From 10944e87902c21e922ba13309b91279fb5ffea8f Mon Sep 17 00:00:00 2001 From: garciadeblas Date: Tue, 21 May 2024 16:04:14 +0200 Subject: [PATCH] Fix sops client installation and minio during setup of mgmt and aux cluster Change-Id: I0a815a3818d1e1ae7a1957d6db0602cec133a491 Signed-off-by: garciadeblas --- .../mgmt-cluster/01-provision-aux-svc.sh | 2 - .../mgmt-cluster/gitea/00-custom-config.rc | 4 +- .../mgmt-cluster/gitea/02-deploy-gitea.sh | 2 +- .../04-fix-and-use-external-gitea-urls.sh | 2 +- .../mgmt-cluster/install_mgmt_cluster.sh | 18 +++++---- installers/mgmt-cluster/setup-cli-tools.sh | 38 +++++++++++++++---- 6 files changed, 44 insertions(+), 22 deletions(-) diff --git a/installers/mgmt-cluster/01-provision-aux-svc.sh b/installers/mgmt-cluster/01-provision-aux-svc.sh index cafbd511..c444fe99 100755 --- a/installers/mgmt-cluster/01-provision-aux-svc.sh +++ b/installers/mgmt-cluster/01-provision-aux-svc.sh @@ -76,8 +76,6 @@ m "\n#####################################################################" "${C m "(3/3) Installing Minio..." "${CYAN}" m "#####################################################################\n" "${CYAN}" -export INSTALL_MINIO=${INSTALL_MINIO:-"y"} - if [ -n "${INSTALL_MINIO}" ]; then # Enter the Minio folder pushd minio > /dev/null diff --git a/installers/mgmt-cluster/gitea/00-custom-config.rc b/installers/mgmt-cluster/gitea/00-custom-config.rc index e5b0c6b6..46665856 100644 --- a/installers/mgmt-cluster/gitea/00-custom-config.rc +++ b/installers/mgmt-cluster/gitea/00-custom-config.rc @@ -18,8 +18,8 @@ # Transitent file to be sourced to bootstrap some key variables # Random passwords -export GITEA_ADMINISTRATOR_PASSWORD=$(apg -a 1 -M sncl -n 1 -m 12 -x 12 -E \\\*\'\"\`\$\<\{\}) -export GITEA_STD_USER_PASS=$(apg -a 1 -M sncl -n 1 -m 10 -x 10 -E \\\*\'\"\`\$\<\{\}) +export GITEA_ADMINISTRATOR_PASSWORD=$(apg -a 1 -M sncl -n 1 -m 12 -x 12 -E \\\*\'\"\`\$\<\>\{\}) +export GITEA_STD_USER_PASS=$(apg -a 1 -M sncl -n 1 -m 10 -x 10 -E \\\*\'\"\`\$\<\>\{\}) # Uncomment to deploy Gitea only as ClusterIP service (i.e., no LoadBalancer) # export GITEA_CHART_VALUES_FILE=values-all.yaml diff --git a/installers/mgmt-cluster/gitea/02-deploy-gitea.sh b/installers/mgmt-cluster/gitea/02-deploy-gitea.sh index 67a22d9a..f6e6001a 100755 --- a/installers/mgmt-cluster/gitea/02-deploy-gitea.sh +++ b/installers/mgmt-cluster/gitea/02-deploy-gitea.sh @@ -16,7 +16,7 @@ # limitations under the License. ####################################################################################### -set -e +set -ex export HERE=$(dirname "$(readlink --canonicalize "$BASH_SOURCE")") source "${HERE}/library/functions.sh" diff --git a/installers/mgmt-cluster/gitea/04-fix-and-use-external-gitea-urls.sh b/installers/mgmt-cluster/gitea/04-fix-and-use-external-gitea-urls.sh index cb4ba816..0b6e5198 100755 --- a/installers/mgmt-cluster/gitea/04-fix-and-use-external-gitea-urls.sh +++ b/installers/mgmt-cluster/gitea/04-fix-and-use-external-gitea-urls.sh @@ -32,7 +32,7 @@ helm upgrade --install gitea gitea-charts/gitea \ --namespace=gitea \ --values "${HERE}/${GITEA_CHART_VALUES_FILE}" \ --set=gitea.admin.username="${GITEA_ADMINISTRATOR_USERNAME}" \ - --set=gitea.admin.password="${GITEA_ADMINISTRATOR_PASSWORD}" \ + --set=gitea.admin.password="${GITEA_ADMINISTRATOR_PASSWORD@Q}" \ --set=gitea.config.server.DOMAIN="${GITEA_SSH_SERVER}" \ --set=gitea.config.server.ROOT_URL="${GITEA_HTTP_URL}" \ --set=ingress.hosts[0].host="${GITEA_HTTP_HOST_DOMAIN}" \ diff --git a/installers/mgmt-cluster/install_mgmt_cluster.sh b/installers/mgmt-cluster/install_mgmt_cluster.sh index 55503932..c719b4b6 100755 --- a/installers/mgmt-cluster/install_mgmt_cluster.sh +++ b/installers/mgmt-cluster/install_mgmt_cluster.sh @@ -64,7 +64,7 @@ KUBECONFIG_AUX_CLUSTER=${KUBECONFIG_AUX_CLUSTER:-"$HOME/.kube/config"} KUBECONFIG_OLD=${KUBECONFIG:-"$HOME/.kube/config"} export CREDENTIALS_DIR="${OSM_HOME_DIR}/.credentials" export WORK_REPOS_DIR="${OSM_HOME_DIR}/repos" -export INSTALL_MINIO=${INSTALL_MINIO:-""} +export INSTALL_MINIO=${INSTALL_MINIO:-"y"} echo "DEBUG_INSTALL=$DEBUG_INSTALL" echo "OSM_DEVOPS=$OSM_DEVOPS" echo "OSM_HOME_DIR=$OSM_HOME_DIR" @@ -84,7 +84,7 @@ pushd $OSM_MGMTCLUSTER_BASE_FOLDER if [ -n "${INSTALL_AUX_CLUSTER}" ] || [ -n "${INSTALL_MGMT_CLUSTER}" ]; then echo "Setup CLI tools for mgmt and aux cluster" - ./setup-cli-tools.sh + ./setup-cli-tools.sh || FATAL_TRACK mgmtcluster "setup-cli-tools.sh failed" track mgmtcluster setupclitools_ok echo "Creating folders under ${OSM_HOME_DIR} for credentials and repos" @@ -94,9 +94,9 @@ if [ -n "${INSTALL_AUX_CLUSTER}" ] || [ -n "${INSTALL_MGMT_CLUSTER}" ]; then # Test if the user exists. Otherwise, create a git user echo "Test if there is a git user. Otherwise, create it." - if [ -n "$(git config user.name)" ]; then - git -C $WORK_REPOS_DIR config --local user.name osm_user - git -C $WORK_REPOS_DIR config --local user.email osm_user@mydomain.com + if [ ! -n "$(git config user.name)" ]; then + git config --global user.name osm_user + git config --global user.email osm_user@mydomain.com fi # Test if the user exists. Otherwise, create a git user @@ -111,14 +111,16 @@ if [ -n "${INSTALL_AUX_CLUSTER}" ] || [ -n "${INSTALL_MGMT_CLUSTER}" ]; then fi +set +x + # "aux-svc" cluster if [ -n "${INSTALL_AUX_CLUSTER}" ]; then echo "Provisioning auxiliary cluster with Gitea" export KUBECONFIG="${KUBECONFIG_AUX_CLUSTER}" - ./01-provision-aux-svc.sh + ./01-provision-aux-svc.sh || FATAL_TRACK mgmtcluster "provision-aux-svc.sh failed" track mgmtcluster aux_cluster_ok - ./02-provision-local-git-user.sh + ./02-provision-local-git-user.sh || FATAL_TRACK mgmtcluster "provision-local-git-user.sh failed" track mgmtcluster local_git_user_ok fi @@ -126,7 +128,7 @@ fi if [ -n "${INSTALL_MGMT_CLUSTER}" ]; then echo "Provisioning mgmt cluster" export KUBECONFIG="${KUBECONFIG_MGMT_CLUSTER}" - ./03-provision-mgmt-cluster.sh + ./03-provision-mgmt-cluster.sh || FATAL_TRACK mgmtcluster "provision-mgmt-cluster.sh failed" track mgmtcluster mgmt_cluster_ok fi diff --git a/installers/mgmt-cluster/setup-cli-tools.sh b/installers/mgmt-cluster/setup-cli-tools.sh index 140d4370..284de744 100755 --- a/installers/mgmt-cluster/setup-cli-tools.sh +++ b/installers/mgmt-cluster/setup-cli-tools.sh @@ -13,6 +13,8 @@ # limitations under the License. # +pushd $HOME + # Install `gnupg` and `gpg` - Typically pre-installed in Ubuntu sudo apt-get install gnupg gpg @@ -25,21 +27,41 @@ sudo chmod +x /usr/local/bin/sops sudo apt-get install gettext-base # Install `age` -# Ubuntu 22.04+: -sudo apt-get install age +curl -LO https://github.com/FiloSottile/age/releases/download/v1.1.0/age-v1.1.0-linux-amd64.tar.gz +tar xvfz age-v1.1.0-linux-amd64.tar.gz +sudo mv age/age age/age-keygen /usr/local/bin/ +sudo chmod +x /usr/local/bin/age* +rm -rf age age-v1.1.0-linux-amd64.tar.gz # (Only for Gitea) Install `apg` sudo apt-get install apg # # (Only for Minio) `kubectl minio` plugin and Minio Client -# curl https://github.com/minio/operator/releases/download/v5.0.12/kubectl-minio_5.0.12_linux_amd64 -Lo kubectl-minio -# curl https://dl.min.io/client/mc/release/linux-amd64/mc -o minioc -# chmod +x kubectl-minio minioc -# sudo mv kubectl-minio minioc /usr/local/bin/ -# # (Only for HTTPS Ingress for Minio tenant) Install `openssl` -# sudo apt-get install openssl +if [ -n "${INSTALL_MINIO}" ]; then + curl https://github.com/minio/operator/releases/download/v5.0.12/kubectl-minio_5.0.12_linux_amd64 -Lo kubectl-minio + curl https://dl.min.io/client/mc/release/linux-amd64/mc -o minioc + chmod +x kubectl-minio minioc + sudo mv kubectl-minio minioc /usr/local/bin/ + # (Only for HTTPS Ingress for Minio tenant) Install `openssl` + sudo apt-get install openssl +fi # Flux client curl -s https://fluxcd.io/install.sh | sudo bash # Autocompletion . <(flux completion bash) + +# Kustomize +KUSTOMIZE_VERSION="5.4.3" +curl -s "https://raw.githubusercontent.com/kubernetes-sigs/kustomize/master/hack/install_kustomize.sh" | bash -s -- ${KUSTOMIZE_VERSION} +sudo install -o root -g root -m 0755 kustomize /usr/local/bin/kustomize +rm kustomize + +# yq +VERSION=v4.33.3 +BINARY=yq_linux_amd64 +curl -L https://github.com/mikefarah/yq/releases/download/${VERSION}/${BINARY} -o yq +sudo mv yq /usr/local/bin/yq +sudo chmod +x /usr/local/bin/yq + +popd -- 2.25.1