Last active
November 24, 2019 00:13
-
-
Save ifnazar/8e69e083d9c2afcefe0f46daf62631ae to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| set -e | |
| # UPDATE HELM REPO | |
| helm init --client-only | |
| helm repo add jetstack https://charts.jetstack.io | |
| helm repo update | |
| # UPGRADE to 0.11 | |
| ## BACKUP | |
| kubectl get -o yaml --all-namespaces issuer,clusterissuer,certificates,orders,challenges,certificaterequests > backup-cert-manager.yaml | |
| kubectl get clusterissuer -o yaml --all-namespaces > backup-clusterissuer.yaml | |
| kubectl get certificates -o yaml --all-namespaces > backup-certificates.yaml | |
| kubectl get networkpolicies -o yaml --all-namespaces > backup-all-networkpolicies.yaml | |
| kubectl get networkpolicies --all-namespaces | grep allow-certmanager | awk '{ print "kubectl get networkpolicies -o yaml -n "$1 " " $2 " >> backup-networkpolicies.yaml && echo --- >> backup-networkpolicies.yaml" }' | xargs -L 1 -I {} sh -c "{}" | |
| kubectl get secrets --all-namespaces | grep letsencrypt-certificate | awk '{ print "kubectl get secrets -o yaml -n "$1 " " $2 " >> backup-secrets.yaml && echo --- >> backup-secrets.yaml" }' | xargs -L 1 -I {} sh -c "{}" | |
| ## RESOURCES FOR UPDATE | |
| cp backup-cert-manager.yaml cert-manager.yaml | |
| cp backup-certificates.yaml certificates.yaml | |
| cp backup-clusterissuer.yaml clusterissuer.yaml | |
| cp backup-networkpolicies.yaml networkpolicies.yaml | |
| cp backup-orders.yaml orders.yaml | |
| ## UPDATE RESOURCES FOR NEW FORMAT (V0.7) | |
| yq d clusterissuer.yaml items[*].spec.acme.solvers -i | |
| yq w clusterissuer.yaml items[*].spec.acme.solvers[+].selector {} -i | |
| yq w clusterissuer.yaml items[*].spec.acme.solvers[*].http01.ingress.name 'ingress' -i | |
| sed -i "s|'{}'|{}|g" clusterissuer.yaml | |
| yq d certificates.yaml items[*].spec.acme -i | |
| yq d certificates.yaml items[*].http01 -i | |
| ## UPDATE API VERSION (V0.11) | |
| sed -i 's|certmanager.k8s.io/v1alpha1|cert-manager.io/v1alpha2|g' clusterissuer.yaml | |
| sed -i 's|certmanager.k8s.io/v1alpha1|cert-manager.io/v1alpha2|g' certificates.yaml | |
| sed -i 's|certmanager.k8s.io/acme-http-domain|acme.cert-manager.io/http-domain|g' networkpolicies.yaml | |
| ## DELETE OLD CERT-MANAGER | |
| helm delete --purge cert-manager | |
| kubectl delete crd certificaterequests.certmanager.k8s.io | |
| kubectl delete crd challenges.certmanager.k8s.io | |
| kubectl delete crd orders.certmanager.k8s.io | |
| kubectl delete crd certificates.certmanager.k8s.io | |
| kubectl delete crd issuers.certmanager.k8s.io | |
| kubectl delete crd clusterissuers.certmanager.k8s.io | |
| ## INSTALL NEW CERT-MANAGER | |
| kubectl apply --validate=false -f https://raw.githubusercontent.com/jetstack/cert-manager/release-0.11/deploy/manifests/00-crds.yaml | |
| helm install --name cert-manager --namespace cert-manager --version v0.11.0 jetstack/cert-manager | |
| sleep 1m | |
| ## RESTORE RESOURCES | |
| kubectl apply -f networkpolicies.yaml | |
| kubectl apply -f clusterissuer.yaml | |
| kubectl apply -f certificates.yaml | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment