stuff
This commit is contained in:
Morten Olsen
210
packages/bootstrap/src/releases/releases.ts
Normal file
210
packages/bootstrap/src/releases/releases.ts
Normal file
@@ -0,0 +1,210 @@
|
||||
import type { Services } from '@morten-olsen/box-utils/services';
|
||||
import { HelmRelease, ResourceService } from '@morten-olsen/box-k8s';
|
||||
|
||||
import { NamespaceService } from '../namespaces/namespaces.js';
|
||||
import { RepoService } from '../repos/repos.js';
|
||||
import { NAMESPACE } from '../utils/consts.js';
|
||||
|
||||
class ReleaseService {
|
||||
#services: Services;
|
||||
#certManager: HelmRelease;
|
||||
#istioBase: HelmRelease;
|
||||
#istiod: HelmRelease;
|
||||
#istioGateway: HelmRelease;
|
||||
#trivy: HelmRelease;
|
||||
#kyverno: HelmRelease;
|
||||
#cloudnativepg: HelmRelease;
|
||||
|
||||
constructor(services: Services) {
|
||||
this.#services = services;
|
||||
const resourceService = services.get(ResourceService);
|
||||
this.#certManager = resourceService.get(HelmRelease, 'cert-manager', NAMESPACE);
|
||||
this.#istioBase = resourceService.get(HelmRelease, 'istio-base', NAMESPACE);
|
||||
this.#istiod = resourceService.get(HelmRelease, 'istiod', NAMESPACE);
|
||||
this.#istioGateway = resourceService.get(HelmRelease, 'istio-gateway', NAMESPACE);
|
||||
this.#trivy = resourceService.get(HelmRelease, 'trivy', NAMESPACE);
|
||||
this.#kyverno = resourceService.get(HelmRelease, 'kyverno', NAMESPACE);
|
||||
this.#cloudnativepg = resourceService.get(HelmRelease, 'cloudnative-pg', NAMESPACE);
|
||||
|
||||
this.#certManager.on('changed', this.ensure);
|
||||
this.#istioBase.on('changed', this.ensure);
|
||||
this.#istiod.on('changed', this.ensure);
|
||||
this.#istioGateway.on('changed', this.ensure);
|
||||
this.#trivy.on('changed', this.ensure);
|
||||
this.#kyverno.on('changed', this.ensure);
|
||||
this.#cloudnativepg.on('changed', this.ensure);
|
||||
}
|
||||
|
||||
public get certManager() {
|
||||
return this.#certManager;
|
||||
}
|
||||
|
||||
public get istioBase() {
|
||||
return this.#istioBase;
|
||||
}
|
||||
|
||||
public get istiod() {
|
||||
return this.#istiod;
|
||||
}
|
||||
|
||||
public get trivy() {
|
||||
return this.#trivy;
|
||||
}
|
||||
|
||||
public get kyverno() {
|
||||
return this.#kyverno;
|
||||
}
|
||||
|
||||
public get cloudnativepg() {
|
||||
return this.#cloudnativepg;
|
||||
}
|
||||
|
||||
public ensure = async () => {
|
||||
const namespaceService = this.#services.get(NamespaceService);
|
||||
const repoService = this.#services.get(RepoService);
|
||||
await this.#certManager.ensure({
|
||||
spec: {
|
||||
targetNamespace: namespaceService.certManager.name,
|
||||
interval: '1h',
|
||||
values: {
|
||||
installCRDs: true,
|
||||
},
|
||||
chart: {
|
||||
spec: {
|
||||
chart: 'cert-manager',
|
||||
sourceRef: {
|
||||
apiVersion: 'source.toolkit.fluxcd.io/v1',
|
||||
kind: 'HelmRepository',
|
||||
name: repoService.jetstack.name,
|
||||
namespace: repoService.jetstack.namespace,
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
});
|
||||
await this.#istioBase.ensure({
|
||||
spec: {
|
||||
targetNamespace: namespaceService.istioSystem.name,
|
||||
interval: '1h',
|
||||
values: {
|
||||
defaultRevision: 'default',
|
||||
profile: 'ambient',
|
||||
},
|
||||
chart: {
|
||||
spec: {
|
||||
chart: 'base',
|
||||
sourceRef: {
|
||||
apiVersion: 'source.toolkit.fluxcd.io/v1',
|
||||
kind: 'HelmRepository',
|
||||
name: repoService.istio.name,
|
||||
namespace: repoService.istio.namespace,
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
});
|
||||
await this.#istiod.ensure({
|
||||
spec: {
|
||||
targetNamespace: namespaceService.istioSystem.name,
|
||||
interval: '1h',
|
||||
dependsOn: [
|
||||
{
|
||||
name: this.#istioBase.name,
|
||||
namespace: this.#istioBase.namespace,
|
||||
},
|
||||
],
|
||||
chart: {
|
||||
spec: {
|
||||
chart: 'istiod',
|
||||
sourceRef: {
|
||||
apiVersion: 'source.toolkit.fluxcd.io/v1',
|
||||
kind: 'HelmRepository',
|
||||
name: repoService.istio.name,
|
||||
namespace: repoService.istio.namespace,
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
});
|
||||
await this.#istioGateway.ensure({
|
||||
spec: {
|
||||
targetNamespace: NAMESPACE,
|
||||
interval: '1h',
|
||||
dependsOn: [
|
||||
{
|
||||
name: this.#istioBase.name,
|
||||
namespace: this.#istioBase.namespace,
|
||||
},
|
||||
{
|
||||
name: this.#istiod.name,
|
||||
namespace: this.#istiod.namespace,
|
||||
},
|
||||
],
|
||||
chart: {
|
||||
spec: {
|
||||
chart: 'gateway',
|
||||
sourceRef: {
|
||||
apiVersion: 'source.toolkit.fluxcd.io/v1',
|
||||
kind: 'HelmRepository',
|
||||
name: repoService.istio.name,
|
||||
namespace: repoService.istio.namespace,
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
});
|
||||
await this.#trivy.ensure({
|
||||
spec: {
|
||||
targetNamespace: NAMESPACE,
|
||||
interval: '1h',
|
||||
chart: {
|
||||
spec: {
|
||||
chart: 'trivy-operator',
|
||||
sourceRef: {
|
||||
apiVersion: 'source.toolkit.fluxcd.io/v1',
|
||||
kind: 'HelmRepository',
|
||||
name: repoService.aqua.name,
|
||||
namespace: repoService.aqua.namespace,
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
});
|
||||
await this.#kyverno.ensure({
|
||||
spec: {
|
||||
targetNamespace: NAMESPACE,
|
||||
interval: '1h',
|
||||
chart: {
|
||||
spec: {
|
||||
chart: 'kyverno',
|
||||
sourceRef: {
|
||||
apiVersion: 'source.toolkit.fluxcd.io/v1',
|
||||
kind: 'HelmRepository',
|
||||
name: repoService.kyverno.name,
|
||||
namespace: repoService.kyverno.namespace,
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
});
|
||||
await this.#cloudnativepg.ensure({
|
||||
spec: {
|
||||
targetNamespace: NAMESPACE,
|
||||
interval: '1h',
|
||||
chart: {
|
||||
spec: {
|
||||
chart: 'cloudnative-pg',
|
||||
sourceRef: {
|
||||
apiVersion: 'source.toolkit.fluxcd.io/v1',
|
||||
kind: 'HelmRepository',
|
||||
name: repoService.cloudnativepg.name,
|
||||
namespace: repoService.cloudnativepg.namespace,
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
});
|
||||
};
|
||||
}
|
||||
|
||||
export { ReleaseService };
|
||||
Reference in New Issue
Block a user