npm - @catladder/cli - Versions diffs - 1.15.0 → 1.15.1 - Mend

@catladder/cli 1.15.0 → 1.15.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (21) hide show

package/dist/apps/cli/commands/project/setup/setupKubernetes.js ADDED Viewed

@@ -0,0 +1,132 @@
+"use strict";
+var __makeTemplateObject = (this && this.__makeTemplateObject) || function (cooked, raw) {
+    if (Object.defineProperty) { Object.defineProperty(cooked, "raw", { value: raw }); } else { cooked.raw = raw; }
+    return cooked;
+};
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+var __generator = (this && this.__generator) || function (thisArg, body) {
+    var _ = { label: 0, sent: function() { if (t[0] & 1) throw t[1]; return t[1]; }, trys: [], ops: [] }, f, y, t, g;
+    return g = { next: verb(0), "throw": verb(1), "return": verb(2) }, typeof Symbol === "function" && (g[Symbol.iterator] = function() { return this; }), g;
+    function verb(n) { return function (v) { return step([n, v]); }; }
+    function step(op) {
+        if (f) throw new TypeError("Generator is already executing.");
+        while (_) try {
+            if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
+            if (y = 0, t) op = [op[0] & 2, t.value];
+            switch (op[0]) {
+                case 0: case 1: t = op; break;
+                case 4: _.label++; return { value: op[1], done: false };
+                case 5: _.label++; y = op[1]; op = [0]; continue;
+                case 7: op = _.ops.pop(); _.trys.pop(); continue;
+                default:
+                    if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) { _ = 0; continue; }
+                    if (op[0] === 3 && (!t || (op[1] > t[0] && op[1] < t[3]))) { _.label = op[1]; break; }
+                    if (op[0] === 6 && _.label < t[1]) { _.label = t[1]; t = op; break; }
+                    if (t && _.label < t[2]) { _.label = t[2]; _.ops.push(op); break; }
+                    if (t[2]) _.ops.pop();
+                    _.trys.pop(); continue;
+            }
+            op = body.call(thisArg, _);
+        } catch (e) { op = [6, e]; y = 0; } finally { f = t = 0; }
+        if (op[0] & 5) throw op[1]; return { value: op[0] ? op[1] : void 0, done: true };
+    }
+};
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+exports.__esModule = true;
+exports.setupKubernetes = void 0;
+var pipeline_1 = require("@catladder/pipeline");
+var zx_1 = require("zx");
+var cluster_1 = require("../../../../../utils/cluster");
+var gitlab_1 = require("../../../../../utils/gitlab");
+var ensureNamespace_1 = __importDefault(require("../utils/ensureNamespace"));
+var setupKubernetes = function (instance, context) { return __awaiter(void 0, void 0, void 0, function () {
+    var deployConfig, fullName, namespace, serviceAccountName, KUBE_URL, e_1, tokenName, KUBE_CA_PEM, KUBE_TOKEN, vars;
+    return __generator(this, function (_a) {
+        switch (_a.label) {
+            case 0:
+                deployConfig = context.componentConfig.deploy;
+                if (!(0, pipeline_1.isOfDeployType)(deployConfig, "kubernetes")) {
+                    throw new Error("cannot run setupKubernetes on non-kubernetes deployments");
+                }
+                fullName = (0, pipeline_1.getFullKubernetesClusterName)(deployConfig.cluster);
+                instance.log("cluster: ".concat(fullName));
+                return [4 /*yield*/, (0, cluster_1.connectToCluster)(fullName)];
+            case 1:
+                _a.sent();
+                instance.log("");
+                instance.log("ensuring namespace ...");
+                return [4 /*yield*/, (0, ensureNamespace_1["default"])(context)];
+            case 2:
+                namespace = _a.sent();
+                instance.log("Namespace " + namespace + " created / updated!");
+                instance.log("");
+                //$.verbose = true;
+                // we name the service account and the role and the role binding with the same name
+                // we currently create one per component to better separate them
+                instance.log("ensuring service accounts...");
+                serviceAccountName = "cl-".concat(context.componentName, "-deploy");
+                return [4 /*yield*/, (0, zx_1.$)(templateObject_1 || (templateObject_1 = __makeTemplateObject(["TERM=dumb kubectl cluster-info | grep -E 'Kubernetes master|Kubernetes control plane' | awk '/http/ {print $NF}'"], ["TERM=dumb kubectl cluster-info | grep -E 'Kubernetes master|Kubernetes control plane' | awk '/http/ {print $NF}'"]))).then(function (s) { return s.stdout.trim(); })];
+            case 3:
+                KUBE_URL = _a.sent();
+                _a.label = 4;
+            case 4:
+                _a.trys.push([4, 8, , 9]);
+                return [4 /*yield*/, (0, zx_1.$)(templateObject_2 || (templateObject_2 = __makeTemplateObject(["kubectl delete serviceaccount --namespace ", " ", ""], ["kubectl delete serviceaccount --namespace ", " ", ""])), namespace, serviceAccountName)];
+            case 5:
+                _a.sent();
+                return [4 /*yield*/, (0, zx_1.$)(templateObject_3 || (templateObject_3 = __makeTemplateObject(["kubectl delete rolebinding --namespace ", " ", ""], ["kubectl delete rolebinding --namespace ", " ", ""])), namespace, serviceAccountName)];
+            case 6:
+                _a.sent();
+                return [4 /*yield*/, (0, zx_1.$)(templateObject_4 || (templateObject_4 = __makeTemplateObject(["kubectl delete role --namespace ", " ", ""], ["kubectl delete role --namespace ", " ", ""])), namespace, serviceAccountName)];
+            case 7:
+                _a.sent();
+                return [3 /*break*/, 9];
+            case 8:
+                e_1 = _a.sent();
+                return [3 /*break*/, 9];
+            case 9: return [4 /*yield*/, (0, zx_1.$)(templateObject_5 || (templateObject_5 = __makeTemplateObject(["kubectl create serviceaccount --namespace ", " ", ""], ["kubectl create serviceaccount --namespace ", " ", ""])), namespace, serviceAccountName)];
+            case 10:
+                _a.sent();
+                // upsert role in the ns
+                return [4 /*yield*/, (0, zx_1.$)(templateObject_6 || (templateObject_6 = __makeTemplateObject(["cat <<EOF | kubectl apply -f -\nkind: Role\napiVersion: rbac.authorization.k8s.io/v1\nmetadata:\n  namespace: ", "\n  name: ", "\nrules:\n- apiGroups: [\"\", \"extensions\", \"apps\", \"networking.k8s.io\", \"batch\"]\n  resources: [\"deployments\", \"replicasets\", \"statefulsets\", \"pods\", \"secrets\", \"configmaps\", \"services\", \"ingresses\", \"serviceaccounts\", \"jobs\", \"cronjobs\"]\n  verbs: [\"get\", \"list\", \"watch\", \"create\", \"update\", \"patch\", \"delete\"] # You can also use [\"*\"]\n---\nkind: RoleBinding\napiVersion: rbac.authorization.k8s.io/v1\nmetadata:\n  name: ", "\n  namespace: ", "\nsubjects:\n  - kind: ServiceAccount\n    name: ", "\n    namespace:  ", "\nroleRef:\n  kind: Role\n  name: ", "\n  apiGroup: rbac.authorization.k8s.io\nEOF\n"], ["cat <<EOF | kubectl apply -f -\nkind: Role\napiVersion: rbac.authorization.k8s.io/v1\nmetadata:\n  namespace: ", "\n  name: ", "\nrules:\n- apiGroups: [\"\", \"extensions\", \"apps\", \"networking.k8s.io\", \"batch\"]\n  resources: [\"deployments\", \"replicasets\", \"statefulsets\", \"pods\", \"secrets\", \"configmaps\", \"services\", \"ingresses\", \"serviceaccounts\", \"jobs\", \"cronjobs\"]\n  verbs: [\"get\", \"list\", \"watch\", \"create\", \"update\", \"patch\", \"delete\"] # You can also use [\"*\"]\n---\nkind: RoleBinding\napiVersion: rbac.authorization.k8s.io/v1\nmetadata:\n  name: ", "\n  namespace: ", "\nsubjects:\n  - kind: ServiceAccount\n    name: ", "\n    namespace:  ", "\nroleRef:\n  kind: Role\n  name: ", "\n  apiGroup: rbac.authorization.k8s.io\nEOF\n"])), namespace, serviceAccountName, serviceAccountName, namespace, serviceAccountName, namespace, serviceAccountName)];
+            case 11:
+                // upsert role in the ns
+                _a.sent();
+                return [4 /*yield*/, (0, zx_1.$)(templateObject_7 || (templateObject_7 = __makeTemplateObject(["kubectl get serviceaccount --namespace ", " ", " -o jsonpath='{.secrets[0].name}'"], ["kubectl get serviceaccount --namespace ", " ", " -o jsonpath='{.secrets[0].name}'"])), namespace, serviceAccountName)];
+            case 12:
+                tokenName = _a.sent();
+                return [4 /*yield*/, (0, zx_1.$)(templateObject_8 || (templateObject_8 = __makeTemplateObject(["kubectl get secret ", " --namespace ", " -o jsonpath=\"{['data']['ca\\.crt']}\""], ["kubectl get secret ", " --namespace ", " -o jsonpath=\"{['data']['ca\\\\.crt']}\""])), tokenName, namespace).then(function (c) { return c.stdout.trim(); })];
+            case 13:
+                KUBE_CA_PEM = _a.sent();
+                return [4 /*yield*/, (0, zx_1.$)(templateObject_9 || (templateObject_9 = __makeTemplateObject(["kubectl get secret ", " --namespace ", " -o jsonpath=\"{['data']['token']}\" | base64 --decode"], ["kubectl get secret ", " --namespace ", " -o jsonpath=\"{['data']['token']}\" | base64 --decode"])), tokenName, namespace).then(function (c) { return c.stdout.trim(); })];
+            case 14:
+                KUBE_TOKEN = _a.sent();
+                vars = {
+                    KUBE_TOKEN: KUBE_TOKEN,
+                    KUBE_CA_PEM: KUBE_CA_PEM,
+                    KUBE_URL: KUBE_URL
+                };
+                instance.log("service accounts created / updated!");
+                instance.log("");
+                instance.log("pusing secrets to gitlab...");
+                return [4 /*yield*/, (0, gitlab_1.upsertAllVariables)(instance, vars, context.environment.shortName, context.componentName)];
+            case 15:
+                _a.sent();
+                instance.log("done!");
+                return [2 /*return*/];
+        }
+    });
+}); };
+exports.setupKubernetes = setupKubernetes;
+var templateObject_1, templateObject_2, templateObject_3, templateObject_4, templateObject_5, templateObject_6, templateObject_7, templateObject_8, templateObject_9;
+//# sourceMappingURL=setupKubernetes.js.map

package/dist/apps/cli/commands/project/setup/setupKubernetes.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"setupKubernetes.js","sourceRoot":"","sources":["../../../../../../src/apps/cli/commands/project/setup/setupKubernetes.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,gDAI6B;AAE7B,yBAAuB;AACvB,wDAAgE;AAChE,sDAAiE;AACjE,6EAAuD;AAEhD,IAAM,eAAe,GAAG,UAC7B,QAAyB,EACzB,OAAgB;;;;;gBAEV,YAAY,GAAG,OAAO,CAAC,eAAe,CAAC,MAAM,CAAC;gBACpD,IAAI,CAAC,IAAA,yBAAc,EAAC,YAAY,EAAE,YAAY,CAAC,EAAE;oBAC/C,MAAM,IAAI,KAAK,CAAC,0DAA0D,CAAC,CAAC;iBAC7E;gBAEK,QAAQ,GAAG,IAAA,uCAA4B,EAAC,YAAY,CAAC,OAAO,CAAC,CAAC;gBACpE,QAAQ,CAAC,GAAG,CAAC,mBAAY,QAAQ,CAAE,CAAC,CAAC;gBAErC,qBAAM,IAAA,0BAAgB,EAAC,QAAQ,CAAC,EAAA;;gBAAhC,SAAgC,CAAC;gBACjC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;gBACjB,QAAQ,CAAC,GAAG,CAAC,wBAAwB,CAAC,CAAC;gBACrB,qBAAM,IAAA,4BAAe,EAAC,OAAO,CAAC,EAAA;;gBAA1C,SAAS,GAAG,SAA8B;gBAChD,QAAQ,CAAC,GAAG,CAAC,YAAY,GAAG,SAAS,GAAG,qBAAqB,CAAC,CAAC;gBAC/D,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;gBACjB,mBAAmB;gBAEnB,mFAAmF;gBACnF,gEAAgE;gBAChE,QAAQ,CAAC,GAAG,CAAC,8BAA8B,CAAC,CAAC;gBACvC,kBAAkB,GAAG,aAAM,OAAO,CAAC,aAAa,YAAS,CAAC;gBAE9D,qBAAM,IAAA,MAAC,sLAAA,kHAAkH,KAAC,IAAI,CAC5H,UAAC,CAAC,IAAK,OAAA,CAAC,CAAC,MAAM,CAAC,IAAI,EAAE,EAAf,CAAe,CACvB,EAAA;;gBAHG,QAAQ,GACZ,SAEC;;;;gBAID,yBAAM,MAAC,yHAAA,4CAA6C,EAAS,GAAI,EAAkB,EAAE,KAAjC,SAAS,EAAI,kBAAkB,GAAE;;gBAArF,SAAqF,CAAC;gBACtF,yBAAM,MAAC,sHAAA,yCAA0C,EAAS,GAAI,EAAkB,EAAE,KAAjC,SAAS,EAAI,kBAAkB,GAAE;;gBAAlF,SAAkF,CAAC;gBACnF,yBAAM,MAAC,+GAAA,kCAAmC,EAAS,GAAI,EAAkB,EAAE,KAAjC,SAAS,EAAI,kBAAkB,GAAE;;gBAA3E,SAA2E,CAAC;;;;;oBAK9E,yBAAM,MAAC,yHAAA,4CAA6C,EAAS,GAAI,EAAkB,EAAE,KAAjC,SAAS,EAAI,kBAAkB,GAAE;;gBAArF,SAAqF,CAAC;gBAEtF,wBAAwB;gBAExB,yBAAM,MAAC,m1BAAA,gHAIM,EAAS,YACd,EAAkB,ydASlB,EAAkB,iBACb,EAAS,mDAGZ,EAAkB,oBACZ,EAAS,oCAGjB,EAAkB,gDAG3B,KArBc,SAAS,EACd,kBAAkB,EASlB,kBAAkB,EACb,SAAS,EAGZ,kBAAkB,EACZ,SAAS,EAGjB,kBAAkB,GAG3B;;gBA3BC,wBAAwB;gBAExB,SAyBD,CAAC;gBAIE,yBAAM,MAAC,uJAAA,yCAA0C,EAAS,GAAI,EAAkB,mCAAmC,KAAlE,SAAS,EAAI,kBAAkB,GAAmC;;gBAD/G,SAAS,GACb,SAAmH;gBAGnH,qBAAM,IAAA,MAAC,qJAAA,qBAAsB,EAAS,eAAgB,EAAS,2CAAuC,KAAzE,SAAS,EAAgB,SAAS,EAAwC,IAAI,CACzG,UAAC,CAAC,IAAK,OAAA,CAAC,CAAC,MAAM,CAAC,IAAI,EAAE,EAAf,CAAe,CACvB,EAAA;;gBAHG,WAAW,GACf,SAEC;gBAED,qBAAM,IAAA,MAAC,oKAAA,qBAAsB,EAAS,eAAgB,EAAS,wDAAsD,KAAxF,SAAS,EAAgB,SAAS,EAAuD,IAAI,CACxH,UAAC,CAAC,IAAK,OAAA,CAAC,CAAC,MAAM,CAAC,IAAI,EAAE,EAAf,CAAe,CACvB,EAAA;;gBAHG,UAAU,GACd,SAEC;gBAEG,IAAI,GAAG;oBACX,UAAU,YAAA;oBACV,WAAW,aAAA;oBACX,QAAQ,UAAA;iBACT,CAAC;gBAEF,QAAQ,CAAC,GAAG,CAAC,qCAAqC,CAAC,CAAC;gBAEpD,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;gBACjB,QAAQ,CAAC,GAAG,CAAC,6BAA6B,CAAC,CAAC;gBAE5C,qBAAM,IAAA,2BAAkB,EACtB,QAAQ,EACR,IAAI,EACJ,OAAO,CAAC,WAAW,CAAC,SAAS,EAC7B,OAAO,CAAC,aAAa,CACtB,EAAA;;gBALD,SAKC,CAAC;gBACF,QAAQ,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;;;;KACvB,CAAC;AApGW,QAAA,eAAe,mBAoG1B"}