-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathTaskfile.yml
More file actions
226 lines (209 loc) · 9.27 KB
/
Taskfile.yml
File metadata and controls
226 lines (209 loc) · 9.27 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
# https://taskfile.dev
version: '3'
vars:
cluster_name: gitops-test
tasks:
default:
cmds:
- task: cluster:status
cluster:create:
vars:
cpus: '{{default "4" .cpus}}'
disk_size: '{{default "20000mb" .disk_size}}'
enable_argo: '{{default "true" .enable_argo}}'
enable_flux: '{{default "true" .enable_flux}}'
kubernetes_version: '{{default "1.31.1" .kubernetes_version}}'
preconditions:
- sh: minikube version
msg: minikube is not installed
- sh: kubectl version --client
msg: kubectl is not installed
- sh: helm version
msg: Helm is not installed
desc: Create a test cluster
status:
- minikube status -p {{.cluster_name}}
cmds:
- cmd: |-
echo "ArgoCD (enabled: {{.enable_argo}})"
echo "FluxCD (enabled: {{.enable_flux}})"
echo "Gitea (enabled: true)"
silent: true
- minikube start -p {{.cluster_name}} --cpus={{.cpus}} --disk-size='{{.disk_size}}' --kubernetes-version={{.kubernetes_version}}
- task: scm:install
- task: scm:init
- task: flux:install
vars:
enabled: '{{.enable_flux}}'
- task: argo:install
vars:
enabled: '{{.enable_argo}}'
cluster:delete:
desc: Delete a test cluster
prompt: This will destroy your {{.cluster_name}} playground. Are you sure?
cmds:
- minikube delete -p {{.cluster_name}}
cluster:status:
desc: Show status of a test cluster
cmds:
- minikube status -p {{.cluster_name}} || true
flux:install:
internal: true
desc: Install flux to test cluster
dir: flux2/_bootstrap
vars:
enabled: '{{default "true" .enabled}}'
# renovate: datasource=github-releases depName=fluxcd/flux2
flux_version: "v2.7.5"
status:
- 'test "{{.enabled}}" != "true"'
cmds:
- helm upgrade --kube-context {{.cluster_name}} --install --wait --namespace flux-system --create-namespace --set 'cli.image.tag={{.flux_version}}' flux flux/
- kubectl exec --context {{.cluster_name}} -n flux-system pods/flux-cli -- flux install --namespace flux-system
argo:install:
internal: true
desc: Install argocd to test cluster
dir: argocd/argocd
vars:
enabled: '{{default "true" .enabled}}'
status:
- '[ "{{.enabled}}" != "true" ] || helm status --kube-context {{.cluster_name}} -n argocd argocd'
cmds:
- helm dep build argocd/
- helm upgrade --kube-context {{.cluster_name}} --install --wait --namespace argocd --create-namespace argocd argocd/
- |-
kubectl exec --context {{.cluster_name}} -n argocd deploy/argocd-server -- argocd login argocd-server.argocd.svc.cluster.local \
--insecure \
--username admin \
--password $(kubectl get secret argocd-initial-admin-secret --context {{ .cluster_name }} -n argocd -o jsonpath="{.data.password}" | base64 -d | xargs echo)
- task: argo:password
argo:init:
desc: Initialise argocd for usage
dir: argocd/argocd
preconditions:
- sh: helm status -n argocd argocd --kube-context {{.cluster_name}}
msg: ArgoCD is not currently installed on the test cluster {{.cluster_name}}
cmds:
- kubectl apply --context {{ .cluster_name }} -f projects/argocd.yaml
- kubectl apply --context {{ .cluster_name }} -f applications/bootstrap.yaml
flux:init:
desc: Initialise flux2 for usage
preconditions:
- sh: kubectl --context {{ .cluster_name }} get namespace flux-system
msg: FluxCD is not currently installed on the test cluster {{.cluster_name}}
cmds:
- kubectl exec --context {{.cluster_name}} -n flux-system pods/flux-cli -- flux bootstrap git --namespace flux-system --allow-insecure-http=true --url http://gitea-http.gitea.svc.cluster.local/flux2/flux2.git --username flux2 --password flux2 --token-auth --path clusters/test
argo:forward:
vars:
port: '{{default "8080" .port}}'
desc: Forward the argocd UI to a local port
cmds:
- kubectl port-forward service/argocd-server --context {{ .cluster_name }} -n argocd {{.port}}:https
argo:password:
desc: Get the initial admin password for argocd
cmds:
- echo "Your initial ArgoCD admin password is:"
- kubectl get secret argocd-initial-admin-secret --context {{ .cluster_name }} -n argocd -o jsonpath="{.data.password}" | base64 -d | xargs echo
silent: true
scm:install:
internal: true
dir: gitea/
desc: Install gitea to test cluster
cmds:
- helm dep build ./
- helm upgrade --kube-context {{.cluster_name}} --install --wait --namespace gitea --create-namespace gitea ./
scm:init:
internal: true
desc: Initialise gitea users and repositories
preconditions:
- sh: helm status -n gitea gitea --kube-context {{.cluster_name}}
msg: Gitea is not currently installed on the test cluster {{.cluster_name}}
cmds:
- for:
- '{"username": "argocd", "password": "argocd"}'
- '{"username": "flux2", "password": "flux2"}'
task: scm:create-user
vars:
username: '{{(.ITEM | mustFromJson).username | mustToJson}}'
password: '{{(.ITEM | mustFromJson).password | mustToJson}}'
- for:
- '{"owner": "argocd", "repo": "argocd", "source_path": "argocd/argocd", "description": "Repository for ArgoCD bootstrapping"}'
- '{"owner": "argocd", "repo": "cluster-addons", "source_path": "argocd/cluster-addons", "description": "Repository for an infrastructure/plattform team"}'
- '{"owner": "argocd", "repo": "team-a", "source_path": "argocd/team-a", "description": "Repository for an imaginary team A"}'
- '{"owner": "argocd", "repo": "team-b", "source_path": "argocd/team-b", "description": "Repository for an imaginary team B"}'
- '{"owner": "flux2", "repo": "flux2", "source_path": "flux2/flux2", "description": "Repository for an infrastructure/plattform team"}'
- '{"owner": "flux2", "repo": "team-a", "source_path": "flux2/team-a", "description": "Repository for an imaginary team A"}'
- '{"owner": "flux2", "repo": "team-b", "source_path": "flux2/team-b", "description": "Repository for an imaginary team B"}'
task: scm:import-repo
vars:
owner: '{{(.ITEM | mustFromJson).owner }}'
repo: '{{(.ITEM | mustFromJson).repo }}'
source_path: '{{(.ITEM | mustFromJson).source_path }}'
description: '{{(.ITEM | mustFromJson).description }}'
scm:create-user:
internal: true
desc: "Create a SCM user"
vars:
username: '{{default "" .username}}'
password: '{{default "" .password}}'
pod_name:
sh: kubectl --context {{.cluster_name}} -n gitea get po -o jsonpath='{.items[].metadata.name}' -l 'app.kubernetes.io/name=gitea'
requires:
vars:
- username
- password
cmds:
- echo "Creating user {{.username}} ..."
- |-
kubectl exec --context {{ .cluster_name }} -n gitea {{.pod_name}} -c gitea -- gitea admin user create \
--username "{{.username}}" \
--password "{{.password}}" \
--email "{{.username}}@gitea.cluster.local" \
--must-change-password=false
silent: true
scm:import-repo:
internal: true
desc: "Import a SCM repository"
vars:
owner: '{{default "" .owner}}'
repo: '{{default "" .repo}}'
description: '{{default "" .description}}'
source_path: '{{default "" .source_path}}'
pod_name:
sh: kubectl --context {{.cluster_name}} -n gitea get po -o jsonpath='{.items[].metadata.name}' -l 'app.kubernetes.io/name=gitea'
temp_dir:
# echo is used for cache busting, otherwise variable always be the same
sh: echo "{{.owner}}/{{.repo}}" > /dev/null && mktemp -d
requires:
vars:
- owner
- repo
- source_path
cmds:
- defer: rm -rf {{.temp_dir}}
- echo "Creating repository {{.owner}}/{{.repo}} ..."
- |-
kubectl exec --context {{ .cluster_name }} -n gitea {{.pod_name}} -c gitea -- curl http://localhost:3000/api/v1/admin/users/{{.owner}}/repos \
--user gitops:gitops \
-X POST \
-H "Content-Type: application/json" \
-d '{"name": "{{.repo}}", "default_branch": "main", "description": "{{.description}}", "private": true}' \
-o /dev/null \
--silent \
--fail
- echo "Preparing repository {{.owner}}/{{.repo}} for import ..."
- cp -a {{.source_path}} {{.temp_dir}}/repo
- git -C {{.temp_dir}}/repo init --initial-branch=main {{.temp_dir}}/repo
- git -C {{.temp_dir}}/repo add -A
- git -C {{.temp_dir}}/repo commit -m "Initialise {{.owner}}/{{.repo}} ..."
- git -C {{.temp_dir}}/repo config --bool core.bare true
- echo "Importing repository {{.owner}}/{{.repo}} ..."
- kubectl exec --context {{ .cluster_name }} -n gitea {{.pod_name}} -c gitea -- rm -rf /data/git/gitea-repositories/{{.owner}}/{{.repo}}.git
- kubectl cp -n gitea -c gitea {{.temp_dir}}/repo/.git {{.pod_name}}:/data/git/gitea-repositories/{{.owner}}/{{.repo}}.git
silent: true
scm:forward:
vars:
port: '{{default "8081" .port}}'
desc: Forward the gitea UI to a local port
cmds:
- kubectl port-forward service/gitea-http --context {{ .cluster_name }} -n gitea {{.port}}:http