github.com/verrazzano/verrazzano@v1.7.1/ci/scripts/install_third_party_components.sh (about) 1 #!/usr/bin/env bash 2 # 3 # Copyright (c) 2023, Oracle and/or its affiliates. 4 # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. 5 # 6 7 echo "Installing cert-manager via helm chart" 8 echo "Setting clusterResourceNamespace to $CLUSTER_RESOURCE_NAMESPACE" 9 10 if [ -z "$(kubectl get ns | grep my-cert-manager)" ] 11 then 12 kubectl create ns my-cert-manager 13 fi 14 15 if [ $CLUSTER_RESOURCE_NAMESPACE != my-cert-manager ] 16 then 17 if [ -z "$(kubectl get ns | grep $CLUSTER_RESOURCE_NAMESPACE)" ] 18 then 19 kubectl create ns $CLUSTER_RESOURCE_NAMESPACE 20 fi 21 fi 22 23 controllerTag=$(cat platform-operator/verrazzano-bom.json | jq '.components[] | select(.name=="cert-manager")' | jq '.subcomponents[0].images[] | select(.image=="cert-manager-controller")' | jq .tag -r) 24 cainjectorTag=$(cat platform-operator/verrazzano-bom.json | jq '.components[] | select(.name=="cert-manager")' | jq '.subcomponents[0].images[] | select(.image=="cert-manager-cainjector")' | jq .tag -r) 25 webhookTag=$(cat platform-operator/verrazzano-bom.json | jq '.components[] | select(.name=="cert-manager")' | jq '.subcomponents[0].images[] | select(.image=="cert-manager-webhook")' | jq .tag -r) 26 helm upgrade cert-manager -n my-cert-manager platform-operator/thirdparty/charts/cert-manager \ 27 --set image.repository=ghcr.io/verrazzano/cert-manager-controller --set image.tag=${controllerTag} \ 28 --set cainjector.image.repository=ghcr.io/verrazzano/cert-manager-cainjector --set cainjector.image.tag=${cainjectorTag} \ 29 --set webhook.image.repository=ghcr.io/verrazzano/cert-manager-webhook --set webhook.image.tag=${webhookTag} \ 30 --set startupapicheck.enabled=false --set clusterResourceNamespace=${CLUSTER_RESOURCE_NAMESPACE} \ 31 --set installCRDs=true --install 32 33 echo "ensure cert-manager using ghcr.io images" 34 if [ ! -z "$(kubectl get po -n my-cert-manager -o yaml | grep quay.io)" ] 35 then 36 kubectl get po -n my-cert-manager -o yaml | grep quay.io 37 exit 1 38 fi 39 40 kubectl get pods -n my-cert-manager 41 42 echo "Installing ingress-nginx via helm chart" 43 44 if [ -z "$(kubectl get ns | grep ingress-nginx)" ] 45 then 46 kubectl create ns ingress-nginx 47 fi 48 49 controllerTag=$(cat platform-operator/verrazzano-bom.json | jq '.components[] | select(.name=="ingress-nginx")' | jq '.subcomponents[0].images[] | select(.image=="nginx-ingress-controller")' | jq .tag -r) 50 defaultBackendTag=$(cat platform-operator/verrazzano-bom.json | jq '.components[] | select(.name=="ingress-nginx")' | jq '.subcomponents[0].images[] | select(.image=="nginx-ingress-default-backend")' | jq .tag -r) 51 52 helm upgrade ingress-controller -n ingress-nginx platform-operator/thirdparty/charts/ingress-nginx \ 53 --set controller.image.digest="" --set controller.image.repository=ghcr.io/verrazzano/nginx-ingress-controller --set controller.image.tag=${controllerTag} \ 54 --set defaultBackend.image.repository=ghcr.io/verrazzano/nginx-ingress-default-backend --set defaultBackend.image.tag=${defaultBackendTag} \ 55 --set defaultBackend.enabled=true --install 56 57 echo "ensure cert-manager using ghcr.io images" 58 if [ ! -z "$(kubectl get po -n cert-manager -o yaml | grep registry.k8s.io)" ] 59 then 60 kubectl get po -n ingress-nginx -o yaml | grep registry.k8s.io 61 exit 1 62 fi 63 64 kubectl get pods -n ingress-nginx