depaula/workshop
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
19d97159ce5300605550c639ffe0d2dc5c44cd84
workshop/aula-11/setup.sh
ArgoCD Setup 19d97159ce fix: corrigir setup.sh de múltiplas aulas 
- aula-08: adicionar key cluster-config no secret do autoscaler
- aula-09,10,11,12,14,15: adicionar pausa DNS antes do helm install
  (Let's Encrypt precisa do DNS configurado para emitir certificado)
- aula-09,10,11: corrigir anotação cert-manager.io/cluster-issuer
  (--set do Helm interpreta pontos como separadores de nested keys)
- aula-10: corrigir load_config com set -e (exit silencioso)
- aula-10: adicionar teste rápido do registry no README
2026-03-14 04:42:07 -03:00

367 lines
11 KiB
Bash
Executable File
Raw Blame History

#!/bin/bash
# =============================================================================
# Aula 11 - ArgoCD (GitOps)
# =============================================================================
#
# Este script instala:
# 1. ArgoCD para CD declarativo (GitOps)
# 2. Integração SSH com Gitea (aula-10)
#
# Pré-requisitos:
# - Cluster Kubernetes (aula-08)
# - Gitea instalado (aula-10)
# - NGINX Ingress Controller
# - kubectl e helm instalados
#
# =============================================================================
set -e
# Cores para output
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
BLUE='\033[0;34m'
NC='\033[0m'
log_info() { echo -e "${BLUE}[INFO]${NC} $1"; }
log_success() { echo -e "${GREEN}[OK]${NC} $1"; }
log_warn() { echo -e "${YELLOW}[WARN]${NC} $1"; }
log_error() { echo -e "${RED}[ERROR]${NC} $1"; }
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
ENV_FILE="${SCRIPT_DIR}/.env"
# =============================================================================
# VERIFICAR PRÉ-REQUISITOS
# =============================================================================
log_info "Verificando pré-requisitos..."
if ! command -v kubectl &> /dev/null; then
log_error "kubectl não encontrado. Instale com: brew install kubectl"
exit 1
fi
if ! command -v helm &> /dev/null; then
log_error "helm não encontrado. Instale com: brew install helm"
exit 1
fi
if ! kubectl cluster-info &> /dev/null; then
log_error "Não foi possível conectar ao cluster Kubernetes"
log_info "Exemplo: export KUBECONFIG=\$(pwd)/../aula-08/kubeconfig"
exit 1
fi
# Verificar se Gitea está instalado
if ! kubectl get namespace gitea &> /dev/null; then
log_error "Namespace 'gitea' não encontrado"
log_info "Execute primeiro a aula-10 para instalar o Gitea"
exit 1
fi
if ! kubectl get ingressclass nginx &> /dev/null; then
log_error "NGINX Ingress Controller não encontrado"
exit 1
fi
log_success "Pré-requisitos verificados"
# =============================================================================
# CARREGAR CONFIGURAÇÃO
# =============================================================================
if [[ -f "$ENV_FILE" ]]; then
log_info "Carregando configuração local..."
source "$ENV_FILE"
fi
# Herdar da aula-10
if [[ -z "$GITEA_HOST" ]]; then
AULA10_ENV="${SCRIPT_DIR}/../aula-10/.env"
if [[ -f "$AULA10_ENV" ]]; then
log_info "Herdando configuração da aula-10..."
source "$AULA10_ENV"
fi
fi
# =============================================================================
# COLETAR CONFIGURAÇÃO
# =============================================================================
echo ""
echo "=========================================="
echo " Configuração do ArgoCD (GitOps)"
echo "=========================================="
echo ""
# Gitea Host
if [[ -z "$GITEA_HOST" ]]; then
read -p "Hostname do Gitea (ex: gitea.kube.quest): " GITEA_HOST
fi
log_info "Gitea: https://${GITEA_HOST}"
# Extrair domínio base
if [[ -z "$DOMAIN" ]]; then
DOMAIN=$(echo "$GITEA_HOST" | sed 's/^[^.]*\.//')
fi
# ArgoCD Host
if [[ -z "$ARGOCD_HOST" ]]; then
DEFAULT_ARGOCD="argocd.${DOMAIN}"
read -p "Hostname do ArgoCD [${DEFAULT_ARGOCD}]: " ARGOCD_HOST
ARGOCD_HOST="${ARGOCD_HOST:-$DEFAULT_ARGOCD}"
fi
log_info "ArgoCD: https://${ARGOCD_HOST}"
# TLS
if [[ "$USE_CLOUDFLARE" != "true" && "$USE_LETSENCRYPT" != "true" ]]; then
echo ""
echo "Configuração de TLS:"
echo " 1) CloudFlare (proxy ativo - TLS na borda)"
echo " 2) Let's Encrypt (cert-manager)"
echo " 3) HTTP apenas (desenvolvimento)"
read -p "Escolha [1-3]: " TLS_CHOICE
case $TLS_CHOICE in
1) USE_CLOUDFLARE=true; USE_LETSENCRYPT=false ;;
2)
USE_CLOUDFLARE=false; USE_LETSENCRYPT=true
if [[ -z "$LETSENCRYPT_EMAIL" ]]; then
read -p "Email para Let's Encrypt: " LETSENCRYPT_EMAIL
fi
;;
*) USE_CLOUDFLARE=false; USE_LETSENCRYPT=false ;;
esac
fi
# Salvar configuração
cat > "$ENV_FILE" << EOF
# Configuração gerada pelo setup.sh
# $(date)
GITEA_HOST=${GITEA_HOST}
ARGOCD_HOST=${ARGOCD_HOST}
DOMAIN=${DOMAIN}
USE_CLOUDFLARE=${USE_CLOUDFLARE}
USE_LETSENCRYPT=${USE_LETSENCRYPT}
LETSENCRYPT_EMAIL=${LETSENCRYPT_EMAIL}
EOF
log_success "Configuração salva em ${ENV_FILE}"
# =============================================================================
# INSTALAR CERT-MANAGER (se Let's Encrypt)
# =============================================================================
if [[ "$USE_LETSENCRYPT" == "true" ]]; then
echo ""
log_info "=== Verificando cert-manager ==="
if ! kubectl get namespace cert-manager &> /dev/null; then
log_info "Instalando cert-manager..."
helm repo add jetstack https://charts.jetstack.io 2>/dev/null || true
helm repo update
helm install cert-manager jetstack/cert-manager \
--namespace cert-manager \
--create-namespace \
--set crds.enabled=true \
--wait --timeout 5m
log_success "cert-manager instalado"
else
log_success "cert-manager já instalado"
fi
if ! kubectl get clusterissuer letsencrypt-prod &> /dev/null; then
log_info "Criando ClusterIssuer letsencrypt-prod..."
kubectl apply -f - << EOF
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: letsencrypt-prod
spec:
acme:
server: https://acme-v02.api.letsencrypt.org/directory
email: ${LETSENCRYPT_EMAIL}
privateKeySecretRef:
name: letsencrypt-prod
solvers:
- http01:
ingress:
class: nginx
EOF
log_success "ClusterIssuer criado"
fi
fi
# =============================================================================
# PAUSA PARA CONFIGURAÇÃO DE DNS
# =============================================================================
LB_IP=$(kubectl get svc -n ingress-nginx ingress-nginx-controller \
-o jsonpath='{.status.loadBalancer.ingress[0].ip}' 2>/dev/null || echo "<pendente>")
ARGOCD_NAME=$(echo "$ARGOCD_HOST" | cut -d. -f1)
echo ""
echo -e "${CYAN}═══════════════════════════════════════════════════${NC}"
echo -e "${CYAN} Configure o DNS${NC}"
echo -e "${CYAN}═══════════════════════════════════════════════════${NC}"
echo ""
echo "No seu provedor DNS:"
echo ""
echo -e " ${YELLOW}Tipo:${NC} A"
echo -e " ${YELLOW}Nome:${NC} ${ARGOCD_NAME}"
echo -e " ${YELLOW}Valor:${NC} ${GREEN}${LB_IP}${NC}"
echo ""
if [[ "$USE_LETSENCRYPT" == "true" ]]; then
echo -e "${YELLOW}⚠ O Let's Encrypt precisa do DNS configurado para emitir o certificado.${NC}"
else
echo -e "${YELLOW}⚠ Configure o DNS agora antes de continuar.${NC}"
fi
echo ""
echo -n "Pressione ENTER quando o DNS estiver configurado..."
read -r
echo ""
# =============================================================================
# INSTALAR ARGOCD
# =============================================================================
echo ""
log_info "=== Instalando ArgoCD ==="
helm repo add argo https://argoproj.github.io/argo-helm 2>/dev/null || true
helm repo update
kubectl create namespace argocd 2>/dev/null || true
if helm status argocd -n argocd &> /dev/null; then
log_warn "ArgoCD já instalado, fazendo upgrade..."
HELM_CMD="upgrade"
else
HELM_CMD="install"
fi
# Argumentos Helm
HELM_ARGS=""
HELM_ARGS="$HELM_ARGS --set global.domain=${ARGOCD_HOST}"
HELM_ARGS="$HELM_ARGS --set server.ingress.hosts[0]=${ARGOCD_HOST}"
# TLS - gerar values overlay para anotações com pontos
TEMP_TLS_VALUES=$(mktemp)
if [[ "$USE_LETSENCRYPT" == "true" ]]; then
HELM_ARGS="$HELM_ARGS --set server.ingress.tls[0].secretName=argocd-server-tls"
HELM_ARGS="$HELM_ARGS --set server.ingress.tls[0].hosts[0]=${ARGOCD_HOST}"
cat > "$TEMP_TLS_VALUES" <<EOF
server:
ingress:
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
EOF
else
echo "{}" > "$TEMP_TLS_VALUES"
fi
log_info "Instalando ArgoCD via Helm..."
eval helm ${HELM_CMD} argocd argo/argo-cd \
--namespace argocd \
-f "${SCRIPT_DIR}/argocd-values.yaml" \
-f "$TEMP_TLS_VALUES" \
${HELM_ARGS} \
--wait --timeout 10m
rm -f "$TEMP_TLS_VALUES"
log_success "ArgoCD instalado"
# =============================================================================
# OBTER SENHA DO ADMIN
# =============================================================================
echo ""
log_info "=== Credenciais do ArgoCD ==="
log_info "Aguardando secret de credenciais..."
for i in {1..30}; do
if kubectl get secret argocd-initial-admin-secret -n argocd &> /dev/null; then
break
fi
sleep 2
done
ARGOCD_PASSWORD=$(kubectl get secret argocd-initial-admin-secret -n argocd -o jsonpath='{.data.password}' 2>/dev/null | base64 -d 2>/dev/null || echo "")
# =============================================================================
# CONFIGURAR INTEGRAÇÃO GITEA
# =============================================================================
echo ""
log_info "=== Configurando Integração Gitea ==="
log_info "Obtendo SSH host key do Gitea..."
SSH_HOST_KEY=$(ssh-keyscan -t ed25519 ${GITEA_HOST} 2>/dev/null || ssh-keyscan ${GITEA_HOST} 2>/dev/null || echo "")
if [[ -n "$SSH_HOST_KEY" ]]; then
kubectl create configmap argocd-ssh-known-hosts-cm \
--from-literal=ssh_known_hosts="${SSH_HOST_KEY}" \
-n argocd \
--dry-run=client -o yaml | kubectl apply -f -
log_success "SSH host key configurado"
else
log_warn "Não foi possível obter SSH host key"
log_info "Configure manualmente: argocd cert add-ssh --batch < known_hosts"
fi
# =============================================================================
# RESUMO FINAL
# =============================================================================
echo ""
echo "=========================================="
echo " Instalação Concluída!"
echo "=========================================="
echo ""
echo "ArgoCD:"
echo " URL: https://${ARGOCD_HOST}"
echo " Username: admin"
if [[ -n "$ARGOCD_PASSWORD" ]]; then
echo " Password: ${ARGOCD_PASSWORD}"
else
echo " Password: kubectl get secret argocd-initial-admin-secret -n argocd -o jsonpath='{.data.password}' | base64 -d"
fi
echo ""
echo "Próximos passos:"
echo ""
echo "1. Configure DNS:"
echo " Adicione registro A para ${ARGOCD_HOST} apontando para o LoadBalancer"
echo ""
echo "2. Crie um repositório GitOps no Gitea:"
echo " - Nome: gitops-demo"
echo " - Estrutura: apps/node-bugado/{deployment,service,configmap}.yaml"
echo ""
echo "3. Configure repositório no ArgoCD:"
echo " a) Gere uma deploy key:"
echo " ssh-keygen -t ed25519 -f argocd-deploy-key -N ''"
echo ""
echo " b) Adicione a chave pública no Gitea:"
echo " Repositório → Settings → Deploy Keys"
echo ""
echo " c) Conecte o repositório no ArgoCD:"
echo " - Acesse https://${ARGOCD_HOST}"
echo " - Settings → Repositories → Connect Repo"
echo " - Method: SSH"
echo " - URL: git@${GITEA_HOST}:<usuario>/gitops-demo.git"
echo " - SSH private key: (conteúdo de argocd-deploy-key)"
echo ""
echo "Comandos úteis:"
echo " kubectl get pods -n argocd"
echo " kubectl get applications -n argocd"
echo ""
# Status dos pods
log_info "Status dos pods:"
kubectl get pods -n argocd
Reference in New Issue View Git Blame Copy Permalink