2020-03-11 12:46:52 +00:00
|
|
|
#!/bin/bash -e
|
|
|
|
|
|
|
|
# Copyright (C) 2020 The Android Open Source Project
|
|
|
|
#
|
|
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
|
# you may not use this file except in compliance with the License.
|
|
|
|
# You may obtain a copy of the License at
|
|
|
|
#
|
|
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
#
|
|
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
# See the License for the specific language governing permissions and
|
|
|
|
# limitations under the License.
|
|
|
|
|
|
|
|
usage() {
|
|
|
|
me=`basename "$0"`
|
|
|
|
echo >&2 "Usage: $me [--output OUTPUT] [--dryrun] CONFIG"
|
|
|
|
exit 1
|
|
|
|
}
|
|
|
|
|
|
|
|
while test $# -gt 0 ; do
|
|
|
|
case "$1" in
|
|
|
|
--output)
|
|
|
|
shift
|
|
|
|
OUTPUT=$1
|
|
|
|
shift
|
|
|
|
;;
|
|
|
|
|
|
|
|
--dryrun)
|
|
|
|
DRYRUN="true"
|
|
|
|
shift
|
|
|
|
;;
|
|
|
|
|
|
|
|
*)
|
|
|
|
break
|
|
|
|
esac
|
|
|
|
done
|
|
|
|
|
|
|
|
test -z "$OUTPUT" && OUTPUT="$(dirname $0)/dist"
|
|
|
|
|
|
|
|
CONFIG=$1
|
|
|
|
test -z "$CONFIG" && usage
|
|
|
|
|
|
|
|
NAMESPACE=$(yq r $CONFIG namespace)
|
|
|
|
TMP_CONFIG=$OUTPUT/$(basename $CONFIG)
|
|
|
|
|
|
|
|
function updateOrInstall() {
|
|
|
|
if test -n "$(helm ls -n $NAMESPACE --short | grep $1)"; then
|
|
|
|
echo "upgrade"
|
|
|
|
else
|
|
|
|
echo "install"
|
|
|
|
fi
|
|
|
|
}
|
|
|
|
|
|
|
|
function addHtpasswdEntryUnencrypted() {
|
|
|
|
local COMPONENT=$1
|
|
|
|
|
|
|
|
local HTPASSWD=$(htpasswd -nb \
|
|
|
|
$(yq r $TMP_CONFIG $COMPONENT.username) \
|
|
|
|
$(yq r $TMP_CONFIG $COMPONENT.password))
|
|
|
|
|
|
|
|
yq w -i $TMP_CONFIG $COMPONENT.htpasswd $HTPASSWD
|
|
|
|
}
|
|
|
|
|
|
|
|
function addHtpasswdEntryEncrypted() {
|
|
|
|
local COMPONENT=$1
|
|
|
|
|
|
|
|
local HTPASSWD=$(htpasswd -nb \
|
|
|
|
$(sops -d --extract "$COMPONENT['username']" $TMP_CONFIG) \
|
|
|
|
$(sops -d --extract "$COMPONENT['password']" $TMP_CONFIG))
|
|
|
|
|
|
|
|
sops --set "$COMPONENT['htpasswd'] \"$HTPASSWD\"" $TMP_CONFIG
|
|
|
|
}
|
|
|
|
|
2020-03-26 08:55:39 +00:00
|
|
|
function addDashboards() {
|
|
|
|
for dashboard in dashboards/*; do
|
|
|
|
local DASHBOARD_NAME="${dashboard%.json}"
|
|
|
|
local DASHBOARD_NAME="${DASHBOARD_NAME#"dashboards/"}"
|
|
|
|
|
|
|
|
kubectl create configmap $DASHBOARD_NAME \
|
|
|
|
--from-file=$dashboard \
|
|
|
|
--dry-run=true \
|
|
|
|
--namespace=$NAMESPACE \
|
|
|
|
-o yaml > $OUTPUT/dashboards/$DASHBOARD_NAME.dashboard.yaml
|
|
|
|
|
|
|
|
yq w -i $OUTPUT/dashboards/$DASHBOARD_NAME.dashboard.yaml \
|
|
|
|
metadata.labels.grafana_dashboard $DASHBOARD_NAME
|
|
|
|
done
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2020-03-11 12:46:52 +00:00
|
|
|
function runYtt() {
|
|
|
|
ytt \
|
|
|
|
-f charts/namespace.yaml \
|
|
|
|
-f charts/prometheus/ \
|
|
|
|
-f charts/loki/ \
|
|
|
|
-f charts/grafana/ \
|
|
|
|
-f promtail/ \
|
|
|
|
--output-directory $OUTPUT \
|
|
|
|
--ignore-unknown-comments \
|
|
|
|
-f $1
|
|
|
|
}
|
|
|
|
|
|
|
|
mkdir -p $OUTPUT
|
|
|
|
cp $CONFIG $TMP_CONFIG
|
|
|
|
|
|
|
|
# Fill in templates
|
|
|
|
if test -z "$(grep -o '^sops:$' $TMP_CONFIG)"; then
|
|
|
|
addHtpasswdEntryUnencrypted loki
|
|
|
|
addHtpasswdEntryUnencrypted prometheus.server
|
|
|
|
echo -e "#@data/values\n---\n$(cat $TMP_CONFIG)" | runYtt -
|
|
|
|
else
|
|
|
|
addHtpasswdEntryEncrypted "['loki']" $TMP_CONFIG
|
|
|
|
addHtpasswdEntryEncrypted "['prometheus']['server']" $TMP_CONFIG
|
|
|
|
echo -e "#@data/values\n---\n$(sops -d $TMP_CONFIG)" | runYtt -
|
|
|
|
fi
|
|
|
|
|
2020-03-26 08:55:39 +00:00
|
|
|
# Create configmaps with dashboards
|
|
|
|
mkdir -p $OUTPUT/dashboards
|
|
|
|
addDashboards
|
2020-03-11 12:46:52 +00:00
|
|
|
|
|
|
|
test -n "$DRYRUN" && exit 0
|
|
|
|
|
|
|
|
# Install loose components
|
|
|
|
kubectl apply -f $OUTPUT/namespace.yaml
|
|
|
|
kubectl apply -f $OUTPUT/configuration
|
2020-03-26 08:55:39 +00:00
|
|
|
kubectl apply -f $OUTPUT/dashboardsq
|
2020-03-11 12:46:52 +00:00
|
|
|
kubectl apply -f $OUTPUT/storage
|
|
|
|
|
|
|
|
# Add Loki helm repository
|
|
|
|
helm repo add loki https://grafana.github.io/loki/charts
|
|
|
|
helm repo update
|
|
|
|
|
|
|
|
# Install Prometheus
|
|
|
|
PROMETHEUS_CHART_NAME=prometheus-$NAMESPACE
|
|
|
|
helm $(updateOrInstall $PROMETHEUS_CHART_NAME) $PROMETHEUS_CHART_NAME \
|
|
|
|
stable/prometheus \
|
|
|
|
--version $(cat ./charts/prometheus/VERSION) \
|
|
|
|
--values $OUTPUT/prometheus.yaml \
|
|
|
|
--namespace $NAMESPACE
|
|
|
|
|
|
|
|
# Install Loki
|
|
|
|
LOKI_CHART_NAME=loki-$NAMESPACE
|
|
|
|
helm $(updateOrInstall $LOKI_CHART_NAME) $LOKI_CHART_NAME \
|
|
|
|
loki/loki \
|
|
|
|
--version $(cat ./charts/loki/VERSION) \
|
|
|
|
--values $OUTPUT/loki.yaml \
|
|
|
|
--namespace $NAMESPACE
|
|
|
|
|
|
|
|
# Install Grafana
|
|
|
|
GRAFANA_CHART_NAME=grafana-$NAMESPACE
|
|
|
|
helm $(updateOrInstall $GRAFANA_CHART_NAME) $GRAFANA_CHART_NAME \
|
|
|
|
stable/grafana \
|
|
|
|
--version $(cat ./charts/grafana/VERSION) \
|
|
|
|
--values $OUTPUT/grafana.yaml \
|
|
|
|
--namespace $NAMESPACE
|