-
Notifications
You must be signed in to change notification settings - Fork 23
/
Copy pathMakefile
93 lines (77 loc) · 2.9 KB
/
Makefile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
########## K1 Helper for easy management
K1_CONFIG="."
TF_CONFIG="./tf-infra" #relative from K1_CONFIG
# from K1_CONFIG location
K1_SSH_KEY="./secrets/id_rsa"
K1_CRED_FILE="./secrets/credentials.kubermatic.yml"
K1_CRED_FLAG=-c ${K1_CRED_FILE}
K1_KUBECONFIG?=k1-kubeconfig
K1_EXTRA_ARG?=""
#K1_EXTRA_ARG?="--force-upgrade"
##### GENERIC
CLOUD_CREDENTIALS_ENV_FILE="./secret/cloud_env.sh"
include ${CLOUD_CREDENTIALS_ENV_FILE}
export
##### VSPHERE
#VSPHERE_USER_CRED_FILE=./secrets/vsphere_cred_user.sh
#include ${VSPHERE_USER_CRED_FILE}
#### sometimes needed if "special characters in password or username is used
##VSPHERE_USER_CRED_FILE_OVERWRITE=./secrets/vsphere_cred_user.makefile.overwrite.env
##include ${VSPHERE_USER_CRED_FILE_OVERWRITE}
#export
######### KubeOne
k1-load-env:
@test -d ${K1_CONFIG} && echo "[ok]" && echo "kubeone config folder found " || exit 1
@cd ${K1_CONFIG} && test -f ${K1_SSH_KEY} && chmod 600 ${K1_SSH_KEY} && ssh-add ${K1_SSH_KEY} && echo "[ok] "|| (echo "ERROR: ssh key permission ..." && exit 2)
### store kubeone version
kubeone version > ${K1_CONFIG}/kubeone.version.json
##### CHECK for vSphere user credentials
#ifdef GOVC_USERNAME
# @echo "VSphere UserName sourced is: ${GOVC_USERNAME}"
#else
# @echo "ERROR: Please source vSphere user details are present!" && exit 3
#endif
k1-tf-init:
cd ${K1_CONFIG} && cd ${TF_CONFIG} && \
terraform init
k1-tf-apply: k1-load-env k1-tf-init
cd ${K1_CONFIG} && cd ${TF_CONFIG} && \
terraform apply
k1-tf-destroy: k1-load-env
cd ${K1_CONFIG} && cd ${TF_CONFIG} && \
terraform destroy
k1-tf-refresh: k1-load-env
cd ${K1_CONFIG} && cd ${TF_CONFIG} && \
terraform refresh
k1-tf-output: k1-load-env
cd ${K1_CONFIG} && cd ${TF_CONFIG} && \
terraform output
k1-apply:k1-load-env
cd ${K1_CONFIG} && \
kubeone ${K1_CRED_FLAG} apply -m kubeone.yaml -t ${TF_CONFIG} --verbose ${K1_EXTRA_ARG}
make k1-apply-md
k1-reset: k1-load-env
cd ${K1_CONFIG} && \
kubeone ${K1_CRED_FLAG} reset -m kubeone.yaml -t ${TF_CONFIG} --verbose ${K1_EXTRA_ARG}
k1-apply-md: k1-load-env k1-kubeconfig
kubectl apply --kubeconfig ${K1_KUBECONFIG} -f ${K1_CONFIG}/machines
k1-kubeconfig: k1-load-env
cd ${K1_CONFIG} && \
kubeone ${K1_CRED_FLAG} kubeconfig -m kubeone.yaml -t ${TF_CONFIG} > ${K1_KUBECONFIG}
######## VAULT
VAULT_ADDR="https://vault.example.com"
VAULT_ENGINE_PATH="project-kv-engine/k1.example.com"
VAULT_LOCAL="../secrets"
VAULT_SCRIPT="../vault/vault-kv-management.sh"
OIDC_PATH=TODO
vault-upload:
VAULT_ADDR=${VAULT_ADDR} VAULT_ENGINE_PATH=${VAULT_ENGINE_PATH} LOCAL="${VAULT_LOCAL}" \
${VAULT_SCRIPT} --upload
vault-download:
VAULT_ADDR=${VAULT_ADDR} VAULT_ENGINE_PATH=${VAULT_ENGINE_PATH} LOCAL="${VAULT_LOCAL}" \
${VAULT_SCRIPT}
vault-login-user:
@read -p "Enter vault username:" user; \
VAULT_ADDR=${VAULT_ADDR} vault login -method=userpass username=$$user
vault-login:
VAULT_ADDR=${VAULT_ADDR} vault login --method=oidc --path=$OIDC_PATH