dev env: fix secret creation for external secret (#226)

also defaults VPN IP assignment to 201 when nonexistent

Author: davidcheung

templates/scripts/add-vpn-user.sh

@@ -7,6 +7,12 @@ CLUSTER=$(kubectl config current-context | cut -d"/" -f2)
 NAMESPACE=<% .Name %>
 REGION=<% index .Params `region` %>
 
+if [[ "$CLUSTER" = *"-stage-"* ]]; then
+  DEFAULT_IP="10.10.199.200"
+else
+  DEFAULT_IP="10.10.99.200"
+fi
+
 # get pod id for execution
 POD=$(kubectl -n vpn get pods --selector=app=wireguard -o jsonpath='{.items[0].metadata.name}')
 
@@ -16,7 +22,7 @@ if [ -z "$POD" ]; then
 fi
 
 function k8s_exec() {
-  kubectl -n vpn exec -it $POD -- /bin/bash -c "$1"
+  kubectl -n vpn exec $POD wireguard --container wireguard -- /bin/bash -c "$1"
 }
 
 # get name
@@ -32,6 +38,8 @@ client_public_key=$(k8s_exec "echo -n $client_private_key | wg pubkey | tr -d \"
 
 # get next available IP
 existing_ips=$(k8s_exec "cat /etc/wireguard/wg0.conf | grep AllowedIPs| cut -d\" \" -f3 | cut -d\"/\" -f1 | sort")
+# Default start at 201 if no existing IPs are found
+existing_ips=${existing_ips:-$DEFAULT_IP}
 last_ip=$(echo "$existing_ips" | tr -cd "[:alnum:].\n" | tail -1)
 next_ip=$last_ip
 while [[ "$existing_ips" =~ "$next_ip" ]]; do

templates/scripts/create-db-user.sh

@@ -35,7 +35,7 @@ DOCKER_IMAGE_TAG=commitdev/zero-k8s-utilities:0.0.3
 # database info preparation
 # this script will run both before and after make-apply-k8s, therefore the database service is not always available
 DB_ENDPOINT=$(aws rds describe-db-instances --region=$REGION  --db-instance-identifier "${PROJECT_NAME}-${ENVIRONMENT}" --query "DBInstances[0].Endpoint.Address" | jq -r '.')
-DB_NAME_LIST=$(echo ${DATABASE_NAME} | tr -dc 'A-Za-z0-9 ') # used by job
+DB_NAME_LIST=$(echo ${DATABASE_NAME} | tr -dc 'A-Za-z0-9_ ') # used by job
 DB_NAME=$(echo ${DB_NAME_LIST} | cut -d" " -f1) # used by db-pod
 DB_TYPE=${DATABASE_TYPE}
 ## get rds master

templates/scripts/create-dev-env.sh

@@ -3,9 +3,12 @@
 PROJECT=<% .Name %>
 AWS_DEFAULT_REGION=<% index .Params `region` %>
 RANDOM_SEED="<% index .Params `randomSeed` %>"
+DATABASE_TYPE=<% index .Params `database` %>
 ENVIRONMENT=stage  # only apply to Staging environment
 
-DEV_DB_LIST=$(aws iam get-group --group-name ${PROJECT}-developer-${ENVIRONMENT} | jq -r '"dev" + .Users[].UserName' | tr '\n' ' ')
+## Creating each member in developer IAM group a dev-database
+## name: john-doe -> dbname: dev_johndoe
+DEV_DB_LIST=$(aws iam get-group --group-name ${PROJECT}-developer-${ENVIRONMENT} | jq -r '"dev_" + .Users[].UserName' | tr '\n' ' ')
 if [[ -z "${DEV_DB_LIST}" ]]; then
     echo "$0: No developers available yet, skip."
     exit 0
@@ -20,11 +23,11 @@ if [[ $? -eq 0 ]]; then
     PROJECT_NAME=${PROJECT} \
     ENVIRONMENT=${ENVIRONMENT} \
     NAMESPACE=${PROJECT} \
-    DATABASE_TYPE=<% index .Params `database` %> \
+    DATABASE_TYPE=${DATABASE_TYPE} \
     DATABASE_NAME="${DEV_DB_LIST}" \
-    SECRET_NAME=devenv${PROJECT} \
+    SECRET_NAME=devenv-${PROJECT} \
     USER_NAME=dev${PROJECT} \
     USER_PASSWORD=${DEV_DB_SECRET} \
-    CREATE_SECRET=secret-application.yml.tpl \
+    CREATE_SECRET=secret-application.json.tpl \
     sh ./create-db-user.sh
 fi