/vkpr/cert-manager/install/src/utils/token-dns.sh +++ /dev/null @@ -1,8 +0,0 @@ -#!/bin/sh -printf \ -"apiVersion: v1 -kind: Secret -metadata: - name: digitalocean-dns -data: - access-token: " > $1 \ No newline at end of file diff --git a/vkpr/cert-manager/install/src/utils/token-dns.yaml b/vkpr/cert-manager/install/src/utils/token-dns.yaml new file mode 100644 index 00000000..c92a7d4e --- /dev/null +++ b/vkpr/cert-manager/install/src/utils/token-dns.yaml @@ -0,0 +1,7 @@ +apiVersion: v1 +kind: Secret +metadata: + name: digitalocean-dns + namespace: cert-manager +data: + access-token: $token diff --git a/vkpr/cert-manager/remove/src/unix/formula/formula.sh b/vkpr/cert-manager/remove/src/unix/formula/formula.sh index 21a9409d..d7695e35 100755 --- a/vkpr/cert-manager/remove/src/unix/formula/formula.sh +++ b/vkpr/cert-manager/remove/src/unix/formula/formula.sh @@ -2,10 +2,10 @@ runFormula() { VKPR_HOME=~/.vkpr - echoColor "yellow" "Removendo Cert-manager do cluster..." - $VKPR_HOME/bin/kubectl delete crd $($VKPR_HOME/bin/kubectl get crd -o name | grep cert | cut -d"/" -f2) - rm -rf $VKPR_HOME/configs/cert-manager/ $VKPR_HOME/values/cert-manager/ - $VKPR_HOME/bin/helm uninstall cert-manager + echoColor "yellow" "Removing cert-manager (CRDs will *NOT* be deleted)..." + #$VKPR_HOME/bin/kubectl delete crd $($VKPR_HOME/bin/kubectl get crd -o name | grep cert | cut -d"/" -f2) + #rm -rf $VKPR_HOME/configs/cert-manager/ $VKPR_HOME/values/cert-manager/ + $VKPR_HOME/bin/helm uninstall cert-manager -n cert-manager } echoColor() { diff --git a/vkpr/whoami/install/src/unix/formula/formula.sh b/vkpr/whoami/install/src/unix/formula/formula.sh index 80d90184..514af4f7 100755 --- a/vkpr/whoami/install/src/unix/formula/formula.sh +++ b/vkpr/whoami/install/src/unix/formula/formula.sh @@ -1,36 +1,38 @@ #!/bin/sh runFormula() { - echoColor "yellow" "Instalando Whoami..." + echoColor "yellow" "Installing whoami..." VKPR_HOME=~/.vkpr - mkdir -p $VKPR_HOME/values/whoami - VKPR_WHOAMI_VALUES=$VKPR_HOME/values/whoami/values.yaml - touch $VKPR_WHOAMI_VALUES + #mkdir -p $VKPR_HOME/values/whoami + VKPR_WHOAMI_VALUES=$(dirname "$0")/utils/whoami.yaml + #touch $VKPR_WHOAMI_VALUES addRepoWhoami installWhoami } addRepoWhoami(){ - helm repo add cowboysysop https://cowboysysop.github.io/charts/ + $VKPR_HOME/bin/helm repo add cowboysysop https://cowboysysop.github.io/charts/ + $VKPR_HOME/bin/helm repo update } -verifyHasIngress(){ - INGRESS=$($VKPR_HOME/bin/kubectl wait --for=condition=available deploy ingress-nginx-controller -o name | cut -d "/" -f2) - if [[ ! $INGRESS = "ingress-nginx-controller" ]]; then - local res=$? - echo $res - fi -} +# verifyHasIngress(){ +# INGRESS=$($VKPR_HOME/bin/kubectl wait --for=condition=available deploy ingress-nginx-controller -o name | cut -d "/" -f2) +# if [[ ! $INGRESS = "ingress-nginx-controller" ]]; then +# local res=$? +# echo $res +# fi +# } installWhoami(){ - if [[ ! -n $(verifyHasIngress) ]]; then - . $(dirname "$0")/utils/whoami.sh $VKPR_WHOAMI_VALUES - helm upgrade -i -f $VKPR_WHOAMI_VALUES whoami cowboysysop/whoami - else - echoColor "red" "Não há ingress instalado, para utilizar o Whoami no localhost deve-se subir o ingress." - helm upgrade -i whoami cowboysysop/whoami - fi + # if [[ ! -n $(verifyHasIngress) ]]; then + # . $(dirname "$0")/utils/whoami.sh $VKPR_WHOAMI_VALUES + # helm upgrade -i -f $VKPR_WHOAMI_VALUES whoami cowboysysop/whoami + # else + # echoColor "red" "Não há ingress instalado, para utilizar o Whoami no localhost deve-se subir o ingress." + # helm upgrade -i whoami cowboysysop/whoami + # fi + $VKPR_HOME/bin/helm upgrade -i -f $VKPR_WHOAMI_VALUES whoami cowboysysop/whoami } echoColor() { diff --git a/vkpr/whoami/install/src/utils/whoami.sh b/vkpr/whoami/install/src/utils/whoami.sh deleted file mode 100644 index 960d0cba..00000000 --- a/vkpr/whoami/install/src/utils/whoami.sh +++ /dev/null @@ -1,15 +0,0 @@ -#!/bin/sh -printf \ -"ingress: - enabled: true - annotations: - kubernetes.io/ingress.class: nginx - kubernetes.io/tls-acme: '"true"' - pathType: Prefix - hosts: - - host: whoami.vkpr-dev.vertigo.com.br - paths: ['"/"'] - tls: - - hosts: - - whoami.vkpr-dev.vertigo.com.br - secretName: whoami-cert" > $1 \ No newline at end of file diff --git a/vkpr/whoami/install/src/utils/whoami.yaml b/vkpr/whoami/install/src/utils/whoami.yaml new file mode 100644 index 00000000..4b9f49d6 --- /dev/null +++ b/vkpr/whoami/install/src/utils/whoami.yaml @@ -0,0 +1,13 @@ +ingress: + enabled: true + annotations: + kubernetes.io/ingress.class: nginx + cert-manager.io/cluster-issuer: letsencrypt-staging + hosts: + - host: "whoami.vkpr-dev.vertigo.com.br" + paths: ["/"] + tls: + - hosts: + - "whoami.vkpr-dev.vertigo.com.br" + secretName: whoami-cert + pathType: Prefix From a7416b272a47b41f0ac436ad236de48e20166e98 Mon Sep 17 00:00:00 2001 From: Andre Fernandes Date: Thu, 12 Aug 2021 15:17:13 -0300 Subject: [PATCH 08/12] broken: simplify input names --- vkpr/cert-manager/install/config.json | 4 ++-- .../install/src/unix/formula/formula.sh | 4 ++-- .../install/src/utils/issuers.yaml | 21 +++++++++++++++++++ vkpr/whoami/install/src/utils/whoami.yaml | 3 ++- 4 files changed, 27 insertions(+), 5 deletions(-) diff --git a/vkpr/cert-manager/install/config.json b/vkpr/cert-manager/install/config.json index 3d34714b..78d8b5d4 100755 --- a/vkpr/cert-manager/install/config.json +++ b/vkpr/cert-manager/install/config.json @@ -3,13 +3,13 @@ "inputs": [ { "label": "Type your email to use to generate certificates: ", - "name": "input_email_cluster_issuer", + "name": "email", "required": true, "tutorial": "@", "type": "text" }, { - "name": "input_API_AT_cluster_issuer", + "name": "token", "type": "CREDENTIAL_DIGITALOCEAN_TOKEN" } ], diff --git a/vkpr/cert-manager/install/src/unix/formula/formula.sh b/vkpr/cert-manager/install/src/unix/formula/formula.sh index 5a626f95..e214bc02 100755 --- a/vkpr/cert-manager/install/src/unix/formula/formula.sh +++ b/vkpr/cert-manager/install/src/unix/formula/formula.sh @@ -20,7 +20,7 @@ runFormula() { get_credentials() { # CREDENTIAL INPUT NOT WORKING IN SHELL FORMULA # PARSING FILE DIRECTLY AND IGNORING INPUT ("-r" is important!!!) - VKPR_ACCESS_TOKEN_INPUT=$(jq -r .credential.token ~/.rit/credentials/default/digitalocean) + #VKPR_ACCESS_TOKEN_INPUT=$(jq -r .credential.token ~/.rit/credentials/default/digitalocean) if [ -z "$VKPR_ACCESS_TOKEN_INPUT" ]; then echo "yellow" "No digitalocean token found in rit credentials. Falling back to DO_AUTH_TOKEN env variable." VKPR_ACCESS_TOKEN_INPUT="$DO_AUTH_TOKEN" @@ -59,7 +59,7 @@ add_token_dns() { else # replaces token in VKPR_CERT_TOKEN template VKPR_ACCESS_TOKEN_INPUT_BASE64=$(echo "$VKPR_ACCESS_TOKEN_INPUT" | base64 $BASE64_ARGS) \ - ~/.vkpr/bin/yq eval '.data.access-token = env(VKPR_ACCESS_TOKEN_INPUT_BASE64) | .data.access-token style = "double"' "$VKPR_CERT_TOKEN" \ + $VKPR_HOME/bin/yq eval '.data.access-token = env(VKPR_ACCESS_TOKEN_INPUT_BASE64) | .data.access-token style = "double"' "$VKPR_CERT_TOKEN" \ | $VKPR_HOME/bin/kubectl apply -f - fi } diff --git a/vkpr/cert-manager/install/src/utils/issuers.yaml b/vkpr/cert-manager/install/src/utils/issuers.yaml index 4ac7aef1..f818a74b 100755 --- a/vkpr/cert-manager/install/src/utils/issuers.yaml +++ b/vkpr/cert-manager/install/src/utils/issuers.yaml @@ -16,3 +16,24 @@ spec: tokenSecretRef: name: digitalocean-dns key: access-token + +--- + +apiVersion: cert-manager.io/v1 +kind: ClusterIssuer +metadata: + name: letsencrypt-production + namespace: cert-manager +spec: + acme: + email: user@example.com + server: https://acme-v02.api.letsencrypt.org/directory + privateKeySecretRef: + name: letsencrypt-production-key + solvers: + - selector: {} + dns01: + digitalocean: + tokenSecretRef: + name: digitalocean-dns + key: access-token diff --git a/vkpr/whoami/install/src/utils/whoami.yaml b/vkpr/whoami/install/src/utils/whoami.yaml index 4b9f49d6..930c188c 100644 --- a/vkpr/whoami/install/src/utils/whoami.yaml +++ b/vkpr/whoami/install/src/utils/whoami.yaml @@ -2,7 +2,8 @@ ingress: enabled: true annotations: kubernetes.io/ingress.class: nginx - cert-manager.io/cluster-issuer: letsencrypt-staging + kubernetes.io/tls-acme: "true" + #cert-manager.io/cluster-issuer: letsencrypt-staging hosts: - host: "whoami.vkpr-dev.vertigo.com.br" paths: ["/"] From 9518c32d74d87acabee732ed050980e9c342b46a Mon Sep 17 00:00:00 2001 From: Jpeedroza Date: Fri, 13 Aug 2021 14:00:44 -0300 Subject: [PATCH 09/12] Fixing functions and variables --- vkpr/cert-manager/install/config.json | 10 ++- .../install/src/unix/formula/formula.sh | 86 ++++++++----------- ...-manager-values.yaml => cert-manager.yaml} | 0 .../src/utils/{issuers.yaml => issuer.yaml} | 2 - .../remove/src/unix/formula/formula.sh | 7 +- 5 files changed, 49 insertions(+), 56 deletions(-) rename vkpr/cert-manager/install/src/utils/{cert-manager-values.yaml => cert-manager.yaml} (100%) rename vkpr/cert-manager/install/src/utils/{issuers.yaml => issuer.yaml} (99%) diff --git a/vkpr/cert-manager/install/config.json b/vkpr/cert-manager/install/config.json index 78d8b5d4..dc2702e7 100755 --- a/vkpr/cert-manager/install/config.json +++ b/vkpr/cert-manager/install/config.json @@ -2,14 +2,20 @@ "dockerImageBuilder": "ritclizup/rit-shell-bat-builder", "inputs": [ { - "label": "Type your email to use to generate certificates: ", + "label": "Type your email to use to generate certificates:", "name": "email", "required": true, "tutorial": "@", - "type": "text" + "type": "text", + "cache": { + "active": true, + "qty": 2, + "newLabel": "Type other email: " + } }, { "name": "token", + "required": true, "type": "CREDENTIAL_DIGITALOCEAN_TOKEN" } ], diff --git a/vkpr/cert-manager/install/src/unix/formula/formula.sh b/vkpr/cert-manager/install/src/unix/formula/formula.sh index e214bc02..66462339 100755 --- a/vkpr/cert-manager/install/src/unix/formula/formula.sh +++ b/vkpr/cert-manager/install/src/unix/formula/formula.sh @@ -4,11 +4,18 @@ runFormula() { VKPR_HOME=~/.vkpr VKPR_CERT_VERSION="v1.5.0" - get_cert_values - get_credentials + VKPR_CERT_VALUES=$VKPR_HOME/values/cert-manager.yaml VKPR_CERT_ISSUER=$(dirname "$0")/utils/issuers.yaml VKPR_CERT_TOKEN=$(dirname "$0")/utils/token-dns.yaml - #mkdir -p $VKPR_HOME/configs/cert-manager/ $VKPR_HOME/values/cert-manager/ + + VKPR_KUBECTL=$VKPR_HOME/bin/kubectl + VKPR_HELM=$VKPR_HOME/bin/helm + VKPR_YQ=$VKPR_HOME/bin/yq + + VKPR_INPUT_ACCESS_TOKEN=$TOKEN + VKPR_INPUT_EMAIL="$EMAIL" + + mkdir -p $VKPR_HOME/values/cert-manager/ install_crds add_repo_certmanager @@ -17,76 +24,57 @@ runFormula() { add_issuer } -get_credentials() { - # CREDENTIAL INPUT NOT WORKING IN SHELL FORMULA - # PARSING FILE DIRECTLY AND IGNORING INPUT ("-r" is important!!!) - #VKPR_ACCESS_TOKEN_INPUT=$(jq -r .credential.token ~/.rit/credentials/default/digitalocean) - if [ -z "$VKPR_ACCESS_TOKEN_INPUT" ]; then - echo "yellow" "No digitalocean token found in rit credentials. Falling back to DO_AUTH_TOKEN env variable." - VKPR_ACCESS_TOKEN_INPUT="$DO_AUTH_TOKEN" - fi - if [ -z "$VKPR_ACCESS_TOKEN_INPUT" ]; then - echoColor "red" "No digitalocean token found in both rit credentials or DO_AUTH_TOKEN env variable." - echoColor "red" "Cert-manager will fail to negotiate certificates unless you provide the digitalocean-dns secret manually." - echoColor "red" "Please check https://cert-manager.io/docs/configuration/acme/dns01/digitalocean/" - fi +install_crds() { + echoColor "yellow" "Installing cert-manager CRDS beforehand..." + $VKPR_KUBECTL apply -f "https://github.com/jetstack/cert-manager/releases/download/$VKPR_CERT_VERSION/cert-manager.crds.yaml" +} + +add_repo_certmanager() { + $VKPR_HELM repo add jetstack https://charts.jetstack.io + $VKPR_HELM repo update +} + +install_certmanager() { + echoColor "yellow" "Installing cert-manager..." + get_cert_values + # namespace cert-manager mandatory + $VKPR_HELM upgrade -i -f $VKPR_CERT_VALUES \ + -n cert-manager --create-namespace \ + --version "$VKPR_CERT_VERSION" \ + cert-manager jetstack/cert-manager } get_cert_values() { # checking local values - VKPR_CERT_VALUES="$CURRENT_PWD/.vkpr/cert-manager-values.yaml" if [ ! -f "$VKPR_CERT_VALUES" ]; then - VKPR_CERT_VALUES=$(dirname "$0")/utils/cert-manager-values.yaml + VKPR_CERT_VALUES=$(dirname "$0")/utils/cert-manager.yaml echoColor "yellow" "Reading cert-manager values from formula default file" else - echoColor "green" "Reading cert-manager values from project local file '.vkpr/cert-manager-values.yaml'" + echoColor "green" "Reading cert-manager values from project local file '.vkpr/values/cert-manager.yaml'" fi } -add_repo_certmanager() { - $VKPR_HOME/bin/helm repo add jetstack https://charts.jetstack.io - $VKPR_HOME/bin/helm repo update -} - add_token_dns() { # detect OS for proper base64 args BASE64_ARGS="" if [[ "$OSTYPE" != "darwin"* ]]; then BASE64_ARGS="-w0" fi - if [ -z "$VKPR_ACCESS_TOKEN_INPUT" ]; then + if [ -z "$VKPR_INPUT_ACCESS_TOKEN" ]; then echo "red" "No token available, skipping digitalocean-dns secret deployment." else # replaces token in VKPR_CERT_TOKEN template - VKPR_ACCESS_TOKEN_INPUT_BASE64=$(echo "$VKPR_ACCESS_TOKEN_INPUT" | base64 $BASE64_ARGS) \ - $VKPR_HOME/bin/yq eval '.data.access-token = env(VKPR_ACCESS_TOKEN_INPUT_BASE64) | .data.access-token style = "double"' "$VKPR_CERT_TOKEN" \ - | $VKPR_HOME/bin/kubectl apply -f - + echoColor "yellow" "Adding the Token..." + VKPR_INPUT_ACCESS_TOKEN_BASE64=$(echo "$VKPR_INPUT_ACCESS_TOKEN" | base64 $BASE64_ARGS) \ + $VKPR_YQ eval '.data.access-token = strenv(VKPR_INPUT_ACCESS_TOKEN_BASE64) | .data.access-token style = "double"' "$VKPR_CERT_TOKEN" \ + | $VKPR_KUBECTL apply -f - fi } -install_crds() { - echoColor "yellow" "Installing cert-manager CRDS beforehand..." - $VKPR_HOME/bin/kubectl apply -f "https://github.com/jetstack/cert-manager/releases/download/$VKPR_CERT_VERSION/cert-manager.crds.yaml" -} - add_issuer() { echoColor "yellow" "Installing Issuers and/or ClusterIssuers..." - VKPR_EMAIL_INPUT="$INPUT_EMAIL_CLUSTER_ISSUER" \ - ~/.vkpr/bin/yq eval '.spec.acme.email = env(VKPR_EMAIL_INPUT)' "$VKPR_CERT_ISSUER" \ - | $VKPR_HOME/bin/kubectl apply -f - -} - -install_certmanager() { - echoColor "yellow" "Installing cert-manager..." - # if [[ ! -e $VKPR_CERT_VALUES ]]; then - # echoColor "red" "Não identificado nenhum values para a aplicacão, será utilizado um values padrão" - # . $(dirname $0)/utils/cert-manager.sh $VKPR_CERT_VALUES - # fi - # namespace cert-manager mandatory - $VKPR_HOME/bin/helm upgrade -i -f "$VKPR_CERT_VALUES" \ - --namespace cert-manager --create-namespace \ - --version "$VKPR_CERT_VERSION" \ - cert-manager jetstack/cert-manager + $VKPR_YQ eval '.spec.acme.email = strenv(VKPR_INPUT_EMAIL)' "$VKPR_CERT_ISSUER" \ + | $VKPR_KUBECTL apply -f - } echoColor() { diff --git a/vkpr/cert-manager/install/src/utils/cert-manager-values.yaml b/vkpr/cert-manager/install/src/utils/cert-manager.yaml similarity index 100% rename from vkpr/cert-manager/install/src/utils/cert-manager-values.yaml rename to vkpr/cert-manager/install/src/utils/cert-manager.yaml diff --git a/vkpr/cert-manager/install/src/utils/issuers.yaml b/vkpr/cert-manager/install/src/utils/issuer.yaml similarity index 99% rename from vkpr/cert-manager/install/src/utils/issuers.yaml rename to vkpr/cert-manager/install/src/utils/issuer.yaml index f818a74b..09b9587b 100755 --- a/vkpr/cert-manager/install/src/utils/issuers.yaml +++ b/vkpr/cert-manager/install/src/utils/issuer.yaml @@ -16,9 +16,7 @@ spec: tokenSecretRef: name: digitalocean-dns key: access-token - --- - apiVersion: cert-manager.io/v1 kind: ClusterIssuer metadata: diff --git a/vkpr/cert-manager/remove/src/unix/formula/formula.sh b/vkpr/cert-manager/remove/src/unix/formula/formula.sh index d7695e35..560b3465 100755 --- a/vkpr/cert-manager/remove/src/unix/formula/formula.sh +++ b/vkpr/cert-manager/remove/src/unix/formula/formula.sh @@ -2,10 +2,11 @@ runFormula() { VKPR_HOME=~/.vkpr - echoColor "yellow" "Removing cert-manager (CRDs will *NOT* be deleted)..." - #$VKPR_HOME/bin/kubectl delete crd $($VKPR_HOME/bin/kubectl get crd -o name | grep cert | cut -d"/" -f2) - #rm -rf $VKPR_HOME/configs/cert-manager/ $VKPR_HOME/values/cert-manager/ + echoColor "yellow" "Removing cert-manager..." + rm -rf $VKPR_HOME/configs/cert-manager/ $VKPR_HOME/values/cert-manager/ + $VKPR_HOME/bin/kubectl delete clusterissuer letsencrypt-staging $VKPR_HOME/bin/helm uninstall cert-manager -n cert-manager + $VKPR_HOME/bin/kubectl delete ns cert-manager } echoColor() { From a524521214142b25a909e54d680946f23a654597 Mon Sep 17 00:00:00 2001 From: Jpeedroza Date: Fri, 13 Aug 2021 14:21:25 -0300 Subject: [PATCH 10/12] Att remove formula from whoami --- vkpr/whoami/remove/src/unix/formula/formula.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/vkpr/whoami/remove/src/unix/formula/formula.sh b/vkpr/whoami/remove/src/unix/formula/formula.sh index 7cf6e45f..9d108102 100755 --- a/vkpr/whoami/remove/src/unix/formula/formula.sh +++ b/vkpr/whoami/remove/src/unix/formula/formula.sh @@ -8,7 +8,8 @@ runFormula() { } uninstallWhoami(){ - helm uninstall whoami + $VKPR_HOME/bin/helm uninstall whoami + $VKPR_HOME/bin/kubectl delete secret whoami-cert } echoColor() { From 731db76dda7b76c7ff194c69675cb3d4f47b65d4 Mon Sep 17 00:00:00 2001 From: Jpeedroza Date: Fri, 13 Aug 2021 14:34:45 -0300 Subject: [PATCH 11/12] Refactoring whoami formula --- .../install/src/unix/formula/formula.sh | 26 ++++--------------- vkpr/whoami/install/src/utils/whoami.yaml | 9 +++---- .../whoami/remove/src/unix/formula/formula.sh | 4 +-- 3 files changed, 11 insertions(+), 28 deletions(-) diff --git a/vkpr/whoami/install/src/unix/formula/formula.sh b/vkpr/whoami/install/src/unix/formula/formula.sh index 514af4f7..2e01e040 100755 --- a/vkpr/whoami/install/src/unix/formula/formula.sh +++ b/vkpr/whoami/install/src/unix/formula/formula.sh @@ -1,38 +1,22 @@ #!/bin/sh runFormula() { - echoColor "yellow" "Installing whoami..." VKPR_HOME=~/.vkpr - #mkdir -p $VKPR_HOME/values/whoami + VKPR_HELM=$VKPR_HOME/bin/helm VKPR_WHOAMI_VALUES=$(dirname "$0")/utils/whoami.yaml - #touch $VKPR_WHOAMI_VALUES addRepoWhoami installWhoami } addRepoWhoami(){ - $VKPR_HOME/bin/helm repo add cowboysysop https://cowboysysop.github.io/charts/ - $VKPR_HOME/bin/helm repo update + $VKPR_HELM repo add cowboysysop https://cowboysysop.github.io/charts/ + $VKPR_HELM repo update } -# verifyHasIngress(){ -# INGRESS=$($VKPR_HOME/bin/kubectl wait --for=condition=available deploy ingress-nginx-controller -o name | cut -d "/" -f2) -# if [[ ! $INGRESS = "ingress-nginx-controller" ]]; then -# local res=$? -# echo $res -# fi -# } - installWhoami(){ - # if [[ ! -n $(verifyHasIngress) ]]; then - # . $(dirname "$0")/utils/whoami.sh $VKPR_WHOAMI_VALUES - # helm upgrade -i -f $VKPR_WHOAMI_VALUES whoami cowboysysop/whoami - # else - # echoColor "red" "Não há ingress instalado, para utilizar o Whoami no localhost deve-se subir o ingress." - # helm upgrade -i whoami cowboysysop/whoami - # fi - $VKPR_HOME/bin/helm upgrade -i -f $VKPR_WHOAMI_VALUES whoami cowboysysop/whoami + echoColor "yellow" "Installing whoami..." + $VKPR_HELM upgrade -i -f $VKPR_WHOAMI_VALUES whoami cowboysysop/whoami } echoColor() { diff --git a/vkpr/whoami/install/src/utils/whoami.yaml b/vkpr/whoami/install/src/utils/whoami.yaml index 930c188c..b1febae6 100644 --- a/vkpr/whoami/install/src/utils/whoami.yaml +++ b/vkpr/whoami/install/src/utils/whoami.yaml @@ -3,12 +3,11 @@ ingress: annotations: kubernetes.io/ingress.class: nginx kubernetes.io/tls-acme: "true" - #cert-manager.io/cluster-issuer: letsencrypt-staging hosts: - host: "whoami.vkpr-dev.vertigo.com.br" paths: ["/"] - tls: - - hosts: - - "whoami.vkpr-dev.vertigo.com.br" - secretName: whoami-cert pathType: Prefix + tls: + - hosts: + - "whoami.vkpr-dev.vertigo.com.br" + secretName: whoami-cert diff --git a/vkpr/whoami/remove/src/unix/formula/formula.sh b/vkpr/whoami/remove/src/unix/formula/formula.sh index 9d108102..e355e18b 100755 --- a/vkpr/whoami/remove/src/unix/formula/formula.sh +++ b/vkpr/whoami/remove/src/unix/formula/formula.sh @@ -1,13 +1,13 @@ #!/bin/sh runFormula() { - echoColor "yellow" "Removendo Whoami..." VKPR_HOME=~/.vkpr - rm -rf $VKPR_HOME/values/whoami + uninstallWhoami } uninstallWhoami(){ + echoColor "yellow" "Removendo Whoami..." $VKPR_HOME/bin/helm uninstall whoami $VKPR_HOME/bin/kubectl delete secret whoami-cert } From da3ee363cc31a3a516da4b0b6b034238cea7ca8d Mon Sep 17 00:00:00 2001 From: Jpeedroza Date: Fri, 13 Aug 2021 15:06:46 -0300 Subject: [PATCH 12/12] Changing the formula helper messages from whoami --- vkpr/whoami/help.json | 4 ++-- vkpr/whoami/install/build.sh | 2 -- vkpr/whoami/install/config.json | 1 - vkpr/whoami/install/help.json | 4 ++-- vkpr/whoami/install/set_umask.sh | 3 --- vkpr/whoami/remove/config.json | 1 - vkpr/whoami/remove/help.json | 4 ++-- vkpr/whoami/remove/set_umask.sh | 3 --- 8 files changed, 6 insertions(+), 16 deletions(-) delete mode 100755 vkpr/whoami/install/set_umask.sh delete mode 100755 vkpr/whoami/remove/set_umask.sh diff --git a/vkpr/whoami/help.json b/vkpr/whoami/help.json index b4b57a08..735954f8 100644 --- a/vkpr/whoami/help.json +++ b/vkpr/whoami/help.json @@ -1,4 +1,4 @@ { - "short": "Add the Whoami to the cluster.", - "long": "Add a Pod and dependences containing a Whoami App in the cluster." + "short": "Manage whoami", + "long": "Whoami is a Tiny Go webserver that prints OS information and HTTP request to output" } \ No newline at end of file diff --git a/vkpr/whoami/install/build.sh b/vkpr/whoami/install/build.sh index 10c4ad30..9d822cee 100755 --- a/vkpr/whoami/install/build.sh +++ b/vkpr/whoami/install/build.sh @@ -2,9 +2,7 @@ BIN_FOLDER=bin BINARY_NAME_UNIX=run.sh -BINARY_NAME_WINDOWS=run.bat ENTRY_POINT_UNIX=main.sh -ENTRY_POINT_WINDOWS=main.bat #bash-build: mkdir -p $BIN_FOLDER diff --git a/vkpr/whoami/install/config.json b/vkpr/whoami/install/config.json index 1815fa5e..faf40389 100755 --- a/vkpr/whoami/install/config.json +++ b/vkpr/whoami/install/config.json @@ -1,5 +1,4 @@ { - "dockerImageBuilder": "ritclizup/rit-shell-bat-builder", "inputs": [ { "default": "whoami.localhost", diff --git a/vkpr/whoami/install/help.json b/vkpr/whoami/install/help.json index 5c51828d..47eaf5a0 100644 --- a/vkpr/whoami/install/help.json +++ b/vkpr/whoami/install/help.json @@ -1,4 +1,4 @@ { - "short": "Install the Whoami to the cluster.", - "long": "Install the Pod and dependences containing a Whoami App in the cluster." + "short": "Install whoami", + "long": "Install the whoami in the cluster by a Helm Chart." } \ No newline at end of file diff --git a/vkpr/whoami/install/set_umask.sh b/vkpr/whoami/install/set_umask.sh deleted file mode 100755 index 091c13d6..00000000 --- a/vkpr/whoami/install/set_umask.sh +++ /dev/null @@ -1,3 +0,0 @@ -#!/bin/sh -umask 0011 -$1 diff --git a/vkpr/whoami/remove/config.json b/vkpr/whoami/remove/config.json index e87a59b6..257f1ebe 100755 --- a/vkpr/whoami/remove/config.json +++ b/vkpr/whoami/remove/config.json @@ -1,5 +1,4 @@ { - "dockerImageBuilder": "ritclizup/rit-shell-bat-builder", "inputs": [], "template": "shell-bat", "templateRelease:": "2.16.2" diff --git a/vkpr/whoami/remove/help.json b/vkpr/whoami/remove/help.json index 0315fca4..47a0dade 100644 --- a/vkpr/whoami/remove/help.json +++ b/vkpr/whoami/remove/help.json @@ -1,4 +1,4 @@ { - "short": "Remove the Whoami from the cluster.", - "long": "Remove all the content about the Whoami App in the cluster." + "short": "Remove whoami", + "long": "Remove the whoami and its dependencies from the cluster" } \ No newline at end of file diff --git a/vkpr/whoami/remove/set_umask.sh b/vkpr/whoami/remove/set_umask.sh deleted file mode 100755 index 091c13d6..00000000 --- a/vkpr/whoami/remove/set_umask.sh +++ /dev/null @@ -1,3 +0,0 @@ -#!/bin/sh -umask 0011 -$1