-
Notifications
You must be signed in to change notification settings - Fork 18
/
Copy pathTaskfile.yml
executable file
·143 lines (126 loc) · 4.68 KB
/
Taskfile.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
version: '3'
vars:
INT_REGISTRY: registry.localhost
PATH_ERROR: is not installed or correctly configured in PATH.
K8S_VERSION: "1.32.3"
dotenv: ['.env']
silent: true
includes:
argocd: ./.tasks/argocd.yaml
tools: ./.tasks/tools/{{OS}}.yaml
cluster: ./.tasks/cluster/{{OS}}.yaml
cli: ./.tasks/cli.yaml
templates: ./.tasks/template.yaml
tasks:
help:
desc: Displays this message. Type 'task explain -- [command]' to have a in-depth explanation of each command
cmds:
- task: cli:highlight_bg
- echo -e "If you want to understand more abount a command, type task explain -- [command]"
- task: cli:reset
- task --list
default:
cmds:
- task: cluster:start
- task: dns
- task: ns:system
- task: argocd:install
- task: certs
- task: templates:gen
- task: argocd:secret
- task: argocd:repo
- task: argocd:password
ignore_error: true
fw:
deps: [ns:system]
vars:
ARGOCD_POD:
sh: "kubectl get pods -n argocd -l app.kubernetes.io/name=argocd-server -o jsonpath='{.items[0].metadata.name}'"
cmds:
- task: cli:clear
- kubectl port-forward {{.ARGOCD_POD}} -n argocd 8082:8080
login:
cmds:
- argocd login localhost:8082 --username admin --password $(kubectl -n argocd get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d) --insecure
sync:
deps: [login]
desc: Sync all applications in ArgoCD
cmds:
- |
for app in $(argocd app list -o name); do
echo "Syncing $app"
argocd app sync $app --prune
done
postcreate:
cmds:
- task: tools
ignore_error: true
explain:
desc: Explains a certain Task command more in-detail
cmds:
- task {{.CLI_ARGS}} --summary
lint:
desc: Performs lint testing on the YAML files in the repository using the yamllint tool to ensure proper formatting and syntax.
preconditions:
- sh: "which yamllint"
msg: "yamllint {{.PATH_ERROR}}"
cmds:
- yamllint -c ./.yamllint .
validate:
preconditions:
- sh: "which kubeconform"
msg: "kubeconform {{.PATH_ERROR}}"
desc: Validates your Yaml objects in the repository using Kubeconform
cmds:
- |
objectTypes=("svc" "deployment" "*secret" "cm" "pvc" "pv" "role" "sa" "cr" "rb");
for obj in "${objectTypes[@]}"; do
echo -e "\nValidating ${obj^} object files";
find . -maxdepth 20 -name ${obj}.yaml -exec kubeconform -summary -exit-on-error -ignore-missing-schemas -kubernetes-version "{{.K8S_VERSION}}" -schema-location default {} \;
done
silent: true
dns:
desc: Creates the DNS entry required for the local domain to work.
preconditions:
- sh: "which hostctl"
msg: "hostctl {{.PATH_ERROR}}"
summary: |
Configuring Local DNS configuration through hostctl
This command uses hostctl to manage entries on /etc/hosts on a
a cross operational system compatible way. This command should work
on all MacOS, Windows and Linux. It adds all the '*.k8s.localhost'
domains to your local DNS hosts file. It also makes it easy for the
user to verse those changes, avoiding pollution on your hosts
(or equivalent) file.
cmds:
- task: cli:clear
- sleep 0.01 && {{if eq OS "windows"}}hostctl add k8s -q < config/.etchosts{{else}}sudo hostctl add k8s -q < config/.etchosts{{end}}
- task: cli:highlight_normal
- echo -e "Added 'k8s.localhost' and related domains to your hosts file!"
- task: cli:reset
certs:
desc: Creates and uploads local certificates to the cluster as tls secrets
dir: config/tls
cmds:
- task: cli:clear
- task: cli:highlight_bg
- echo -e "Creating local certificates\n"
- task: cli:reset
- rm cert.pem key.pem base/tls-secret.yaml ca.pem 2> /dev/null
- mkcert -install
- mkcert -cert-file cert.pem -key-file key.pem -p12-file p12.pem "*.k8s.localhost" k8s.localhost "*.localhost" ::1 127.0.0.1 localhost 127.0.0.1 "*.internal.localhost" "*.local" 2> /dev/null
- base64 {{if eq OS "darwin"}}-b{{else}}-w{{end}} 0 cert.pem > ca.pem
- task: cli:highlight_bg
- echo -e "Creating certificate secrets on Kubernetes for local TLS enabled by default\n"
- task: cli:reset
- kubectl config set-context --current --namespace=kube-system --cluster=k3d-demo
- kubectl create secret tls tls-secret --cert=cert.pem --key=key.pem --dry-run=client -o yaml >base/tls-secret.yaml
- kubectl apply -k ./
- task: cli:highlight_bg
- echo -e "\nCertificate resources have been created.\n"
- task: cli:reset
ignore_error: true
ns:system:
cmds:
- kubectl config set-context --current --namespace=kube-system --cluster=k3d-demo
ignore_error: true