-
Notifications
You must be signed in to change notification settings - Fork 2
/
deploy.sh
executable file
·78 lines (61 loc) · 2.95 KB
/
deploy.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
#!/bin/bash
OPENSHIFT_PROJECT_NAME="shepherd"
# Password for the mysql server.
SUPER_SECRET_PASSWORD=super-secret-password
# Path to ssh key with no passphrase.
: ${BUILD_KEY:=$HOME/.ssh/id_rsa}
# Are we logged in.
if [ ! $(oc whoami) ]; then
# Prompt for login.
oc login
fi
if ! oc get projects | grep -q ${OPENSHIFT_PROJECT_NAME}; then
oc new-project ${OPENSHIFT_PROJECT_NAME}
fi
# Setup a new mysql server, expose it and group the services.
# This is for development environments only. Don't use this in production!
if ! oc get svc | grep -q mysql; then
oc new-app mariadb MYSQL_ROOT_PASSWORD=${SUPER_SECRET_PASSWORD} -l db=shepherd
oc expose dc mariadb --type=LoadBalancer --name=mysql-external
oc annotate svc mysql-external "service.alpha.openshift.io/dependencies=[{\"name\": \"mariadb\", \"kind\": \"Service\"}]"
fi
# Setup the database password in an OpenShift secret.
if ! oc get secret | grep -q privileged-db-password; then
oc create secret generic privileged-db-password --from-literal=DATABASE_PASSWORD=${SUPER_SECRET_PASSWORD}
fi
# Create the build key secret
# Add local ssh key as build-key secret if it exists and has no passphrase.
if ! oc get secret | grep -q build-key && [ -f ${BUILD_KEY} ] && ! grep -q ENCRYPTED ${BUILD_KEY}; then
oc create secret generic build-key --from-file=ssh-privatekey=${BUILD_KEY}
fi
# Create a permanent token that shepherd can use to talk to OpenShift.
if ! oc get serviceaccount | grep -q shepherd; then
oc create serviceaccount shepherd
oc policy add-role-to-user admin system:serviceaccount:shepherd:shepherd
oc create clusterrole ark-backups --verb=get,list,create,update,delete --resource=backups,restores,schedules,syncs
oc adm policy add-cluster-role-to-user ark-backups --serviceaccount=shepherd
fi
# Retrieve the service account token
SERVICE_ACCOUNT=$(oc describe serviceaccount shepherd | grep Token | awk '{ print $2 }')
# This TOKEN is used for Auth in Shepherd to OpenShift
TOKEN=$(oc describe secret ${SERVICE_ACCOUNT} | grep "token:" | awk '{ print $2 }')
oc logout
# login as system user
oc login -u system:admin
oc project openshift
OC_DOCKER_REGISTRY_IP=$(oc get is | tail -n1 | awk '{print $2}' | awk -F '/' '{print $1}')
oc logout
# log back in as user
oc login
oc project ${OPENSHIFT_PROJECT_NAME}
oc process -f ./openshift-config/shepherd-openshift.yml -p SHEPHERD_INSTALL_PROFILE=shepherd | oc create -f -
OPENSHIFT_IP=$(oc status | grep 'server https' | sed 's/.*https:\/\/\([0-9a-z\.]*\).*/\1/')
OPENSHIFT_DOMAIN="${OPENSHIFT_IP}.nip.io"
DB_HOST="mysql-shepherd.${OPENSHIFT_DOMAIN}"
DB_PORT=$(oc get service mysql-external --no-headers | sed 's/.*:\([0-9]*\).*/\1/')
export TOKEN;
export DB_HOST
export DB_PORT
echo "Shepherd is now deploying on openshift."
echo "Please configure shepherd's orchestration provider and database provisioner. TOKEN, DB_HOST and DB_PORT have been exported."
echo "Once shepherd has been installed create the cronjob from shepherd-openshift-cronjob.yml"