bootstrap.sh

#!/bin/bash

set -u
set -x

FLUX_GIT_DEPLOY_KEY_SECRET=flux-git-deploy
FLUX_DEPLOY_KEY_PATH="${FLUX_DEPLOY_KEY_PATH:?}"
FLUX_GIT_REPO="${FLUX_GIT_REPO:[email protected]:chancez/flux-get-started.git}"
HELM_BIN="${HELM_BIN:-helm2}"

# Setup helm creds
kubectl -n kube-system create sa tiller \
    --dry-run -o yaml | kubectl apply -f -

kubectl create clusterrolebinding tiller-cluster-rule \
    --clusterrole=cluster-admin \
    --serviceaccount=kube-system:tiller \
    --dry-run -o yaml | kubectl apply -f -

# Install helm
"$HELM_BIN" init \
    --skip-refresh --upgrade \
    --service-account tiller --history-max 10 \
    --wait

# add the flux helm chart repository
"$HELM_BIN" repo add fluxcd https://charts.fluxcd.io

# Install the HelmRelease CRD
kubectl apply \
    -f https://raw.githubusercontent.com/fluxcd/flux/helm-0.10.1/deploy-helm/flux-helm-release-crd.yaml

# Setup flux creds
kubectl create ns flux

# TODO: when helm-operator supports https deploy tokens/personal access tokens switch to that
kubectl create -n flux \
    secret generic $FLUX_GIT_DEPLOY_KEY_SECRET \
    --from-file=identity="$FLUX_DEPLOY_KEY_PATH" \
    --dry-run -o yaml | kubectl -n flux apply -f -

# install flux using helm
"$HELM_BIN" upgrade --install \
    flux \
    --namespace flux \
    --set git.url="$FLUX_GIT_REPO" \
    --set git.secretName=$FLUX_GIT_DEPLOY_KEY_SECRET \
    --set helmOperator.create=true \
    --set helmOperator.createCRD=false \
    fluxcd/flux