Google Git
Sign in
gerrit / gerrit-monitoring / 3f8594c3cb0957ca552c5f01746c8358a75fc3b3 / . / install.sh
blob: fc1bd3b0dd173fdcb26486e9519127919dd8b918 [file] [log] [blame]
#!/bin/bash -e
# Copyright (C) 2020 The Android Open Source Project
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
usage() {
me=`basename "$0"`
echo >&2 "Usage: $me [--output OUTPUT] [--dryrun] CONFIG"
exit 1
}
while test $# -gt 0 ; do
case "$1" in
--output)
shift
OUTPUT=$1
shift
;;
--dryrun)
DRYRUN="true"
shift
;;
*)
break
esac
done
test -z "$OUTPUT" && OUTPUT="$(dirname $0)/dist"
CONFIG=$1
test -z "$CONFIG" && usage
NAMESPACE=$(yq r $CONFIG namespace)
TMP_CONFIG=$OUTPUT/$(basename $CONFIG)
function updateOrInstall() {
if test -n "$(helm ls -n $NAMESPACE --short | grep $1)"; then
echo "upgrade"
else
echo "install"
fi
}
function addHtpasswdEntryUnencrypted() {
local COMPONENT=$1
local HTPASSWD=$(htpasswd -nb \
$(yq r $TMP_CONFIG $COMPONENT.username) \
$(yq r $TMP_CONFIG $COMPONENT.password))
yq w -i $TMP_CONFIG $COMPONENT.htpasswd $HTPASSWD
}
function addHtpasswdEntryEncrypted() {
local COMPONENT=$1
local HTPASSWD=$(htpasswd -nb \
$(sops -d --extract "$COMPONENT['username']" $TMP_CONFIG) \
$(sops -d --extract "$COMPONENT['password']" $TMP_CONFIG))
sops --set "$COMPONENT['htpasswd'] \"$HTPASSWD\"" $TMP_CONFIG
}
function addDashboards() {
for dashboard in dashboards/*; do
local DASHBOARD_NAME="${dashboard%.json}"
local DASHBOARD_NAME="${DASHBOARD_NAME#"dashboards/"}"
kubectl create configmap $DASHBOARD_NAME \
--from-file=$dashboard \
--dry-run=true \
--namespace=$NAMESPACE \
-o yaml > $OUTPUT/dashboards/$DASHBOARD_NAME.dashboard.yaml
yq w -i $OUTPUT/dashboards/$DASHBOARD_NAME.dashboard.yaml \
metadata.labels.grafana_dashboard $DASHBOARD_NAME
done
}
function runYtt() {
ytt \
-f charts/namespace.yaml \
-f charts/prometheus/ \
-f charts/loki/ \
-f charts/grafana/ \
-f promtail/ \
--output-directory $OUTPUT \
--ignore-unknown-comments \
-f $1
}
mkdir -p $OUTPUT
cp $CONFIG $TMP_CONFIG
# Fill in templates
if test -z "$(grep -o '^sops:$' $TMP_CONFIG)"; then
addHtpasswdEntryUnencrypted loki
addHtpasswdEntryUnencrypted prometheus.server
echo -e "#@data/values\n---\n$(cat $TMP_CONFIG)" | runYtt -
else
addHtpasswdEntryEncrypted "['loki']" $TMP_CONFIG
addHtpasswdEntryEncrypted "['prometheus']['server']" $TMP_CONFIG
echo -e "#@data/values\n---\n$(sops -d $TMP_CONFIG)" | runYtt -
fi
# Create configmaps with dashboards
mkdir -p $OUTPUT/dashboards
addDashboards
test -n "$DRYRUN" && exit 0
# Install loose components
kubectl apply -f $OUTPUT/namespace.yaml
kubectl apply -f $OUTPUT/configuration
kubectl apply -f $OUTPUT/dashboards
kubectl apply -f $OUTPUT/storage
# Add Loki helm repository
helm repo add loki https://grafana.github.io/loki/charts
helm repo update
# Install Prometheus
PROMETHEUS_CHART_NAME=prometheus-$NAMESPACE
helm $(updateOrInstall $PROMETHEUS_CHART_NAME) $PROMETHEUS_CHART_NAME \
stable/prometheus \
--version $(cat ./charts/prometheus/VERSION) \
--values $OUTPUT/prometheus.yaml \
--namespace $NAMESPACE
# Install Loki
LOKI_CHART_NAME=loki-$NAMESPACE
helm $(updateOrInstall $LOKI_CHART_NAME) $LOKI_CHART_NAME \
loki/loki \
--version $(cat ./charts/loki/VERSION) \
--values $OUTPUT/loki.yaml \
--namespace $NAMESPACE
# Install Grafana
GRAFANA_CHART_NAME=grafana-$NAMESPACE
helm $(updateOrInstall $GRAFANA_CHART_NAME) $GRAFANA_CHART_NAME \
stable/grafana \
--version $(cat ./charts/grafana/VERSION) \
--values $OUTPUT/grafana.yaml \
--namespace $NAMESPACE