-
Notifications
You must be signed in to change notification settings - Fork 5
/
Makefile
138 lines (105 loc) · 4.12 KB
/
Makefile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
-include .env
CLUSTER_NAME ?= cluster
BASE_DOMAIN ?= demo.jharmison.dev
AWS_REGION ?= us-west-2
CONTROL_PLANE_TYPE ?= m6i.2xlarge
CONTROL_PLANE_COUNT ?= 3
WORKER_TYPE ?= m6i.2xlarge
WORKER_COUNT ?= 3
ARGO_GIT_URL ?= [email protected]:jharmison-redhat/openshift-setup.git
ARGO_GIT_REVISION ?= HEAD
ARGO_APPLICATIONS ?= config oauth cert-manager
CLUSTER_VERSION ?= 4.17.3
ACME_EMAIL ?=
ACME_DISABLE_ACCOUNT_KEY_GENERATION ?= true
GH_REPO := $(word 1,$(subst ., ,$(word 2,$(subst :, ,$(ARGO_GIT_URL)))))
RECOVER_INSTALL ?= false
CLUSTER_URL := $(CLUSTER_NAME).$(BASE_DOMAIN)
CLUSTER_DIR := clusters/$(CLUSTER_URL)
INSTALL_DIR := install/$(CLUSTER_URL)
RUNTIME ?= podman
IMAGE ?= registry.jharmison.com/library/openshift-setup:latest
CONTAINER_MAKE_ARGS ?= bootstrap
RUNTIME_ARGS := run --rm -it --security-opt=label=disable --privileged -v "$${PWD}:/workdir" -v ~/.config:/root/.config $(subst .env,--env-file .env,$(wildcard .env)) $(subst $(INSTALL_DIR).env,--env-file $(INSTALL_DIR).env,$(wildcard $(INSTALL_DIR).env)) --env HOME=/root --env EDITOR=vi --env CLUSTER_NAME=$(CLUSTER_NAME) --env BASE_DOMAIN=$(BASE_DOMAIN) --env CLUSTER_URL=$(CLUSTER_URL) --env CLUSTER_DIR=$(CLUSTER_DIR) --env INSTALL_DIR=$(INSTALL_DIR) --env XDG_CONFIG_HOME=/root/.config --env XDG_DATA_HOME=/workdir/$(INSTALL_DIR)/.data --pull=newer
-include $(INSTALL_DIR).env
export
.PHONY: all
all: container
$(INSTALL_DIR)/openshift-install:
mkdir -p $(@D)
curl -sLo- https://mirror.openshift.com/pub/openshift-v4/clients/ocp/$(CLUSTER_VERSION)/openshift-install-linux.tar.gz | tar xvzf - -C $(@D) openshift-install
$(INSTALL_DIR)/oc:
mkdir -p $(@D)
curl -sLo- https://mirror.openshift.com/pub/openshift-v4/clients/ocp/$(CLUSTER_VERSION)/openshift-client-linux.tar.gz | tar xvzf - -C $(@D) oc kubectl
$(INSTALL_DIR)/kubectl: $(INSTALL_DIR)/oc
$(INSTALL_DIR)/id_ed25519:
mkdir -p $(@D)
if [ ! -e $@ ]; then ssh-keygen -t ed25519 -b 512 -f $@ -C admin@$(CLUSTER_URL) -N ''; else touch $@; fi
$(INSTALL_DIR)/argo_ed25519:
mkdir -p $(@D)
if [ ! -e $@ ]; then ssh-keygen -t ed25519 -b 512 -f $@ -C argocd@$(CLUSTER_URL) -N ''; else touch $@; fi
$(INSTALL_DIR)/argo.txt:
mkdir -p $(@D)
if [ ! -e $@ ]; then age-keygen -o $@ 2>/dev/null; else touch $@; fi
.PHONY: secrets
secrets: $(INSTALL_DIR)/argo.txt
@hack/encrypt.sh
$(INSTALL_DIR)/bootstrap/kustomization.yaml: $(INSTALL_DIR)/argo_ed25519 $(INSTALL_DIR)/argo.txt
@hack/gen-bootstrap.sh
.PHONY: arg
.ARG~%~$(CLUSTER_URL): arg
@if [[ $$(cat $@ 2>&1) != '$($*)' ]]; then echo -n $($*) >$@; fi
$(INSTALL_DIR)/auth/kubeconfig: $(INSTALL_DIR)/id_ed25519 $(INSTALL_DIR)/bootstrap/kustomization.yaml $(INSTALL_DIR)/openshift-install .ARG~RECOVER_INSTALL~$(CLUSTER_URL)
@hack/install.sh
$(INSTALL_DIR)/auth/kubeconfig-orig: $(INSTALL_DIR)/auth/kubeconfig
@if [ -e $@ ]; then \
touch $@; else \
cp $< $@; fi
.PHONY: install
install: $(INSTALL_DIR)/auth/kubeconfig-orig
$(CLUSTER_DIR)/cluster.yaml: $(INSTALL_DIR)/auth/kubeconfig-orig
@hack/cluster-yaml.sh
.PHONY: cluster-yaml
cluster-yaml:
@if [ -e $(INSTALL_DIR)/auth/kubeconfig-orig ]; then touch $(INSTALL_DIR)/auth/kubeconfig-orig; fi
@$(MAKE) $(CLUSTER_DIR)/cluster.yaml
.PHONY: update-applications
update-applications: $(CLUSTER_DIR)/cluster.yaml $(wildcard $(CLUSTER_DIR)/values/*/*.yaml) $(wildcard $(CLUSTER_DIR)/values/*/*.yml)
@hack/update-applications.sh
.PHONY: bootstrap
bootstrap: $(INSTALL_DIR)/oc update-applications
@hack/bootstrap.sh
.PHONY: encrypt
encrypt:
@hack/encrypt.sh
.PHONY: decrypt
decrypt:
@hack/decrypt.sh
.PHONY: start
start:
@hack/start.sh
.PHONY: stop
stop:
@hack/stop.sh
.PHONY: approve-csrs
approve-csrs:
@hack/approve-csrs.sh
.PHONY: hosted-zone-setup
hosted-zone-setup:
@hack/hosted-zone.sh
.PHONY: destroy
destroy:
@hack/destroy.sh
.PHONY: clean
clean: destroy
rm -rf "${INSTALL_DIR}"
.PHONY: image
image:
$(RUNTIME) build container --pull=newer -t $(IMAGE)
$(RUNTIME) push $(IMAGE)
.PHONY: container
container:
@if [ -f /run/.containerenv ]; then $(MAKE) $(CONTAINER_MAKE_ARGS); else $(RUNTIME) $(RUNTIME_ARGS) $(IMAGE) $(CONTAINER_MAKE_ARGS); fi
.PHONY: shell
shell: $(INSTALL_DIR)/kubectl
@$(RUNTIME) $(RUNTIME_ARGS) --entrypoint /bin/bash $(IMAGE) -li