Updated scripts to use whoami instead of always needing to pass it as a param

infrastructure/setup/GitRepoSync.yaml.templ

@@ -0,0 +1,13 @@
+---
+apiVersion: source.toolkit.fluxcd.io/v1
+kind: GitRepository
+metadata:
+  name: k8s-infrastructure
+  namespace: kube-system
+spec:
+  interval: 1m0s
+  ref:
+    branch: main
+  url: https://github.com/{{CLUSTER_NAME}}/k8s-infrastructure.git
+  ignore: |
+    clusters/**/apps/values/

infrastructure/setup/KubeSystem.yaml

@@ -0,0 +1,20 @@
+apiVersion: kustomize.toolkit.fluxcd.io/v1
+kind: Kustomization
+metadata:
+  name: kube-system
+  namespace: kube-system
+spec:
+  dependsOn:
+    - name: sealed-secret
+  interval: 10m0s
+  path: ./infrastructure/kube-system/
+  prune: true
+  sourceRef:
+    kind: GitRepository
+    name: k8s-infrastructure
+    namespace: kube-system
+  postBuild:
+    substituteFrom:
+      - kind: Secret
+        name: secrets
+        optional: true

infrastructure/setup/change-branch.sh

@@ -0,0 +1,20 @@
+#!/usr/bin/env bash
+
+# The directory where this script is located
+SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )"
+source "$SCRIPT_DIR/requirements.sh"
+
+# Get the current branch name
+CURRENT_BRANCH=$(git rev-parse --abbrev-ref HEAD)
+
+# Check if the current branch exists on the remote
+if ! git ls-remote --exit-code origin "$CURRENT_BRANCH" &> /dev/null; then
+  message "Branch $CURRENT_BRANCH does not exist on the remote. Pushing..."
+  git push --set-upstream origin "$CURRENT_BRANCH"
+fi
+
+message "Changing branch to $(git branch --show-current)"
+< "$SCRIPT_DIR"/GitRepoSync.yaml.templ sed "s/{{CLUSTER_NAME}}/$CLUSTER_NAME/g" | sed "s/main/$(git branch --show-current)/g" | kubectl apply -f -
+
+message "Reconciling..."
+flux reconcile kustomization --with-source kube-system -n kube-system && flux reconcile kustomization gandazgul -n kube-system

infrastructure/setup/configure-cluster.sh

@@ -1,52 +1,41 @@
 #!/usr/bin/env bash
 
-set -e
-
-# check if have the cluster name
-if [ -z ${1+x} ]; then
-  echo "Make sure to pass in a cluster name like this: configure-cluster.sh [name here]"
-  exit 1
-fi
-
+# The directory where this script is located
 SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )"
-CLUSTER_NAME=$1
-REPO_ROOT=$(git rev-parse --show-toplevel)
-
 source "$SCRIPT_DIR/requirements.sh"
 
-# Seal main secrets file
+# Seal main secrets file with SealedSecrets
 message "Generating $CLUSTER_NAME secret..."
-rm -rf "./clusters/$CLUSTER_NAME/sealed-secret/SealedSecret.yaml"
-kubectl create secret generic secrets --dry-run=client --namespace=kube-system --from-env-file="./clusters/$CLUSTER_NAME/secrets.env" -o json |
+rm -rf "$REPO_ROOT/clusters/$CLUSTER_NAME/sealed-secret/SealedSecret.yaml"
+kubectl create secret generic secrets --dry-run=client --namespace=kube-system --from-env-file="$REPO_ROOT/clusters/$CLUSTER_NAME/secrets.env" -o json |
   jq '.metadata.annotations |= { "reflector.v1.k8s.emberstack.com/reflection-auto-enabled": "true", "reflector.v1.k8s.emberstack.com/reflection-allowed": "true", "reflector.v1.k8s.emberstack.com/reflection-allowed-namespaces": "default" }' |
-  kubeseal -o yaml > "./clusters/$CLUSTER_NAME/sealed-secret/SealedSecret.yaml"
+  kubeseal -o yaml > "$REPO_ROOT/clusters/$CLUSTER_NAME/sealed-secret/SealedSecret.yaml"
 
-kubectl apply -f "./clusters/$CLUSTER_NAME/sealed-secret/SealedSecret.yaml"
+# apply the sealed secret
+kubectl apply -f "$REPO_ROOT/clusters/$CLUSTER_NAME/sealed-secret/SealedSecret.yaml"
 
-# Create a kustomization for the cluster's Secrets so that apps can depend on it
-template=$(sed "s/{{CLUSTER_NAME}}/$CLUSTER_NAME/g" <"$REPO_ROOT"/infrastructure/setup/SealedSecretsKustomization.yaml.templ)
-# apply the yml with the substituted value
-echo "$template" | kubectl apply -f -
+# Create a Kustomization for the cluster's Secrets so that apps can depend on it
+echo "$(sed "s/{{CLUSTER_NAME}}/$CLUSTER_NAME/g" <"$SCRIPT_DIR"/SealedSecretsKustomization.yaml.templ)" | kubectl apply -f -
 
 # Create value/yaml secrets
 message "Generating $CLUSTER_NAME app secrets from values..."
-rm -rf "./clusters/$CLUSTER_NAME/apps/secrets/"
-mkdir "./clusters/$CLUSTER_NAME/apps/secrets/"
-cat <<EOT >> "./clusters/$CLUSTER_NAME/apps/secrets/kustomization.yaml"
+rm -rf "$REPO_ROOT/clusters/$CLUSTER_NAME/apps/secrets/"
+mkdir "$REPO_ROOT/clusters/$CLUSTER_NAME/apps/secrets/"
+cat <<EOT >> "$REPO_ROOT/clusters/$CLUSTER_NAME/apps/secrets/kustomization.yaml"
 ---
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
 EOT
 
-for f in ./clusters/"$CLUSTER_NAME"/apps/values/*.yaml; do
+for f in "$REPO_ROOT"/clusters/"$CLUSTER_NAME"/apps/values/*.yaml; do
   echo "Generating secrets from values file: $f..."
   basename=$(basename "$f" .yaml)
-  kubectl -n default create secret generic "${basename}" --dry-run=client --from-file=values.yaml="${f}" -o yaml >"./clusters/$CLUSTER_NAME/apps/secrets/${basename}.yaml"
-  echo "- ${basename}.yaml" >> "./clusters/$CLUSTER_NAME/apps/secrets/kustomization.yaml"
+  kubectl -n default create secret generic "${basename}" --dry-run=client --from-file=values.yaml="${f}" -o yaml >"$REPO_ROOT/clusters/$CLUSTER_NAME/apps/secrets/${basename}.yaml"
+  echo "- ${basename}.yaml" >> "$REPO_ROOT/clusters/$CLUSTER_NAME/apps/secrets/kustomization.yaml"
 done
 
 message "Installing $CLUSTER_NAME configs..."
-kubectl apply -f "./clusters/$CLUSTER_NAME/ClusterKustomization.yaml"
+kubectl apply -f "$REPO_ROOT/clusters/$CLUSTER_NAME/ClusterKustomization.yaml"
 
 message "Done configuring $CLUSTER_NAME's cluster"

infrastructure/setup/install-flux.sh

@@ -1,16 +1,7 @@
 #!/usr/bin/env bash
 
-# check if have the cluster name
-if [ -z ${1+x} ]; then
-  echo "Make sure to pass in a cluster name like this: install-flux.sh [name here]"
-  exit 1
-fi
-
-CLUSTER_NAME=$1
-REPO_ROOT=$(git rev-parse --show-toplevel)
-
-# Check that all required binaries are installed
-SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" &>/dev/null && pwd)"
+# The directory where this script is located
+SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )"
 source "$SCRIPT_DIR/requirements.sh"
 
 ######################## Install Flux ###################################
@@ -43,13 +34,13 @@ if ! flux install --components-extra=image-reflector-controller,image-automation
 fi
 
 message "Installing the Git Repo Source"
-if ! kubectl apply -f "$REPO_ROOT"/infrastructure/setup/GitRepoSync.yaml; then
+if ! echo "$(sed "s/{{CLUSTER_NAME}}/$CLUSTER_NAME/g" <"$REPO_ROOT"/infrastructure/setup/GitRepoSync.yaml.templ)" | kubectl apply -f -; then
   echo -e "Flux did not install correctly, aborting!"
   exit 1
 fi
 
-message "Installing Sealed Secrets"
-if ! kubectl apply -f "$REPO_ROOT"/infrastructure/kube-system/SealedSecretsController.yaml; then
+message "Installing KubeSystem Kustomization, includes Sealed Secrets"
+if ! kubectl apply -f "$REPO_ROOT"/infrastructure/setup/KubeSystem.yaml; then
   echo -e "Sealed secrets didn't install correctly, aborting!"
   exit 1
 fi
@@ -60,7 +51,5 @@ while :; do
   sleep 15
 done
 
-# Creating/Updating Sealed Secrets -------------------
+# Creating/Updating Sealed Secrets ---------------------------------------------------------
 "$SCRIPT_DIR/configure-cluster.sh" "$CLUSTER_NAME"
-
-message "all done!"

infrastructure/setup/requirements.sh

@@ -1,5 +1,7 @@
 #!/usr/bin/env bash
 
+set -e
+
 need() {
   if ! command -v "$1" &>/dev/null; then
     echo "Binary '$1' is missing but required"
@@ -18,8 +20,25 @@ pause() {
   echo ""
 }
 
+# make sure all required binaries are installed
 need "kubectl"
 need "flux"
 need "git"
 need "kubeseal"
 need "jq"
+
+# check if have the cluster name, otherwise set it to the current user
+if [ -z ${1+x} ]; then
+  echo -e "Cluster Name was not specified. Assuming \e[1;32m$(whoami)\e[0m as the cluster name."
+  CLUSTER_NAME=$(whoami)
+else
+  CLUSTER_NAME=$1
+fi
+
+# The root of the git repo
+REPO_ROOT=$(git rev-parse --show-toplevel)
+
+if [ ! -f "$REPO_ROOT/clusters/$CLUSTER_NAME/secrets.env" ]; then
+  echo "The secrets.env file for $CLUSTER_NAME does not exist. Please create it."
+  exit 1
+fi