Update helmrelease

2024-05-04 18:42:28 +02:00
parent c520ba3a5c
commit bc7833754a
18 changed files with 276 additions and 18 deletions
--- a/charts/tekton-pipelines/templates/pipelines/hetzner-cleanup.yaml
+++ b/charts/tekton-pipelines/templates/pipelines/hetzner-cleanup.yaml
@@ -28,3 +28,19 @@ spec:
          value: $(params.environment)
        - name: namespace
          value: $(params.namespace)
+    - name: cleanup-dns-records
+      retries: 3
+      taskRef:
+        resolver: cluster
+        params:
+          - name: kind
+            value: task
+          - name: name
+            value: cleanup-dns-records
+          - name: namespace
+            value: tekton-pipelines
+      params:
+        - name: environment
+          value: $(params.environment)
+        - name: namespace
+          value: $(params.namespace)
--- a/charts/tekton-pipelines/templates/pipelines/hetzner-k3s.yaml
+++ b/charts/tekton-pipelines/templates/pipelines/hetzner-k3s.yaml
@@ -55,6 +55,28 @@ spec:
          value: $(params.environment)
        - name: namespace
          value: $(params.namespace)
+    - name: prepare-dns-records
+      retries: 3
+      runAfter:
+        - prepare-hetzner-infra
+      taskRef:
+        resolver: cluster
+        params:
+          - name: kind
+            value: task
+          - name: name
+            value: prepare-dns-records
+          - name: namespace
+            value: tekton-pipelines
+      workspaces:
+        - name: outputs
+          workspace: inventory
+      params:
+        - name: environment
+          value: $(params.environment)
+        - name: namespace
+          value: $(params.namespace)
+
    - name: bootstrap-k3s
      retries: 3
      runAfter:
--- a/charts/tekton-pipelines/templates/pipelines/install-app.yaml
+++ b/charts/tekton-pipelines/templates/pipelines/install-app.yaml
@@ -0,0 +1,32 @@
+apiVersion: tekton.dev/v1beta1
+kind: Pipeline
+metadata:
+  name: install-app
+  namespace: {{ .Values.pipelineNamespace }}
+  labels:
+    {{- include "tekton-pipelines.labels" . | nindent 4 }}
+spec:
+  params:
+    - name: environment
+      type: string
+    - name: namespace
+      type: string
+  tasks:
+    - name: install-app
+      retries: 3
+      taskRef:
+        resolver: cluster
+        params:
+          - name: kind
+            value: task
+          - name: name
+            value: install-app
+          - name: namespace
+            value: tekton-pipelines
+      params:
+        - name: environment
+          value: $(params.environment)
+        - name: namespace
+          value: $(params.namespace)
+        - name: application
+          value: $(params.application)
--- a/charts/tekton-pipelines/templates/rbac.yaml
+++ b/charts/tekton-pipelines/templates/rbac.yaml
@@ -10,6 +10,11 @@ rules:
  - apiGroups: [""]
    resources: ["secrets", "configmaps"]
    verbs: ["*"]
+  - apiGroups: 
+      - helm.toolkit.fluxcd.io
+      - source.toolkit.fluxcd.io
+    resources: ["*"]
+    verbs: ["*"]
 ---
 apiVersion: v1
 kind: ServiceAccount
--- a/charts/tekton-pipelines/templates/tasks/bootstrap-k3s.yml
+++ b/charts/tekton-pipelines/templates/tasks/bootstrap-k3s.yml
@@ -97,7 +97,7 @@ spec:
        kubectl create secret generic \
          "$(params.environment)"-config \
          --namespace "$(params.namespace)" \
-          --from-file=kubeconfig=/tmp/outputs/admin-default-config
+          --from-file=value=/tmp/outputs/admin-default-config
  workspaces:
    - name: outputs
      description: A folder to store outputs
--- a/charts/tekton-pipelines/templates/tasks/cleanup-dns-records.yml
+++ b/charts/tekton-pipelines/templates/tasks/cleanup-dns-records.yml
@@ -0,0 +1,40 @@
+---
+apiVersion: tekton.dev/v1beta1
+kind: Task
+metadata:
+  name: cleanup-dns-records
+  namespace: {{ .Values.pipelineNamespace }}
+  labels:
+    {{- include "tekton-pipelines.labels" . | nindent 4 }}
+spec:
+  params:
+    - name: namespace
+      type: string
+    - name: environment
+      type: string
+  steps:
+    - name: get-provider-outputs
+      image: alpine/k8s:1.29.2
+      script: |-
+        #!/bin/sh
+        kubectl get configmap "$(params.environment)"-provider-outputs \
+          --namespace "$(params.namespace)" -o yaml \
+          | yq '.data."provider_outputs.yaml"' > /tmp/outputs/provider_outputs.yaml
+    - name: setup-dns
+      image: git.badhouseplants.net/softplayer/softplayer-coskgne:latest
+      env:
+        - name: SP_STATE
+          value: absent
+        - name: SP_ENV
+          value: $(params.environment)
+        - name: SOPS_AGE_KEY
+          value: {{ .Values.providers.hetzner.ageKey }}
+      script: |-
+        #!/bin/sh
+        ansible-playbook /src/playbooks/other/cloudflare/playbook.yml
+        
+  workspaces:
+    - name: outputs
+      description: A folder to store outputs
+      optional: false
+      mountPath: /tmp/outputs
--- a/charts/tekton-pipelines/templates/tasks/cleanup-hetzner-infra.yml
+++ b/charts/tekton-pipelines/templates/tasks/cleanup-hetzner-infra.yml
@@ -42,3 +42,7 @@ spec:
        kubectl delete secret \
          "$(params.environment)-config" \
          --namespace "$(params.namespace)" || true
+        kubectl delete configmap \
+          "$(params.environment)-provider-outputs" \
+          --namespace "$(params.namespace)" || true
+
--- a/charts/tekton-pipelines/templates/tasks/deploy-helmfile-base.yml
+++ b/charts/tekton-pipelines/templates/tasks/deploy-helmfile-base.yml
@@ -19,7 +19,7 @@ spec:
        #!/bin/sh
        kubectl get secret "$(params.environment)"-config \
          --namespace "$(params.namespace)" -o yaml \
-          | yq '.data.kubeconfig' \
+          | yq '.data.value' \
          | base64 -d > /tmp/outputs/config
        chmod 0600 /tmp/outputs/config
    - name: annonate-an-env-cm-installing
--- a/charts/tekton-pipelines/templates/tasks/install-app.yml
+++ b/charts/tekton-pipelines/templates/tasks/install-app.yml
@@ -0,0 +1,47 @@
+# ---------------------------------------------------------------------
+# This task should create a flux resource that will deploy a helm
+# chart to the environemnt 
+# -- Create an app secret with configs
+# -- shell-operator is running a pipeline with confi 
+# -- Tekton is creating a flux HelmRelease resource
+# ---------------------------------------------------------------------
+---
+apiVersion: tekton.dev/v1beta1
+kind: Task
+metadata:
+  name: install-app
+  namespace: {{ .Values.pipelineNamespace }}
+  labels:
+    {{- include "tekton-pipelines.labels" . | nindent 4 }}
+spec:
+  params:
+    - name: namespace
+      type: string
+    - name: environment
+      type: string
+    - name: application
+      type: string
+  steps:
+    - name: create-an-app
+      image: fluxcd/flux-cli:v2.2.3
+      env:
+        - name: SP_STATE
+          value: present
+        - name: SP_ENV
+          value: $(params.environment)
+        - name: SP_APPLICATION
+          value: $(params.application)
+        - name: SP_ACCOUNT
+          value: $(params.namespace)
+      script: |-
+        #!/bin/sh
+        flux create source helm $SP_APPLICATION \
+          --namespace=$SP_ACCOUNT \
+          --url=oci://git.badhouseplants.net/softplayer/helm
+        flux create helmrelease $SP_APPLICATION \
+          --source=HelmRepository/$SP_APPLICATION \
+          --namespace=$SP_ACCOUNT \
+          --chart=helmrelease \
+          --values-from Secret/$SP_APPLICATION-config \
+          --kubeconfig-secret-ref=$SP_ENV-config \
+          --target-namespace=default
--- a/charts/tekton-pipelines/templates/tasks/prepare-dns-records.yml
+++ b/charts/tekton-pipelines/templates/tasks/prepare-dns-records.yml
@@ -0,0 +1,48 @@
+---
+apiVersion: tekton.dev/v1beta1
+kind: Task
+metadata:
+  name: prepare-dns-records
+  namespace: {{ .Values.pipelineNamespace }}
+  labels:
+    {{- include "tekton-pipelines.labels" . | nindent 4 }}
+spec:
+  params:
+    - name: namespace
+      type: string
+    - name: environment
+      type: string
+  steps:
+    - name: get-provider-outputs
+      image: alpine/k8s:1.29.2
+      script: |-
+        #!/bin/sh
+        kubectl get configmap "$(params.environment)"-provider-outputs \
+          --namespace "$(params.namespace)" -o yaml \
+          | yq '.data."provider_outputs.yaml"' > /tmp/outputs/provider_outputs.yaml
+    - name: annonate-an-env-cm
+      image: alpine/k8s:1.29.2
+      script: |-
+        #!/bin/sh
+        kubectl annotate --overwrite configmap \
+          "$(params.environment)" \
+          --namespace "$(params.namespace)" \
+          "softplayer.net/status=setting-up-dns"
+    - name: setup-dns
+      image: git.badhouseplants.net/softplayer/softplayer-coskgne:latest
+      env:
+        - name: SP_STATE
+          value: present
+        - name: SP_ENV
+          value: $(params.environment)
+        - name: SOPS_AGE_KEY
+          value: {{ .Values.providers.hetzner.ageKey }}
+      script: |-
+        #!/bin/sh
+        ansible-playbook /src/playbooks/other/cloudflare/playbook.yml
+
+  workspaces:
+    - name: outputs
+      description: A folder to store outputs
+      optional: false
+      mountPath: /tmp/outputs
--- a/charts/tekton-pipelines/templates/tasks/prepare-hetzner-infra.yml
+++ b/charts/tekton-pipelines/templates/tasks/prepare-hetzner-infra.yml
@@ -55,6 +55,18 @@ spec:
          "$(params.environment)"-inventory \
          --namespace "$(params.namespace)" \
          --from-file /tmp/outputs/inventory.yaml
+    - name: save-provider-outputs
+      image: alpine/k8s:1.29.2
+      script: |-
+        #!/bin/sh
+        kubectl delete configmap \
+          "$(params.environment)"-provider-outputs \
+          --namespace "$(params.namespace)"
+        kubectl create configmap \
+          "$(params.environment)"-provider-outputs \
+          --namespace "$(params.namespace)" \
+          --from-file /tmp/outputs/provider_outputs.yaml
+
  workspaces:
    - name: outputs
      description: A folder to store outputs