github.com/freiheit-com/kuberpult@v1.24.2-0.20240328135542-315d5630abe6/charts/kuberpult/setup-cluster-ssh.sh (about) 1 #!/usr/bin/env bash 2 3 set -eu 4 set -o pipefail 5 6 7 cd "$(dirname "$0")" 8 9 ARGO_NAMESPACE=default 10 #GIT_NAMESPACE=git # required to be set outside 11 12 scratch=$(mktemp -d) 13 function finish { 14 rm -rf "$scratch" 15 } 16 trap finish EXIT 17 18 ssh-keygen -t ed25519 -N "" -C host -f "${scratch}/host" 1>&2 19 ssh-keygen -t ed25519 -N "" -C client -f "${scratch}/client" 1>&2 20 21 host_pub="$(cat "${scratch}/host.pub")" 22 23 cp "${scratch}/client" ../../services/cd-service/client 24 cat <<EOF > ../../services/cd-service/known_hosts 25 server.${GIT_NAMESPACE}.svc.cluster.local ${host_pub} 26 localhost ${host_pub} 27 EOF 28 29 echo printing known_hosts 30 cat ../../services/cd-service/known_hosts 31 32 kubectl create namespace "git" || echo "already exists" 33 kubectl create namespace "argocd" || echo "already exists" 34 35 36 docker pull europe-west3-docker.pkg.dev/fdc-public-docker-registry/kuberpult/git-ssh:1.1.1 37 38 kind load docker-image europe-west3-docker.pkg.dev/fdc-public-docker-registry/kuberpult/git-ssh:1.1.1 39 40 kubectl apply -f - <<EOF 41 --- 42 apiVersion: v1 43 kind: Secret 44 metadata: 45 name: my-private-ssh-repo 46 namespace: default 47 labels: 48 argocd.argoproj.io/secret-type: repository 49 namespace: ${ARGO_NAMESPACE} 50 stringData: 51 url: ssh://git@server.${GIT_NAMESPACE}.svc.cluster.local/git/repos/manifests 52 sshPrivateKey: | 53 $(sed -e "s/^/ /" <"$scratch"/client) 54 --- 55 apiVersion: v1 56 kind: ConfigMap 57 metadata: 58 name: ssh-host 59 namespace: ${GIT_NAMESPACE} 60 data: 61 ssh_host_ed25519_key: | 62 $(sed -e "s/^/ /" <"$scratch"/host) 63 ssh_host_ed25519_key.pub: | 64 $(sed -e "s/^/ /" <"$scratch"/host.pub) 65 --- 66 apiVersion: v1 67 kind: ConfigMap 68 metadata: 69 name: ssh-client 70 namespace: ${GIT_NAMESPACE} 71 data: 72 client.pub: | 73 $(sed -e "s/^/ /" <"$scratch"/client.pub) 74 --- 75 apiVersion: v1 76 kind: Service 77 metadata: 78 name: server 79 namespace: ${GIT_NAMESPACE} 80 spec: 81 ports: 82 - name: ssh 83 port: 22 84 protocol: TCP 85 targetPort: 22 86 selector: 87 app.kubernetes.io/name: server 88 --- 89 apiVersion: apps/v1 90 kind: Deployment 91 metadata: 92 name: server 93 namespace: ${GIT_NAMESPACE} 94 spec: 95 replicas: 1 96 selector: 97 matchLabels: 98 app.kubernetes.io/name: server 99 strategy: 100 type: RollingUpdate 101 template: 102 metadata: 103 labels: 104 app.kubernetes.io/name: server 105 spec: 106 initContainers: 107 - image: "europe-west3-docker.pkg.dev/fdc-public-docker-registry/kuberpult/git-ssh:1.1.1" 108 imagePullPolicy: Never 109 name: "git-init" 110 command: ["/bin/sh","-c"] 111 args: ["ls -l /template/; git init --bare /git/repos/manifests"] 112 volumeMounts: 113 - mountPath: /git/repos 114 name: repos 115 - name: template 116 mountPath: /template 117 containers: 118 - image: "europe-west3-docker.pkg.dev/fdc-public-docker-registry/kuberpult/git-ssh:1.1.1" 119 imagePullPolicy: Never 120 name: git 121 ports: 122 - containerPort: 22 123 protocol: TCP 124 env: 125 - name: PUID 126 value: "1000" 127 - name: PGID 128 value: "1000" 129 volumeMounts: 130 - mountPath: /git/keys-host 131 name: ssh-host 132 readOnly: true 133 - mountPath: /git/keys 134 name: ssh-client 135 readOnly: true 136 - mountPath: /git/repos 137 name: repos 138 volumes: 139 - name: template # for initial test data 140 hostPath: 141 path: /create-testdata 142 - name: ssh-host 143 configMap: 144 name: ssh-host 145 defaultMode: 0600 146 - name: ssh-client 147 configMap: 148 name: ssh-client 149 - name: repos 150 emptyDir: 151 sizeLimit: 50Mi 152 restartPolicy: Always 153 EOF 154 echo "done setting up ssh"