starred/holos
1
0
Fork 0
mirror of https://github.com/holos-run/holos.git synced 2026-03-21 17:55:01 +00:00
Code Issues Packages Projects Releases 10 Wiki Activity
Files
8f6ccb5d7744b3c2adfaec529cbcf7e2d737d327
holos/scripts/apply
Jeff McCune 8f6ccb5d77 apply: fix kargo resources before webhook
2024-12-19 20:58:59 -08:00

113 lines
3.3 KiB
Bash
Executable File
Raw Blame History

#! /bin/bash
# cd to the repository root
TOPLEVEL="$(cd $(dirname "$0") && git rev-parse --show-toplevel)"
cd "$TOPLEVEL"
set -xeuo pipefail
apply() {
kubectl apply --force-conflicts --server-side=true -f "deploy/components/${1}/${1}.gen.yaml"
}
applyProject() {
kubectl apply --force-conflicts --server-side=true -f "deploy/projects/${1}/components/${2}/${2}.gen.yaml"
}
# Namespaces first
apply namespaces
# Custom Resource Definitions
apply argocd-crds
apply rollouts-crds
apply gateway-api
apply external-secrets-crds
kubectl wait --for=condition=Established crd --all --timeout=300s
# External Secrets
apply external-secrets
# Cert Manager (CRDs are included)
apply cert-manager
# Wait for cert manager to be available so we can manage the cluster issuer
kubectl wait --for=condition=Available deployment/cert-manager-webhook -n cert-manager --timeout=300s
# Manage the cluster issuer (local-ca)
apply local-ca
if ! kubectl wait --for=condition=Ready clusterissuer/local-ca --timeout=30s; then
echo 'Did you forget to apply your local CA? See: https://holos.run/docs/local-cluster/#reset-the-cluster' >&2
exit 1
fi
# ArgoCD
apply argocd
apply app-projects
apply rollouts
# Kargo
kubectl wait --for=condition=Available deployment/external-secrets-webhook -n external-secrets --timeout=300s
apply kargo-secrets
apply kargo # includes crds
# Istio
apply istio-base
apply istiod
apply istio-cni
apply istio-ztunnel
apply istio-gateway
# podinfo across multiple Stages for Kargo Demo
applyProject podinfo dev-podinfo
applyProject podinfo test-podinfo
applyProject podinfo uat-podinfo
applyProject podinfo prod-us-east-podinfo
applyProject podinfo prod-us-central-podinfo
applyProject podinfo prod-us-west-podinfo
# httpbin across multiple Stages for Kargo Demo
applyProject httpbin dev-httpbin
applyProject httpbin test-httpbin
applyProject httpbin uat-httpbin
applyProject httpbin prod-us-east-httpbin
applyProject httpbin prod-us-central-httpbin
applyProject httpbin prod-us-west-httpbin
if ! kubectl wait --for=condition=Ready pod -l k8s-app=istio-cni-node --timeout=300s -n istio-system; then
echo 'istio-cni-node not ready' >&2
exit 1
fi
# Routes should be accepted, but all backends aren't valid yet.
apply httproutes
# ArgoCD Applications
kubectl apply --force-conflicts --server-side=true -f deploy/gitops
kubectl apply --force-conflicts --server-side=true -f deploy/projects/podinfo/gitops
kubectl apply --force-conflicts --server-side=true -f deploy/projects/httpbin/gitops
# Kargo resources (Project, Warehouse, Stage) need the webhook.
kubectl wait --for=condition=Available deployment/kargo-webhooks-server -n kargo --timeout=300s
# Kargo Resources (Requires kargo-webhooks-server)
applyProject podinfo kargo-project
applyProject podinfo kargo-stages
# httpbin
applyProject httpbin kargo-project
applyProject httpbin kargo-stages
# Kargo promoter components for cluster add-ons
apply cert-manager-kargo
apply istio-promoter
set +x
echo
echo "httproutes:"
echo " - https://argocd.holos.localhost"
echo " - https://kargo.holos.localhost"
echo " - https://podinfo.holos.localhost"
echo " - https://httpbin.holos.localhost"
echo
echo "Kargo admin password:"
echo " kubectl get secret -n kargo admin-credentials -o json | jq --exit-status -r '.data.password | @base64d'"
echo
set -x
exit 0
Reference in New Issue View Git Blame Copy Permalink