diff --git a/cmd/apply.go b/cmd/apply.go index 8cc192f..f3fdce5 100644 --- a/cmd/apply.go +++ b/cmd/apply.go @@ -174,7 +174,7 @@ func runApplyCommandE(command *cobra.Command, _ []string) error { os.MkdirAll("tmp", 0700) ioutil.WriteFile("tmp/go.mod", []byte("\n"), 0700) - fmt.Fprint(os.Stdout, "Validating registry credentials file") + fmt.Println("Validating registry credentials file") registryAuthErr := validateRegistryAuth(plan.Registry, plan.Secrets, plan.EnableECR) if registryAuthErr != nil { @@ -189,7 +189,7 @@ func runApplyCommandE(command *cobra.Command, _ []string) error { return fmt.Errorf("plan failed after %f seconds, error: %s", done.Seconds(), err.Error()) } - fmt.Fprintf(os.Stdout, "Plan completed in %f seconds\n", done.Seconds()) + fmt.Printf("Plan completed in %f seconds\n", done.Seconds()) return nil } @@ -285,16 +285,8 @@ func process(plan types.Plan, prefs InstallPreferences) error { fmt.Println("No openfaas_cloud_version set in init.yaml, using: master.") } - nsErr := createNamespaces() - if nsErr != nil { - log.Println(nsErr) - return nsErr - } - - installIngressErr := installIngressController(plan.Ingress) - if installIngressErr != nil { - log.Println(installIngressErr.Error()) - return installIngressErr + if err := installIngressController(plan.Ingress); err != nil { + return errors.Wrap(err, "installIngressController") } if !prefs.SkipCreateSecrets { @@ -307,17 +299,14 @@ func process(plan types.Plan, prefs InstallPreferences) error { } if !prefs.SkipMinio { - minioErr := installMinio() - if minioErr != nil { - log.Println(minioErr) + if err := installMinio(); err != nil { + return errors.Wrap(err, "installMinio") } } if plan.TLS { - cmErr := installCertmanager() - if cmErr != nil { - log.Println(cmErr) - return cmErr + if err := installCertmanager(); err != nil { + return errors.Wrap(err, "installCertmanager") } } @@ -326,9 +315,8 @@ func process(plan types.Plan, prefs InstallPreferences) error { log.Println(functionAuthErr.Error()) } - ofErr := installOpenfaas(plan.ScaleToZero, plan.IngressOperator) - if ofErr != nil { - log.Println(ofErr) + if err := installOpenfaas(plan.ScaleToZero, plan.IngressOperator); err != nil { + return errors.Wrap(err, "unable to install openfaas") } retries := 260 @@ -357,16 +345,13 @@ func process(plan types.Plan, prefs InstallPreferences) error { fmt.Println("Creating stack.yml") - planErr := stack.Apply(plan) - if planErr != nil { - log.Println(planErr) + if err := stack.Apply(plan); err != nil { + return errors.Wrap(err, "stack.Apply(") } if !prefs.SkipSealedSecrets { - sealedSecretsErr := installSealedSecrets() - if sealedSecretsErr != nil { - log.Println(sealedSecretsErr) - return sealedSecretsErr + if err := installSealedSecrets(); err != nil { + return errors.Wrap(err, "unable to install sealed-secrets") } pubCert := exportSealedSecretPubCert() @@ -377,14 +362,12 @@ func process(plan types.Plan, prefs InstallPreferences) error { } } - cloneErr := cloneCloudComponents(plan.OpenFaaSCloudVersion) - if cloneErr != nil { - return cloneErr + if err := cloneCloudComponents(plan.OpenFaaSCloudVersion); err != nil { + return errors.Wrap(err, "cloneCloudComponents") } - deployErr := deployCloudComponents(plan) - if deployErr != nil { - return deployErr + if err := deployCloudComponents(plan); err != nil { + return errors.Wrap(err, "deployCloudComponents") } return nil @@ -481,7 +464,8 @@ func installIngressController(ingress string) error { log.Println("Installing ingress-nginx") env := []string{"PATH=" + os.Getenv("PATH")} - log.Println(env) + + // Adding wait took quite a long time, so disabling that. args := []string{"install", "ingress-nginx"} if ingress == "host" { args = append(args, "--host-mode") @@ -514,7 +498,7 @@ func installSealedSecrets() error { log.Println("Installing sealed-secrets") var env []string - args := []string{"install", "sealed-secrets", "--namespace=kube-system"} + args := []string{"install", "sealed-secrets", "--namespace=kube-system", "--wait"} task := execute.ExecTask{ Command: "arkade", @@ -542,7 +526,7 @@ func installSealedSecrets() error { func installOpenfaas(scaleToZero, ingressOperator bool) error { log.Println("Installing openfaas") - args := []string{"install", "openfaas", "--namespace=openfaas", + args := []string{"install", "openfaas", "--set basic_auth=true", "--set functionNamespace=openfaas-fn", "--set ingress.enabled=false", @@ -559,6 +543,7 @@ func installOpenfaas(scaleToZero, ingressOperator bool) error { "--set faasnetes.httpProbe=true", "--set faasnetes.imagePullPolicy=IfNotPresent", "--set ingressOperator.create=" + strconv.FormatBool(ingressOperator), + "--wait", } task := execute.ExecTask{ @@ -591,11 +576,11 @@ func installMinio() error { args := []string{"install", "minio", "--namespace=openfaas", - "--set replicas=1", "--set persistence.enabled=false", "--set service.port=9000", "--set service.type=ClusterIP", "--set resources.requests.memory=512Mi", + "--wait", } task := execute.ExecTask{ @@ -644,7 +629,7 @@ func patchFnServiceaccount() error { func installCertmanager() error { log.Println("Installing cert-manager") - args := []string{"install", "cert-manager"} + args := []string{"install", "cert-manager", "--wait"} task := execute.ExecTask{ Command: "arkade", Args: args, @@ -667,26 +652,6 @@ func installCertmanager() error { return nil } -func createNamespaces() error { - log.Println("Creating namespaces") - - task := execute.ExecTask{ - Command: "scripts/create-namespaces.sh", - Shell: true, - StreamStdio: true, - } - - res, err := task.Execute() - - if err != nil { - return err - } - - log.Println(res.ExitCode, res.Stdout, res.Stderr) - - return nil -} - func createSecrets(plan types.Plan) error { for _, secret := range plan.Secrets { if featureEnabled(plan.Features, secret.Filters) { diff --git a/scripts/create-namespaces.sh b/scripts/create-namespaces.sh index 9e3be56..a9bf588 100755 --- a/scripts/create-namespaces.sh +++ b/scripts/create-namespaces.sh @@ -1,11 +1 @@ #!/bin/bash - -# Install the CustomResourceDefinition resources separately -kubectl apply --validate=false -f https://raw.githubusercontent.com/jetstack/cert-manager/release-0.13/deploy/manifests/00-crds.yaml - -kubectl apply -f https://raw.githubusercontent.com/openfaas/faas-netes/master/namespaces.yml - -# Create the namespace for cert-manager -kubectl create namespace cert-manager - -kubectl get namespaces diff --git a/scripts/install-cert-manager.sh b/scripts/install-cert-manager.sh deleted file mode 100755 index 99bb510..0000000 --- a/scripts/install-cert-manager.sh +++ /dev/null @@ -1,13 +0,0 @@ -# Add the Jetstack Helm repository -helm repo add jetstack https://charts.jetstack.io - -# Update your local Helm chart repository cache -helm repo update - -# Install the cert-manager Helm chart -helm upgrade --install \ - cert-manager \ - --namespace cert-manager \ - --version v0.13.0 \ - jetstack/cert-manager \ - --wait diff --git a/scripts/install-minio.sh b/scripts/install-minio.sh deleted file mode 100755 index d56a64c..0000000 --- a/scripts/install-minio.sh +++ /dev/null @@ -1,13 +0,0 @@ -#!/bin/bash - -export ACCESS_KEY=$(kubectl get secret -n openfaas-fn s3-access-key -o jsonpath='{.data.s3-access-key}'| base64 --decode) -export SECRET_KEY=$(kubectl get secret -n openfaas-fn s3-secret-key -o jsonpath='{.data.s3-secret-key}'| base64 --decode) - -# Minio has a default requests value of 4Gi RAM -# https://github.com/minio/charts/blob/master/minio/values.yaml - -helm upgrade --install cloud-minio --namespace openfaas \ - --set accessKey="$ACCESS_KEY",secretKey="$SECRET_KEY",replicas=1,persistence.enabled=false,service.port=9000,service.type=NodePort \ - --set resources.requests.memory=512Mi \ - minio/minio - diff --git a/scripts/install-nginx.sh b/scripts/install-nginx.sh deleted file mode 100755 index 5c7775a..0000000 --- a/scripts/install-nginx.sh +++ /dev/null @@ -1,8 +0,0 @@ -#!/bin/bash - -set -e - -echo helm upgrade --install nginxingress \ - ingress-nginx/ingress-nginx --set rbac.create=true$ADDITIONAL_SET -helm upgrade --install nginxingress \ - ingress-nginx/ingress-nginx --set rbac.create=true$ADDITIONAL_SET diff --git a/scripts/install-openfaas.sh b/scripts/install-openfaas.sh deleted file mode 100755 index 12a3121..0000000 --- a/scripts/install-openfaas.sh +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/bash - -set -e - -helm repo add openfaas https://openfaas.github.io/faas-netes - -helm repo update && \ -helm upgrade openfaas --install openfaas/openfaas \ - --namespace openfaas \ - --set basic_auth=true \ - --set functionNamespace=openfaas-fn \ - --set ingress.enabled=false \ - --set gateway.scaleFromZero=true \ - --set gateway.readTimeout=15m \ - --set gateway.writeTimeout=15m \ - --set gateway.upstreamTimeout=14m55s \ - --set queueWorker.ackWait=15m \ - --set faasnetes.readTimeout=5m \ - --set faasnetes.writeTimeout=5m \ - --set gateway.replicas=2 \ - --set queueWorker.replicas=2 \ - --set faasIdler.dryRun=$FAAS_IDLER_DRY_RUN \ - --set faasnetes.httpProbe=true \ - --set faasnetes.imagePullPolicy=IfNotPresent \ - --set ingressOperator.create=$INSTALL_INGRESS_OPERATOR - -kubectl rollout status -n openfaas deploy/gateway --timeout=5m diff --git a/scripts/install-sealedsecrets.sh b/scripts/install-sealedsecrets.sh deleted file mode 100755 index 63141ce..0000000 --- a/scripts/install-sealedsecrets.sh +++ /dev/null @@ -1,9 +0,0 @@ -#!/bin/bash - -set -e - -helm upgrade --install \ - --namespace kube-system ofc-sealedsecrets stable/sealed-secrets \ - --wait - -kubectl rollout status deploy/ofc-sealedsecrets-sealed-secrets -n kube-system --timeout 5m diff --git a/templates/stack.yml b/templates/stack.yml index 03f9550..f0ef488 100644 --- a/templates/stack.yml +++ b/templates/stack.yml @@ -13,7 +13,7 @@ functions: role: openfaas-system com.openfaas.scale.zero: false environment: - validate_hmac: true + validate_hmac: false write_debug: true read_debug: true validate_customers: true @@ -35,7 +35,7 @@ functions: role: openfaas-system com.openfaas.scale.zero: false environment: - validate_hmac: true + validate_hmac: false read_timeout: 10s write_timeout: 10s write_debug: true