Merge pull request #68 from wunderio/feature/pullsecrets

Add support for custom imagePullSecret and per-cluster env var overrides

Author: Rade333

cmd/ciReleaseDeploy.go

@@ -11,7 +11,8 @@ import (
 
 	"github.com/spf13/cobra"
 	"github.com/wunderio/silta-cli/internal/common"
-	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	v1core "k8s.io/api/core/v1"
+	v1meta "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/client-go/kubernetes"
 	"k8s.io/client-go/tools/clientcmd"
 )
@@ -25,6 +26,9 @@ var ciReleaseDeployCmd = &cobra.Command{
 	* Chart allows prepending extra configuration (to helm --values line) via 
 	"SILTA_<chart_name>_CONFIG_VALUES" environment variable. It has to be a 
 	base64 encoded string of a silta configuration yaml file.
+
+	* If IMAGE_PULL_SECRET is set (base64 encoded), it will be added to the 
+	release values as imagePullSecret.
 	`,
 	Run: func(cmd *cobra.Command, args []string) {
 
@@ -145,26 +149,43 @@ var ciReleaseDeployCmd = &cobra.Command{
 			chartVersionOverride = fmt.Sprintf("--version '%s'", chartVersion)
 		}
 
-		// TODO: Create namespace if it doesn't exist
-		// & tag the namespace if it isn't already tagged.
-		// TODO: Rewrite
-
-		command := fmt.Sprintf(`
-				# Deployed chart version
-				NAMESPACE='%s'
+		if !debug {
+			// Connect to the cluster
+			homeDir, err := os.UserHomeDir()
+			if err != nil {
+				log.Fatalf("cannot read user home dir")
+			}
+			kubeConfigPath := homeDir + "/.kube/config"
 
-				# Create the namespace if it doesn't exist.
-				if ! kubectl get namespace "$NAMESPACE" &>/dev/null ; then
-					kubectl create namespace "$NAMESPACE"
-				fi
+			//k8s go client init logic
+			config, err := clientcmd.BuildConfigFromFlags("", kubeConfigPath)
+			if err != nil {
+				log.Fatalf("cannot read kubeConfig from path: %s", err)
+			}
+			clientset, err := kubernetes.NewForConfig(config)
+			if err != nil {
+				log.Fatalf("cannot initialize k8s client: %s", err)
+			}
 
-				# Tag the namespace if it isn't already tagged.
-				if ! kubectl get namespace -l name=$NAMESPACE --no-headers  2>/dev/null | grep $NAMESPACE &>/dev/null ; then
-					kubectl label namespace "$NAMESPACE" "name=$NAMESPACE" --overwrite
-				fi
+			// Create namespace if it doesn't exist
+			_, err = clientset.CoreV1().Namespaces().Get(context.TODO(), namespace, v1meta.GetOptions{})
+			if err != nil {
+				_, err = clientset.CoreV1().Namespaces().Create(context.TODO(), &v1core.Namespace{
+					ObjectMeta: v1meta.ObjectMeta{
+						Name: namespace,
+					},
+				}, v1meta.CreateOptions{})
+				if err != nil {
+					log.Fatalf("cannot create namespace: %s", err)
+				}
+			}
+		}
 
-			`, namespace)
-		pipedExec(command, "", "ERROR: ", debug)
+		// Add imagePullsecret to release values if IMAGE_PULL_SECRET is set
+		imagePullSecret := os.Getenv("IMAGE_PULL_SECRET")
+		if len(imagePullSecret) > 0 {
+			helmFlags = fmt.Sprintf("%s --set imagePullSecret='%s'", helmFlags, imagePullSecret)
+		}
 
 		if !debug {
 			// Add helm repositories
@@ -180,6 +201,8 @@ var ciReleaseDeployCmd = &cobra.Command{
 			exec.Command("bash", "-c", command).Run()
 		}
 
+		command := ""
+
 		if chartName == "simple" || strings.HasSuffix(chartName, "/simple") {
 
 			if len(nginxImageUrl) == 0 {
@@ -493,6 +516,7 @@ var ciReleaseDeployCmd = &cobra.Command{
 			referenceDataOverride := ""
 			if !debug {
 
+				// Connect to the cluster
 				homeDir, err := os.UserHomeDir()
 				if err != nil {
 					log.Fatalf("cannot read user home dir")
@@ -512,7 +536,7 @@ var ciReleaseDeployCmd = &cobra.Command{
 				// PVC name can be either "*-reference-data" or "*-reference", so we need to check both
 				// Unless we parse and merge configuration yaml files, we can't know the exact name of the PVC
 				// Check all pvc's in the namespace and see if any of them match the pattern
-				pvcs, err := clientset.CoreV1().PersistentVolumeClaims(namespace).List(context.TODO(), v1.ListOptions{})
+				pvcs, err := clientset.CoreV1().PersistentVolumeClaims(namespace).List(context.TODO(), v1meta.ListOptions{})
 				if err != nil {
 					log.Fatalf("cannot get persistent volume claims: %s", err)
 				}

cmd/ciReleaseDiff.go

@@ -24,6 +24,9 @@ var ciReleaseDiffCmd = &cobra.Command{
 	* Chart allows prepending extra configuration (to helm --values line) via 
 	"SILTA_<chart_name>_CONFIG_VALUES" environment variable. It has to be a 
 	base64 encoded string of a silta configuration yaml file.
+
+	* If IMAGE_PULL_SECRET is set (base64 encoded), it will be added to the 
+	release values as imagePullSecret.
 	`,
 	Run: func(cmd *cobra.Command, args []string) {
 
@@ -131,9 +134,11 @@ var ciReleaseDiffCmd = &cobra.Command{
 			chartVersionOverride = fmt.Sprintf("--version '%s'", chartVersion)
 		}
 
-		// TODO: Create namespace if it doesn't exist
-		// & tag the namespace if it isn't already tagged.
-		// TODO: Rewrite
+		// Add imagePullsecret to release values if IMAGE_PULL_SECRET is set
+		imagePullSecret := os.Getenv("IMAGE_PULL_SECRET")
+		if len(imagePullSecret) > 0 {
+			helmFlags = fmt.Sprintf("%s --set imagePullSecret='%s'", helmFlags, imagePullSecret)
+		}
 
 		if !debug {
 			// Add helm repositories

cmd/ciReleaseList.go

@@ -0,0 +1,79 @@
+package cmd
+
+import (
+	"fmt"
+	"os"
+
+	helmclient "github.com/mittwald/go-helm-client"
+	"github.com/spf13/cobra"
+	"helm.sh/helm/v3/pkg/action"
+	_ "k8s.io/client-go/plugin/pkg/client/auth/gcp" // gcp auth provider
+
+	"text/tabwriter"
+)
+
+var ciReleaseListCmd = &cobra.Command{
+	Use:   "list",
+	Short: "List releases",
+	Run: func(cmd *cobra.Command, args []string) {
+
+		namespace, _ := cmd.Flags().GetString("namespace")
+
+		homeDir, err := os.UserHomeDir()
+		if err != nil {
+			fmt.Println("cannot read user home dir")
+			os.Exit(1)
+		}
+		kubeConfigPath := homeDir + "/.kube/config"
+
+		kubeConfig, err := os.ReadFile(kubeConfigPath)
+		if err != nil {
+			fmt.Println("cannot read kubeConfig from path")
+			os.Exit(1)
+		}
+
+		helmOptions := helmclient.Options{
+			Namespace:        namespace,
+			RepositoryCache:  "/tmp/.helmcache",
+			RepositoryConfig: "/tmp/.helmrepo",
+			Debug:            false,
+			Linting:          false, // Change this to false if you don't want linting.
+		}
+
+		//Helm client init logic
+		opt := &helmclient.KubeConfClientOptions{
+			Options:     &helmOptions,
+			KubeContext: "",
+			KubeConfig:  kubeConfig,
+		}
+
+		helmClient, err := helmclient.NewClientFromKubeConf(opt)
+		if err != nil {
+			fmt.Println("Cannot create client from kubeConfig")
+			os.Exit(1)
+		}
+
+		// List Helm releases
+		releases, err := helmClient.ListReleasesByStateMask(action.ListAll)
+		if err != nil {
+			fmt.Printf("Cannot list releases: %s\n", err)
+			os.Exit(1)
+		}
+
+		writer := tabwriter.NewWriter(os.Stdout, 0, 8, 1, '\t', tabwriter.AlignRight)
+		fmt.Fprintln(writer, "NAME\tNAMESPACE\tREVISION\tUPDATED\tSTATUS\tCHART\tAPP VERSION")
+
+		for _, release := range releases {
+			fmt.Fprintf(writer, "%s\t%s\t%d\t%s\t%s\t%s\t%s\n", release.Name, release.Namespace, release.Version, release.Info.LastDeployed.String(), release.Info.Status.String(), release.Chart.Name(), release.Chart.Metadata.Version)
+		}
+
+		writer.Flush()
+
+	},
+}
+
+func init() {
+	ciReleaseCmd.AddCommand(ciReleaseListCmd)
+
+	ciReleaseListCmd.Flags().StringP("namespace", "n", "", "Project name (namespace, i.e. \"drupal-project\")")
+}

cmd/root.go

@@ -6,6 +6,7 @@ import (
 	"log"
 	"os"
 	"os/exec"
+	"strings"
 
 	"github.com/spf13/cobra"
 	"github.com/wunderio/silta-cli/internal/common"
@@ -36,6 +37,19 @@ func init() {
 	rootCmd.PersistentFlags().BoolVar(&debug, "debug", false, "Print variables, do not execute external commands, rather print them")
 	rootCmd.PersistentFlags().BoolVar(&useEnv, "use-env", true, "Use environment variables for value assignment")
 
+	// Rewrite per-cluster environment variables
+	cluster_id := os.Getenv("SILTA_CLUSTER_ID")
+	if len(cluster_id) > 0 {
+		// iterate all environment variables, search for keys with "<${SILTA_CLUSTER_ID}>_" prefix
+		// and rewrite them to the corresponding keys without the prefix
+		for _, e := range os.Environ() {
+			pair := strings.SplitN(e, "=", 2)
+			if strings.HasPrefix(pair[0], cluster_id+"_") {
+				os.Setenv(strings.TrimPrefix(pair[0], cluster_id+"_"), pair[1])
+			}
+		}
+	}
+
 	// Load configuration
 	configStore := common.ConfigStore()
 

docs/silta.md

@@ -16,7 +16,9 @@ Silta CLI
 * [silta ci](silta_ci.md)	 - Silta CI Commands
 * [silta cloud](silta_cloud.md)	 - Kubernetes cloud related commands
 * [silta completion](silta_completion.md)	 - Generate the autocompletion script for the specified shell
+* [silta config](silta_config.md)	 - Silta configuration commands
 * [silta doc](silta_doc.md)	 - Generate menu documentation markdown
+* [silta scripts](silta_scripts.md)	 - Convenience scripts for silta
 * [silta secrets](silta_secrets.md)	 - Manage encrypted secret files
 * [silta tools](silta_tools.md)	 - CI tooling
 * [silta version](silta_version.md)	 - Silta CLI version

docs/silta_ci_release.md

@@ -25,8 +25,10 @@ silta ci release [flags]
 * [silta ci release clean-failed](silta_ci_release_clean-failed.md)	 - Clean failed releases
 * [silta ci release delete](silta_ci_release_delete.md)	 - Delete a release
 * [silta ci release deploy](silta_ci_release_deploy.md)	 - Deploy release
+* [silta ci release diff](silta_ci_release_diff.md)	 - Diff release resources
 * [silta ci release environmentname](silta_ci_release_environmentname.md)	 - Return environment name
 * [silta ci release info](silta_ci_release_info.md)	 - Print release information
+* [silta ci release list](silta_ci_release_list.md)	 - List releases
 * [silta ci release name](silta_ci_release_name.md)	 - Return release name
 * [silta ci release validate](silta_ci_release_validate.md)	 - Validate release
 * [silta ci release wakeup](silta_ci_release_wakeup.md)	 - Wake up a downscaled release

docs/silta_ci_release_delete.md

@@ -9,7 +9,7 @@ silta ci release delete [flags]
 ### Options
 
 ```
-      --delete-pvcs           Delete PVCs (default: false)
+      --delete-pvcs           Delete PVCs (default: true) (default true)
   -h, --help                  help for delete
       --namespace string      Project name (namespace, i.e. "drupal-project")
       --release-name string   Release name

docs/silta_ci_release_deploy.md

@@ -9,6 +9,9 @@ Release deployment
 	* Chart allows prepending extra configuration (to helm --values line) via 
 	"SILTA_<chart_name>_CONFIG_VALUES" environment variable. It has to be a 
 	base64 encoded string of a silta configuration yaml file.
+
+	* If IMAGE_PULL_SECRET is set (base64 encoded), it will be added to the 
+	release values as imagePullSecret.
 
 
 ```
@@ -20,7 +23,7 @@ silta ci release deploy [flags]
 ```
       --branchname string               Repository branchname that will be used for release name and environment name creation
       --chart-name string               Chart name
-      --chart-repository string         Chart repository
+      --chart-repository string         Chart repository (default "https://storage.googleapis.com/charts.wdr.io")
       --chart-version string            Deploy a specific chart version
       --cluster-domain string           Base domain for cluster urls (i.e. dev.example.com)
       --cluster-type string             Cluster type (i.e. gke, aws, aks, other)

docs/silta_ci_release_diff.md

@@ -0,0 +1,59 @@
+## silta ci release diff
+
+Diff release resources
+
+### Synopsis
+
+Release diff command is used to compare the resources of a release with the current state of the cluster.
+	
+	* Chart allows prepending extra configuration (to helm --values line) via 
+	"SILTA_<chart_name>_CONFIG_VALUES" environment variable. It has to be a 
+	base64 encoded string of a silta configuration yaml file.
+
+	* If IMAGE_PULL_SECRET is set (base64 encoded), it will be added to the 
+	release values as imagePullSecret.
+	
+
+```
+silta ci release diff [flags]
+```
+
+### Options
+
+```
+      --branchname string               Repository branchname that will be used for release name and environment name creation
+      --chart-name string               Chart name
+      --chart-repository string         Chart repository (default "https://storage.googleapis.com/charts.wdr.io")
+      --chart-version string            Diff a specific chart version
+      --cluster-domain string           Base domain for cluster urls (i.e. dev.example.com)
+      --cluster-type string             Cluster type (i.e. gke, aws, aks, other)
+      --db-root-pass string             Database password for root account
+      --db-user-pass string             Database password for user account
+      --gitauth-password string         Gitauth server password
+      --gitauth-username string         Gitauth server username
+      --helm-flags string               Extra flags for helm release
+  -h, --help                            help for diff
+      --namespace string                Project name (namespace, i.e. "drupal-project")
+      --nginx-image-url string          PHP image url
+      --php-image-url string            PHP image url
+      --release-name string             Release name
+      --release-suffix string           Release name suffix for environment name creation
+      --repository-url string           Repository url (i.e. [email protected]:wunderio/silta.git)
+      --shell-image-url string          PHP image url
+      --silta-config string             Silta release helm chart values
+      --silta-environment-name string   Environment name override based on branchname and release-suffix. Used in some helm charts.
+      --vpc-native string               VPC-native cluster (GKE specific)
+      --vpn-ip string                   VPN IP for basic auth allow list
+```
+
+### Options inherited from parent commands
+
+```
+      --debug     Print variables, do not execute external commands, rather print them
+      --use-env   Use environment variables for value assignment (default true)
+```
+
+### SEE ALSO
+
+* [silta ci release](silta_ci_release.md)	 - CI release related commands
+

docs/silta_ci_release_list.md

@@ -0,0 +1,26 @@
+## silta ci release list
+
+List releases
+
+```
+silta ci release list [flags]
+```
+
+### Options
+
+```
+  -h, --help               help for list
+  -n, --namespace string   Project name (namespace, i.e. "drupal-project")
+```
+
+### Options inherited from parent commands
+
+```
+      --debug     Print variables, do not execute external commands, rather print them
+      --use-env   Use environment variables for value assignment (default true)
+```
+
+### SEE ALSO
+
+* [silta ci release](silta_ci_release.md)	 - CI release related commands
+