From 649094853d5f4350614db3927a6215988cfcd8a8 Mon Sep 17 00:00:00 2001 From: Dinos Kousidis Date: Mon, 30 Mar 2020 23:10:05 +0200 Subject: [PATCH] Install Sealed Secrets CRD before controller Signed-off-by: Dinos Kousidis --- .../manifests/yaml/05_sealed_secret_crd.yaml | 14 ++++++++++++++ ...ler.yaml => 06_sealed_secret_controller.yaml} | 14 -------------- pkg/plan/recipe/install_plans.go | 16 +++++++++++++++- 3 files changed, 29 insertions(+), 15 deletions(-) create mode 100644 pkg/apis/wksprovider/controller/manifests/yaml/05_sealed_secret_crd.yaml rename pkg/apis/wksprovider/controller/manifests/yaml/{05_sealed_secret_controller.yaml => 06_sealed_secret_controller.yaml} (93%) diff --git a/pkg/apis/wksprovider/controller/manifests/yaml/05_sealed_secret_crd.yaml b/pkg/apis/wksprovider/controller/manifests/yaml/05_sealed_secret_crd.yaml new file mode 100644 index 00000000..1e54488b --- /dev/null +++ b/pkg/apis/wksprovider/controller/manifests/yaml/05_sealed_secret_crd.yaml @@ -0,0 +1,14 @@ +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: sealedsecrets.bitnami.com +spec: + group: bitnami.com + names: + kind: SealedSecret + listKind: SealedSecretList + plural: sealedsecrets + singular: sealedsecret + scope: Namespaced + version: v1alpha1 \ No newline at end of file diff --git a/pkg/apis/wksprovider/controller/manifests/yaml/05_sealed_secret_controller.yaml b/pkg/apis/wksprovider/controller/manifests/yaml/06_sealed_secret_controller.yaml similarity index 93% rename from pkg/apis/wksprovider/controller/manifests/yaml/05_sealed_secret_controller.yaml rename to pkg/apis/wksprovider/controller/manifests/yaml/06_sealed_secret_controller.yaml index f7687584..992d2f8f 100644 --- a/pkg/apis/wksprovider/controller/manifests/yaml/05_sealed_secret_controller.yaml +++ b/pkg/apis/wksprovider/controller/manifests/yaml/06_sealed_secret_controller.yaml @@ -104,20 +104,6 @@ spec: - emptyDir: {} name: tmp --- -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - name: sealedsecrets.bitnami.com -spec: - group: bitnami.com - names: - kind: SealedSecret - listKind: SealedSecretList - plural: sealedsecrets - singular: sealedsecret - scope: Namespaced - version: v1alpha1 ---- apiVersion: rbac.authorization.k8s.io/v1beta1 kind: RoleBinding metadata: diff --git a/pkg/plan/recipe/install_plans.go b/pkg/plan/recipe/install_plans.go index 3ac6a93a..ef9a507e 100644 --- a/pkg/plan/recipe/install_plans.go +++ b/pkg/plan/recipe/install_plans.go @@ -269,8 +269,21 @@ func BuildCNIPlan(cni string, manifests [][]byte) plan.Resource { //BuildSealedSecretPlan creates a sub-plan to install sealed secrets so we can check secrets into GitHub for GitOps func BuildSealedSecretPlan(sealedSecretVersion, ns string, manifest []byte) plan.Resource { b := plan.NewBuilder() + fileCRD, err := manifests.Manifests.Open("05_sealed_secret_crd.yaml") + if err != nil { + log.Fatalf("%v", err) + } + manifestbytesCRD, err := ioutil.ReadAll(fileCRD) + if err != nil { + log.Fatalf("%v", err) + } + + b.AddResource("install:sealed-secret-crd", + &resource.KubectlApply{Manifest: manifestbytesCRD, Filename: object.String("SealedSecretCRD.yaml"), + WaitCondition: "condition=Established"}) + b.AddResource("install:sealed-secrets-key", &resource.KubectlApply{Manifest: manifest}) - file, err := manifests.Manifests.Open("05_sealed_secret_controller.yaml") + file, err := manifests.Manifests.Open("06_sealed_secret_controller.yaml") if err != nil { log.Fatalf("%v", err) } @@ -278,6 +291,7 @@ func BuildSealedSecretPlan(sealedSecretVersion, ns string, manifest []byte) plan if err != nil { log.Fatalf("%v", err) } + b.AddResource("install:sealed-secrets-controller", &resource.KubectlApply{Manifest: manifestbytes, Filename: object.String("SealedSecretController.yaml")}, plan.DependOn("install:sealed-secrets-key"))