install-stackspin.sh

#!/usr/bin/env bash

set -euo pipefail

# shellcheck source=install/flux-version-check.sh
. "$(dirname "$0")/flux-version-check.sh"

# Check if stackspin-cluster-variables secret exists
smtp_password=$(kubectl get secret -n flux-system stackspin-cluster-variables --template '{{.data.outgoing_mail_smtp_password}}' | base64 -d)
smtp_password_urlencoded=$(python -c "import urllib.parse; print(urllib.parse.quote('${smtp_password}', safe=''), end='')" | base64 -w0)
# Add url-encoded version of password to the cluster
kubectl patch secret -n flux-system stackspin-cluster-variables -p "{\"data\": {\"outgoing_mail_smtp_password_urlencoded\": \"${smtp_password_urlencoded}\"}}"

flux install \
  --network-policy=false \
  --watch-all-namespaces=true \
  --namespace=flux-system \
  --components="source-controller,kustomize-controller,helm-controller"

kubectl patch deployment \
  -n flux-system \
  helm-controller \
  --patch-file "$(dirname "$0")/flux-patches/helm-controller.yaml"

kubectl patch deployment \
  -n flux-system \
  source-controller \
  --patch-file "$(dirname "$0")/flux-patches/source-controller.yaml"

kubectl patch deployment \
  -n flux-system \
  kustomize-controller \
  --patch-file "$(dirname "$0")/flux-patches/kustomize-controller.yaml"

# get current git branch name
branch=${CI_COMMIT_REF_NAME:-}
[ -z "$branch" ] && branch=$(git rev-parse --abbrev-ref HEAD)

echo "Tracking branch $branch for https://open.greenhost.net/stackspin/stackspin flux repo"

# Create stackspin and stackspin-apps namespaces
kubectl get namespace stackspin 2>/dev/null || kubectl create namespace stackspin
kubectl get namespace stackspin-apps 2>/dev/null || kubectl create namespace stackspin-apps

# Generate dashboard and SSO secrets
python "$(dirname "$0")/generate_secrets.py" dashboard
python "$(dirname "$0")/generate_secrets.py" single-sign-on

# Generate secrets for monitoring
python "$(dirname "$0")/generate_secrets.py" kube-prometheus-stack
python "$(dirname "$0")/generate_secrets.py" prometheus
python "$(dirname "$0")/generate_secrets.py" alertmanager

flux create source git stackspin \
  --url=https://open.greenhost.net/stackspin/stackspin \
  --branch="$branch" \
  --interval=1h

flux create kustomization stackspin \
  --source=GitRepository/stackspin \
  --path="./flux2/cluster/base" \
  --prune=true \
  --interval=1h