From 8cfe518b034b066f08e09abdba319799da43a3ae Mon Sep 17 00:00:00 2001 From: Erik Osterman Date: Thu, 5 Apr 2018 19:01:45 -0700 Subject: [PATCH] Add helmfile (#114) * Add helmfile * add helm-secrets for helmfile --- Dockerfile | 46 ++++++++++++++++++++++++++++++++++++++++------ README.md | 3 ++- 2 files changed, 42 insertions(+), 7 deletions(-) diff --git a/Dockerfile b/Dockerfile index 1d606decb..0f4abebcc 100644 --- a/Dockerfile +++ b/Dockerfile @@ -21,7 +21,9 @@ RUN apk update \ gcc libffi-dev python-dev musl-dev openssl-dev py-pip py-virtualenv \ git coreutils less groff bash-completion \ fuse syslog-ng libc6-compat && \ - mkdir -p /etc/bash_completion.d/ /etc/profile.d/ + mkdir -p /etc/bash_completion.d/ /etc/profile.d/ \ + && mkdir -p /conf \ + && touch /conf/.gitconfig \ RUN echo "net.ipv6.conf.all.disable_ipv6=0" > /etc/sysctl.d/00-ipv6.conf @@ -106,11 +108,17 @@ ENV NODE_MACHINE_TYPE "t2.medium" ENV NODE_MAX_SIZE 2 ENV NODE_MIN_SIZE 2 +# +# Install sops (required by `helm-secrets`) +# +ENV SOPS_VERSION 3.0.2 +RUN curl --fail -sSL -o /usr/local/bin/sops https://github.com/mozilla/sops/releases/download/${SOPS_VERSION}/sops-${SOPS_VERSION}.linux \ + && chmod +x /usr/local/bin/sops + # # Install helm # ENV HELM_VERSION 2.8.2 -ENV HELM_GITHUB_VERSION 0.2.0 ENV HELM_HOME /var/lib/helm ENV HELM_VALUES_PATH=${SECRETS_PATH}/helm/values RUN curl --fail -sSL -O http://storage.googleapis.com/kubernetes-helm/helm-v${HELM_VERSION}-linux-amd64.tar.gz \ @@ -122,12 +130,38 @@ RUN curl --fail -sSL -O http://storage.googleapis.com/kubernetes-helm/helm-v${HE && mkdir -p ${HELM_HOME} \ && helm init --client-only \ && mkdir -p ${HELM_HOME}/plugins \ - && helm plugin install https://github.com/mstrzele/helm-edit \ - && helm plugin install https://github.com/app-registry/appr-helm-plugin \ - && helm plugin install https://github.com/sagansystems/helm-github --version ${HELM_GITHUB_VERSION} \ - && helm repo add cloudposse-incubator https://charts.cloudposse.com/incubator/ \ + +# +# Install helm repos +# +RUN helm repo add cloudposse-incubator https://charts.cloudposse.com/incubator/ \ + && helm repo add incubator https://kubernetes-charts-incubator.storage.googleapis.com/ \ + && helm repo add coreos-stable https://s3-eu-west-1.amazonaws.com/coreos-charts/stable/ \ && helm repo update +# +# Install helm plugins +# +ENV HELM_APPR_VERSION 0.7.0 +ENV HELM_DIFF_VERSION 2.8.0+1 +ENV HELM_EDIT_VERSION 0.2.0 +ENV HELM_GITHUB_VERSION 0.2.0 +ENV HELM_SECRETS_VERSION 1.2.9 + +RUN helm plugin install https://github.com/app-registry/appr-helm-plugin --version v${HELM_APPR_VERSION} \ + && helm plugin install https://github.com/mstrzele/helm-edit --version v${HELM_EDIT_VERSION} \ + && helm plugin install https://github.com/databus23/helm-diff --version v${HELM_DIFF_VERSION} \ + && helm plugin install https://github.com/futuresimple/helm-secrets --version ${HELM_SECRETS_VERSION} \ + && helm plugin install https://github.com/sagansystems/helm-github --version ${HELM_GITHUB_VERSION} + +# +# Install helmfile +# +ENV HELMFILE_VERSION 0.11 +RUN curl --fail -sSL -o /usr/local/bin/helmfile https://github.com/roboll/helmfile/releases/download/v${HELMFILE_VERSION}/helmfile_linux_amd64 \ + && chmod +x /usr/local/bin/helmfile + + # # Install packer # diff --git a/README.md b/README.md index a39447f0b..6d172110b 100644 --- a/README.md +++ b/README.md @@ -29,8 +29,9 @@ At its core, Geodesic is a framework for provisioning cloud infrastructure and t * [`ansible`](http://docs.ansible.com/ansible/latest/index.html) Ansible is an IT automation tool. It can configure systems, deploy software, and orchestrate more advanced IT tasks * [`aws-vault`](https://github.com/99designs/aws-vault) for securely storing and accessing AWS credentials in an encrypted vault for the purpose of assuming IAM roles * [`aws-cli`](https://github.com/aws/aws-cli/) for interacting directly with the AWS APIs -* [`chamber`](https://github.com/segmentio/chamber) for managing secrets with AWS SSM+KMS +* [`chamber`](https://github.com/segmentio/chamber) for managing secrets with AWS SSM+KMS and exposing them as environment variables * [`helm`](https://github.com/kubernetes/helm/) for installing packages like Varnish or Apache on the Kubernetes cluster +* [`helmfile`](https://github.com/roboll/helmfile) for 12-factorizing chart values and installing chart collections * [`kops`](https://github.com/kubernetes/kops/) for Kubernetes cluster orchestration * [`kubectl`](https://kubernetes.io/docs/user-guide/kubectl-overview/) for controlling kubernetes resources like deployments or load balancers * [`gcloud`, `gsutil`](https://cloud.google.com/sdk/) for integration with Google Cloud (e.g. GKE, GCE, Google Storage)