diff --git a/backend/.gitignore b/backend/.gitignore index f3c7a7c5d..aee2e4ce1 100644 --- a/backend/.gitignore +++ b/backend/.gitignore @@ -1 +1 @@ -Makefile +config.mk diff --git a/backend/Makefile.tmpl.mk b/backend/Makefile similarity index 69% rename from backend/Makefile.tmpl.mk rename to backend/Makefile index 16c26adb7..ed4ab34d2 100644 --- a/backend/Makefile.tmpl.mk +++ b/backend/Makefile @@ -1,14 +1,17 @@ SHELL = /bin/bash +DEPLOY_ENV ?= personal-dev +$(shell ../templatize.sh $(DEPLOY_ENV) config.tmpl.mk config.mk) +include config.mk COMMIT = $(shell git rev-parse --short=7 HEAD) -ARO_HCP_BASE_IMAGE ?= {{ .acrName }}.azurecr.io +ARO_HCP_BASE_IMAGE ?= ${ARO_HCP_IMAGE_ACR}.azurecr.io ARO_HCP_BACKEND_IMAGE ?= $(ARO_HCP_BASE_IMAGE)/arohcpbackend:$(COMMIT) backend: go build -o aro-hcp-backend . run: - ./aro-hcp-backend --location {{ .region }} \ + ./aro-hcp-backend --location ${LOCATION} \ --clusters-service-url http://localhost:8000 clean: @@ -24,20 +27,20 @@ push: image deploy: BACKEND_MI_CLIENT_ID=$(shell az identity show \ - -g {{ .serviceClusterRG }} \ + -g ${RESOURCEGROUP} \ -n backend \ --query clientId);\ - ISTO_VERSION=$(shell az aks show -n {{ .aksName }} -g {{ .serviceClusterRG }} --query serviceMeshProfile.istio.revisions[-1] -o tsv) && \ + ISTO_VERSION=$(shell az aks show -n ${AKS_NAME} -g ${RESOURCEGROUP} --query serviceMeshProfile.istio.revisions[-1] -o tsv) && \ kubectl create namespace aro-hcp --dry-run=client -o json | kubectl apply -f - && \ kubectl label namespace aro-hcp "istio.io/rev=$${ISTO_VERSION}" --overwrite=true && \ helm upgrade --install aro-hcp-backend-dev \ deploy/helm/backend/ \ - --set configMap.databaseName={{ .frontendCosmosDBName }} \ - --set configMap.databaseUrl="https://{{ .frontendCosmosDBName }}.documents.azure.com:443/" \ + --set configMap.databaseName=${DB_NAME} \ + --set configMap.databaseUrl="https://${DB_NAME}.documents.azure.com:443/" \ --set configMap.backendMiClientId="$${BACKEND_MI_CLIENT_ID}" \ --set serviceAccount.workloadIdentityClientId="$${BACKEND_MI_CLIENT_ID}" \ --set configMap.currentVersion=${ARO_HCP_BACKEND_IMAGE} \ - --set configMap.location={{ .region }} \ + --set configMap.location=${LOCATION} \ --set deployment.imageName=${ARO_HCP_BACKEND_IMAGE} \ --namespace aro-hcp diff --git a/backend/README.md b/backend/README.md deleted file mode 100644 index e927d424c..000000000 --- a/backend/README.md +++ /dev/null @@ -1,11 +0,0 @@ -# ARO-HCP-BACKEND - -## Prerequisite - -The `Makefile` is templated based on the ARO HCP environment to interact with. - -Run the following command to generate a `Makefile` for personal development. - -```bash -./generate-makefile.sh personal-dev -``` diff --git a/backend/config.tmpl.mk b/backend/config.tmpl.mk new file mode 100644 index 000000000..9b959270f --- /dev/null +++ b/backend/config.tmpl.mk @@ -0,0 +1,5 @@ +ARO_HCP_IMAGE_ACR ?= {{ .acrName }} +LOCATION ?= {{ .region }} +RESOURCEGROUP ?= {{ .serviceClusterRG }} +AKS_NAME ?= {{ .aksName }} +DB_NAME ?= {{ .frontendCosmosDBName }} diff --git a/backend/generate-makefile.sh b/backend/generate-makefile.sh deleted file mode 100755 index c989811cc..000000000 --- a/backend/generate-makefile.sh +++ /dev/null @@ -1,12 +0,0 @@ -#!/bin/bash - -set -e - -if [ -z "$1" ]; then - DEPLOY_ENV="personal-dev" -else - DEPLOY_ENV=$1 -fi - -cd $(dirname "$(realpath "${BASH_SOURCE[0]}")") -../templatize.sh $DEPLOY_ENV Makefile.tmpl.mk Makefile diff --git a/cluster-service/.gitignore b/cluster-service/.gitignore index 543d79940..1e48811d8 100644 --- a/cluster-service/.gitignore +++ b/cluster-service/.gitignore @@ -1,2 +1,2 @@ deploy/tmp-provisioning-shard.yml -Makefile +config.mk diff --git a/cluster-service/Makefile b/cluster-service/Makefile new file mode 100644 index 000000000..2a810ba81 --- /dev/null +++ b/cluster-service/Makefile @@ -0,0 +1,44 @@ +SHELL = /bin/bash +DEPLOY_ENV ?= personal-dev +$(shell ../templatize.sh $(DEPLOY_ENV) config.tmpl.mk config.mk) +include config.mk + +deploy: + sed -e "s#ZONE_RESOURCE_ID#${ZONE_RESOURCE_ID}#g" -e "s/REGION/${REGION}/g" -e "s/CONSUMER_NAME/${CONSUMER_NAME}/g" deploy/mvp-provisioning-shards.yml > deploy/tmp-provisioning-shard.yml + + ISTO_VERSION=$(shell az aks show -n ${AKS_NAME} -g ${RESOURCEGROUP} --query serviceMeshProfile.istio.revisions[-1] -o tsv) && \ + oc process --local -f deploy/openshift-templates/arohcp-namespace-template.yml \ + -p ISTIO_VERSION=$${ISTO_VERSION} | oc apply -f - + kubectl apply -f deploy/istio.yml + + oc process --local -f deploy/openshift-templates/arohcp-db-template.yml | oc apply -f - + oc process --local -f deploy/openshift-templates/arohcp-secrets-template.yml \ + -p PROVISION_SHARDS_CONFIG="$$( base64 -i deploy/tmp-provisioning-shard.yml)" | oc apply -f - + + AZURE_CS_MI_CLIENT_ID=$(shell az identity show -g ${RESOURCEGROUP} -n clusters-service --query clientId -o tsv) && \ + CS_SERVICE_PRINCIPAL_CREDS_BASE64='$(shell az keyvault secret show --vault-name "${SERVICE_KV}" --name "aro-hcp-dev-sp-cs" | jq .value -r | base64 | tr -d '\n')' && \ + TENANT_ID=$(shell az account show --query tenantId --output tsv) && \ + OIDC_BLOB_SERVICE_ENDPOINT=$(shell az storage account show -n ${OIDC_STORAGE_ACCOUNT} -g ${RESOURCEGROUP} --query primaryEndpoints.blob -o tsv) && \ + OIDC_WEB_SERVICE_ENDPOINT=$(shell az storage account show -n ${OIDC_STORAGE_ACCOUNT} -g ${RESOURCEGROUP} --query primaryEndpoints.web -o tsv) && \ + oc process --local -f deploy/openshift-templates/arohcp-service-template.yml \ + -p AZURE_CS_MI_CLIENT_ID=$${AZURE_CS_MI_CLIENT_ID} \ + -p TENANT_ID=$${TENANT_ID} \ + -p REGION=${REGION} \ + -p SERVICE_KEYVAULT_NAME=${SERVICE_KV} \ + -p CS_SERVICE_PRINCIPAL_CREDS_BASE64=$${CS_SERVICE_PRINCIPAL_CREDS_BASE64} \ + -p IMAGE_REGISTRY=${ACR_NAME}.azurecr.io \ + -p IMAGE_REPOSITORY=${IMAGE_REPO} \ + -p AZURE_FIRST_PARTY_APPLICATION_CLIENT_ID=${FPA_CLIENT_ID} \ + -p FPA_CERT_NAME=${FPA_CERT_NAME} \ + -p IMAGE_TAG=${IMAGE_TAG} | oc apply -f - + +deploy-pr-env-deps: + AZURE_CS_MI_CLIENT_ID=$(shell az identity show -g ${RESOURCEGROUP} -n clusters-service --query clientId -o tsv) && \ + oc process --local -f deploy/integration/cluster-service-namespace.yaml \ + -p CLIENT_ID=${AZURE_CS_MI_CLIENT_ID} | oc apply -f - + +# for local development +provision-shard: + sed -e "s#ZONE_RESOURCE_ID#${ZONE_RESOURCE_ID}#g" -e "s/REGION/${REGION}/g" -e "s/CONSUMER_NAME/${CONSUMER_NAME}/g" deploy/dev-provisioning-shards.yml + +.PHONY: deploy deploy-integ provision-shard diff --git a/cluster-service/Makefile.tmpl.mk b/cluster-service/Makefile.tmpl.mk deleted file mode 100644 index 1b59ff3a1..000000000 --- a/cluster-service/Makefile.tmpl.mk +++ /dev/null @@ -1,44 +0,0 @@ -SHELL = /bin/bash - -TENANT_ID=$(shell az account show --query tenantId --output tsv) -ZONE_RESOURCE_ID ?= $(az network dns zone show -n {{ .regionalDNSSubdomain }}.{{ .baseDnsZoneName }} -g {{ .regionRG }} --query id -o tsv) - -FPA_CERT_NAME ?= firstPartyCert - -deploy: - sed -e "s#ZONE_RESOURCE_ID#${ZONE_RESOURCE_ID}#g" -e "s/REGION/{{ .region }}/g" -e "s/CONSUMER_NAME/{{ .maestroConsumerName }}/g" deploy/mvp-provisioning-shards.yml > deploy/tmp-provisioning-shard.yml - - ISTO_VERSION=$(shell az aks show -n {{ .aksName }} -g {{ .serviceClusterRG }} --query serviceMeshProfile.istio.revisions[-1] -o tsv) && \ - oc process --local -f deploy/openshift-templates/arohcp-namespace-template.yml \ - -p ISTIO_VERSION=$${ISTO_VERSION} | oc apply -f - - kubectl apply -f deploy/istio.yml - - oc process --local -f deploy/openshift-templates/arohcp-db-template.yml | oc apply -f - - oc process --local -f deploy/openshift-templates/arohcp-secrets-template.yml \ - -p PROVISION_SHARDS_CONFIG="$$( base64 -i deploy/tmp-provisioning-shard.yml)" | oc apply -f - - - CS_MI_CLIENT_ID=$(shell az identity show -g "{{ .serviceClusterRG }}" -n clusters-service --query clientId -o tsv) && \ - CS_SERVICE_PRINCIPAL_CREDS_BASE64='$(shell az keyvault secret show --vault-name "{{ .serviceKeyVaultName }}" --name "aro-hcp-dev-sp-cs" | jq .value -r | base64 | tr -d '\n')' && \ - OIDC_BLOB_SERVICE_ENDPOINT=$(shell az storage account show -n {{ .oidcStorageAccountName }} -g {{ .serviceClusterRG }} --query primaryEndpoints.blob -o tsv) && \ - OIDC_WEB_SERVICE_ENDPOINT=$(shell az storage account show -n {{ .oidcStorageAccountName }} -g {{ .serviceClusterRG }} --query primaryEndpoints.web -o tsv) && \ - oc process --local -f deploy/openshift-templates/arohcp-service-template.yml \ - -p AZURE_CS_MI_CLIENT_ID=$${CS_MI_CLIENT_ID} \ - -p TENANT_ID=${TENANT_ID} \ - -p REGION={{ .region }} \ - -p SERVICE_KEYVAULT_NAME={{ .serviceKeyVaultName }} \ - -p CS_SERVICE_PRINCIPAL_CREDS_BASE64=$${CS_SERVICE_PRINCIPAL_CREDS_BASE64} \ - -p IMAGE_REGISTRY={{ .acrName }}.azurecr.io \ - -p IMAGE_REPOSITORY={{ .clusterServiceImageRepo }} \ - -p AZURE_FIRST_PARTY_APPLICATION_CLIENT_ID={{ .firstPartyAppClientId }} \ - -p FPA_CERT_NAME=${FPA_CERT_NAME} \ - -p IMAGE_TAG={{ .clusterServiceImageTag }} | oc apply -f - - -deploy-pr-env-deps: - oc process --local -f deploy/integration/cluster-service-namespace.yaml \ - -p CLIENT_ID=${CS_MI_CLIENT_ID} | oc apply -f - - -# for local development -provision-shard: - sed -e "s#ZONE_RESOURCE_ID#${ZONE_RESOURCE_ID}#g" -e "s/REGION/{{ .region }}/g" -e "s/CONSUMER_NAME/{{ .maestroConsumerName }}/g" deploy/dev-provisioning-shards.yml - -.PHONY: deploy deploy-integ provision-shard diff --git a/cluster-service/config.tmpl.mk b/cluster-service/config.tmpl.mk new file mode 100644 index 000000000..50664d97b --- /dev/null +++ b/cluster-service/config.tmpl.mk @@ -0,0 +1,13 @@ +REGION ?= {{ .region }} +CONSUMER_NAME ?= {{ .maestroConsumerName }} +RESOURCEGROUP ?= {{ .serviceClusterRG }} +REGIONAL_RESOURCEGROUP ?= {{ .regionRG }} +AKS_NAME ?= {{ .aksName }} +SERVICE_KV ?= {{ .serviceKeyVaultName }} +OIDC_STORAGE_ACCOUNT ?= {{ .oidcStorageAccountName }} +IMAGE_REPO ?= {{ .clusterServiceImageRepo }} +IMAGE_TAG ?= {{ .clusterServiceImageTag }} +ACR_NAME ?= {{ .acrName }} +FPA_CLIENT_ID ?= {{ .firstPartyAppClientId }} +FPA_CERT_NAME ?= firstPartyCert +ZONE_RESOURCE_ID ?= $(shell az network dns zone show -n {{ .regionalDNSSubdomain }}.{{ .baseDnsZoneName }} -g {{ .regionRG }} --query id -o tsv) diff --git a/frontend/.gitignore b/frontend/.gitignore index f3c7a7c5d..aee2e4ce1 100644 --- a/frontend/.gitignore +++ b/frontend/.gitignore @@ -1 +1 @@ -Makefile +config.mk diff --git a/frontend/Makefile.tmpl.mk b/frontend/Makefile similarity index 72% rename from frontend/Makefile.tmpl.mk rename to frontend/Makefile index 38969f765..95d1456ee 100644 --- a/frontend/Makefile.tmpl.mk +++ b/frontend/Makefile @@ -1,14 +1,17 @@ SHELL = /bin/bash +DEPLOY_ENV ?= personal-dev +$(shell ../templatize.sh $(DEPLOY_ENV) config.tmpl.mk config.mk) +include config.mk COMMIT = $(shell git rev-parse --short=7 HEAD) -ARO_HCP_BASE_IMAGE ?= {{ .acrName }}.azurecr.io +ARO_HCP_BASE_IMAGE ?= ${ARO_HCP_IMAGE_ACR}.azurecr.io ARO_HCP_FRONTEND_IMAGE ?= $(ARO_HCP_BASE_IMAGE)/arohcpfrontend:$(COMMIT) frontend: go build -o aro-hcp-frontend . run: - ./aro-hcp-frontend --use-cache --location {{ .region }} \ + ./aro-hcp-frontend --use-cache --location ${LOCATION} \ --clusters-service-url http://localhost:8000 \ --cluster-service-provision-shard 1 \ --cluster-service-noop-provision \ @@ -29,20 +32,20 @@ push: image deploy: FRONTEND_MI_CLIENT_ID=$(shell az identity show \ - -g {{ .serviceClusterRG }} \ + -g ${RESOURCEGROUP} \ -n frontend \ --query clientId);\ - ISTO_VERSION=$(shell az aks show -n {{ .aksName }} -g {{ .serviceClusterRG }} --query serviceMeshProfile.istio.revisions[-1] -o tsv) && \ + ISTO_VERSION=$(shell az aks show -n ${AKS_NAME} -g ${RESOURCEGROUP} --query serviceMeshProfile.istio.revisions[-1] -o tsv) && \ kubectl create namespace aro-hcp --dry-run=client -o json | kubectl apply -f - && \ kubectl label namespace aro-hcp "istio.io/rev=$${ISTO_VERSION}" --overwrite=true && \ helm upgrade --install aro-hcp-frontend-dev \ deploy/helm/frontend/ \ - --set configMap.databaseName={{ .frontendCosmosDBName }} \ - --set configMap.databaseUrl="https://{{ .frontendCosmosDBName }}.documents.azure.com:443/" \ + --set configMap.databaseName=${DB_NAME} \ + --set configMap.databaseUrl="https://${DB_NAME}.documents.azure.com:443/" \ --set configMap.frontendMiClientId="$${FRONTEND_MI_CLIENT_ID}" \ --set serviceAccount.workloadIdentityClientId="$${FRONTEND_MI_CLIENT_ID}" \ --set configMap.currentVersion=${ARO_HCP_FRONTEND_IMAGE} \ - --set configMap.location={{ .region }} \ + --set configMap.location=${LOCATION} \ --set deployment.imageName=${ARO_HCP_FRONTEND_IMAGE} \ --namespace aro-hcp diff --git a/frontend/README.md b/frontend/README.md index 608034396..8130b3a46 100644 --- a/frontend/README.md +++ b/frontend/README.md @@ -1,15 +1,5 @@ # ARO-HCP-FRONTEND -## Prerequisite - -The `Makefile` is templated based on the ARO HCP environment to interact with. - -Run the following command to generate a `Makefile` for personal development. - -```bash -./generate-makefile.sh personal-dev -``` - ## Build frontend binary for local testing ``` make frontend diff --git a/frontend/config.tmpl.mk b/frontend/config.tmpl.mk new file mode 100644 index 000000000..9b959270f --- /dev/null +++ b/frontend/config.tmpl.mk @@ -0,0 +1,5 @@ +ARO_HCP_IMAGE_ACR ?= {{ .acrName }} +LOCATION ?= {{ .region }} +RESOURCEGROUP ?= {{ .serviceClusterRG }} +AKS_NAME ?= {{ .aksName }} +DB_NAME ?= {{ .frontendCosmosDBName }} diff --git a/frontend/generate-makefile.sh b/frontend/generate-makefile.sh deleted file mode 100755 index c989811cc..000000000 --- a/frontend/generate-makefile.sh +++ /dev/null @@ -1,12 +0,0 @@ -#!/bin/bash - -set -e - -if [ -z "$1" ]; then - DEPLOY_ENV="personal-dev" -else - DEPLOY_ENV=$1 -fi - -cd $(dirname "$(realpath "${BASH_SOURCE[0]}")") -../templatize.sh $DEPLOY_ENV Makefile.tmpl.mk Makefile diff --git a/maestro/.gitignore b/maestro/.gitignore index a39cdafcc..73e3765ee 100644 --- a/maestro/.gitignore +++ b/maestro/.gitignore @@ -1 +1 @@ -**/Makefile +**/config.mk diff --git a/maestro/agent/Makefile b/maestro/agent/Makefile new file mode 100644 index 000000000..53facd552 --- /dev/null +++ b/maestro/agent/Makefile @@ -0,0 +1,17 @@ +SHELL = /bin/bash +DEPLOY_ENV ?= personal-dev +$(shell ../../templatize.sh $(DEPLOY_ENV) config.tmpl.mk config.mk) +include config.mk + +deploy: + helm upgrade --install maestro-agent ./helm \ + --create-namespace --namespace maestro \ + --set consumerName=${CONSUMER_NAME} \ + --set broker.host=${EVENTGRID_HOSTNAME} \ + --set credsKeyVault.name=${KEYVAULT_NAME} \ + --set credsKeyVault.secret=${CONSUMER_NAME} \ + --set azure.clientId=${MAESTRO_MI_CLIENT_ID} \ + --set azure.tenantId=${TENANT_ID} \ + --set image.base=${IMAGE_BASE} \ + --set image.tag=${IMAGE_TAG} +.PHONY: deploy diff --git a/maestro/agent/Makefile.tmpl.mk b/maestro/agent/Makefile.tmpl.mk deleted file mode 100644 index 6f3a114c5..000000000 --- a/maestro/agent/Makefile.tmpl.mk +++ /dev/null @@ -1,18 +0,0 @@ -SHELL = /bin/bash - -TENANT_ID=$(shell az account show --query tenantId --output tsv) -MAESTRO_MI_CLIENT_ID=$(shell az identity show -g "{{ .managementClusterRG }}" -n maestro-consumer --query clientId -o tsv) -EVENTGRID_HOSTNAME=$(shell az resource show -n {{ .maestroEventgridName }} -g {{ .regionRG }} --resource-type "Microsoft.EventGrid/namespaces" --query properties.topicSpacesConfiguration.hostname -o tsv) - -deploy: - helm upgrade --install maestro-agent ./helm \ - --create-namespace --namespace maestro \ - --set consumerName={{ .maestroConsumerName }} \ - --set broker.host=${EVENTGRID_HOSTNAME} \ - --set credsKeyVault.name={{ .maestroKeyVaultName }} \ - --set credsKeyVault.secret={{ .maestroConsumerName }} \ - --set azure.clientId=${MAESTRO_MI_CLIENT_ID} \ - --set azure.tenantId=${TENANT_ID} \ - --set image.base={{ .maestroImageBase }} \ - --set image.tag={{ .maestroImageTag }} -.PHONY: deploy diff --git a/maestro/agent/config.tmpl.mk b/maestro/agent/config.tmpl.mk new file mode 100644 index 000000000..4cb6ae9dd --- /dev/null +++ b/maestro/agent/config.tmpl.mk @@ -0,0 +1,7 @@ +TENANT_ID=$(shell az account show --query tenantId --output tsv) +CONSUMER_NAME ?= {{ .maestroConsumerName }} +EVENTGRID_HOSTNAME=$(shell az resource show -n {{ .maestroEventgridName }} -g {{ .regionRG }} --resource-type "Microsoft.EventGrid/namespaces" --query properties.topicSpacesConfiguration.hostname -o tsv) +MAESTRO_MI_CLIENT_ID=$(shell az identity show -g "{{ .managementClusterRG }}" -n maestro-consumer --query clientId -o tsv) +KEYVAULT_NAME ?= {{ .maestroKeyVaultName }} +IMAGE_BASE ?= {{ .maestroImageBase }} +IMAGE_TAG ?= {{ .maestroImageTag }} diff --git a/maestro/registration/Makefile.tmpl.mk b/maestro/registration/Makefile similarity index 52% rename from maestro/registration/Makefile.tmpl.mk rename to maestro/registration/Makefile index 629e8b033..d62b33184 100644 --- a/maestro/registration/Makefile.tmpl.mk +++ b/maestro/registration/Makefile @@ -1,11 +1,14 @@ SHELL = /bin/bash +DEPLOY_ENV ?= personal-dev +$(shell ../../templatize.sh $(DEPLOY_ENV) config.tmpl.mk config.mk) +include config.mk deploy: @if ! kubectl get service maestro -n maestro > /dev/null 2>&1; then \ echo "Error: Service 'maestro' not found in namespace 'maestro'"; \ exit 1; \ fi - helm upgrade --install {{ .maestroConsumerName }} ./helm \ + helm upgrade --install ${CONSUMER_NAME} ./helm \ --namespace maestro \ - --set consumerName={{ .maestroConsumerName }} + --set consumerName=${CONSUMER_NAME} .PHONY: deploy diff --git a/maestro/registration/config.tmpl.mk b/maestro/registration/config.tmpl.mk new file mode 100644 index 000000000..8918876a7 --- /dev/null +++ b/maestro/registration/config.tmpl.mk @@ -0,0 +1 @@ +CONSUMER_NAME ?= {{ .maestroConsumerName }} diff --git a/maestro/server/Makefile b/maestro/server/Makefile new file mode 100644 index 000000000..0f085fc24 --- /dev/null +++ b/maestro/server/Makefile @@ -0,0 +1,20 @@ +SHELL = /bin/bash +DEPLOY_ENV ?= personal-dev +$(shell ../../templatize.sh $(DEPLOY_ENV) config.tmpl.mk config.mk) +include config.mk + +deploy: + kubectl create namespace maestro --dry-run=client -o json | kubectl apply -f - + kubectl label namespace maestro "istio.io/rev=${ISTO_VERSION}" --overwrite=true + helm upgrade --install maestro-server ./helm \ + --namespace maestro \ + --set broker.host=${EVENTGRID_HOSTNAME} \ + --set credsKeyVault.name=${KEYVAULT_NAME} \ + --set azure.clientId=${MAESTRO_MI_CLIENT_ID} \ + --set azure.tenantId=${TENANT_ID} \ + --set istio.restrictIngress=${ISTIO_RESTRICT_INGRESS} \ + --set image.base=${IMAGE_BASE} \ + --set image.tag=${IMAGE_TAG} \ + --set database.containerizedDb=${USE_CONTAINERIZED_DB} \ + --set database.ssl='${USE_DATABASE_SSL}' +.PHONY: deploy diff --git a/maestro/server/Makefile.tmpl.mk b/maestro/server/Makefile.tmpl.mk deleted file mode 100644 index 8b5ea1b31..000000000 --- a/maestro/server/Makefile.tmpl.mk +++ /dev/null @@ -1,22 +0,0 @@ -SHELL = /bin/bash - -TENANT_ID=$(shell az account show --query tenantId --output tsv) -MAESTRO_MI_CLIENT_ID=$(shell az identity show -g "{{ .serviceClusterRG }}" -n maestro-server --query clientId -o tsv) -EVENTGRID_HOSTNAME=$(shell az resource show -n {{ .maestroEventgridName }} -g {{ .regionRG }} --resource-type "Microsoft.EventGrid/namespaces" --query properties.topicSpacesConfiguration.hostname -o tsv) -ISTO_VERSION=$(shell az aks show -n {{ .aksName }} -g {{ .serviceClusterRG }} --query serviceMeshProfile.istio.revisions[-1] -o tsv) - -deploy: - kubectl create namespace maestro --dry-run=client -o json | kubectl apply -f - - kubectl label namespace maestro "istio.io/rev=${ISTO_VERSION}" --overwrite=true - helm upgrade --install maestro-server ./helm \ - --namespace maestro \ - --set broker.host=${EVENTGRID_HOSTNAME} \ - --set credsKeyVault.name={{ .maestroKeyVaultName }} \ - --set azure.clientId=${MAESTRO_MI_CLIENT_ID} \ - --set azure.tenantId=${TENANT_ID} \ - --set istio.restrictIngress={{ .maestroRestrictIstioIngress }} \ - --set image.base={{ .maestroImageBase }} \ - --set image.tag={{ .maestroImageTag }} \ - --set database.containerizedDb={{ not .maestroPostgresDeploy }} \ - --set database.ssl='{{ ternary "enable" "disable" .maestroPostgresDeploy }}' -.PHONY: deploy diff --git a/maestro/server/config.tmpl.mk b/maestro/server/config.tmpl.mk new file mode 100644 index 000000000..c4d48e345 --- /dev/null +++ b/maestro/server/config.tmpl.mk @@ -0,0 +1,10 @@ +TENANT_ID=$(shell az account show --query tenantId --output tsv) +MAESTRO_MI_CLIENT_ID=$(shell az identity show -g "{{ .serviceClusterRG }}" -n maestro-server --query clientId -o tsv) +EVENTGRID_HOSTNAME=$(shell az resource show -n {{ .maestroEventgridName }} -g {{ .regionRG }} --resource-type "Microsoft.EventGrid/namespaces" --query properties.topicSpacesConfiguration.hostname -o tsv) +ISTO_VERSION=$(shell az aks show -n {{ .aksName }} -g {{ .serviceClusterRG }} --query serviceMeshProfile.istio.revisions[-1] -o tsv) +IMAGE_BASE ?= {{ .maestroImageBase }} +IMAGE_TAG ?= {{ .maestroImageTag }} +USE_CONTAINERIZED_DB ?= {{ not .maestroPostgresDeploy }} +USE_DATABASE_SSL ?= {{ ternary "enable" "disable" .maestroPostgresDeploy }} +ISTIO_RESTRICT_INGRESS ?= {{ .maestroRestrictIstioIngress }} +KEYVAULT_NAME ?= {{ .maestroKeyVaultName }} diff --git a/svc-deploy.sh b/svc-deploy.sh index 8c514b82e..b9bc21e2f 100755 --- a/svc-deploy.sh +++ b/svc-deploy.sh @@ -2,8 +2,8 @@ # deploy a service to a cluster # ./svc-deploy -# this script expects the to contain a Makefile.tmpl.mk template that can -# be processed with ./templatized according to config/config.yml +# this script expects the to contain a Makefile that takes care +# of processing any config.mk template on its own cd $(dirname "$(realpath "${BASH_SOURCE[0]}")") @@ -18,7 +18,5 @@ fi export KUBECONFIG=$(./dev-infrastructure/make $DEPLOY_ENV $CLUSTER.aks.kubeconfigfile) -./templatize.sh $DEPLOY_ENV $DIR/Makefile.tmpl.mk $DIR/Makefile - cd $DIR make deploy