forked from Restartz/dragonchain-installer
/
openfaas.go
105 lines (98 loc) · 3.33 KB
/
openfaas.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
package dragonchain
import (
"bytes"
"errors"
"os"
"os/exec"
"github.com/dchest/uniuri"
"github.com/ApieDePapie/dragonchain-installer/internal/configuration"
)
var openfaasNamespacesYaml = []byte(`
apiVersion: v1
kind: Namespace
metadata:
name: openfaas
labels:
role: openfaas-system
access: openfaas-system
istio-injection: enabled
---
apiVersion: v1
kind: Namespace
metadata:
name: openfaas-fn
labels:
istio-injection: enabled
role: openfaas-fn`)
var serviceAccountYaml = []byte(`
apiVersion: v1
kind: ServiceAccount
metadata:
name: openfaas-builder
namespace: dragonchain
automountServiceAccountToken: false
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
namespace: dragonchain
name: openfaas-builder
rules:
- apiGroups: ["batch"]
resources: ["jobs", "jobs/status"]
verbs: ["create", "get", "delete"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
namespace: dragonchain
name: openfaas-builder
subjects:
- kind: ServiceAccount
name: openfaas-builder
apiGroup: ""
roleRef:
kind: Role
name: openfaas-builder
apiGroup: rbac.authorization.k8s.io`)
func openfaasServiceAccountExists() bool {
return exec.Command("kubectl", "get", "serviceaccount", "-n", "dragonchain", "openfaas-builder", "--context="+configuration.MinikubeContext).Run() == nil
}
func createOpenFaasDeployment() error {
// Create the necessary namespaces
cmd := exec.Command("kubectl", "apply", "--context="+configuration.MinikubeContext, "-f", "-")
cmd.Stderr = os.Stderr
cmd.Stdin = bytes.NewBuffer(openfaasNamespacesYaml)
if err := cmd.Run(); err != nil {
return errors.New("Error creating openfaas namespaces:\n" + err.Error())
}
// Create the basic auth secrets
secret := uniuri.NewLen(40)
cmd = exec.Command("kubectl", "create", "secret", "generic", "basic-auth", "--from-literal=basic-auth-user=admin", "--from-literal=basic-auth-password="+secret, "-n", "openfaas", "--context="+configuration.MinikubeContext)
cmd.Stderr = os.Stderr
if err := cmd.Run(); err != nil {
return errors.New("Error creating openfaas kubernetes secret:\n" + err.Error())
}
cmd = exec.Command("kubectl", "create", "secret", "generic", "openfaas-auth", "--from-literal=user=admin", "--from-literal=password="+secret, "-n", "dragonchain", "--context="+configuration.MinikubeContext)
cmd.Stderr = os.Stderr
if err := cmd.Run(); err != nil {
return errors.New("Error creating openfaas kubernetes secret:\n" + err.Error())
}
// Install openfaas
cmd = exec.Command("helm", "upgrade", "--install", "openfaas", "openfaas/openfaas", "--namespace", "openfaas", "--set", "basic_auth=true,generateBasicAuth=false,functionNamespace=openfaas-fn,async=false,exposeServices=false,alertmanager.create=false,prometheus.create=false", "--version", configuration.OpenfaasHelmVersion, "--kube-context", configuration.MinikubeContext)
cmd.Stderr = os.Stderr
if err := cmd.Run(); err != nil {
return errors.New("Error helm deploying openfaas:\n" + err.Error())
}
return nil
}
func createOpenfaasBuilderServiceAccount() error {
// Add the service account
cmd := exec.Command("kubectl", "apply", "--context="+configuration.MinikubeContext, "-f", "-")
cmd.Stderr = os.Stderr
cmd.Stdin = bytes.NewBuffer(serviceAccountYaml)
if err := cmd.Run(); err != nil {
return errors.New("Error helm deploying openfaas:\n" + err.Error())
}
return nil
}