diff --git a/.gitignore b/.gitignore index 9d6b18c..2d64771 100644 --- a/.gitignore +++ b/.gitignore @@ -14,3 +14,5 @@ db.sqlite .env cache .swc + +k8s/tmp** diff --git a/k8s/broker-deployment.yml b/k8s/broker-deployment.yml index bb69ea9..cfb7764 100644 --- a/k8s/broker-deployment.yml +++ b/k8s/broker-deployment.yml @@ -23,7 +23,8 @@ spec: restartPolicy: "Always" containers: - name: node-message-broker - image: docker.io/flame/node-message-broker:test + image: docker.io/flame/node-message-broker:latest + imagePullPolicy: "IfNotPresent" securityContext: runAsNonRoot: true runAsUser: 1000 @@ -34,7 +35,7 @@ spec: - name: SERVER_PORT value: "8080" - name: AUTH_JWKS_URL - value: ${AUTH_JWKS_URL} + value: - name: MONGO_DB_URL value: "mongodb://node-message-broker-db:27017" - name: MONGO_DB_NAME @@ -44,7 +45,7 @@ spec: - name: HUB_AUTH_BASE_URL value: "https://auth.privateaim.net/" - name: HUB_AUTH_ROBOT_ID - value: ${HUB_AUTH_ROBOT_ID} + value: - name: HUB_AUTH_ROBOT_SECRET valueFrom: secretKeyRef: diff --git a/k8s/deploy-to-minikube.sh b/k8s/deploy-to-minikube.sh new file mode 100755 index 0000000..da17778 --- /dev/null +++ b/k8s/deploy-to-minikube.sh @@ -0,0 +1,110 @@ +#!/usr/bin/env bash + +# Mandatory environment variables: +# +# - AUTH_JWKS_URL +# - HUB_AUTH_ROBOT_ID +# - ROBOT_SECRET +# - NODE_MESSAGE_BROKER_HOST + +BASE_DIR="$( cd -- "$(dirname "$0")" >/dev/null 2>&1 || exit 1 ; pwd -P )" + +echo "${AUTH_JWKS_URL}" +echo "${HUB_AUTH_ROBOT_ID}" +echo "${ROBOT_SECRET}" +echo "${NODE_MESSAGE_BROKER_HOST}" + +if [[ -z "${AUTH_JWKS_URL}" || -z "${HUB_AUTH_ROBOT_ID}" || -z "${ROBOT_SECRET}" || -z "${NODE_MESSAGE_BROKER_HOST}" ]]; then + echo "One or more mandatory environment variables are not set!" + echo "Mandatory environment variables are:" + echo "" + echo " - AUTH_JWKS_URL" + echo " - HUB_AUTH_ROBOT_ID" + echo " - ROBOT_SECRET" + echo " - NODE_MESSAGE_BROKER_HOST" + exit 1 +fi + +echo -n "Creating working directory..." +WORK_DIR=`mktemp -d -p "${BASE_DIR}"` +if [ $? -ne 0 ]; then + echo "FAILED" + exit 2 +else + echo "OK" +fi + +echo -n "Copying k8s manifest files..." +for f in "${BASE_DIR}"/*.yml; do + cp "${f}" "${WORK_DIR}" +done +if [ $? -ne 0 ]; then + echo "FAILED" + exit 3 +else + echo "OK" +fi + +echo -n "Preparing broker deployment..." +sed -i -e "s##${AUTH_JWKS_URL}#" \ + -e "s##${HUB_AUTH_ROBOT_ID}#" \ + "${WORK_DIR}/broker-deployment.yml" +if [ $? -ne 0 ]; then + echo "FAILED" + exit 4 +else + echo "OK" +fi + +echo -n "Preparing hub auth secret..." +sed -i -e "s##${ROBOT_SECRET}#" \ + "${WORK_DIR}/hub-auth-secret.yml" +if [ $? -ne 0 ]; then + echo "FAILED" + exit 5 +else + echo "OK" +fi + +echo -n "Preparing ingress..." +sed -i -e "s##${NODE_MESSAGE_BROKER_HOST}#" \ + "${WORK_DIR}/ingress.yml" +if [ $? -ne 0 ]; then + echo "FAILED" + exit 6 +else + echo "OK" +fi + + +echo -n "Deleting previous image..." +minikube image rm docker.io/flame/node-message-broker:latest +if [ $? -ne 0 ]; then + echo "FAILED" + exit 7 +else + echo "OK" +fi + +echo -n "Creating Docker image..." +minikube image build -t docker.io/flame/node-message-broker:latest "${BASE_DIR}/.." +if [ $? -ne 0 ]; then + echo "FAILED" + exit 8 +else + echo "OK" +fi + +echo -n "Applying manifest files..." +kubectl --namespace=flame apply -f "${WORK_DIR}/hub-auth-secret.yml" \ + -f "${WORK_DIR}/broker-db-service.yml" \ + -f "${WORK_DIR}/broker-db-statefulset.yml" \ + -f "${WORK_DIR}/broker-service.yml" \ + -f "${WORK_DIR}/broker-deployment.yml" \ + -f "${WORK_DIR}/ingress.yml" +if [ $? -ne 0 ]; then + echo "FAILED" + exit 9 +else + echo "OK" +fi diff --git a/k8s/hub-auth-secret.yml b/k8s/hub-auth-secret.yml index 0beea82..5d9d8a4 100644 --- a/k8s/hub-auth-secret.yml +++ b/k8s/hub-auth-secret.yml @@ -3,4 +3,4 @@ kind: Secret metadata: name: hub-auth data: - robot-secret: ${ROBOT_SECRET} + robot-secret: diff --git a/k8s/ingress.yml b/k8s/ingress.yml index c2b3d94..08296a7 100644 --- a/k8s/ingress.yml +++ b/k8s/ingress.yml @@ -8,13 +8,13 @@ metadata: app.kubernetes.io/part-of: flame spec: rules: - - host: ${NODE_MESSAGE_BROKER_HOST} - http: - paths: - - pathType: Prefix - path: "/" - backend: - service: - name: node-message-broker - port: - number: 80 + - host: message-broker..nip.io + http: + paths: + - pathType: Prefix + path: "/" + backend: + service: + name: node-message-broker + port: + number: 80