2024-05-10 09:36:32 +00:00
|
|
|
#!/bin/bash -e
|
|
|
|
set -o pipefail
|
|
|
|
|
|
|
|
function kapply() {
|
|
|
|
for f in "$@"; do
|
|
|
|
kubectl apply -f \
|
|
|
|
<(envsubst "$(env | xargs printf '$%s ')" < "manifests/$f")
|
|
|
|
done
|
|
|
|
}
|
|
|
|
|
|
|
|
function kcreatesec() {
|
|
|
|
kubectl create secret generic --save-config --dry-run=client -oyaml "$@" | kubectl apply -f-
|
|
|
|
}
|
|
|
|
|
|
|
|
function kcreatecm() {
|
|
|
|
kubectl create configmap --dry-run=client -oyaml "$@" | kubectl apply -f-
|
|
|
|
}
|
|
|
|
|
|
|
|
function kgseckey() {
|
|
|
|
local sec="$1"; shift
|
|
|
|
local key="$1"; shift
|
|
|
|
|
|
|
|
kubectl get secret "$sec" -o jsonpath="{.data.$key}" | base64 -d
|
|
|
|
}
|
|
|
|
|
|
|
|
function kgcmkey() {
|
|
|
|
local cm="$1"; shift
|
|
|
|
local key="$1"; shift
|
|
|
|
|
|
|
|
kubectl get configmap "$cm" -o jsonpath="{.data.$key}"
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
kapply common/db.yaml
|
|
|
|
|
|
|
|
export REDIS_HOST=redis
|
|
|
|
export REDIS_DB=0
|
|
|
|
export REDIS_PORT=6379
|
|
|
|
export POSTGRES_HOST; POSTGRES_HOST="$(kgseckey postgres-app host)"
|
|
|
|
export POSTGRES_PORT; POSTGRES_PORT="$(kgseckey postgres-app port)"
|
|
|
|
export POSTGRES_DB; POSTGRES_DB="$(kgseckey postgres-app dbname)"
|
|
|
|
export POSTGRES_USER; POSTGRES_USER="$(kgseckey postgres-app user)"
|
|
|
|
export POSTGRES_PASSWORD; POSTGRES_PASSWORD="$(kgseckey postgres-app password)"
|
|
|
|
|
2024-05-15 16:48:27 +00:00
|
|
|
export GITEA_USERNAME="$(kgseckey gitea-admin username || echo gitea)"
|
|
|
|
export GITEA_PASSWORD="$(kgseckey gitea-admin password || openssl rand -hex 32)"
|
|
|
|
|
2024-05-10 09:36:32 +00:00
|
|
|
kcreatesec gitea-admin \
|
|
|
|
--from-literal=email="gitea@$BASE_URL" \
|
2024-05-15 16:48:27 +00:00
|
|
|
--from-literal=username="$GITEA_USERNAME" \
|
|
|
|
--from-literal=password="$GITEA_PASSWORD"
|
2024-05-10 09:36:32 +00:00
|
|
|
|
|
|
|
kcreatesec gitea-secrets \
|
|
|
|
--from-literal=secret_key="$(kgseckey gitea-secrets secret_key || openssl rand -hex 32)" \
|
|
|
|
--from-literal=internal_token="$(kgseckey gitea-secrets internal_token || openssl rand -hex 32)"
|
|
|
|
|
|
|
|
kcreatecm gitea-config \
|
|
|
|
--from-file=app.ini=<(envsubst "$(env | xargs printf '$%s ')" < app.ini)
|
|
|
|
|
|
|
|
kapply common/job.yaml \
|
|
|
|
common/redis.yaml \
|
|
|
|
common/app.yaml
|
|
|
|
|
|
|
|
kubectl rollout restart statefulset app
|
|
|
|
|
2024-05-15 16:48:27 +00:00
|
|
|
kubectl rollout status sts app
|
|
|
|
|
2024-05-15 15:49:04 +00:00
|
|
|
for i in {0..9}; do
|
2024-05-15 16:48:27 +00:00
|
|
|
RUNNER_TOKEN="$(kubectl exec app-0 -- curl -sS "http://$GITEA_USERNAME:$GITEA_PASSWORD@app/api/v1/admin/runners/registration-token" | jq -r '.token // empty' || true)"
|
2024-05-15 15:49:04 +00:00
|
|
|
|
2024-05-15 16:48:27 +00:00
|
|
|
if [ -n "$RUNNER_TOKEN" ]; then
|
2024-05-15 15:49:04 +00:00
|
|
|
kcreatesec runner-secret --from-literal=token="$RUNNER_TOKEN"
|
|
|
|
kapply common/runner.yaml
|
|
|
|
kubectl rollout restart statefulset runner
|
|
|
|
break
|
|
|
|
fi
|
2024-05-15 16:48:27 +00:00
|
|
|
sleep 5
|
2024-05-15 15:49:04 +00:00
|
|
|
done
|