This repository has been archived by the owner on Jun 17, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 13
/
Copy pathmain.sh
210 lines (189 loc) · 6.71 KB
/
main.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
#!/bin/sh -x
echo ""
echo "BEGIN @ $(date +"%T"): START OF SCRIPT"
# Check Helm Installation
if ! [ -x "$(command -v helm)" ]; then
echo "Please install Helm."
exit
fi
# Check JQ Installation
if ! [ -x "$(command -v jq)" ]; then
echo "Please install JQ. You can install by typing:"
echo "sudo apt install jq"
exit
fi
# Check Kubernetes Installation
if ! [ -x "$(command -v kubectl)" ]; then
echo "Please install Kubernetes."
exit
fi
# Check Azure CLI Installation
if ! [ -x "$(command -v az)" ]; then
echo "Please install the Azure CLI."
exit
fi
echo ""
echo "BEGIN @ $(date +"%T"): Set variables..."
# Initialize Variables for flags
AD_APP_NAME=''
CLUSTER_NAME=''
CLUSTER_RG=''
EMAIL=''
LOCATION=''
INPUTIMAGE=''
ALT_TENANT_ID=''
SKIP_CLUSTER_CREATION=''
E2E_TEST_FLAG=''
TAG=''
SP=''
SP_SECRET=''
PROXY_VERSION=''
REPO_NAME=''
while getopts "a:c:r:e:l:i:t:s:z:v:d:pgh" OPTION
do
case $OPTION in
a)
AD_APP_NAME=$OPTARG ;;
c)
CLUSTER_NAME=$OPTARG ;;
r)
CLUSTER_RG=$OPTARG ;;
e)
EMAIL=$OPTARG ;;
l)
LOCATION=$OPTARG ;;
i)
INPUTIMAGE=$OPTARG ;;
t)
ALT_TENANT_ID=$OPTARG ;;
s)
SP=$OPTARG ;;
z)
SP_SECRET=$OPTARG ;;
p)
SKIP_CLUSTER_CREATION="True" ;;
g)
E2E_TEST_FLAG="True" ;;
v)
PROXY_VERSION=$OPTARG ;;
d)
REPO_NAME=$OPTARG ;;
h)
# Change to how others show it like az
echo "HELP: Here are the flags and their variables"
echo "REQUIRED: -a is for AD_APP_NAME"
echo "REQUIRED: -c is for CLUSTER_NAME *Note: Cluster Name must be unique*"
echo "REQUIRED: -r is for CLUSTER_RG"
echo "REQUIRED: -e is for EMAIL"
echo "REQUIRED: -l is for LOCATION"
echo "OPTOINAL: -i is for INPUTIMAGE"
echo "OPTOINAL: -t is for ALT_TENANT_ID"
echo "OPTOINAL: -s is for SERVICE_PRICIPAL"
echo "OPTOINAL: -z is for SP_SECRET"
echo "OPTOINAL: -p is for SKIP_CLUSTER_CREATION"
echo "OPTIONAL: -v is for PROXY_VERSION"
echo "OPTIONAL: -d is for REPO_NAME"
exit ;;
esac
done
# Force required flags.
if [ -z "$AD_APP_NAME" ] || [ -z "$CLUSTER_NAME" ] || [ -z "$CLUSTER_RG" ] || [ -z "$EMAIL" ] || [ -z "$LOCATION" ]; then
echo "*****ERROR. Please enter all required flags.*****"
exit
fi
echo ""
# Show the subscription we will be deploying to.
if [ -z "$E2E_TEST_FLAG" ]; then
echo "******We will be deploying to this subscription******"
az account show
fi
APP_HOSTNAME="$AD_APP_NAME.$LOCATION.cloudapp.azure.com"
HOMEPAGE=https://$APP_HOSTNAME
IDENTIFIER_URIS=$HOMEPAGE
REPLY_URLS=https://$APP_HOSTNAME/easyauth/signin-oidc
echo "The value of -a is $AD_APP_NAME - AD_APP_NAME"
echo "The value of -c is $CLUSTER_NAME - CLUSTER_NAME"
echo "The value of -r is $CLUSTER_RG - CLUSTER_RG"
echo "The value of -e is $EMAIL - EMAIL"
echo "The value of -l is $LOCATION - LOCATION"
echo "The value of -i is $INPUTIMAGE - INPUTIMAGE"
echo "The value of -t is $ALT_TENANT_ID - ALT_TENANT_ID"
echo "The value of -s is $SP - SERVICE_PRICIPAL"
echo "The value of -z is $SP_SECRET - SP_SECRET"
echo "The value of -p is $SKIP_CLUSTER_CREATION - SKIP_CLUSTER_CREATION"
echo "The value of -g is $E2E_TEST_FLAG - E2E_TEST_FLAG"
echo "The value of -v is $PROXY_VERSION - PROXY_VERSION"
echo "The value of -d is $REPO_NAME - REPO_NAME"
echo "COMPLETE @ $(date +"%T"): Setting variables"
echo "****BEGIN @ $(date +"%T"): Call AKS Cluster Creation script...****"
# If there is no flag set for SKIP_CLUSTER_CREATION, then create the AKS cluster.
if [ -z "$SKIP_CLUSTER_CREATION" ]; then
. ./AutomationScripts/1-clusterCreation.sh
else
echo "CLUSTER CREATION WAS SKIPPED!"
fi
echo "****COMPLETE @ $(date +"%T"): Done cluster creation script.****"
# Get the credentials outside of cluster creation script.
echo "BEGIN @ $(date +"%T"): Getting cluster creds..."
az aks get-credentials -g $CLUSTER_RG -n $CLUSTER_NAME
echo "COMPLETE @ $(date +"%T"): Getting cluster creds"
# Add Helm
helm repo add stable https://charts.helm.sh/stable
echo "****BEGIN @ $(date +"%T"): Call Ingress Controller Creation script****"
. ./AutomationScripts/2-ingressCreation.sh
echo "****COMPLETE @ $(date +"%T"): Ingress controller created script****"
echo "****BEGIN @ $(date +"%T"): Call ADD App Creation script****"
. ./AutomationScripts/3-registerAADApp.sh
echo "****COMPLETE @ $(date +"%T"): AAD App created script****"
echo "****BEGIN @ $(date +"%T"): Call Install Cert Manager script****"
. ./AutomationScripts/4-installCertManager.sh
echo "****COMPLETE @ $(date +"%T"): Installed Cert Manager script****"
if [ -z "$REPO_NAME" ]; then
echo "Using default repo"
else
REPO_NAME=$REPO_NAME/easy-auth-proxy
fi
echo "****BEGIN @ $(date +"%T"): Call Deploy EasyAuth Proxy script****"
. ./AutomationScripts/5-deployEasyAuthProxy.sh
echo "****COMPLETE @ $(date +"%T"): Deployed EasyAuth Proxy script****"
echo "BEGIN @ $(date +"%T"): Deploy sample app..."
# If we have a parameter for an image install a custom image. If not, then we install kuard.
if [ -z "$INPUTIMAGE" ]; then
echo "No image input, installing sample."
# kubectl run easyauth-sample-pod --image=docker.io/dakondra/eak-sample:latest --expose --port=80
kubectl run easyauth-sample-pod --image=docker.io/ibersanoms/easy-auth-sample:latest --expose --port=80
else
echo "Your custom image $INPUTIMAGE installed"
kubectl run custom-pod --image=$INPUTIMAGE --expose --port=80
fi
echo "COMPLETE @ $(date +"%T"): Deployed sample app"
echo "****BEGIN @ $(date +"%T"): Call Deploy New Ingress Resource script****"
. ./AutomationScripts/6-deployNewIngressResource.sh
echo "****COMPLETE @ $(date +"%T"): Deployed New Ingress Resource script****"
echo "BEGIN @ $(date +"%T"): Verify Production Certificate works..."
INPUT_STATUS=false
n=50
while [[ "$INPUT_STATUS" != "True" || "$INPUT_TYPE" != "Ready" ]]
do
echo ""
kubectl get certificate $TLS_SECRET_NAME
INPUT_STATUS=$(kubectl get certificate $TLS_SECRET_NAME -o=jsonpath='{.status.conditions[0].status}')
INPUT_TYPE=$(kubectl get certificate $TLS_SECRET_NAME -o=jsonpath='{.status.conditions[0].type}')
echo "status: " $INPUT_STATUS
echo "type: " $INPUT_TYPE
sleep 5
if [ "$n" == "0" ]; then
echo "ERROR. INFINITE LOOP in main.sh when calling kubectl get certificate."
exit 1
fi
n=$((n-1))
echo ""
done
echo "COMPLETE @ $(date +"%T"): Verify Production Certificate works"
echo "END OF SCRIPT"
echo ""
echo "NOTE: Please wait 5 minutes for Azure AD to complete setup before opening the homepage!"
echo ""
echo "Visit the app in the browser. Good luck! " $HOMEPAGE
echo ""
echo ""