-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat: Integrate cluster-info-client, automatically fetching and stori…
…ng cluster info (#3) * wip * add logic to infer name/url * wip: factor reconciling args/defaults into a module * wip: merge defaults generate certain vals * workign tests! * lint * refactor output data * add store function * 100% coverage * fixes from running tests against a real api * lint * properly pass in credentials, rename subdomain -> domain * update kubeform * strip out fount, also scrub object credentials when saving * fix: handle non-default common settings * save progress between kubeform and hikaru * make sure credentials make it to the right places in the right formats * update hikaru * docs * add seed.js, with example object * moar docs * add output option
- Loading branch information
Showing
11 changed files
with
1,242 additions
and
81 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -4,4 +4,6 @@ node_modules/ | |
package-lock.json | ||
gs-auth.json | ||
gs-test-meta.js | ||
cluster-*.json | ||
*cluster*.json | ||
gke-common.js | ||
.env |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,128 @@ | ||
const createClient = require('@npm-wharf/cluster-info-client') | ||
const createVault = require('node-vault') | ||
const fs = require('fs') | ||
require('dotenv').config() | ||
|
||
async function main () { | ||
const redisUrl = process.env.REDIS_URL || 'redis://localhost:6379' | ||
const vaultHost = process.env.VAULT_HOST || 'https://your.vault.server:8200' | ||
const vaultToken = process.env.VAULT_TOKEN || 's.myVaultToken' | ||
|
||
const client = createClient({ | ||
redisUrl, | ||
vaultHost, | ||
vaultToken, | ||
vaultPrefix: 'kv/' | ||
}) | ||
|
||
const vault = createVault({ | ||
endpoint: vaultHost, | ||
token: vaultToken | ||
}) | ||
|
||
const resourceManagerJson = JSON.parse(fs.readFileSync(`${process.env.HOME}/resource-manager.json`)) | ||
const wombotProdJson = JSON.parse(fs.readFileSync(`${process.env.HOME}/wombot-prod.json`)) | ||
await client.addServiceAccount(resourceManagerJson) | ||
await client.addServiceAccount(wombotProdJson) | ||
|
||
console.log('service accounts:\n') | ||
console.log((await client.listServiceAccounts()).join('\n')) | ||
|
||
const exampleGkeCommonData = { | ||
allowedDomains: ['my-company.net'], | ||
projectPrefix: 'my-project-', | ||
|
||
// used by both kubeform and hikaru | ||
common: { | ||
billingAccount: '123456-123456-123456', | ||
organizationId: '234523452345', | ||
user: 'admin', | ||
version: '1.10.12-gke.14', | ||
basicAuth: true, | ||
zones: ['us-central1-a'] | ||
}, | ||
|
||
applicationCredentials: 'resource-manager-svc@my-project.iam.gserviceaccount.com', | ||
|
||
serviceAccounts: { | ||
cluster_sa: 'some-service-account@my-project.iam.gserviceaccount.com', | ||
applicationCredentials: 'resource-manager-svc@my-project.iam.gserviceaccount.com' | ||
}, | ||
|
||
// used by hikaru | ||
tokens: { | ||
awsAccount: 'AASDGHJKASGDJKASGDJ', | ||
awsSecret: 'asdfghjkasdfgjkasdfhjasdjkhfg', | ||
awsZone: 'my-company.net', | ||
bucketACL: 'private', | ||
dashboardAdmin: 'admin', | ||
nginx_upstream1: 'frontdoor.npm.svc.cluster.local:5000', | ||
nginx_upstream2: 'rewrite.npm.svc.cluster.local:5001', | ||
cluster_sa: 'some-service-account@my-project.iam.gserviceaccount.com' | ||
}, | ||
|
||
// used by kubeform | ||
cluster: { | ||
worker: { | ||
cores: 2, | ||
memory: '13GB', | ||
count: 3, | ||
min: 3, | ||
max: 6, | ||
maxPerInstance: 4, | ||
reserved: true, | ||
storage: { | ||
ephemeral: '0GB', | ||
persistent: '160GB' | ||
}, | ||
network: {}, | ||
maintenanceWindow: '08:00' | ||
}, | ||
|
||
flags: { | ||
alphaFeatures: false, | ||
authedNetworksOnly: false, | ||
autoRepair: true, | ||
autoScale: false, | ||
autoUpgrade: false, | ||
basicAuth: true, | ||
clientCert: true, | ||
includeDashboard: false, | ||
legacyAuthorization: false, | ||
loadBalanceHTTP: true, | ||
maintenanceWindow: '08:00:00Z', | ||
networkPolicy: true, | ||
privateCluster: false, | ||
serviceLogging: false, | ||
serviceMonitoring: false | ||
}, | ||
manager: { | ||
distributed: false, | ||
network: {} | ||
}, | ||
managers: 1 | ||
} | ||
} | ||
|
||
try { | ||
var gkeCommonData = require('./gke-common') | ||
} catch (e) {} | ||
|
||
await vault.write('kv/data/clusters/common/gke', { | ||
data: { | ||
value: JSON.stringify(gkeCommonData || exampleGkeCommonData, null, 2) | ||
} | ||
}) | ||
|
||
console.log('\nGKE defaults:\n') | ||
console.log(await client.getCommon()) | ||
|
||
client.close() | ||
} | ||
|
||
main() | ||
.then(() => console.log('\nDone.')) | ||
.catch(err => { | ||
console.error(err.stack) | ||
process.exit(1) | ||
}) |
Oops, something went wrong.