211 lines
5.8 KiB
TypeScript
211 lines
5.8 KiB
TypeScript
import type { Services } from '@morten-olsen/box-utils/services';
|
|
import { HelmRelease, ResourceService } from '@morten-olsen/box-k8s';
|
|
|
|
import { NamespaceService } from '../namespaces/namespaces.js';
|
|
import { RepoService } from '../repos/repos.js';
|
|
import { NAMESPACE } from '../utils/consts.js';
|
|
|
|
class ReleaseService {
|
|
#services: Services;
|
|
#certManager: HelmRelease;
|
|
#istioBase: HelmRelease;
|
|
#istiod: HelmRelease;
|
|
#istioGateway: HelmRelease;
|
|
#trivy: HelmRelease;
|
|
#kyverno: HelmRelease;
|
|
#cloudnativepg: HelmRelease;
|
|
|
|
constructor(services: Services) {
|
|
this.#services = services;
|
|
const resourceService = services.get(ResourceService);
|
|
this.#certManager = resourceService.get(HelmRelease, 'cert-manager', NAMESPACE);
|
|
this.#istioBase = resourceService.get(HelmRelease, 'istio-base', NAMESPACE);
|
|
this.#istiod = resourceService.get(HelmRelease, 'istiod', NAMESPACE);
|
|
this.#istioGateway = resourceService.get(HelmRelease, 'istio-gateway', NAMESPACE);
|
|
this.#trivy = resourceService.get(HelmRelease, 'trivy', NAMESPACE);
|
|
this.#kyverno = resourceService.get(HelmRelease, 'kyverno', NAMESPACE);
|
|
this.#cloudnativepg = resourceService.get(HelmRelease, 'cloudnative-pg', NAMESPACE);
|
|
|
|
this.#certManager.on('changed', this.ensure);
|
|
this.#istioBase.on('changed', this.ensure);
|
|
this.#istiod.on('changed', this.ensure);
|
|
this.#istioGateway.on('changed', this.ensure);
|
|
this.#trivy.on('changed', this.ensure);
|
|
this.#kyverno.on('changed', this.ensure);
|
|
this.#cloudnativepg.on('changed', this.ensure);
|
|
}
|
|
|
|
public get certManager() {
|
|
return this.#certManager;
|
|
}
|
|
|
|
public get istioBase() {
|
|
return this.#istioBase;
|
|
}
|
|
|
|
public get istiod() {
|
|
return this.#istiod;
|
|
}
|
|
|
|
public get trivy() {
|
|
return this.#trivy;
|
|
}
|
|
|
|
public get kyverno() {
|
|
return this.#kyverno;
|
|
}
|
|
|
|
public get cloudnativepg() {
|
|
return this.#cloudnativepg;
|
|
}
|
|
|
|
public ensure = async () => {
|
|
const namespaceService = this.#services.get(NamespaceService);
|
|
const repoService = this.#services.get(RepoService);
|
|
await this.#certManager.ensure({
|
|
spec: {
|
|
targetNamespace: namespaceService.certManager.name,
|
|
interval: '1h',
|
|
values: {
|
|
installCRDs: true,
|
|
},
|
|
chart: {
|
|
spec: {
|
|
chart: 'cert-manager',
|
|
sourceRef: {
|
|
apiVersion: 'source.toolkit.fluxcd.io/v1',
|
|
kind: 'HelmRepository',
|
|
name: repoService.jetstack.name,
|
|
namespace: repoService.jetstack.namespace,
|
|
},
|
|
},
|
|
},
|
|
},
|
|
});
|
|
await this.#istioBase.ensure({
|
|
spec: {
|
|
targetNamespace: namespaceService.istioSystem.name,
|
|
interval: '1h',
|
|
values: {
|
|
defaultRevision: 'default',
|
|
profile: 'ambient',
|
|
},
|
|
chart: {
|
|
spec: {
|
|
chart: 'base',
|
|
sourceRef: {
|
|
apiVersion: 'source.toolkit.fluxcd.io/v1',
|
|
kind: 'HelmRepository',
|
|
name: repoService.istio.name,
|
|
namespace: repoService.istio.namespace,
|
|
},
|
|
},
|
|
},
|
|
},
|
|
});
|
|
await this.#istiod.ensure({
|
|
spec: {
|
|
targetNamespace: namespaceService.istioSystem.name,
|
|
interval: '1h',
|
|
dependsOn: [
|
|
{
|
|
name: this.#istioBase.name,
|
|
namespace: this.#istioBase.namespace,
|
|
},
|
|
],
|
|
chart: {
|
|
spec: {
|
|
chart: 'istiod',
|
|
sourceRef: {
|
|
apiVersion: 'source.toolkit.fluxcd.io/v1',
|
|
kind: 'HelmRepository',
|
|
name: repoService.istio.name,
|
|
namespace: repoService.istio.namespace,
|
|
},
|
|
},
|
|
},
|
|
},
|
|
});
|
|
await this.#istioGateway.ensure({
|
|
spec: {
|
|
targetNamespace: NAMESPACE,
|
|
interval: '1h',
|
|
dependsOn: [
|
|
{
|
|
name: this.#istioBase.name,
|
|
namespace: this.#istioBase.namespace,
|
|
},
|
|
{
|
|
name: this.#istiod.name,
|
|
namespace: this.#istiod.namespace,
|
|
},
|
|
],
|
|
chart: {
|
|
spec: {
|
|
chart: 'gateway',
|
|
sourceRef: {
|
|
apiVersion: 'source.toolkit.fluxcd.io/v1',
|
|
kind: 'HelmRepository',
|
|
name: repoService.istio.name,
|
|
namespace: repoService.istio.namespace,
|
|
},
|
|
},
|
|
},
|
|
},
|
|
});
|
|
await this.#trivy.ensure({
|
|
spec: {
|
|
targetNamespace: NAMESPACE,
|
|
interval: '1h',
|
|
chart: {
|
|
spec: {
|
|
chart: 'trivy-operator',
|
|
sourceRef: {
|
|
apiVersion: 'source.toolkit.fluxcd.io/v1',
|
|
kind: 'HelmRepository',
|
|
name: repoService.aqua.name,
|
|
namespace: repoService.aqua.namespace,
|
|
},
|
|
},
|
|
},
|
|
},
|
|
});
|
|
await this.#kyverno.ensure({
|
|
spec: {
|
|
targetNamespace: NAMESPACE,
|
|
interval: '1h',
|
|
chart: {
|
|
spec: {
|
|
chart: 'kyverno',
|
|
sourceRef: {
|
|
apiVersion: 'source.toolkit.fluxcd.io/v1',
|
|
kind: 'HelmRepository',
|
|
name: repoService.kyverno.name,
|
|
namespace: repoService.kyverno.namespace,
|
|
},
|
|
},
|
|
},
|
|
},
|
|
});
|
|
await this.#cloudnativepg.ensure({
|
|
spec: {
|
|
targetNamespace: NAMESPACE,
|
|
interval: '1h',
|
|
chart: {
|
|
spec: {
|
|
chart: 'cloudnative-pg',
|
|
sourceRef: {
|
|
apiVersion: 'source.toolkit.fluxcd.io/v1',
|
|
kind: 'HelmRepository',
|
|
name: repoService.cloudnativepg.name,
|
|
namespace: repoService.cloudnativepg.namespace,
|
|
},
|
|
},
|
|
},
|
|
},
|
|
});
|
|
};
|
|
}
|
|
|
|
export { ReleaseService };
|