Expunge fastly management from build-deploy-tool

[shreddedbacon]

This is simply a place holder for documenting the items that need to be removed from the build-deploy-tool. It will probably link out to multiple issues, or in the case of amazee.io(AIO), may be referenced in internal discussions. The fastly control, is as far as we are aware, only used by AIO. If you're a community member of Lagoon that uses any of this in your own hosted Lagoon, please let us know.

• Environment variables - these will need some form of transition away from. Some of these are used by AIO, and there will need to be some way for Lagoon and its users to be able to pass this information to the cluster in another way (which has yet to be discussed or decided, as stated this issue is purely to call out the things that need to be removed)
  • LAGOON_FASTLY_SERVICE_ID
  • LAGOON_FASTLY_SERVICE_IDS
  • LAGOON_FASTLY_NOCACHE_SERVICE_ID
  • LAGOON_FASTLY_AUTOGENERATED
• fastly-api-secrets - The functionality contained in this section of code

  build-deploy-tool/legacy/build-deploy-docker-compose.sh

  Lines 1003 to 1107 in dfd5406

  	##############################################
  	### CUSTOM FASTLY API SECRETS .lagoon.yml
  	##############################################
  	# if a customer is using their own fastly configuration, then they can define their api token and platform tls configuration ID in the .lagoon.yml file
  	# this will get created as a `kind: Secret` in kubernetes so that created ingresses will be able to use this secret to talk to the fastly api.
  	#
  	# in this example, the customer needs to add a build envvar called `FASTLY_API_TOKEN` and then populates the .lagoon.yml file with something like this
  	#
  	# fastly:
  	# api-secrets:
  	# - name: customer
  	# apiTokenVariableName: FASTLY_API_TOKEN
  	# platformTLSConfiguration: A1bcEdFgH12eD242Sds
  	#
  	# then the build process will attempt to check the lagoon variables for one called `FASTLY_API_TOKEN` and will use the value of this variable when creating the
  	# `kind: Secret` in kubernetes
  	#
  	# support for multiple api-secrets is possible in the instance that a customer uses 2 separate services in different accounts in the one project
  	## any fastly api secrets will be prefixed with this, so that we always add this to whatever the customer provides
  	FASTLY_API_SECRET_PREFIX="fastly-api-"
  	FASTLY_API_SECRETS_COUNTER=0
  	FASTLY_API_SECRETS=()
  	set +x # reduce noise in build logs
  	if [ -n "$(cat .lagoon.yml | shyaml keys fastly.api-secrets.$FASTLY_API_SECRETS_COUNTER 2> /dev/null)" ]; then
  	while [ -n "$(cat .lagoon.yml | shyaml get-value fastly.api-secrets.$FASTLY_API_SECRETS_COUNTER 2> /dev/null)" ]; do
  	FASTLY_API_SECRET_NAME=$FASTLY_API_SECRET_PREFIX$(cat .lagoon.yml | shyaml get-value fastly.api-secrets.$FASTLY_API_SECRETS_COUNTER.name 2> /dev/null)
  	if [ -z "$FASTLY_API_SECRET_NAME" ]; then
  	echo -e "A fastly api secret was defined in the .lagoon.yml file, but no name could be found the .lagoon.yml\n\nPlease check if the name has been set correctly."
  	exit 1
  	fi
  	FASTLY_API_TOKEN_VALUE=$(cat .lagoon.yml | shyaml get-value fastly.api-secrets.$FASTLY_API_SECRETS_COUNTER.apiTokenVariableName false)
  	if [[ $FASTLY_API_TOKEN_VALUE == "false" ]]; then
  	echo "No 'apiTokenVariableName' defined for fastly secret $FASTLY_API_SECRET_NAME"; exit 1;
  	fi
  	# if we have everything we need, we can proceed to logging in
  	if [ $FASTLY_API_TOKEN_VALUE != "false" ]; then
  	FASTLY_API_TOKEN=""
  	# check if we have a password defined anywhere in the api first
  	if [ ! -z "$LAGOON_PROJECT_VARIABLES" ]; then
  	FASTLY_API_TOKEN=($(echo $LAGOON_PROJECT_VARIABLES | jq -r '.[] | select(.scope == "build" and .name == "'$FASTLY_API_TOKEN_VALUE'") | "\(.value)"'))
  	fi
  	if [ ! -z "$LAGOON_ENVIRONMENT_VARIABLES" ]; then
  	TEMP_FASTLY_API_TOKEN=($(echo $LAGOON_ENVIRONMENT_VARIABLES | jq -r '.[] | select(.scope == "build" and .name == "'$FASTLY_API_TOKEN_VALUE'") | "\(.value)"'))
  	if [ ! -z "$TEMP_FASTLY_API_TOKEN" ]; then
  	FASTLY_API_TOKEN=$TEMP_FASTLY_API_TOKEN
  	fi
  	fi
  	if [ -z "$FASTLY_API_TOKEN" ]; then
  	echo -e "A fastly api secret was defined in the .lagoon.yml file, but no token could be found in the Lagoon API matching the variable name provided\n\nPlease check if the token has been set correctly."
  	exit 1
  	fi
  	fi
  	FASTLY_API_PLATFORMTLS_CONFIGURATION=$(cat .lagoon.yml | shyaml get-value fastly.api-secrets.$FASTLY_API_SECRETS_COUNTER.platformTLSConfiguration "")
  	if [ -z "$FASTLY_API_PLATFORMTLS_CONFIGURATION" ]; then
  	echo -e "A fastly api secret was defined in the .lagoon.yml file, but no platform tls configuration id could be found in the .lagoon.yml\n\nPlease check if the platform tls configuration id has been set correctly."
  	exit 1
  	fi
  	# run the script to create the secrets
  	. /kubectl-build-deploy/scripts/exec-fastly-api-secrets.sh
  	let FASTLY_API_SECRETS_COUNTER=FASTLY_API_SECRETS_COUNTER+1
  	done
  	fi
  	set -x
  	set +x # reduce noise in build logs
  	# FASTLY API SECRETS FROM LAGOON API VARIABLE
  	# Allow for defining fastly api secrets using lagoon api variables
  	# This accepts colon separated values like so `SECRET_NAME:FASTLY_API_TOKEN:FASTLY_PLATFORMTLS_CONFIGURATION_ID`, and multiple overrides
  	# separated by commas
  	# Example 1: examplecom:x1s8asfafasf7ssf:fa23rsdgsdgas
  	# ^^^ will create a kubernetes secret called `$FASTLY_API_SECRET_PREFIX-examplecom` with 2 data fields (one for api token, the other for platform tls id)
  	# populated with `x1s8asfafasf7ssf` and `fa23rsdgsdgas` for whichever field it should be
  	# and the name will get created with the prefix defined in `FASTLY_API_SECRET_PREFIX`
  	# Example 2: examplecom:x1s8asfafasf7ssf:fa23rsdgsdgas,example2com:fa23rsdgsdgas:x1s8asfafasf7ssf,example3com:fa23rsdgsdgas:x1s8asfafasf7ssf:example3com
  	if [ ! -z "$LAGOON_PROJECT_VARIABLES" ]; then
  	LAGOON_FASTLY_API_SECRETS=($(echo $LAGOON_PROJECT_VARIABLES | jq -r '.[] | select(.name == "LAGOON_FASTLY_API_SECRETS") | "\(.value)"'))
  	fi
  	if [ ! -z "$LAGOON_ENVIRONMENT_VARIABLES" ]; then
  	TEMP_LAGOON_FASTLY_API_SECRETS=($(echo $LAGOON_ENVIRONMENT_VARIABLES | jq -r '.[] | select(.name == "LAGOON_FASTLY_API_SECRETS") | "\(.value)"'))
  	if [ ! -z $TEMP_LAGOON_FASTLY_API_SECRETS ]; then
  	LAGOON_FASTLY_API_SECRETS=$TEMP_LAGOON_FASTLY_API_SECRETS
  	fi
  	fi
  	if [ ! -z "$LAGOON_FASTLY_API_SECRETS" ]; then
  	IFS=',' read -ra LAGOON_FASTLY_API_SECRETS_SPLIT <<< "$LAGOON_FASTLY_API_SECRETS"
  	for LAGOON_FASTLY_API_SECRETS_DATA in "${LAGOON_FASTLY_API_SECRETS_SPLIT[@]}"
  	do
  	IFS=':' read -ra LAGOON_FASTLY_API_SECRET_SPLIT <<< "$LAGOON_FASTLY_API_SECRETS_DATA"
  	if [ -z "${LAGOON_FASTLY_API_SECRET_SPLIT[0]}" ] || [ -z "${LAGOON_FASTLY_API_SECRET_SPLIT[1]}" ] || [ -z "${LAGOON_FASTLY_API_SECRET_SPLIT[2]}" ]; then
  	echo -e "An override was defined in the lagoon API with LAGOON_FASTLY_API_SECRETS but was not structured correctly, the format should be NAME:FASTLY_API_TOKEN:FASTLY_PLATFORMTLS_CONFIGURATION_ID and comma separated for multiples"
  	exit 1
  	fi
  	# the fastly api secret name will be created with the prefix that is defined above
  	FASTLY_API_SECRET_NAME=$FASTLY_API_SECRET_PREFIX${LAGOON_FASTLY_API_SECRET_SPLIT[0]}
  	FASTLY_API_TOKEN=${LAGOON_FASTLY_API_SECRET_SPLIT[1]}
  	FASTLY_API_PLATFORMTLS_CONFIGURATION=${LAGOON_FASTLY_API_SECRET_SPLIT[2]}
  	# run the script to create the secrets
  	. /kubectl-build-deploy/scripts/exec-fastly-api-secrets.sh
  	done
  	fi

  and https://github.com/uselagoon/build-deploy-tool/blob/dfd540684e3be257d6047188533eaa40ab37152e/legacy/scripts/exec-fastly-api-secrets.sh can/should be removed. This functionality has never been utilised within AIO, and I believe there is no reason to support this functionality from this point on.