fix: fixup

PrivateAIM · Mar 18, 2024 · 691e4fb · 691e4fb
1 parent f3767d7
commit 691e4fb
Show file tree

Hide file tree

Showing 8 changed files with 55 additions and 6 deletions.
diff --git a/k8s/README.md b/k8s/README.md
@@ -1,6 +1,48 @@
 # k8s
 
 > [!CAUTION]
-> Files found in this directory should be used with caution. They are mainly for showcasing purposes. So, adjust them as necessary before applying them to your cluster.
+> Files found in this directory should be used with caution and NOT in a production environment! They are mainly for showcasing purposes. So, adjust them as necessary before applying them to your cluster.
 
-TODO: minikube usage doc
+This directory contains:
+- a deployment script (`deploy-to-minikube.sh`)
+- k8s manifest files
+
+## Prerequisites
+
+Make sure the following `minikube` addons are enabled before using this deployment solution:
+
+- ingress
+- registry
+- storage-provisioner
+
+You can enable addons using the following command:
+
+```shell
+minikube addons enable <addon>
+```
+
+For further information, see: [minikube addon docs](https://minikube.sigs.k8s.io/docs/commands/addons/).
+
+## Usage
+
+The script will install a single message broker instance to an already existing `minikube` cluster. In order to use it make sure the following environment variables are set:
+
+| ENV VAR | DESCRIPTION |
+|---------|-------------|
+| AUTH_JWKS_URL | URL to obtain JWKS from. Using keycloak this has the pattern `<KEYCLOAK_BASE_URL>/realms/<YOUR_REALM>/protocol/openid-connect/certs`. |
+| HUB_AUTH_ROBOT_ID | ID of the robot account to be used. Needs to exist on the central side (hub) at `https://auth.privateaim.net/`. |
+| ROBOT_SECRET | Associated secret of the robot account. |
+| NODE_MESSAGE_BROKER_HOST | Host to be used for the message broker. It will be accessible under `message-broker.<HOST>.nip.io`. |
+| NAMESPACE | Namespace to be used within the minikube cluster. |
+
+Set the following optional environment variables for further configuration:
+
+| ENV VAR | DESCRIPTION |
+|---------|-------------|
+| HUB_BASE_URL | Base URL of the central side (hub). Defaults to `https://api.privateaim.net`. |
+| HUB_AUTH_BASE_URL | Base URL of the central side's (hub) auth provider. Defaults to `https://auth.privateaim.net`. |
+
+After that simply call the script with:
+```shell
+./deploy-to-minikube
+```
diff --git a/k8s/deploy-to-minikube.sh b/k8s/deploy-to-minikube.sh
@@ -8,6 +8,11 @@
 # - NODE_MESSAGE_BROKER_HOST
 # - NAMESPACE
 
+# Optional environment variables:
+#
+# - HUB_AUTH_BASE_URL
+# - HUB_BASE_URL
+
 BASE_DIR="$( cd -- "$(dirname "$0")" >/dev/null 2>&1 || exit 1 ; pwd -P )"
 
 if [[ -z "${AUTH_JWKS_URL}" || -z "${HUB_AUTH_ROBOT_ID}" || -z "${ROBOT_SECRET}" || -z "${NODE_MESSAGE_BROKER_HOST}" || -z "${NAMESPACE}" ]]; then
@@ -32,7 +37,7 @@ else
 fi
 
 echo -n "Copying k8s manifest files..."
-for f in "${BASE_DIR}"/*.yml; do
+for f in "${BASE_DIR}"/manifests/*.yml; do
     cp "${f}" "${WORK_DIR}"
 done
 if [ $? -ne 0 ]; then
@@ -45,6 +50,8 @@ fi
 echo -n "Preparing broker deployment..."
 sed -i  -e "s#<AUTH_JWKS_URL>#${AUTH_JWKS_URL}#" \
         -e "s#<HUB_AUTH_ROBOT_ID>#${HUB_AUTH_ROBOT_ID}#" \
+        -e "s#<HUB_AUTH_BASE_URL>#${HUB_AUTH_BASE_URL:-"https://auth.privateaim.net"}#" \
+        -e "s#<HUB_BASE_URL>#${HUB_BASE_URL:-"https://api.privateaim.net"}#" \
         "${WORK_DIR}/broker-deployment.yml"
 if [ $? -ne 0 ]; then
     echo "FAILED"
@@ -94,7 +101,7 @@ fi
 
 echo -n "Applying manifest files..."
 # TODO: make namespace adjustable!!!
-kubectl --namespace "${NAMESPACE}" apply -f "${WORK_DIR}/hub-auth-secret.yml" \
+minikube kubectl -- --namespace "${NAMESPACE}" apply -f "${WORK_DIR}/hub-auth-secret.yml" \
     -f "${WORK_DIR}/broker-db-service.yml" \
     -f "${WORK_DIR}/broker-db-statefulset.yml" \
     -f "${WORK_DIR}/broker-service.yml" \

diff --git a/k8s/broker-db-service.yml → k8s/manifests/broker-db-service.yml b/k8s/broker-db-service.yml → k8s/manifests/broker-db-service.yml
diff --git a/k8s/broker-db-statefulset.yml → k8s/manifests/broker-db-statefulset.yml b/k8s/broker-db-statefulset.yml → k8s/manifests/broker-db-statefulset.yml
diff --git a/k8s/broker-deployment.yml → k8s/manifests/broker-deployment.yml b/k8s/broker-deployment.yml → k8s/manifests/broker-deployment.yml
@@ -41,9 +41,9 @@ spec:
             - name: MONGO_DB_NAME
               value: "message-broker"
             - name: HUB_BASE_URL
-              value: "https://api.privateaim.net/"
+              value: <HUB_BASE_URL>
             - name: HUB_AUTH_BASE_URL
-              value: "https://auth.privateaim.net/"
+              value: <HUB_AUTH_BASE_URL>
             - name: HUB_AUTH_ROBOT_ID
               value: <HUB_AUTH_ROBOT_ID>
             - name: HUB_AUTH_ROBOT_SECRET

diff --git a/k8s/broker-service.yml → k8s/manifests/broker-service.yml b/k8s/broker-service.yml → k8s/manifests/broker-service.yml
diff --git a/k8s/hub-auth-secret.yml → k8s/manifests/hub-auth-secret.yml b/k8s/hub-auth-secret.yml → k8s/manifests/hub-auth-secret.yml
diff --git a/k8s/ingress.yml → k8s/manifests/ingress.yml b/k8s/ingress.yml → k8s/manifests/ingress.yml