-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathTaskfile.yaml
101 lines (86 loc) · 4.42 KB
/
Taskfile.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
# https://taskfile.dev
version: '3'
dotenv: ['.env']
includes:
Util:
taskfile: ./taskfiles/Util.yaml
baseservices:
taskfile: ./taskfiles/baseservices.yaml
argocd:
taskfile: ./taskfiles/argocd.yaml
vars:
# based on https://manuals.gfi.com/en/kerio/connect/content/server-configuration/ssl-certificates/adding-trusted-root-certificates-to-the-server-1605.html
OS_CERT_PATH:
sh: "taskfiles/scripts/find-ca-trust-dir.sh"
## TODO : use this vars as a way to error on dependency not found issue
UPDATE_CA_TRUST_CMD:
sh: |
if command -v update-ca-trust &>/dev/null; then
echo -n "$(command -v update-ca-trust)"
elif command -v update-ca-certificates &> /dev/null; then
echo -n "$(command -v update-ca-certificates) -f"
else
echo "exit;"
fi
tasks:
bootstrap:
desc: Bootstrap a k3d cluster with default services setup
deps:
- task: Util:check_availablecommands_dependencies
vars:
COMMAND_DEPENDENCIES: "docker k3d kubectl helm openssl certutil"
cmds:
- task: Util:continue
vars:
MESSAGE: "This task will now create a k3d cluster, trusted local CA and base services.\nBe patient, this process can take a while\nContinue?"
- MSG="Starting Local Dev Environment"; command -v figlet &>/dev/null && figlet "$MSG" || echo "****\n$MSG\n****\n"
- task: baseservices:create_CA_cert #do this first to prepare the CA and redner the asset for argo to use
- k3d cluster create --config "${K3D_CONFIG_FILE}"
- task: Util:wait_for_deployments
vars:
NAMESPACE: kube-system
- task: argocd:setup_argocd
- task: baseservices:create_all
- task: show_environment_info
teardown:
desc: Destroy the k3d cluster and cleanup files.
cmds:
- task: Util:continue
vars:
MESSAGE: "Do you wish to delete the k3d cluster and CA from your system?"
- k3d cluster delete {{.CLUSTER_NAME}} --trace
- argocd context {{.CLUSTER_NAME}} --delete || true
# -f is fresh switch to remove symlinks
- "[ -f {{.OS_CERT_PATH}}/k8s-{{.CLUSTER_NAME}}-cert-manager-ca.crt ] && sudo rm -v {{.OS_CERT_PATH}}/k8s-{{.CLUSTER_NAME}}-cert-manager-ca.crt && sudo {{.UPDATE_CA_TRUST_CMD}} || true"
# list certs with - certutil -L -d sql:$HOME/.pki/nssdb
# get if the cert exists and delete it if it does
- certutil -d sql:$HOME/.pki/nssdb -L -n cert-manager-{{.CLUSTER_NAME}}-ca && certutil -d sql:$HOME/.pki/nssdb -D -n cert-manager-{{.CLUSTER_NAME}}-ca || true
- "[ -f argo-k3d-deployments/cert-manager-default-clusterissuer/secret-ca.yaml ] && rm -v argo-k3d-deployments/cert-manager-default-clusterissuer/secret-ca.yaml || true"
- cd data && GLOBIGNORE=.gitkeep rm -v * || true
testenv:
cmds:
- env
test_create_app:
cmds:
- |
cd fastapi-demo
docker build -t registry.localhost:5000/fastapidemo:v0.1.2 .
docker push registry.localhost:5000/fastapidemo:v0.1.2
- task: argocd:create_app
vars:
ARGO_PROJECT: "default"
ARGO_APP_NAME: "fastapidemo"
- task: argocd:sync_app_from_folder
vars:
ARGO_APP_NAME: "fastapidemo"
APP_LOCAL_FOLDER: "argocd/testapp"
show_environment_info:
desc: Show all urls and appropriate logins required for the local dev environment
cmds:
- |
MSG="Dev Env Links"; command -v figlet &>/dev/null && figlet "$MSG" || echo -e "****\n$MSG\n****\n"
echo -e "Argocd:\t https://$(kubectl get ingress argocd-server -n argocd --output=jsonpath='{.spec.rules[0].host}')\tuser: admin\tpassword: $(kubectl -n argocd get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d)\n"
echo -e "Grafana:\t https://$(kubectl get ingress kube-prometheus-stack-grafana -n prometheus --output=jsonpath='{.spec.rules[0].host}')\tuser: $(kubectl -n prometheus get secret kube-prometheus-stack-grafana -ojsonpath="{.data.admin-user}"|base64 -d)\tpassword: $(kubectl -n prometheus get secret kube-prometheus-stack-grafana -ojsonpath="{.data.admin-password}"|base64 -d)\n"
echo -e "Prometheus:\t https://$(kubectl get ingress kube-prometheus-stack-prometheus -n prometheus --output=jsonpath='{.spec.rules[0].host}')\n"
echo -e "Alertmanager:\t https://$(kubectl get ingress kube-prometheus-stack-alertmanager -n prometheus --output=jsonpath='{.spec.rules[0].host}')\n"
silent: true