some more improvements to the install script

Obmondo · Apr 12, 2022 · 8eef4f0 · 8eef4f0
1 parent 8aa7be8
commit 8eef4f0
Show file tree

Hide file tree

Showing 2 changed files with 13 additions and 21 deletions.
diff --git a/bin/k8s-install-kops.sh b/bin/k8s-install-kops.sh
@@ -86,7 +86,7 @@ if ! kops get cluster --name "$FULLNAME" >/dev/null; then
   kops create -f "$CLUSTER_CONFIG_PATH"/cluster.yaml
   kops create -f "$CLUSTER_CONFIG_PATH"/master-ig.yaml
   kops create -f "$CLUSTER_CONFIG_PATH"/nodes-ig.yaml
-  kops create secret --name "$FULLNAME" sshpublickey admin -i kops.pub
+  kops create secret --name "$FULLNAME" sshpublickey admin -i "$CLUSTER_CONFIG_PATH"/kops.pub
   kops update cluster "$FULLNAME" --yes --admin=48h
 else
   echo "Cluster $FULLNAME is already present, replacing the config with the local changes"
@@ -119,11 +119,17 @@ While you go ahead and do the above steps, I'll wait here and when you are done,
 ###################################################################
 EOF
 
-read -r -p "Enter 'yes' : "
+read -r -p "Enter 'yes' : " GO_VALIDATE
 
-until kops validate cluster "$FULLNAME" --wait=5m; do
-  echo "Seems like validation is failing, going to sleep for 30 seconds and try again"
-  sleep 30
-done
+if [ "$GO_VALIDATE" == "yes" ]; then
+  until kops validate cluster "$FULLNAME" --wait=5m; do
+    echo "Seems like validation is failing, going to sleep for 30 seconds and try again"
+    sleep 30
+  done
 
-echo "The $FULLNAME k8s cluster is up and running now"
+  echo "The $FULLNAME k8s cluster is up and running now"
+else
+  echo "Can not validate $FULLNAME k8s cluster, I guess because you are not ready"
+  echo "You can run this script again once you have done the required steps"
+  exit 1
+fi
diff --git a/bin/setup-k8s-cluster.sh b/bin/setup-k8s-cluster.sh
@@ -286,19 +286,13 @@ if $INSTALL_K8S; then
       ;;
       aws-kops)
           CLUSTER_CONFIG_DIR=$(yq e '.cluster.configDir' "$SETTINGS_FILE")
-          SHORT_CLUSTER_NAME=$(yq eval '.cluster.shortName' "$SETTINGS_FILE")
 
           # Setup the Cluster with KOPS
           echo "Creating cluster $CLUSTER_NAME with KOPS on AWS"
           ./bin/k8s-install-kops.sh \
             --cluster-config-path "$CLUSTER_CONFIG_DIR" \
             --cluster-name "$CLUSTER_NAME"
 
-          # Restore the private keys from, to enable secrets manage to actually decrypt the SealedSecrets
-          if $RECOVERY; then
-              aws secretsmanager get-secret-value --secret-id sealed-secrets-"$SHORT_CLUSTER_NAME" | jq -re '.SecretString' | base64 -d | gzip -cd | kubectl create -f -
-          fi
-
       ;;
       aks-terraform)
           if [ "$RESOURCE_GROUP" == "null" ]; then
@@ -441,17 +435,10 @@ if $SETUP_ARGOCD; then
         STAT $?
     fi
 
-    SEALEDSECRET_CRT="${CUSTOMER_CONFIG_DIR}/$CLUSTER_NAME.pem"
     SEALEDSECRET_ARGOCD="${CUSTOMER_CONFIG_DIR}/sealed-secrets/argocd"
     ARGOCD_CTRL_REPLICAS=$(DEFAULT_VALES '.argo-cd.controller.replicas' 1)
     ARGOCD_REPO_REPLICAS=$(DEFAULT_VALES '.argo-cd.repoServer.replicas' 1)
 
-    kubectl get secret \
-        --namespace system \
-        -l sealedsecrets.bitnami.com/sealed-secrets-key=active \
-        -o jsonpath='{'.items[0].data."tls\.crt"'}' \
-        | base64 -d > "${SEALEDSECRET_CRT}"
-
     case "$GIT_AUTH_TYPE" in
         https)
             # Add customer values git repo
@@ -658,7 +645,6 @@ if $SETUP_ARGOCD; then
     # Switch to the original state of the file, after installing
     git restore ./argocd-helm-charts/argo-cd/Chart.yaml
 
-    rm -fr "${SEALEDSECRET_CRT}"
 fi
 
 ##### Install root app #####