From 34b820d9f81fdf13d34ff948b2937ce8ed56f390 Mon Sep 17 00:00:00 2001 From: Jared Edwards Date: Thu, 19 Oct 2023 10:00:52 -0600 Subject: [PATCH] google fixes and virtual clusters (#205) * receiver func for google config to return and array of zone names * create route to get zones for google * pass along required zone for list of machine types for google * standardize return type for instance size response * rm commented code * fixes cloud dns list to use domain name * adds writing of google service account for cluster management * adds digital ocean github vcluster mvp --------- Co-authored-by: Derrick Hawkins --- extensions/civo/secrets.go | 2 +- extensions/digitalocean/secrets.go | 56 ++++++++- extensions/google/env.go | 39 ++++--- extensions/google/secrets.go | 56 ++++++++- internal/controller/argocd.go | 8 ++ internal/controller/domain.go | 1 - internal/controller/kms.go | 8 ++ internal/controller/vault.go | 40 ++++++- internal/db/mongo.go | 9 +- internal/router/api/v1/instanceSizes.go | 34 +++--- internal/router/api/v1/zones.go | 46 ++++++++ internal/router/router.go | 9 +- internal/services/services.go | 16 +++ internal/types/instanceSizes.go | 21 +--- internal/types/zones.go | 20 ++++ pkg/google/dns.go | 33 +++--- pkg/google/google.go | 33 ++++++ pkg/google/utils.go | 36 ++++++ pkg/providerConfigs/adjustDriver.go | 147 ++++++++++++++++++++++++ providers/aws/create.go | 24 +--- providers/digitalocean/create.go | 30 ++--- providers/google/create.go | 36 +++--- 22 files changed, 561 insertions(+), 143 deletions(-) create mode 100644 internal/router/api/v1/zones.go create mode 100644 internal/types/zones.go create mode 100644 pkg/google/utils.go diff --git a/extensions/civo/secrets.go b/extensions/civo/secrets.go index 8ef8dda9..ca68603f 100644 --- a/extensions/civo/secrets.go +++ b/extensions/civo/secrets.go @@ -48,7 +48,7 @@ func BootstrapCivoMgmtCluster(clientset *kubernetes.Clientset, cl *pkgtypes.Clus externalDnsToken = cl.DigitaloceanAuth.Token case "aws": externalDnsToken = "implement with cluster management" - case "googlecloud": + case "google": externalDnsToken = "implement with cluster management" case "cloudflare": externalDnsToken = cl.CloudflareAuth.APIToken diff --git a/extensions/digitalocean/secrets.go b/extensions/digitalocean/secrets.go index b03f3ba2..0712441f 100644 --- a/extensions/digitalocean/secrets.go +++ b/extensions/digitalocean/secrets.go @@ -20,7 +20,6 @@ import ( ) func BootstrapDigitaloceanMgmtCluster(clientset *kubernetes.Clientset, cl *pkgtypes.Cluster, destinationGitopsRepoURL string) error { - err := providerConfig.BootstrapMgmtCluster( clientset, @@ -40,8 +39,61 @@ func BootstrapDigitaloceanMgmtCluster(clientset *kubernetes.Clientset, cl *pkgty return err } + var externalDnsToken string + switch cl.DnsProvider { + case "civo": + externalDnsToken = cl.CivoAuth.Token + case "vultr": + externalDnsToken = cl.VultrAuth.Token + case "digitalocean": + externalDnsToken = cl.DigitaloceanAuth.Token + case "aws": + externalDnsToken = "implement with cluster management" + case "google": + externalDnsToken = "implement with cluster management" + case "cloudflare": + externalDnsToken = cl.CloudflareAuth.APIToken + } + // Create secrets - createSecrets := []*v1.Secret{} + createSecrets := []*v1.Secret{ + { + ObjectMeta: metav1.ObjectMeta{Name: "cloudflare-creds", Namespace: "argo"}, + Data: map[string][]byte{ + "origin-ca-api-key": []byte(cl.CloudflareAuth.OriginCaIssuerKey), + }, + }, + { + ObjectMeta: metav1.ObjectMeta{Name: "cloudflare-creds", Namespace: "atlantis"}, + Data: map[string][]byte{ + "origin-ca-api-key": []byte(cl.CloudflareAuth.OriginCaIssuerKey), + }, + }, + { + ObjectMeta: metav1.ObjectMeta{Name: "cloudflare-creds", Namespace: "chartmuseum"}, + Data: map[string][]byte{ + "origin-ca-api-key": []byte(cl.CloudflareAuth.OriginCaIssuerKey), + }, + }, + { + ObjectMeta: metav1.ObjectMeta{Name: "external-dns-secrets", Namespace: "external-dns"}, + Data: map[string][]byte{ + "token": []byte(externalDnsToken), + }, + }, + { + ObjectMeta: metav1.ObjectMeta{Name: "cloudflare-creds", Namespace: "kubefirst"}, + Data: map[string][]byte{ + "origin-ca-api-key": []byte(cl.CloudflareAuth.OriginCaIssuerKey), + }, + }, + { + ObjectMeta: metav1.ObjectMeta{Name: "cloudflare-creds", Namespace: "vault"}, + Data: map[string][]byte{ + "origin-ca-api-key": []byte(cl.CloudflareAuth.OriginCaIssuerKey), + }, + }, + } for _, secret := range createSecrets { _, err := clientset.CoreV1().Secrets(secret.ObjectMeta.Namespace).Get(context.TODO(), secret.ObjectMeta.Name, metav1.GetOptions{}) if err == nil { diff --git a/extensions/google/env.go b/extensions/google/env.go index 88cb700f..d07603c6 100644 --- a/extensions/google/env.go +++ b/extensions/google/env.go @@ -8,6 +8,7 @@ package google import ( "fmt" + "os" "strconv" "strings" @@ -30,11 +31,12 @@ func readVaultTokenFromSecret(clientset *kubernetes.Clientset) string { } func GetGoogleTerraformEnvs(envs map[string]string, cl *pkgtypes.Cluster) map[string]string { - envs["GOOGLE_CLOUD_KEYFILE_JSON"] = cl.GoogleAuth.KeyFile - envs["GOOGLE_CREDENTIALS "] = cl.GoogleAuth.KeyFile envs["TF_VAR_project"] = cl.GoogleAuth.ProjectId - envs["GOOGLE_APPLICATION_CREDENTIALS"] = "" //allows for local debugging - //envs["TF_LOG"] = "debug" + homeDir, err := os.UserHomeDir() + if err != nil { + log.Fatalf("error getting home path: %s", err) + } + envs["GOOGLE_APPLICATION_CREDENTIALS"] = fmt.Sprintf("%s/.k1/application-default-credentials.json", homeDir) return envs } @@ -44,9 +46,11 @@ func GetGithubTerraformEnvs(envs map[string]string, cl *pkgtypes.Cluster) map[st envs["GITHUB_OWNER"] = cl.GitAuth.Owner envs["TF_VAR_atlantis_repo_webhook_secret"] = cl.AtlantisWebhookSecret envs["TF_VAR_kbot_ssh_public_key"] = cl.GitAuth.PublicKey - envs["GOOGLE_CREDENTIALS "] = cl.GoogleAuth.KeyFile - envs["GOOGLE_APPLICATION_CREDENTIALS"] = "" //allows for local debugging - + homeDir, err := os.UserHomeDir() + if err != nil { + log.Fatalf("error getting home path: %s", err) + } + envs["GOOGLE_APPLICATION_CREDENTIALS"] = fmt.Sprintf("%s/.k1/application-default-credentials.json", homeDir) return envs } @@ -59,8 +63,11 @@ func GetGitlabTerraformEnvs(envs map[string]string, gid int, cl *pkgtypes.Cluste envs["TF_VAR_kbot_ssh_public_key"] = cl.GitAuth.PublicKey envs["TF_VAR_owner_group_id"] = strconv.Itoa(gid) envs["TF_VAR_gitlab_owner"] = cl.GitAuth.Owner - envs["GOOGLE_CREDENTIALS "] = cl.GoogleAuth.KeyFile - envs["GOOGLE_APPLICATION_CREDENTIALS"] = "" //allows for local debugging + homeDir, err := os.UserHomeDir() + if err != nil { + log.Fatalf("error getting home path: %s", err) + } + envs["GOOGLE_APPLICATION_CREDENTIALS"] = fmt.Sprintf("%s/.k1/application-default-credentials.json", homeDir) return envs } @@ -70,8 +77,11 @@ func GetUsersTerraformEnvs(clientset *kubernetes.Clientset, cl *pkgtypes.Cluster envs["VAULT_ADDR"] = providerConfigs.VaultPortForwardURL envs[fmt.Sprintf("%s_TOKEN", strings.ToUpper(cl.GitProvider))] = cl.GitAuth.Token envs[fmt.Sprintf("%s_OWNER", strings.ToUpper(cl.GitProvider))] = cl.GitAuth.Owner - envs["GOOGLE_CREDENTIALS "] = cl.GoogleAuth.KeyFile - envs["GOOGLE_APPLICATION_CREDENTIALS"] = "" //allows for local debugging + homeDir, err := os.UserHomeDir() + if err != nil { + log.Fatalf("error getting home path: %s", err) + } + envs["GOOGLE_APPLICATION_CREDENTIALS"] = fmt.Sprintf("%s/.k1/application-default-credentials.json", homeDir) return envs } @@ -92,8 +102,11 @@ func GetVaultTerraformEnvs(clientset *kubernetes.Clientset, cl *pkgtypes.Cluster envs["TF_VAR_kbot_ssh_public_key"] = cl.GitAuth.PublicKey envs["TF_VAR_cloudflare_origin_ca_api_key"] = cl.CloudflareAuth.OriginCaIssuerKey envs["TF_VAR_cloudflare_api_key"] = cl.CloudflareAuth.Token - envs["GOOGLE_CREDENTIALS "] = cl.GoogleAuth.KeyFile - envs["GOOGLE_APPLICATION_CREDENTIALS"] = "" //allows for local debugging + homeDir, err := os.UserHomeDir() + if err != nil { + log.Fatalf("error getting home path: %s", err) + } + envs["GOOGLE_APPLICATION_CREDENTIALS"] = fmt.Sprintf("%s/.k1/application-default-credentials.json", homeDir) switch cl.GitProvider { case "gitlab": diff --git a/extensions/google/secrets.go b/extensions/google/secrets.go index 2b755024..0aee50b4 100644 --- a/extensions/google/secrets.go +++ b/extensions/google/secrets.go @@ -41,8 +41,62 @@ func BootstrapGoogleMgmtCluster( log.Fatal().Msgf("error in central function to create secrets: %s", err) return err } + + var externalDnsToken string + switch cl.DnsProvider { + case "civo": + externalDnsToken = cl.CivoAuth.Token + case "vultr": + externalDnsToken = cl.VultrAuth.Token + case "digitalocean": + externalDnsToken = cl.DigitaloceanAuth.Token + case "aws": + externalDnsToken = "implement with cluster management" + case "google": + externalDnsToken = "implement with cluster management" + case "cloudflare": + externalDnsToken = cl.CloudflareAuth.APIToken + } + // Create secrets - createSecrets := []*v1.Secret{} + createSecrets := []*v1.Secret{ + { + ObjectMeta: metav1.ObjectMeta{Name: "cloudflare-creds", Namespace: "argo"}, + Data: map[string][]byte{ + "origin-ca-api-key": []byte(cl.CloudflareAuth.OriginCaIssuerKey), + }, + }, + { + ObjectMeta: metav1.ObjectMeta{Name: "cloudflare-creds", Namespace: "atlantis"}, + Data: map[string][]byte{ + "origin-ca-api-key": []byte(cl.CloudflareAuth.OriginCaIssuerKey), + }, + }, + { + ObjectMeta: metav1.ObjectMeta{Name: "cloudflare-creds", Namespace: "chartmuseum"}, + Data: map[string][]byte{ + "origin-ca-api-key": []byte(cl.CloudflareAuth.OriginCaIssuerKey), + }, + }, + { + ObjectMeta: metav1.ObjectMeta{Name: "external-dns-secrets", Namespace: "external-dns"}, + Data: map[string][]byte{ + "token": []byte(externalDnsToken), + }, + }, + { + ObjectMeta: metav1.ObjectMeta{Name: "cloudflare-creds", Namespace: "kubefirst"}, + Data: map[string][]byte{ + "origin-ca-api-key": []byte(cl.CloudflareAuth.OriginCaIssuerKey), + }, + }, + { + ObjectMeta: metav1.ObjectMeta{Name: "cloudflare-creds", Namespace: "vault"}, + Data: map[string][]byte{ + "origin-ca-api-key": []byte(cl.CloudflareAuth.OriginCaIssuerKey), + }, + }, + } for _, secret := range createSecrets { _, err := clientset.CoreV1().Secrets(secret.ObjectMeta.Namespace).Get(context.TODO(), secret.ObjectMeta.Name, metav1.GetOptions{}) if err == nil { diff --git a/internal/controller/argocd.go b/internal/controller/argocd.go index d4e85add..67814d0c 100644 --- a/internal/controller/argocd.go +++ b/internal/controller/argocd.go @@ -230,6 +230,14 @@ func (clctrl *ClusterController) DeployRegistryApplication() error { registryPath = fmt.Sprintf("registry/clusters/%s", clctrl.ClusterName) } else if clctrl.CloudProvider == "aws" && clctrl.GitProvider == "gitlab" { registryPath = fmt.Sprintf("registry/clusters/%s", clctrl.ClusterName) + } else if clctrl.CloudProvider == "google" && clctrl.GitProvider == "github" { + registryPath = fmt.Sprintf("registry/clusters/%s", clctrl.ClusterName) + } else if clctrl.CloudProvider == "google" && clctrl.GitProvider == "gitlab" { + registryPath = fmt.Sprintf("registry/clusters/%s", clctrl.ClusterName) + } else if clctrl.CloudProvider == "digitalocean" && clctrl.GitProvider == "github" { + registryPath = fmt.Sprintf("registry/clusters/%s", clctrl.ClusterName) + } else if clctrl.CloudProvider == "digitalocean" && clctrl.GitProvider == "gitlab" { + registryPath = fmt.Sprintf("registry/clusters/%s", clctrl.ClusterName) } else { registryPath = fmt.Sprintf("registry/%s", clctrl.ClusterName) } diff --git a/internal/controller/domain.go b/internal/controller/domain.go index ccfec2e4..b0520cc6 100644 --- a/internal/controller/domain.go +++ b/internal/controller/domain.go @@ -67,7 +67,6 @@ func (clctrl *ClusterController) DomainLivenessTest() error { } case "cloudflare": - //! jared will brb to fix this _, err := cloudflare_api.NewWithAPIToken(clctrl.CloudflareAuth.APIToken) if err != nil { return err diff --git a/internal/controller/kms.go b/internal/controller/kms.go index 4b3515ff..6c8b0921 100644 --- a/internal/controller/kms.go +++ b/internal/controller/kms.go @@ -49,6 +49,14 @@ func (clctrl *ClusterController) DetokenizeKMSKeyID() error { registryPath = fmt.Sprintf("registry/clusters/%s", clctrl.ClusterName) } else if clctrl.CloudProvider == "aws" && clctrl.GitProvider == "gitlab" { registryPath = fmt.Sprintf("registry/clusters/%s", clctrl.ClusterName) + } else if clctrl.CloudProvider == "google" && clctrl.GitProvider == "github" { + registryPath = fmt.Sprintf("registry/clusters/%s", clctrl.ClusterName) + } else if clctrl.CloudProvider == "google" && clctrl.GitProvider == "gitlab" { + registryPath = fmt.Sprintf("registry/clusters/%s", clctrl.ClusterName) + } else if clctrl.CloudProvider == "digitalocean" && clctrl.GitProvider == "github" { + registryPath = fmt.Sprintf("registry/clusters/%s", clctrl.ClusterName) + } else if clctrl.CloudProvider == "digitalocean" && clctrl.GitProvider == "gitlab" { + registryPath = fmt.Sprintf("registry/clusters/%s", clctrl.ClusterName) } else { registryPath = fmt.Sprintf("registry/%s", clctrl.ClusterName) } diff --git a/internal/controller/vault.go b/internal/controller/vault.go index 20dfb156..98065920 100644 --- a/internal/controller/vault.go +++ b/internal/controller/vault.go @@ -9,9 +9,11 @@ package controller import ( "context" "encoding/base64" + "encoding/json" "fmt" "os" "strconv" + "strings" vaultapi "github.com/hashicorp/vault/api" awsext "github.com/kubefirst/kubefirst-api/extensions/aws" @@ -316,7 +318,7 @@ func (clctrl *ClusterController) WriteVaultSecrets() error { externalDnsToken = cl.DigitaloceanAuth.Token case "aws": externalDnsToken = "implement with cluster management" - case "googlecloud": + case "google": externalDnsToken = "implement with cluster management" case "cloudflare": externalDnsToken = cl.CloudflareAuth.APIToken @@ -347,7 +349,7 @@ func (clctrl *ClusterController) WriteVaultSecrets() error { vaultRootToken = vaultUnsealSecretData["root-token"] } vaultClient.SetToken(vaultRootToken) - // + _, err = vaultClient.KVv2("secret").Put(context.Background(), "external-dns", map[string]interface{}{ "token": externalDnsToken, }) @@ -356,6 +358,16 @@ func (clctrl *ClusterController) WriteVaultSecrets() error { "origin-ca-api-key": cl.CloudflareAuth.OriginCaIssuerKey, }) + if cl.CloudProvider == "google" { + log.Info("writing google specific secrets to vault secret store") + homeDir, err := os.UserHomeDir() + if err != nil { + log.Fatalf("error getting home path: %s", err) + } + writeGoogleSecrets(homeDir, vaultClient) + log.Info("successfully wrote google specific secrets to vault") + } + if err != nil { log.Errorf("error writing secret to vault: %s", err) return err @@ -410,3 +422,27 @@ func (clctrl *ClusterController) WaitForVault() error { return nil } + +func writeGoogleSecrets(homeDir string, vaultClient *vaultapi.Client) error { + + // vault path - gcp/application-default-credentials + adcJSON, err := os.ReadFile(fmt.Sprintf("%s/.k1/application-default-credentials.json", homeDir)) + if err != nil { + log.Error("error: reading google json credentials file") + return err + } + + var data map[string]interface{} + err = json.Unmarshal([]byte(adcJSON), &data) + if err != nil { + return err + } + + data["private_key"] = strings.Replace(data["private_key"].(string), "\n", "\\n", -1) + + _, err = vaultClient.KVv2("secret").Put(context.Background(), "gcp/application-default-credentials", data) + if err != nil { + return err + } + return nil +} diff --git a/internal/db/mongo.go b/internal/db/mongo.go index ffdcc578..88624a0f 100644 --- a/internal/db/mongo.go +++ b/internal/db/mongo.go @@ -98,19 +98,14 @@ func (mdbcl *MongoDBClient) ImportClusterIfEmpty(silent bool, cloudProvider stri // find the secret in mgmt cluster's kubefirst namespace and read import payload and clustername var kcfg *k8s.KubernetesClient - // homeDir, err := os.UserHomeDir() - // if err != nil { - // log.Fatalf("error getting home path: %s", err) - // } - - if os.Getenv("IS_CLUSTER_ZERO") == "true" { + if os.Getenv("IS_CLUSTER_ZERO") == "true" { log.Info("IS_CLUSTER_ZERO is set to true, skipping import cluster logic.") return pkgtypes.Cluster{}, nil } if os.Getenv("CLOUD_PROVIDER") == "k3d" { log.Info("CLOUD_PROVIDER is set to k3d, skipping import cluster logic.") return pkgtypes.Cluster{}, nil - } + } homeDir, err := os.UserHomeDir() if err != nil { diff --git a/internal/router/api/v1/instanceSizes.go b/internal/router/api/v1/instanceSizes.go index e04d2304..84428779 100644 --- a/internal/router/api/v1/instanceSizes.go +++ b/internal/router/api/v1/instanceSizes.go @@ -16,11 +16,11 @@ import ( func ListInstanceSizesForRegion(c *gin.Context) { - dnsProvider, param := c.Params.Get("dns_provider") + dnsProvider, param := c.Params.Get("cloud_provider") if !param { c.JSON(http.StatusBadRequest, types.JSONFailureResponse{ - Message: ":dns_provider not provided", + Message: ":cloud_provider not provided", }) return } @@ -34,6 +34,8 @@ func ListInstanceSizesForRegion(c *gin.Context) { return } + + var instanceSizesResponse types.InstanceSizesResponse switch dnsProvider { case "civo": @@ -44,8 +46,6 @@ func ListInstanceSizesForRegion(c *gin.Context) { return } - var instanceSizesResponse types.CivoInstanceSizesResponse - civoConfig := civo.CivoConfiguration{ Client: civo.NewCivo(instanceSizesRequest.CivoAuth.Token, instanceSizesRequest.CloudRegion), Context: context.Background(), @@ -73,8 +73,6 @@ func ListInstanceSizesForRegion(c *gin.Context) { return } - var instanceSizesResponse types.AwsInstanceSizesResponse - awsConf := &awsinternal.AWSConfiguration{ Config: awsinternal.NewAwsV3( instanceSizesRequest.CloudRegion, @@ -97,7 +95,7 @@ func ListInstanceSizesForRegion(c *gin.Context) { return } - instanceSizesResponse.InstanceSizes = instanceSizes.InstanceTypeOfferings + instanceSizesResponse.InstanceSizes = instanceSizes c.JSON(http.StatusOK, instanceSizesResponse) return @@ -109,8 +107,6 @@ func ListInstanceSizesForRegion(c *gin.Context) { return } - var instanceSizesResponse types.DigitalOceanInstanceSizesResponse - digitaloceanConf := digitalocean.DigitaloceanConfiguration{ Client: digitalocean.NewDigitalocean(instanceSizesRequest.DigitaloceanAuth.Token), Context: context.Background(), @@ -124,7 +120,6 @@ func ListInstanceSizesForRegion(c *gin.Context) { return } - instanceSizesResponse.InstanceSizes = instances c.JSON(http.StatusOK, instanceSizesResponse) return @@ -137,8 +132,6 @@ func ListInstanceSizesForRegion(c *gin.Context) { return } - var instanceSizesResponse types.VultrInstanceSizesResponse - vultrConf := vultr.VultrConfiguration{ Client: vultr.NewVultr(instanceSizesRequest.VultrAuth.Token), Context: context.Background(), @@ -157,6 +150,14 @@ func ListInstanceSizesForRegion(c *gin.Context) { return case "google": + + if instanceSizesRequest.CloudZone == "" { + c.JSON(http.StatusBadRequest, types.JSONFailureResponse{ + Message: "missing cloud_zone arg, please check and try again", + }) + return + } + if instanceSizesRequest.GoogleAuth.ProjectId == "" || instanceSizesRequest.GoogleAuth.KeyFile == "" { c.JSON(http.StatusBadRequest, types.JSONFailureResponse{ @@ -172,9 +173,7 @@ func ListInstanceSizesForRegion(c *gin.Context) { KeyFile: instanceSizesRequest.GoogleAuth.KeyFile, } - instances, err := googleConf.ListInstances() - - fmt.Println("the instances =>", instances) + instances, err := googleConf.ListInstances(instanceSizesRequest.CloudZone) if err != nil { c.JSON(http.StatusBadRequest, types.JSONFailureResponse{ @@ -183,9 +182,7 @@ func ListInstanceSizesForRegion(c *gin.Context) { return } - c.JSON(http.StatusOK, instances); - return - + instanceSizesResponse.InstanceSizes = instances default: c.JSON(http.StatusBadRequest, types.JSONFailureResponse{ @@ -194,5 +191,6 @@ func ListInstanceSizesForRegion(c *gin.Context) { return } + c.JSON(http.StatusOK, instanceSizesResponse) } diff --git a/internal/router/api/v1/zones.go b/internal/router/api/v1/zones.go new file mode 100644 index 00000000..019cae21 --- /dev/null +++ b/internal/router/api/v1/zones.go @@ -0,0 +1,46 @@ +package api + +import ( + "context" + "net/http" + + "github.com/gin-gonic/gin" + "github.com/kubefirst/kubefirst-api/internal/types" + "github.com/kubefirst/kubefirst-api/pkg/google" +) + +// Currently only needs to support google +func ListZonesForRegion(c *gin.Context) { + + var zonesListRequest types.ZonesListRequest + err := c.Bind(&zonesListRequest) + if err != nil { + c.JSON(http.StatusBadRequest, types.JSONFailureResponse{ + Message: err.Error(), + }) + return + } + + googleConf := google.GoogleConfiguration{ + Context: context.Background(), + Project: zonesListRequest.GoogleAuth.ProjectId, + Region: zonesListRequest.CloudRegion, + KeyFile: zonesListRequest.GoogleAuth.KeyFile, + } + + + var zonesListResponse types.ZonesListResponse + + zones, err := googleConf.GetZones() + if err != nil { + c.JSON(http.StatusBadRequest, types.JSONFailureResponse{ + Message: err.Error(), + }) + return + } + + zonesListResponse.Zones = zones + + c.JSON(http.StatusOK, zonesListResponse) +} + diff --git a/internal/router/router.go b/internal/router/router.go index b269501d..1c61cb69 100644 --- a/internal/router/router.go +++ b/internal/router/router.go @@ -67,14 +67,17 @@ func SetupRouter() *gin.Engine { v1.POST("/domain/:dns_provider", middleware.ValidateAPIKey(), router.PostDomains) v1.GET("/domain/validate/aws/:domain", middleware.ValidateAPIKey(), router.GetValidateAWSDomain) v1.GET("/domain/validate/civo/:domain", middleware.ValidateAPIKey(), router.GetValidateCivoDomain) - // v1.GET("/domain/validate/digi1a`talocean/:domain", middleware.ValidateAPIKey(), router.GetValidateDigitalOceanDomain) + // v1.GET("/domain/validate/digitalocean/:domain", middleware.ValidateAPIKey(), router.GetValidateDigitalOceanDomain) // v1.GET("/domain/validate/vultr/:domain", middleware.ValidateAPIKey(), router.GetValidateVultrDomain) // v1.GET("/domain/validate/google/:domain", middleware.ValidateAPIKey(), router.GetValidateGoogleDomain) // Regions v1.POST("/region/:cloud_provider", middleware.ValidateAPIKey(), router.PostRegions) - + + // Zones *** Only supports google *** + v1.POST("/zones", middleware.ValidateAPIKey(), router.ListZonesForRegion) + // Instance Sizes - v1.POST("/instance-sizes/:dns_provider", middleware.ValidateAPIKey(), router.ListInstanceSizesForRegion) + v1.POST("/instance-sizes/:cloud_provider", middleware.ValidateAPIKey(), router.ListInstanceSizesForRegion) // Environments v1.GET("/environment", middleware.ValidateAPIKey(), router.GetEnvironments) diff --git a/internal/services/services.go b/internal/services/services.go index 0cfeaf41..fcf209a8 100644 --- a/internal/services/services.go +++ b/internal/services/services.go @@ -73,6 +73,16 @@ func CreateService(cl *pkgtypes.Cluster, serviceName string, appDef *types.Gitop registryPath = fmt.Sprintf("registry/clusters/%s", cl.ClusterName) } else if cl.CloudProvider == "aws" && cl.GitProvider == "github" { registryPath = fmt.Sprintf("registry/clusters/%s", cl.ClusterName) + } else if cl.CloudProvider == "aws" && cl.GitProvider == "gitlab" { + registryPath = fmt.Sprintf("registry/clusters/%s", cl.ClusterName) + } else if cl.CloudProvider == "google" && cl.GitProvider == "github" { + registryPath = fmt.Sprintf("registry/clusters/%s", cl.ClusterName) + } else if cl.CloudProvider == "google" && cl.GitProvider == "gitlab" { + registryPath = fmt.Sprintf("registry/clusters/%s", cl.ClusterName) + } else if cl.CloudProvider == "digitalocean" && cl.GitProvider == "github" { + registryPath = fmt.Sprintf("registry/clusters/%s", cl.ClusterName) + } else if cl.CloudProvider == "digitalocean" && cl.GitProvider == "gitlab" { + registryPath = fmt.Sprintf("registry/clusters/%s", cl.ClusterName) } else { registryPath = fmt.Sprintf("registry/%s", cl.ClusterName) } @@ -266,6 +276,12 @@ func DeleteService(cl *pkgtypes.Cluster, serviceName string) error { registryPath = fmt.Sprintf("registry/clusters/%s", cl.ClusterName) } else if cl.CloudProvider == "aws" && cl.GitProvider == "github" { registryPath = fmt.Sprintf("registry/clusters/%s", cl.ClusterName) + } else if cl.CloudProvider == "aws" && cl.GitProvider == "gitlab" { + registryPath = fmt.Sprintf("registry/clusters/%s", cl.ClusterName) + } else if cl.CloudProvider == "google" && cl.GitProvider == "github" { + registryPath = fmt.Sprintf("registry/clusters/%s", cl.ClusterName) + } else if cl.CloudProvider == "google" && cl.GitProvider == "gitlab" { + registryPath = fmt.Sprintf("registry/clusters/%s", cl.ClusterName) } else { registryPath = fmt.Sprintf("registry/%s", cl.ClusterName) } diff --git a/internal/types/instanceSizes.go b/internal/types/instanceSizes.go index 5e3d7524..00bb7350 100644 --- a/internal/types/instanceSizes.go +++ b/internal/types/instanceSizes.go @@ -7,15 +7,12 @@ See the LICENSE file for more details. package types import ( - "github.com/aws/aws-sdk-go-v2/service/ec2/types" - "github.com/civo/civogo" - "github.com/digitalocean/godo" pkgtypes "github.com/kubefirst/kubefirst-api/pkg/types" - vultr "github.com/vultr/govultr/v3" ) type InstanceSizesRequest struct { CloudRegion string `json:"cloud_region" binding:"required"` + CloudZone string `json:"cloud_zone,omitempty"` CivoAuth pkgtypes.CivoAuth `json:"civo_auth,omitempty"` AWSAuth pkgtypes.AWSAuth `json:"aws_auth,omitempty"` DigitaloceanAuth pkgtypes.DigitaloceanAuth `json:"do_auth,omitempty"` @@ -23,18 +20,6 @@ type InstanceSizesRequest struct { GoogleAuth pkgtypes.GoogleAuth `json:"google_auth,omitempty"` } -type CivoInstanceSizesResponse struct { - InstanceSizes []civogo.InstanceSize `json:"instance_sizes"` -} - -type AwsInstanceSizesResponse struct { - InstanceSizes []types.InstanceTypeOffering `json:"instance_sizes"` -} - -type DigitalOceanInstanceSizesResponse struct { - InstanceSizes []*godo.AppInstanceSize `json:"instance_sizes"` -} - -type VultrInstanceSizesResponse struct { - InstanceSizes []vultr.Instance `json:"instance_sizes"` +type InstanceSizesResponse struct { + InstanceSizes []string `json:"instance_sizes"` } diff --git a/internal/types/zones.go b/internal/types/zones.go new file mode 100644 index 00000000..04cf5dda --- /dev/null +++ b/internal/types/zones.go @@ -0,0 +1,20 @@ +/* +Copyright (C) 2021-2023, Kubefirst + +This program is licensed under MIT. +See the LICENSE file for more details. +*/ +package types + +import ( + pkgtypes "github.com/kubefirst/kubefirst-api/pkg/types" +) + +type ZonesListRequest struct { + CloudRegion string `json:"cloud_region" binding:"required"` + GoogleAuth pkgtypes.GoogleAuth `json:"google_auth" binding:"required"` +} + +type ZonesListResponse struct { + Zones []string `json:"zones"` +} diff --git a/pkg/google/dns.go b/pkg/google/dns.go index df02c6e6..7a09acc4 100644 --- a/pkg/google/dns.go +++ b/pkg/google/dns.go @@ -130,7 +130,7 @@ func (conf *GoogleConfiguration) GetDNSDomains() ([]string, error) { } dnsService, err := googleDNS.NewService(conf.Context, option.WithCredentials(creds)) - + if err != nil { return zoneNames, err } @@ -142,35 +142,33 @@ func (conf *GoogleConfiguration) GetDNSDomains() ([]string, error) { } for _, zone := range zones.ManagedZones { - zoneNames = append(zoneNames, zone.Name) + zoneNames = append(zoneNames, strings.TrimRight(zone.DnsName, ".")) } - + return zoneNames, nil } -func (conf *GoogleConfiguration) ListInstances() ([]string, error){ - fmt.Println("hello world") +func (conf *GoogleConfiguration) ListInstances(zone string) ([]string, error) { creds, err := google.CredentialsFromJSON(conf.Context, []byte(conf.KeyFile), secretmanager.DefaultAuthScopes()...) if err != nil { return nil, fmt.Errorf("could not create google storage client credentials: %s", err) } - instancesClient, err := compute.NewInstancesRESTClient(context.Background(), option.WithCredentials(creds)); + machineTypeClient, err := compute.NewMachineTypesRESTClient(context.Background(), option.WithCredentials(creds)) if err != nil { return nil, err } - req := &computepb.ListInstancesRequest{ - Project: conf.Project, - Zone: conf.Region, - } - - it := instancesClient.List(context.Background(), req) + defer machineTypeClient.Close() + machines := machineTypeClient.List(context.Background(), &computepb.ListMachineTypesRequest{ + Project: conf.Project, + Zone: zone, + }) - var stuff []string + var machineTypes []string for { - instance, err := it.Next() + m, err := machines.Next() if err == iterator.Done { break } @@ -178,11 +176,8 @@ func (conf *GoogleConfiguration) ListInstances() ([]string, error){ return nil, err } - value := fmt.Sprintf("%v : %v", instance.GetName(), instance.GetMachineType()) - fmt.Println(value) - stuff = append(stuff, value) + machineTypes = append(machineTypes, m.GetName()) } - defer instancesClient.Close() - return stuff, nil + return machineTypes, nil } diff --git a/pkg/google/google.go b/pkg/google/google.go index 11768cef..fe18fed6 100644 --- a/pkg/google/google.go +++ b/pkg/google/google.go @@ -54,6 +54,39 @@ func (conf *GoogleConfiguration) GetRegions() ([]string, error) { return regionList, nil } +func (conf *GoogleConfiguration) GetZones() ([]string, error) { + var zoneList []string + + creds, err := google.CredentialsFromJSON(conf.Context, []byte(conf.KeyFile), secretmanager.DefaultAuthScopes()...) + if err != nil { + return nil, fmt.Errorf("could not create google storage client credentials: %s", err) + } + + client, err := compute.NewZonesRESTClient(conf.Context, option.WithCredentials(creds)) + if err != nil { + return nil, fmt.Errorf("could not create google compute client: %s", err) + } + defer client.Close() + + req := &computepb.ListZonesRequest{ + Project: conf.Project, + } + + it := client.List(conf.Context, req) + for { + pair, err := it.Next() + if err == iterator.Done { + break + } + if err != nil { + return []string{}, err + } + zoneList = append(zoneList, *pair.Name) + } + + return zoneList, nil +} + // GetDomainApexContent determines whether or not a target domain features // a host responding at zone apex func GetDomainApexContent(domainName string) bool { diff --git a/pkg/google/utils.go b/pkg/google/utils.go new file mode 100644 index 00000000..720108a4 --- /dev/null +++ b/pkg/google/utils.go @@ -0,0 +1,36 @@ +/* +Copyright (C) 2021-2023, Kubefirst + +This program is licensed under MIT. +See the LICENSE file for more details. +*/ +package google + +import ( + "fmt" + "log" + "os" +) + +// WriteGoogleApplicationCredentialsFile writes credentials file for use throughout installation +func WriteGoogleApplicationCredentialsFile(googleApplicationCredentials, homeDir string) error { + + file, err := os.Create(fmt.Sprintf("%s/.k1/application-default-credentials.json", homeDir)) + if err != nil { + return err + } + + _, err = file.WriteString(googleApplicationCredentials) + if err != nil { + log.Fatal("error writing google application credentials file") + return err + } + + // Close the file writer. + err = file.Close() + if err != nil { + log.Fatal("error closing file writer") + return err + } + return nil +} diff --git a/pkg/providerConfigs/adjustDriver.go b/pkg/providerConfigs/adjustDriver.go index 3817db95..e00c5456 100644 --- a/pkg/providerConfigs/adjustDriver.go +++ b/pkg/providerConfigs/adjustDriver.go @@ -199,6 +199,153 @@ func AdjustGitopsRepo( return nil } + GOOGLE_GITHUB := "google-github" + + if strings.ToLower(fmt.Sprintf("%s-%s", cloudProvider, gitProvider)) == GOOGLE_GITHUB { + driverContent := fmt.Sprintf("%s/%s-%s/", gitopsRepoDir, cloudProvider, gitProvider) + err := cp.Copy(driverContent, gitopsRepoDir, opt) + if err != nil { + log.Info().Msgf("Error populating gitops repository with driver content: %s. error: %s", fmt.Sprintf("%s-%s", cloudProvider, gitProvider), err.Error()) + return err + } + os.RemoveAll(driverContent) + + //* copy $HOME/.k1/gitops/templates/${clusterType}/* $HOME/.k1/gitops/registry/${clusterName} + clusterContent := fmt.Sprintf("%s/templates/%s", gitopsRepoDir, clusterType) + + // Remove apex content if apex content already exists + if apexContentExists { + log.Warn().Msgf("removing nginx-apex since apexContentExists was %v", apexContentExists) + os.Remove(fmt.Sprintf("%s/nginx-apex.yaml", clusterContent)) + os.RemoveAll(fmt.Sprintf("%s/nginx-apex", clusterContent)) + } else { + log.Warn().Msgf("will create nginx-apex since apexContentExists was %v", apexContentExists) + } + + if strings.ToLower(fmt.Sprintf("%s-%s", cloudProvider, gitProvider)) == GOOGLE_GITHUB { + err = cp.Copy(clusterContent, fmt.Sprintf("%s/registry/clusters/%s", gitopsRepoDir, clusterName), opt) + } else { + err = cp.Copy(clusterContent, fmt.Sprintf("%s/registry/%s", gitopsRepoDir, clusterName), opt) + } + if err != nil { + log.Info().Msgf("Error populating cluster content with %s. error: %s", clusterContent, err.Error()) + return err + } + os.RemoveAll(fmt.Sprintf("%s/templates/mgmt", gitopsRepoDir)) + + return nil + } + + GOOGLE_GITLAB := "google-gitlab" + + if strings.ToLower(fmt.Sprintf("%s-%s", cloudProvider, gitProvider)) == GOOGLE_GITLAB { + driverContent := fmt.Sprintf("%s/%s-%s/", gitopsRepoDir, cloudProvider, gitProvider) + err := cp.Copy(driverContent, gitopsRepoDir, opt) + if err != nil { + log.Info().Msgf("Error populating gitops repository with driver content: %s. error: %s", fmt.Sprintf("%s-%s", cloudProvider, gitProvider), err.Error()) + return err + } + os.RemoveAll(driverContent) + + //* copy $HOME/.k1/gitops/templates/${clusterType}/* $HOME/.k1/gitops/registry/${clusterName} + clusterContent := fmt.Sprintf("%s/templates/%s", gitopsRepoDir, clusterType) + + // Remove apex content if apex content already exists + if apexContentExists { + log.Warn().Msgf("removing nginx-apex since apexContentExists was %v", apexContentExists) + os.Remove(fmt.Sprintf("%s/nginx-apex.yaml", clusterContent)) + os.RemoveAll(fmt.Sprintf("%s/nginx-apex", clusterContent)) + } else { + log.Warn().Msgf("will create nginx-apex since apexContentExists was %v", apexContentExists) + } + + if strings.ToLower(fmt.Sprintf("%s-%s", cloudProvider, gitProvider)) == GOOGLE_GITLAB { + err = cp.Copy(clusterContent, fmt.Sprintf("%s/registry/clusters/%s", gitopsRepoDir, clusterName), opt) + } else { + err = cp.Copy(clusterContent, fmt.Sprintf("%s/registry/%s", gitopsRepoDir, clusterName), opt) + } + if err != nil { + log.Info().Msgf("Error populating cluster content with %s. error: %s", clusterContent, err.Error()) + return err + } + os.RemoveAll(fmt.Sprintf("%s/templates/mgmt", gitopsRepoDir)) + + return nil + } + + DIGITALOCEAN_GITHUB := "digitalocean-github" + + if strings.ToLower(fmt.Sprintf("%s-%s", cloudProvider, gitProvider)) == DIGITALOCEAN_GITHUB { + driverContent := fmt.Sprintf("%s/%s-%s/", gitopsRepoDir, cloudProvider, gitProvider) + err := cp.Copy(driverContent, gitopsRepoDir, opt) + if err != nil { + log.Info().Msgf("Error populating gitops repository with driver content: %s. error: %s", fmt.Sprintf("%s-%s", cloudProvider, gitProvider), err.Error()) + return err + } + os.RemoveAll(driverContent) + + //* copy $HOME/.k1/gitops/templates/${clusterType}/* $HOME/.k1/gitops/registry/${clusterName} + clusterContent := fmt.Sprintf("%s/templates/%s", gitopsRepoDir, clusterType) + + // Remove apex content if apex content already exists + if apexContentExists { + log.Warn().Msgf("removing nginx-apex since apexContentExists was %v", apexContentExists) + os.Remove(fmt.Sprintf("%s/nginx-apex.yaml", clusterContent)) + os.RemoveAll(fmt.Sprintf("%s/nginx-apex", clusterContent)) + } else { + log.Warn().Msgf("will create nginx-apex since apexContentExists was %v", apexContentExists) + } + + if strings.ToLower(fmt.Sprintf("%s-%s", cloudProvider, gitProvider)) == DIGITALOCEAN_GITHUB { + err = cp.Copy(clusterContent, fmt.Sprintf("%s/registry/clusters/%s", gitopsRepoDir, clusterName), opt) + } else { + err = cp.Copy(clusterContent, fmt.Sprintf("%s/registry/%s", gitopsRepoDir, clusterName), opt) + } + if err != nil { + log.Info().Msgf("Error populating cluster content with %s. error: %s", clusterContent, err.Error()) + return err + } + os.RemoveAll(fmt.Sprintf("%s/templates/mgmt", gitopsRepoDir)) + + return nil + } + + DIGITALOCEAN_GITLAB := "digitalocean-gitlab" + + if strings.ToLower(fmt.Sprintf("%s-%s", cloudProvider, gitProvider)) == DIGITALOCEAN_GITLAB { + driverContent := fmt.Sprintf("%s/%s-%s/", gitopsRepoDir, cloudProvider, gitProvider) + err := cp.Copy(driverContent, gitopsRepoDir, opt) + if err != nil { + log.Info().Msgf("Error populating gitops repository with driver content: %s. error: %s", fmt.Sprintf("%s-%s", cloudProvider, gitProvider), err.Error()) + return err + } + os.RemoveAll(driverContent) + + //* copy $HOME/.k1/gitops/templates/${clusterType}/* $HOME/.k1/gitops/registry/${clusterName} + clusterContent := fmt.Sprintf("%s/templates/%s", gitopsRepoDir, clusterType) + + // Remove apex content if apex content already exists + if apexContentExists { + log.Warn().Msgf("removing nginx-apex since apexContentExists was %v", apexContentExists) + os.Remove(fmt.Sprintf("%s/nginx-apex.yaml", clusterContent)) + os.RemoveAll(fmt.Sprintf("%s/nginx-apex", clusterContent)) + } else { + log.Warn().Msgf("will create nginx-apex since apexContentExists was %v", apexContentExists) + } + + if strings.ToLower(fmt.Sprintf("%s-%s", cloudProvider, gitProvider)) == DIGITALOCEAN_GITLAB { + err = cp.Copy(clusterContent, fmt.Sprintf("%s/registry/clusters/%s", gitopsRepoDir, clusterName), opt) + } else { + err = cp.Copy(clusterContent, fmt.Sprintf("%s/registry/%s", gitopsRepoDir, clusterName), opt) + } + if err != nil { + log.Info().Msgf("Error populating cluster content with %s. error: %s", clusterContent, err.Error()) + return err + } + os.RemoveAll(fmt.Sprintf("%s/templates/mgmt", gitopsRepoDir)) + + return nil + } //* copy $cloudProvider-$gitProvider/* $HOME/.k1/gitops/ driverContent := fmt.Sprintf("%s/%s-%s/", gitopsRepoDir, cloudProvider, gitProvider) diff --git a/providers/aws/create.go b/providers/aws/create.go index d98cae27..4717c4a1 100644 --- a/providers/aws/create.go +++ b/providers/aws/create.go @@ -7,9 +7,6 @@ See the LICENSE file for more details. package aws import ( - "os" - "strings" - awsext "github.com/kubefirst/kubefirst-api/extensions/aws" "github.com/kubefirst/kubefirst-api/internal/constants" "github.com/kubefirst/kubefirst-api/internal/controller" @@ -221,8 +218,8 @@ func CreateAWSCluster(definition *pkgtypes.ClusterDefinition) error { log.Info("deploying kubefirst console and verifying cluster installation is complete") consoleDeployment, err := k8s.ReturnDeploymentObject( kcfg.Clientset, - "app.kubernetes.io/instance", - "kubefirst", + "app.kubernetes.io/name", + "console", "kubefirst", 1200, ) @@ -241,23 +238,6 @@ func CreateAWSCluster(definition *pkgtypes.ClusterDefinition) error { } log.Info("cluster creation complete") - cluster1KubefirstApiStopChannel := make(chan struct{}, 1) - defer func() { - close(cluster1KubefirstApiStopChannel) - }() - if strings.ToLower(os.Getenv("K1_LOCAL_DEBUG")) != "" { //allow using local kubefirst api running on port 8082 - k8s.OpenPortForwardPodWrapper( - kcfg.Clientset, - kcfg.RestConfig, - "kubefirst-kubefirst-api", - "kubefirst", - 8081, - 8082, - cluster1KubefirstApiStopChannel, - ) - log.Info("Port forward opened to mgmt cluster kubefirst api") - - } //* export and import cluster err = ctrl.ExportClusterRecord() diff --git a/providers/digitalocean/create.go b/providers/digitalocean/create.go index fbc14087..cc61ce68 100644 --- a/providers/digitalocean/create.go +++ b/providers/digitalocean/create.go @@ -8,7 +8,6 @@ package digitalocean import ( "os" - "strings" "github.com/kubefirst/kubefirst-api/internal/constants" "github.com/kubefirst/kubefirst-api/internal/controller" @@ -176,6 +175,12 @@ func CreateDigitaloceanCluster(definition *pkgtypes.ClusterDefinition) error { return err } + err = ctrl.WriteVaultSecrets() + if err != nil { + ctrl.HandleError(err.Error()) + return err + } + err = ctrl.RunUsersTerraform() if err != nil { ctrl.HandleError(err.Error()) @@ -186,8 +191,8 @@ func CreateDigitaloceanCluster(definition *pkgtypes.ClusterDefinition) error { log.Info("deploying kubefirst console and verifying cluster installation is complete") consoleDeployment, err := k8s.ReturnDeploymentObject( kcfg.Clientset, - "app.kubernetes.io/instance", - "kubefirst-console", + "app.kubernetes.io/name", + "console", "kubefirst", 1200, ) @@ -206,23 +211,6 @@ func CreateDigitaloceanCluster(definition *pkgtypes.ClusterDefinition) error { } log.Info("cluster creation complete") - cluster1KubefirstApiStopChannel := make(chan struct{}, 1) - defer func() { - close(cluster1KubefirstApiStopChannel) - }() - if strings.ToLower(os.Getenv("K1_LOCAL_DEBUG")) != "" { //allow using local kubefirst api running on port 8082 - k8s.OpenPortForwardPodWrapper( - kcfg.Clientset, - kcfg.RestConfig, - "kubefirst-kubefirst-api", - "kubefirst", - 8081, - 8082, - cluster1KubefirstApiStopChannel, - ) - log.Info("Port forward opened to mgmt cluster kubefirst api") - - } //* export and import cluster err = ctrl.ExportClusterRecord() @@ -264,6 +252,6 @@ func CreateDigitaloceanCluster(definition *pkgtypes.ClusterDefinition) error { log.Errorf("error adding default service entries for cluster %s: %s", cl.ClusterName, err) } } - + return nil } diff --git a/providers/google/create.go b/providers/google/create.go index 7d9175d5..e5fbc4d4 100644 --- a/providers/google/create.go +++ b/providers/google/create.go @@ -7,14 +7,15 @@ See the LICENSE file for more details. package google import ( + "fmt" "os" - "strings" "github.com/kubefirst/kubefirst-api/internal/constants" "github.com/kubefirst/kubefirst-api/internal/controller" "github.com/kubefirst/kubefirst-api/internal/db" "github.com/kubefirst/kubefirst-api/internal/services" "github.com/kubefirst/kubefirst-api/internal/telemetryShim" + "github.com/kubefirst/kubefirst-api/pkg/google" pkgtypes "github.com/kubefirst/kubefirst-api/pkg/types" "github.com/kubefirst/runtime/pkg/k8s" "github.com/kubefirst/runtime/pkg/segment" @@ -35,6 +36,17 @@ func CreateGoogleCluster(definition *pkgtypes.ClusterDefinition) error { } // TODO Validate Google region + homeDir, err := os.UserHomeDir() + if err != nil { + log.Fatalf("error getting home path: %s", err) + } + + err = google.WriteGoogleApplicationCredentialsFile(definition.GoogleAuth.KeyFile, homeDir) + if err != nil { + log.Fatalf("error writing google application credentials file: %s", err) + } + + os.Setenv("GOOGLE_APPLICATION_CREDENTIALS", fmt.Sprintf("%s/.k1/application-default-credentials.json", homeDir)) err = ctrl.DownloadTools(ctrl.ProviderConfig.ToolsDir) if err != nil { @@ -185,6 +197,12 @@ func CreateGoogleCluster(definition *pkgtypes.ClusterDefinition) error { return err } + err = ctrl.WriteVaultSecrets() + if err != nil { + ctrl.HandleError(err.Error()) + return err + } + err = ctrl.RunUsersTerraform() if err != nil { ctrl.HandleError(err.Error()) @@ -195,8 +213,8 @@ func CreateGoogleCluster(definition *pkgtypes.ClusterDefinition) error { log.Info("deploying kubefirst console and verifying cluster installation is complete") consoleDeployment, err := k8s.ReturnDeploymentObject( kcfg.Clientset, - "app.kubernetes.io/instance", - "kubefirst", + "app.kubernetes.io/name", + "console", "kubefirst", 1200, ) @@ -217,18 +235,6 @@ func CreateGoogleCluster(definition *pkgtypes.ClusterDefinition) error { defer func() { close(cluster1KubefirstApiStopChannel) }() - if strings.ToLower(os.Getenv("K1_LOCAL_DEBUG")) != "" { //allow using local kubefirst api running on port 8082 - k8s.OpenPortForwardPodWrapper( - kcfg.Clientset, - kcfg.RestConfig, - "kubefirst-kubefirst-api", - "kubefirst", - 8081, - 8082, - cluster1KubefirstApiStopChannel, - ) - log.Info("Port forward opened to mgmt cluster kubefirst api") - } //* export and import cluster err = ctrl.ExportClusterRecord()