diff --git a/Makefile b/Makefile index 43bad56..241508b 100644 --- a/Makefile +++ b/Makefile @@ -17,6 +17,10 @@ include hack/commons.mk KIND_VERSION := $(shell kind --version 2>/dev/null) +KUBE_CONTEXT = $(KUBE_CONTEXT_$(ENV)) +KUBE_CURRENT_CONTEXT = $(shell kubectl config current-context) +CLUSTER = $(CLUSTER_$(ENV)) + HELM_CROSSPLANE_VERSION=1.4.1 KIND_VERSION = v0.14.0 @@ -31,6 +35,9 @@ ACK_EKS_VERSION = v0.1.5 ACK_IAM_VERSION = v0.0.19 ACK_S3_VERSION = v0.1.4 +ASO_SYSTEM_NAMESPACE = azureserviceoperator-system +ASO_VERSION = v2.0.0-beta.2 + # ==================================== # D E V E L O P M E N T # ==================================== @@ -63,12 +70,12 @@ endif .PHONY: kind-create kind-create: guard-ENV ## Creates a local Kubernetes cluster (ENV=xxx) - @echo -e "$(OK_COLOR)[$(APP)] Create Kubernetes cluster ${SERVICE}$(NO_COLOR)" + @echo -e "$(OK_COLOR)[$(APP)] Create Kubernetes cluster $(CLUSTER)$(NO_COLOR)" @kind create cluster --name=$(CLUSTER) --config=hack/kind-config.yaml --wait 180s .PHONY: kind-delete kind-delete: guard-ENV ## Delete a local Kubernetes cluster (ENV=xxx) - @echo -e "$(OK_COLOR)[$(APP)] Delete Kubernetes cluster ${SERVICE}$(NO_COLOR)" + @echo -e "$(OK_COLOR)[$(APP)] Delete Kubernetes cluster $(CLUSTER)$(NO_COLOR)" @kind delete cluster --name=$(CLUSTER) kubernetes-check-context: @@ -123,7 +130,7 @@ crossplane-aws-credentials: guard-AWS_ACCESS_KEY_ID guard-AWS_SECRET_ACCESS_KEY .PHONY: crossplane-azure-credentials crossplane-azure-credentials: guard-AZURE_SUBSCRIPTION_ID guard-AZURE_PROJECT_NAME ## Generate credentials for Azure - @./hack/scripts/azure.sh $(AZURE_SUBSCRIPTION_ID) $(AZURE_PROJECT_NAME) + @./hack/scripts/azure.sh $(AZURE_SUBSCRIPTION_ID) $(AZURE_PROJECT_NAME) crossplane-azure-credentials crossplane-system # ==================================== @@ -138,7 +145,7 @@ ack-aws: ## Authentication on the ECR public Helm registry .PHONY: ack-aws-credentials ack-aws-credentials: guard-AWS_ACCESS_KEY_ID guard-AWS_SECRET_ACCESS_KEY ## Generate credentials for AWS (AWS_ACCESS_KEY=xxx AWS_SECRET_ACCESS_KEY=xxx) - @./hack/scripts/aws.sh $(AWS_ACCESS_KEY_ID) $(AWS_SECRET_ACCESS_KEY) ack-aws-credentials ack-system + @./hack/scripts/aws.sh $(AWS_ACCESS_KEY_ID) $(AWS_SECRET_ACCESS_KEY) ack-aws-credentials $(ACK_SYSTEM_NAMESPACE) .PHONY: ack-install ack-install: ## Install the ACK controllers @@ -151,10 +158,10 @@ ack-install: ## Install the ACK controllers helm upgrade --install --create-namespace --namespace $(ACK_SYSTEM_NAMESPACE) ack-eks-controller \ oci://public.ecr.aws/aws-controllers-k8s/eks-chart --version=$(ACK_EKS_VERSION) \ -f krm/ack/eks-values.yaml - helm install --create-namespace --namespace $(ACK_SYSTEM_NAMESPACE) ack-iam-controller \ + helm upgrade --install --create-namespace --namespace $(ACK_SYSTEM_NAMESPACE) ack-iam-controller \ oci://public.ecr.aws/aws-controllers-k8s/iam-chart --version=$(ACK_IAM_VERSION) \ -f krm/ack/iam-values.yaml - helm install --create-namespace --namespace $(ACK_SYSTEM_NAMESPACE) ack-s3-controller \ + helm upgrade --install --create-namespace --namespace $(ACK_SYSTEM_NAMESPACE) ack-s3-controller \ oci://public.ecr.aws/aws-controllers-k8s/s3-chart --version=$(ACK_S3_VERSION) \ -f krm/ack/s3-values.yaml @@ -169,4 +176,33 @@ ack-uninstall: ## Uninstall the ACK controllers helm uninstall -n $(ACK_SYSTEM_NAMESPACE) ack-eks-controller helm uninstall -n $(ACK_SYSTEM_NAMESPACE) ack-iam-controller helm uninstall -n $(ACK_SYSTEM_NAMESPACE) ack-s3-controller - kubectl delete namespace $(ACK_SYSTEM_NAMESPACE) \ No newline at end of file + kubectl delete namespace $(ACK_SYSTEM_NAMESPACE) + +.PHONY: aso-azure-credentials +aso-azure-credentials: guard-AZURE_TENANT_ID guard-AZURE_SUBSCRIPTION_ID ## Generate credentials for AWS (AWS_ACCESS_KEY=xxx AWS_SECRET_ACCESS_KEY=xxx) + @./hack/scripts/aso.sh aso-controller-settings $(ASO_SYSTEM_NAMESPACE) + +.PHONY: aso-dependencies +aso-dependencies: ## Install dependencies + @helm repo add cert-manager https://charts.jetstack.io + @helm repo update + @kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.9.1/cert-manager.crds.yaml \ + && sleep 5 + @helm upgrade --install --create-namespace --namespace=cert-manager \ + cert-manager cert-manager/cert-manager --version 1.9.1 + +.PHONY: aso-install +aso-install:## Install the ASO controlplane + @helm repo add aso2 https://raw.githubusercontent.com/Azure/azure-service-operator/main/v2/charts + @helm repo update + @helm upgrade --install --devel --create-namespace --namespace=$(ASO_SYSTEM_NAMESPACE) azure-service-operator \ + aso2/azure-service-operator \ + --version=$(ASO_VERSION) \ + -f krm/aso/values.yaml + +.PHONY: aso-uninstall +aso-uninstall: ## Uninstall the ACK controllers + # @helm uninstall -n $(ASO_SYSTEM_NAMESPACE) azure-service-operator + # @kubectl delete namespace $(ASO_SYSTEM_NAMESPACE) + @helm uninstall -n cert-manager cert-manager + @kubectl delete namespace cert-manager \ No newline at end of file diff --git a/hack/commons.mk b/hack/commons.mk index eaef865..ca6be38 100644 --- a/hack/commons.mk +++ b/hack/commons.mk @@ -16,14 +16,6 @@ APP = portefaix BANNER = P O R T E F A I X / K R M -# ENVS = $(shell ls *.*.mk | awk -F"." '{ print $$2 }') - -KUBE_CONTEXT = $(KUBE_CONTEXT_$(ENV)) -KUBE_CURRENT_CONTEXT = $(shell kubectl config current-context) -CLUSTER = $(CLUSTER_$(ENV)) - -KIND_CLUSTER_NAME = $(KIND_CLUSTER_NAME_$(ENV)) - CONFIG_HOME = $(or ${XDG_CONFIG_HOME},${XDG_CONFIG_HOME},${HOME}/.config) DEBUG ?= diff --git a/hack/kind.azure.mk b/hack/kind.azure.mk new file mode 100644 index 0000000..d9c0d43 --- /dev/null +++ b/hack/kind.azure.mk @@ -0,0 +1,17 @@ +# Copyright (C) Nicolas Lamirault +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +CLUSTER_azure = portefaix-krm-azure + +KUBE_CONTEXT_azure = kind-portefaix-krm-azure diff --git a/hack/scripts/aso.sh b/hack/scripts/aso.sh new file mode 100755 index 0000000..5976f3e --- /dev/null +++ b/hack/scripts/aso.sh @@ -0,0 +1,61 @@ +#! /usr/bin/env bash + +# Copyright (C) Nicolas Lamirault +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +reset_color="\\e[0m" +color_red="\\e[31m" +color_green="\\e[32m" +color_blue="\\e[36m"; + +# declare -r this_dir=$(cd $(dirname ${BASH_SOURCE[0]}) && pwd) +# declare -r root_dir=$(cd ${this_dir}/../.. && pwd) + +function echo_fail { echo -e "${color_red}✖ $*${reset_color}"; } +function echo_success { echo -e "${color_green}✔ $*${reset_color}"; } +function echo_info { echo -e "${color_blue}$*${reset_color}"; } + +echo_info "[Azure] Azure Service Operator" + +[ -z "${AZURE_TENANT_ID}" ] && echo_fail "Environment variable AZURE_TENANT_ID not satisfied" && exit 1 +[ -z "${AZURE_SUBSCRIPTION_ID}" ] && echo_fail "Environment variable AZURE_SUBSCRIPTION_ID not satisfied" && exit 1 +SECRET_NAME=$1 +NAMESPACE=$2 + +az ad sp create-for-rbac -n azure-service-operator --role contributor \ + --scopes "/subscriptions/${AZURE_SUBSCRIPTION_ID}" > aso.json + +AZURE_CLIENT_ID=$(jq -r .appId < aso.json) +AZURE_CLIENT_SECRET=$(jq -r .password < aso.json) + +echo_info "[Kubernetes] Azure: Create secret ${SECRET_NAME} into ${NAMESPACE}" +cat < ${AZURE_PROJECT_NAME}.json @@ -61,8 +63,8 @@ cat < make kind-create ENV=azure +``` + +### Controlplane + +```shell +make aso-dependencies +``` + +```shell +make aso-install +``` + +```shell +> make aso-azure-credentials +``` + +### Clean + +```shell +make aso-uninstall +``` \ No newline at end of file diff --git a/krm/aso/values.yaml b/krm/aso/values.yaml new file mode 100644 index 0000000..c0979af --- /dev/null +++ b/krm/aso/values.yaml @@ -0,0 +1,16 @@ +# Copyright (C) Nicolas Lamirault +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +--- +createAzureOperatorSecret: false \ No newline at end of file