blob: 1b5f8153bb05da29f636c221a46cd3ed056530f5 [file] [log] [blame]
#!/bin/bash
#
# ============LICENSE_START=======================================================
# Copyright (C) 2023 Nordix Foundation.
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
# SPDX-License-Identifier: Apache-2.0
# ============LICENSE_END=========================================================
#
if [ -z "$1" ]
then
echo "No argument supplied"
exit 1
fi
OPERATION=$1
WORKDIR=$(dirname "$(realpath "$0")")
if [ "$OPERATION" == "deploy" ]; then
echo "Deploying cert-manager application..."
echo "-------------------------------------"
kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.11.0/cert-manager.yaml
echo ""
echo "Waiting for pods to start..."
echo "----------------------------"
kubectl wait deployment -n cert-manager cert-manager --for=condition=available --timeout=300s
kubectl wait deployment -n cert-manager cert-manager-cainjector --for=condition=available --timeout=300s
kubectl wait deployment -n cert-manager cert-manager-webhook --for=condition=available --timeout=300s
echo ""
echo "Checking pod status..."
echo "----------------------"
kubectl get pods -n cert-manager
echo ""
# Once the pods are up and running we still need to wait for the certificate controller process to start
# before certificates can be issued
echo "Waiting for certificate controller..."
echo "------------------------------------"
sleep 100
echo ""
echo "Creating certificates..."
echo "------------------------"
kubectl apply -f $WORKDIR/cluster-issuer.yaml
kubectl apply -f $WORKDIR/issuer.yaml
kubectl apply -f $WORKDIR/webhook-server-certificate.yaml
kubectl apply -f $WORKDIR/keycloak-server-certificate.yaml
kubectl apply -f $WORKDIR/keycloak-client-certificate.yaml
elif [ "$OPERATION" == "undeploy" ]; then
echo "Deleting certificates..."
echo "------------------------"
kubectl delete -f $WORKDIR/cluster-issuer.yaml
kubectl delete -f $WORKDIR/issuer.yaml
kubectl delete -f $WORKDIR/webhook-server-certificate.yaml
kubectl delete -f $WORKDIR/keycloak-server-certificate.yaml
kubectl delete -f $WORKDIR/keycloak-client-certificate.yaml
kubectl delete secret -n default cm-cluster-issuer-rootca-secret
kubectl delete secret -n default cm-keycloak-client-certs
kubectl delete secret -n default cm-keycloak-server-certs
kubectl delete secret -n default cm-webhook-server-certs
echo "Undeploying cert-manager application..."
echo "---------------------------------------"
kubectl delete -f https://github.com/cert-manager/cert-manager/releases/download/v1.11.0/cert-manager.yaml
else
echo "Unrecogized operation ${OPERATION}"
exit 1
fi
exit 0