-
Notifications
You must be signed in to change notification settings - Fork 7
/
qa-deploy
executable file
·145 lines (118 loc) · 4.91 KB
/
qa-deploy
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
#!/usr/bin/env bash
# Bash strict mode
set -eo pipefail
USAGE="Usage
===
$ ./qa-deploy (production|staging) file [DOCKER_IMAGE_TAG]
Description
---
Deploy locally to microk8s.
"
function invalid() {
message=${1}
echo "Error: ${message}"
echo ""
echo "$USAGE"
exit 1
}
function add_secrets() {
# Fake snapcraft config
if microk8s.kubectl get secret snapcraft-io &> /dev/null; then microk8s.kubectl delete secret snapcraft-io; fi
microk8s.kubectl create secret generic snapcraft-io \
--from-literal=secret_key=admin \
--from-literal=csrf_secret_key=admin \
--from-literal='sentry_dsn=' \
--from-literal='sentry_public_dsn=' \
--from-literal='marketo_client_id=' \
--from-literal='marketo_client_secret='
# Fake google API key
if microk8s.kubectl get secret google-api &> /dev/null; then microk8s.kubectl delete secret google-api; fi
microk8s.kubectl create secret generic google-api --from-literal=google-custom-search-key='notsosecret'
# Fake IRC creds
if microk8s.kubectl get secret irc-secrets &> /dev/null; then microk8s.kubectl delete secret irc-secrets; fi
microk8s.kubectl create secret generic irc-secrets --from-literal=hubot-auth-admin=fake \
--from-literal=hubot-irc-password=fake \
--from-literal=hubot-release-notification-secret=fake
}
function add_docker_credentials_microk8s() {
if ! microk8s.kubectl get secret registry-access &> /dev/null; then
username=""
password=""
while [[ -z "${username}" || -z "${password}" ]]; do
echo "##############"
echo "Docker registry credentials"
echo
echo -n "Username: "
read username
echo -n "Password: "
read -s password
echo -e "\n##############"
done
microk8s.kubectl create secret docker-registry registry-access --docker-server=prod-comms.ps5.docker-registry.canonical.com --docker-username="${username}" --docker-password="${password}" --docker-email=root@localhost
microk8s.kubectl patch serviceaccount default -p '{"imagePullSecrets": [{"name": "registry-access"}]}' --namespace default
fi
}
function apply_configuration() {
if ! microk8s.kubectl get configmap environment &> /dev/null; then
microk8s.kubectl create configmap environment --from-literal environment=qa;
fi
# On the version of the ingress controller we have we need to change the
# name to be able to apply the configuration. By default the nginx ingress
# controller is searching for a config-map called: nginx-load-balancer-microk8s-conf
cat "configmaps/nginx-configuration.yaml" | sed 's|name: nginx-configuration|name: nginx-load-balancer-microk8s-conf|' | microk8s.kubectl apply --filename - --namespace default
}
function run_microk8s() {
# Run microk8s
if ! command -v microk8s.kubectl &> /dev/null; then
if ls /snap/microk8s &> /dev/null; then
echo "Enabling microk8s"
snap enable microk8s
echo "> Waiting for microk8s to wake up ..."
sleep 10
else
echo "Please install or enable microk8s (https://github.com/juju-solutions/microk8s)"
echo ""
echo " snap install microk8s --classic --edge"
exit 1
fi
fi
}
function enable_ingress() {
if ! microk8s.kubectl get service/default-http-backend &> /dev/null; then
echo "HTTP backend not found: Enabling ingress addon"
microk8s.enable ingress dns
fi
}
function deploy_locally() {
environment="${1}"
values_file="${2}"
tag="${3}"
echo "Deploying project ${values_file}"
./konf.py --local-qa ${environment} ${values_file} --tag ${tag} | microk8s.kubectl apply --filename -
}
function run() {
# Arguments
environment="$1"
values_file="$2"
tag_to_deploy=${3:-latest}
# Mandatory arguments
if [ -z "${environment:-}" ]; then invalid "No environment specified (e.g. 'production')"; fi
if [ -z "${values_file:-}" ]; then invalid "No values file specified (e.g. 'sites/canonical.com.yaml')"; fi
# Validate arguments
if [[ ! "$environment" =~ ^(production|staging)$ ]]; then
invalid "You need to specify a valid environment: 'production' or 'staging'"
fi
if [[ ! -f $values_file ]] ; then
invalid "File '${values_file}' doesn't exits, aborting."
fi
run_microk8s
# The configuration needs to run before the ingress controller starts
# because it doesn't restart when applying the configuration after.
apply_configuration
enable_ingress
add_secrets
add_docker_credentials_microk8s
deploy_locally "${environment}" "${values_file}" "${tag_to_deploy}"
if [ -n "${staging:-}" ]; then deploy_locally "${environment}" "${values_file}" "${tag_to_deploy}"; fi
}
run ${@}