cloud-gouv · ghost · Dec 11, 2024 · Dec 12, 2024
diff --git a/k8s-tools/.gitignore b/k8s-tools/.gitignore
@@ -1,3 +1,4 @@
 .env
 **.env
 tmp
+**ci-keys.txt
diff --git a/k8s-tools/00-run.sh b/k8s-tools/00-run.sh
@@ -0,0 +1,29 @@
+# Crée le cluster et export les  
+# ce script a pour but d automatiser la  configuration de l environnement pour
+# la construction du cluster de management
+## prerequis
+## avoir le  fichier age-secret stocké en local .config/age/secret-age.txt
+## SOPS_AGE_RECIPIENTS dans les variables  d'environnement
+
+# extract only  the  deploy  directory  uncomment  the following line
+#git clone --filter=blob:none --sparse git@github.com:cloud-gouv/k8s-cluster-api-infra.git
+git clone git@github.com:cloud-gouv/k8s-cluster-api-infra.git
+cd k8s-cluster-api-infra
+# extract only  the  deploy  directory  uncomment  the following lines
+#git sparse-checkout init --cone
+#git sparse-checkout set deploy
+cp $HOME/.config/age/secret-age.txt deploy/ci-keys.txt
+docker-compose build 		  
+kind create cluster --name mgmt
+export KUBE_CTRLPLANE_IP=$(docker inspect  -f '{{range.NetworkSettings.Networks}}{{.IPAddress}}{{end}}' mgmt-control-plane)
+kubectl config set clusters.kind-mgmt.server "https://${KUBE_CTRLPLANE_IP}:6443"
+export DOCKER_REGISTRY=ghcr.io/cloud-gouv/
+cd ../
+pwd
+echo "kubectl config use-context  kind-mgmt" > 01-inside_docker.sh
+echo "kubectl get nodes" >> 01-inside_docker.sh
+echo 'cp k8s-cluster-api-infra/deploy/ci-keys.txt $HOME/ci-key.txt'>>01-inside_docker.sh
+echo 'export SOPS_AGE_KEY_FILE="$HOME/ci-keys.txt"'>>01-inside_docker.sh
+echo "export SOPS_AGE_RECIPIENTS=$PUBLIC_SOPS_AGE" >> 01-inside_docker.sh
+echo "cd k8s-cluster-api-infra/deploy">> 01-inside_docker.sh
+docker-compose run -i --rm k8s_tools /bin/bash
diff --git a/k8s-tools/10-destroy.sh b/k8s-tools/10-destroy.sh
@@ -0,0 +1,6 @@
+DOCKER_MGMT=$(docker ps --format "{{.Names}}")
+docker stop $DOCKER_MGMT
+docker rm $DOCKER_MGMT
+kind delete cluster --name=mgmt
+rm -rf k8s-cluster-api-infra
+rm -f 01-inside_docker.sh
diff --git a/k8s-tools/README.md b/k8s-tools/README.md
@@ -26,22 +26,35 @@ Prereq:
 - create a kind cluster (ensure is running)
 - $HOME/.kube/config is present
 - the container k8s_tools will be connected to the `kind` network to access kube api control plane on private url (`https://IP:6443`)
-
+- store secret age file in  .config/age/secret-age.txt
+-  set public age key in PUBLIC_SOPS_AGE environment variable
+
+### Start the  environment
+00-run.sh:
+    - clone the K8s-tools directory in the  dockerfiles repository
+    - create the kind cluster
+    - start the docker  with all prerequisite checked
 ```
-#
-# create a kind cluster named "mgmt"
-kind create cluster --name mgmt
-# get kind-mgmt ctrl plane private ip
-export KUBE_CTRLPLANE_IP=$(docker inspect  -f '{{range.NetworkSettings.Networks}}{{.IPAddress}}{{end}}' mgmt-control-plane)
-
-# replace it in KUBECONFIG
-kubectl config set clusters.kind-mgmt.server "https://${KUBE_CTRLPLANE_IP}:6443"
-
-# start k8s_tools container in shell mode
-docker-compose run -i --rm k8s_tools
-
-# Inside container, verify kube api access
-kubectl config use-context  kind-mgmt
-kubectl get pod -A
+sh 00-run.sh
+```
+In the  docker  execute the  script 01-inside-run.sh
 
+### Start the  environment
+00-run.sh:
+    - clone the K8s-tools directory in the  dockerfiles repository
+    - create the kind cluster
+    - start the docker  with all prerequisite checked
 ```
+    sh 00-run.sh
+```
+### configure the kubectl config
+in the docker execute the  following  commande
+```
+source 01-inside_docker.sh
+```
+
+### Clean all
+ exit   from the  docker and  exec :
+ ```
+  sh 10-destroy.sh
+ ```