-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathgke-deploy.sh
executable file
·73 lines (60 loc) · 3.07 KB
/
gke-deploy.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
#!/usr/bin/env bash
# This script illustrates how to deploy to GKE staging environment using mpdev
# pwd should be /your/path/to/virtru-public
# Reference: https://docs-development.preprod.virtru.com/gcp/gcr/
# Prerequisite: install Application CRD
# kubectl apply -f "https://raw.githubusercontent.com/GoogleCloudPlatform/marketplace-k8s-app-tools/master/crd/app-crd.yaml"
# Prerequisite: connect to GKE if you want to deploy there.
# gcloud container clusters get-credentials marketplace-gateway --region us-central-1 --region us-central1-a
# Authenticate gcloud with your Google account:
# gcloud auth login
# (Follow login prompts in the web browser)
# Then apply Google auth to docker:
# gcloud auth configure-docker
set -eu
cd chart/gateway
helm dependency update
cd -
if [[ "${ENVIRONMENT:-}" = 'production' ]]; then
export REGISTRY=gcr.io/virtru-public/gateway;
printf 'Deploying to production. Using registry [%s]\n' $REGISTRY
else
export REGISTRY=gcr.io/virtru-public/staging/gateway;
printf 'Deploying to staging. Using registry [%s]\n' $REGISTRY
fi
SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )"
VERSION="$(< "${SCRIPT_DIR}/VERSION" )"
export TAG="${VERSION}";
export DEPLOYER_VERSION="$(echo "${VERSION}" | cut -d'.' -f 1-2)";
printf 'Using container tag = [%s] and deployer version = [%s]\n' $TAG $DEPLOYER_VERSION
docker build --no-cache --platform linux/amd64 --build-arg TAG=$TAG --build-arg REGISTRY=$REGISTRY \
-t "${REGISTRY}/deployer:${DEPLOYER_VERSION}" -f dev.Dockerfile "${SCRIPT_DIR}"
docker push "${REGISTRY}/deployer:${DEPLOYER_VERSION}"
# reportingSecret:
# To actually report to the real Google ServiceControlEndpoint use "gateway-reportingsecret"
# To make sure not to bill, use "gs://cloud-marketplace-tools/reporting_secrets/fake_reporting_secret.yaml"}'
parameters=$(cat <<virtruparams
{
"name": "gateway",
"namespace": "virtru",
"gatewayHostname": "gateway-development.virtru.com",
"gatewayApiTokenName": "token",
"gatewayApiSecret": "mysecret",
"numberOfLicenses":"10",
"primaryMailingDomain":"virtru.example.com",
"reportingSecret":"gs://cloud-marketplace-tools/reporting_secrets/fake_reporting_secret.yaml",
"cse.appSecrets.hmac.tokenId":"my-hmac-token-id",
"cse.appSecrets.hmac.tokenSecret":"my-hmac-token-secret",
"cse.appSecrets.secretKey":"my-cse-secret-key",
"cse.appSecrets.ssl.certificate":"my-base64-ssl-certificate",
"cse.appSecrets.ssl.privateKey":"my-base64-ssl-private-key",
"cse.appConfig.jwksAuthzIssuers":"eyAidmlydHJ1LXRlc3QiOiAiaHR0cDovL2p3dC5kZWZhdWx0LnN2Yy5jbHVzdGVyLmxvY2FsL2p3ay5qc29uIiB9Cg==",
"cse.appConfig.jwksAuthnIssuers":"eyAidmlydHJ1LXRlc3QiOiAiaHR0cDovL2p3dC5kZWZhdWx0LnN2Yy5jbHVzdGVyLmxvY2FsL2p3ay5qc29uIiB9Cg==",
"cse.appConfig.jwtAud":"eyJhdXRobiI6InZpcnRydS10ZXN0IiwiYXV0aHoiOiJ2aXJ0cnUtdGVzdCJ9Cg==",
"cse.appConfig.jwtKaclsUrl":"http://cse.virtru.svc.cluster.local",
"cse.ingress.host":"cse.virtru.svc.cluster.local"
}
virtruparams
)
# mpdev install to install, mpdev verify to test
mpdev install --deployer="${REGISTRY}/deployer:${DEPLOYER_VERSION}" --parameters="${parameters}"