Merge remote-tracking branch 'origin/stage' into VKPR-178

vkpr/cert-manager/install/aws/README.md

@@ -0,0 +1 @@
+

vkpr/cert-manager/install/aws/build.sh

@@ -0,0 +1,11 @@
+#!/bin/sh
+
+BIN_FOLDER=bin
+BINARY_NAME_UNIX=run.sh
+ENTRY_POINT_UNIX=main.sh
+
+#bash-build:
+	mkdir -p $BIN_FOLDER
+	cp -r src/* $BIN_FOLDER
+	mv $BIN_FOLDER/$ENTRY_POINT_UNIX $BIN_FOLDER/$BINARY_NAME_UNIX
+	chmod +x $BIN_FOLDER/$BINARY_NAME_UNIX

vkpr/cert-manager/install/aws/config.json

@@ -0,0 +1,59 @@
+{
+  "inputs": [
+    {
+      "label": "Type your email to use to generate certificates:",
+      "default": "[email protected]",
+      "name": "email",
+      "required": true,
+      "tutorial": "<email>@<domain>",
+      "type": "text",
+      "cache": {
+        "active": true,
+        "qty": 2,
+        "newLabel": "Type other email: "
+      }
+    },
+    {
+      "default": "letsencrypt-staging",
+      "items": [
+        "letsencrypt-staging",
+        "letsencrypt-production"
+      ],
+      "label": "What is the default cluster issuer? ",
+      "name": "issuer",
+      "required": true,
+      "type": "text"
+    },
+    {
+      "name": "aws_access_key",
+      "type": "CREDENTIAL_AWS_ACCESSKEYID"
+    },
+    {
+      "name": "aws_secret_key",
+      "type": "CREDENTIAL_AWS_SECRETACCESSKEY"
+    },
+    {
+      "name": "aws_region",
+      "label": "Type your aws region: ",
+      "type": "text",
+      "default": "us-east-1",
+      "cache": {
+        "active": true,
+        "qty": 2,
+        "newLabel": "Type another region: "
+      }
+    },
+    {
+      "name": "aws_iam_role_arn",
+      "label": "Type your IAM Role ARN: ",
+      "type": "text",
+      "cache": {
+        "active": true,
+        "qty": 2,
+        "newLabel": "Type another IAM Role ARN: "
+      }
+    }
+  ],
+  "template": "shell-bat",
+  "templateRelease": "2.17.0"
+}

vkpr/cert-manager/install/aws/help.json

@@ -0,0 +1,4 @@
+{
+  "short": "",
+  "long": ""
+}

vkpr/cert-manager/install/aws/metadata.json

@@ -0,0 +1,18 @@
+{
+  "execution": [
+    "local"
+  ],
+  "os": {
+    "deps": [],
+    "support": [
+      "mac",
+      "linux"
+    ]
+  },
+  "tags": [
+    "vkpr",
+    "cert-manager",
+    "install",
+    "aws"
+  ]
+}

vkpr/cert-manager/install/aws/src/main.sh

@@ -0,0 +1,11 @@
+#!/bin/bash
+
+VKPR_SCRIPTS=~/.vkpr/src
+
+source $VKPR_SCRIPTS/log.sh
+source $VKPR_SCRIPTS/var.sh
+source $VKPR_SCRIPTS/helper.sh
+
+. "$(dirname "$0")"/unix/formula/formula.sh --source-only
+
+runFormula

vkpr/cert-manager/install/aws/src/unix/formula/formula.sh

@@ -0,0 +1,67 @@
+#!/bin/sh
+
+runFormula() {
+  checkGlobalConfig $EMAIL "[email protected]" "cert-manager.email" "EMAIL"
+
+  startInfos
+  installCRDS
+  addCertManager
+  installCertManager
+  addTokenDNS
+  installIssuer
+}
+
+installCRDS() {
+  echoColor "yellow" "Installing cert-manager CRDS beforehand..."
+  $VKPR_KUBECTL apply -f "https://github.com/jetstack/cert-manager/releases/download/$VKPR_CERT_VERSION/cert-manager.crds.yaml"
+}
+
+addCertManager() {
+  registerHelmRepository jetstack https://charts.jetstack.io 
+}
+
+installCertManager() {
+  echoColor "yellow" "Installing cert-manager..."
+  local VKPR_CERT_MANAGER_VALUES=$(dirname "$0")/utils/cert-manager.yaml
+  local VKPR_ENV_CERT_ISSUER="$ISSUER"
+  $VKPR_YQ eval $VKPR_CERT_MANAGER_VALUES \
+  | $VKPR_HELM upgrade -i -f - \
+      -n cert-manager --create-namespace \
+      --set ingressShim.defaultIssuerName="$VKPR_ENV_CERT_ISSUER" \
+      --version "$VKPR_CERT_VERSION" \
+      --wait \
+      cert-manager jetstack/cert-manager
+}
+
+
+addTokenDNS() {
+  local VKPR_CERT_TOKEN=$(dirname "$0")/utils/route53-secret.yaml
+  local BASE64_ARGS=""  # detect OS for proper base64 args
+  if [[ "$OSTYPE" != "darwin"* ]]; then
+    BASE64_ARGS="-w0"
+  fi
+  echoColor "yellow" "Adding the Token..."
+  local VKPR_INPUT_SECRET_KEY_BASE64=$(echo "$AWS_SECRET_KEY" | base64 $BASE64_ARGS)
+  $VKPR_YQ eval '.data.secret-access-key = strenv(VKPR_INPUT_SECRET_KEY_BASE64) | 
+                  .data.secret-access-key style = "double"' "$VKPR_CERT_TOKEN" \
+  | $VKPR_KUBECTL apply -f -
+}
+
+installIssuer() {
+  echoColor "yellow" "Installing Issuers and/or ClusterIssuers..."
+  local VKPR_ISSUER_VALUES=$(dirname "$0")/utils/issuers.yaml
+  local VKPR_ENV_INPUT_EMAIL="$VKPR_ENV_EMAIL"
+  $VKPR_YQ eval '.spec.acme.email = "'$VKPR_ENV_INPUT_EMAIL'" |
+                 .spec.acme.solvers[0].dns01.route53.region = "'$AWS_REGION'" |
+                 .spec.acme.solvers[0].dns01.route53.accessKeyID = "'$AWS_ACCESS_KEY'" |
+                 .spec.acme.solvers[0].dns01.route53.role = "'$AWS_IAM_ROLE_ARN'"' "$VKPR_ISSUER_VALUES" \
+  | $VKPR_KUBECTL apply -f -
+}
+
+startInfos() {
+  echo "=============================="
+  echoColor "bold" "$(echoColor "green" "VKPR Cert-manager Install Routine")"
+  echoColor "bold" "$(echoColor "blue" "Provider:") AWS"
+  echoColor "bold" "$(echoColor "blue" "Email:") ${VKPR_ENV_EMAIL}"
+  echo "=============================="
+}

vkpr/cert-manager/install/aws/src/utils/IAM-policy.json

@@ -0,0 +1,23 @@
+{
+  "Version": "2012-10-17",
+  "Statement": [
+    {
+      "Effect": "Allow",
+      "Action": "route53:GetChange",
+      "Resource": "arn:aws:route53:::change/*"
+    },
+    {
+      "Effect": "Allow",
+      "Action": [
+        "route53:ChangeResourceRecordSets",
+        "route53:ListResourceRecordSets"
+      ],
+      "Resource": "arn:aws:route53:::hostedzone/*"
+    },
+    {
+      "Effect": "Allow",
+      "Action": "route53:ListHostedZonesByName",
+      "Resource": "*"
+    }
+  ]
+}

vkpr/cert-manager/install/aws/src/utils/cert-manager.yaml

@@ -0,0 +1,7 @@
+installCRDs: false
+ingressShim:
+  defaultIssuerName: letsencrypt-staging
+  defaultIssuerKind: ClusterIssuer
+  defaultIssuerGroup: cert-manager.io
+prometheus:
+  enabled: false

vkpr/cert-manager/install/aws/src/utils/issuers.yaml

@@ -0,0 +1,43 @@
+apiVersion: cert-manager.io/v1
+kind: ClusterIssuer
+metadata:
+  name: letsencrypt-staging
+  namespace: cert-manager
+spec:
+  acme:
+    email: [email protected]
+    server: https://acme-staging-v02.api.letsencrypt.org/directory
+    privateKeySecretRef:
+      name: letsencrypt-staging-key
+    solvers:
+      - selector: {}
+        dns01:
+          route53:
+            region: <region>
+            accessKeyID: <access-key>
+            secretAccessKeySecretRef:
+              name: route53-secret
+              key: secret-access-key
+            role: <iam-role-arn>
+---
+apiVersion: cert-manager.io/v1
+kind: ClusterIssuer
+metadata:
+  name: letsencrypt-prod
+  namespace: cert-manager
+spec:
+  acme:
+    email: [email protected]
+    server: https://acme-v02.api.letsencrypt.org/directory
+    privateKeySecretRef:
+      name: letsencrypt-production-key
+    solvers:
+      - selector: {}
+        dns01:
+          route53:
+            region: <region>
+            accessKeyID: <access-key>
+            secretAccessKeySecretRef:
+              name: route53-secret
+              key: secret-access-key
+            role: <iam-role-arn>

vkpr/cert-manager/install/aws/src/utils/route53-secret.yaml

@@ -0,0 +1,8 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: route53-secret
+  namespace: cert-manager
+type: Opaque
+data:
+  secret-access-key: <secret-access-key>

vkpr/cert-manager/install/custom-acme/src/unix/formula/formula.sh

@@ -25,7 +25,7 @@ installCertManager() {
       -n cert-manager --create-namespace \
       --version "$VKPR_CERT_VERSION" \
       --wait \
-      vkpr-cert-manager jetstack/cert-manager
+      cert-manager jetstack/cert-manager
 }
 
 installIssuer() {

vkpr/cert-manager/install/do/src/unix/formula/formula.sh

@@ -31,7 +31,7 @@ installCertManager() {
       --set ingressShim.defaultIssuerName="$VKPR_ENV_CERT_ISSUER" \
       --version "$VKPR_CERT_VERSION" \
       --wait \
-      vkpr-cert-manager jetstack/cert-manager
+      cert-manager jetstack/cert-manager
 }
 
 

vkpr/create/formula/src/unix/formula/formula.sh

@@ -9,13 +9,17 @@ runFormula() {
   if [ -z "$VKPR_WORKSPACE_PATH" ]; then
     REAL_WORKSPACE_PATH="$CURRENT_PWD"
   fi
+  #echo "DEBUG VKPR_FORMULA_PATH='$VKPR_FORMULA_PATH'"
+  #echo "DEBUG VKPR_FORMULA='$VKPR_FORMULA'"
+
   if [ -z "$VKPR_FORMULA_PATH" ]; then
     REAL_FORMULA_PATH="$REAL_WORKSPACE_PATH/${VKPR_FORMULA// //}"
   fi
 
   local REAL_WORKSPACE_NAME=$(getWorkspaceName "$REAL_WORKSPACE_PATH")
 
   startInfos
+
   cat << EOF |
   {
     "formulaCmd":"$REAL_FORMULA", 
@@ -34,7 +38,7 @@ startInfos() {
   echoColor "bold" "$(echoColor "blue" "Formula Name:") ${VKPR_FORMULA}"
   echoColor "bold" "$(echoColor "blue" "Formula Language:") ${VKPR_FORMULA_LANGUAGE}"
   echoColor "bold" "$(echoColor "blue" "Formula Workspace:") ${REAL_WORKSPACE_NAME}"
-  echoColor "bold" "$(echoColor "blue" "Formula Path:") ${REAL_WORKSPACE_PATH}"
+  echoColor "bold" "$(echoColor "blue" "Formula Path:") ${REAL_FORMULA_PATH}"
   echo "=============================="
 }
 

vkpr/postgres/createdb/README.md

@@ -0,0 +1 @@
+

vkpr/postgres/createdb/build.sh

@@ -0,0 +1,11 @@
+#!/bin/sh
+
+BIN_FOLDER=bin
+BINARY_NAME_UNIX=run.sh
+ENTRY_POINT_UNIX=main.sh
+
+#bash-build:
+	mkdir -p $BIN_FOLDER
+	cp -r src/* $BIN_FOLDER
+	mv $BIN_FOLDER/$ENTRY_POINT_UNIX $BIN_FOLDER/$BINARY_NAME_UNIX
+	chmod +x $BIN_FOLDER/$BINARY_NAME_UNIX

vkpr/postgres/createdb/config.json

@@ -0,0 +1,25 @@
+{
+  "inputs": [
+    {
+      "label": "Type the new database name: ",
+      "name": "dbname",
+      "type": "text"
+    },
+    {
+      "label": "Type the db user name: ",
+      "name": "dbuser",
+      "type": "text"
+    },
+    {
+      "label": "Type the db users' password: ",
+      "name": "dbpassword",
+      "type": "text"
+    },
+    {
+      "name": "password",
+      "type": "CREDENTIAL_POSTGRES_PASSWORD"
+    }
+  ],
+  "template": "shell-bat",
+  "templateRelease:": "2.16.2"
+}

vkpr/postgres/createdb/help.json

@@ -0,0 +1,4 @@
+{
+  "short": "Create new database",
+  "long": "Create new database with new owner (user/passwd)"
+}

vkpr/postgres/createdb/metadata.json

@@ -0,0 +1,17 @@
+{
+  "execution": [
+    "local"
+  ],
+  "os": {
+    "deps": [],
+    "support": [
+      "mac",
+      "linux"
+    ]
+  },
+  "tags": [
+    "vkpr",
+    "postgres",
+    "createdb"
+  ]
+}