This repository has been archived by the owner on Apr 30, 2021. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 1
/
deploy_frontend.sh
executable file
·80 lines (63 loc) · 2.72 KB
/
deploy_frontend.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
#!/bin/bash
# shellcheck disable=SC2016
# Deploys Frontend service to default kubernetes context
# exit on any errors (except conditional checks of executed commands)
set -e
IMAGE_TAG="edge"
K8S_NAMESPACE="joseki"
KEY_VAULT_NAME=""
CLIENT_ID=""
TENANT_ID=""
AD_DOMAIN=""
AUTH_ENABLED="false"
usage() {
echo "Usage: $0 -k KEY_VAULT_NAME [ -t IMAGE_TAG ] [ -n K8S_NAMESPACE ] " 1>&2
echo ""
echo "-k (required) - Key Vault name"
echo "-t (optional) - docker image tag. If is not given, the default 'edge' value is used"
echo "-n (optional) - kubernetes namespace to deploy scanner too. If is not given, the default 'joseki' value is used"
}
exit_abnormal() {
usage
exit 1
}
while getopts k:t:n: option
do
case "${option}" in
k) KEY_VAULT_NAME=${OPTARG};;
t) IMAGE_TAG=${OPTARG};;
n) K8S_NAMESPACE=${OPTARG};;
*) # If unknown (any other) option:
exit_abnormal
;;
esac
done
echo ""
echo "Deploying frontend service ($IMAGE_TAG) to namespace $K8S_NAMESPACE"
echo ""
AUTH_ENABLED=$(az keyvault secret show --vault-name "$KEY_VAULT_NAME" --name "AD-AUTH-ENABLED" --query value -o tsv)
rm -rf ./working_dir; mkdir ./working_dir
cp "./k8s/templates/config.json.tmpl" ./working_dir/config.json
cp "./k8s/templates/kustomization.yaml.tmpl" ./working_dir/kustomization.yaml
cp "./k8s/templates/rbac.yaml.tmpl" ./working_dir/rbac.yaml
cp "./k8s/templates/fe.yaml.tmpl" ./working_dir/fe.yaml
sed -i 's|${fe.apiUrl}|http://localhost:5001/api|' ./working_dir/config.json
sed -i 's|${fe.timezone}|Europe/Berlin|' ./working_dir/config.json
if [ "$AUTH_ENABLED" = "true" ]; then
echo "AUTH is ENABLED"
CLIENT_ID=$(az keyvault secret show --vault-name "$KEY_VAULT_NAME" --name "AD-CLIENT-ID" --query value -o tsv)
TENANT_ID=$(az keyvault secret show --vault-name "$KEY_VAULT_NAME" --name "TENANT-ID" --query value -o tsv)
AD_DOMAIN=$(az keyvault secret show --vault-name "$KEY_VAULT_NAME" --name "AD-DOMAIN" --query value -o tsv)
fi
sed -i 's|${fe.authEnabled}|'"${AUTH_ENABLED//&/\\&}"'|' ./working_dir/config.json
sed -i 's|${fe.domain}|'"${AD_DOMAIN//&/\\&}"'|' ./working_dir/config.json
sed -i 's|${fe.tenantId}|'"${TENANT_ID//&/\\&}"'|' ./working_dir/config.json
sed -i 's|${fe.clientId}|'"${CLIENT_ID//&/\\&}"'|' ./working_dir/config.json
sed -i 's|${fe.imageTag}|'"$IMAGE_TAG"'|' ./working_dir/fe.yaml
sed -i 's|${joseki.namespace}|'"$K8S_NAMESPACE"'|' ./working_dir/fe.yaml
sed -i 's|${fe.imageTag}|'"$IMAGE_TAG"'|' ./working_dir/kustomization.yaml
sed -i 's|${joseki.namespace}|'"$K8S_NAMESPACE"'|' ./working_dir/kustomization.yaml
sed -i 's|${joseki.namespace}|'"$K8S_NAMESPACE"'|' ./working_dir/rbac.yaml
kubectl apply -f ./working_dir/rbac.yaml
kubectl apply -k ./working_dir
rm -rf ./working_dir