setup

#!/usr/bin/env bash

set -euo pipefail

kind create cluster --config kind/kind.yaml --wait 10m

kubectl create secret docker-registry gitlab \
          --docker-server=registry.gitlab.com \
          --docker-username=gitlab \
          --docker-password="${GITLAB_TOKEN}" \
          --docker-email=gitlab@unbound.se

kubectl patch serviceaccount default -p '{"imagePullSecrets": [{"name": "gitlab"}]}'

kustomized="$(mktemp -t unboundnginx.yaml.XXXXXX)"

kubectl kustomize --enable-helm "k8s/nginx" >> "${kustomized}"
kubectl apply -f "${kustomized}" --server-side || true

printf "\nWait for pod app.kubernetes.io/component=controller to be created."
while :; do
  sleep 2
  [ -n "$(kubectl -n ingress-nginx get pod --selector=app.kubernetes.io/component=controller 2>/dev/null)" ] && printf "\n\n" && break
  printf "."
done

echo "Wait for nginx to be available."
until [[ $(kubectl -n ingress-nginx get endpointslices -l 'kubernetes.io/service-name=ingress-nginx-controller' -o=jsonpath='{.items[*].endpoints[*].addresses[*]}') ]]; do sleep 5; done

kustomized="$(mktemp -t unboundinfra.yaml.XXXXXX)"

kubectl kustomize --enable-helm "k8s/infra" >> "${kustomized}"
kubectl apply -f "${kustomized}" --server-side || true

printf "\nWait for pod app.kubernetes.io/instance=cert-manager to be created."
while :; do
  sleep 2
  [ -n "$(kubectl -n cert-manager get pod --selector=app.kubernetes.io/instance=cert-manager 2>/dev/null)" ] && printf "\n\n" && break
  printf "."
done
kubectl wait --for=condition=Ready pods -n cert-manager -l app=cert-manager --timeout 4m
kubectl wait --for=condition=Ready pods -n cert-manager -l app=cainjector --timeout 4m
kubectl wait --for=condition=Ready pods -n cert-manager -l app=webhook --timeout 4m
kubectl wait --for=condition=Ready pods --all -n external-secrets --timeout=5m
# Apply again to get any CRD's that wasn't applied earlier since the definitions wasn't available
kubectl apply -f "${kustomized}" --server-side || true
kubectl apply -k k8s/app --server-side

kubectl wait --for=condition=Ready pods -n cert-manager -l app=cert-manager --timeout 4m
kubectl wait --for=condition=Ready pods -n cert-manager -l app=cainjector --timeout 4m
kubectl wait --for=condition=Ready pods -n cert-manager -l app=webhook --timeout 4m
kubectl wait --for=condition=Ready pods --all -n external-secrets --timeout=5m
kubectl wait --for=condition=Ready pods --all -n default --timeout 3m
feat: initial commit 2021-09-14 08:32:10 +02:00			`#!/usr/bin/env bash`

fix: make sure script stops on error 2021-11-20 08:55:23 +01:00			`set -euo pipefail`

refactor: move files to a kind-directory so Renovate will find them 2024-12-28 18:07:44 +01:00			`kind create cluster --config kind/kind.yaml --wait 10m`
feat: initial commit 2021-09-14 08:32:10 +02:00
			`kubectl create secret docker-registry gitlab \`
			`--docker-server=registry.gitlab.com \`
			`--docker-username=gitlab \`
			`--docker-password="${GITLAB_TOKEN}" \`
chore: add cert-manager and external secrets 2023-04-10 22:30:16 +02:00			`--docker-email=gitlab@unbound.se`
feat: initial commit 2021-09-14 08:32:10 +02:00
			`kubectl patch serviceaccount default -p '{"imagePullSecrets": [{"name": "gitlab"}]}'`

feat(ingress): add TLS configuration for staging hosts Add TLS configuration for staging-shiny and staging-shiny-api hosts in the ingress resources. Create a new namespace for ingress-nginx to better organize resources. Update kustomization files to include new certificates and secrets. Streamline setup process with improved wait commands for pod readiness. 2025-12-10 08:16:27 +01:00			`kustomized="$(mktemp -t unboundnginx.yaml.XXXXXX)"`
chore: apply external secrets from helm chart 2024-09-12 20:12:38 +02:00
feat(ingress): add TLS configuration for staging hosts Add TLS configuration for staging-shiny and staging-shiny-api hosts in the ingress resources. Create a new namespace for ingress-nginx to better organize resources. Update kustomization files to include new certificates and secrets. Streamline setup process with improved wait commands for pod readiness. 2025-12-10 08:16:27 +01:00			`kubectl kustomize --enable-helm "k8s/nginx" >> "${kustomized}"`
fix(setup): use server-side apply for kustomization Update kustomization apply commands to use server-side apply for better resource management and concurrency handling. This change ensures that all applied resources are updated in a more efficient manner and helps avoid conflicts in multi-node environments. 2025-08-03 13:13:13 +02:00			`kubectl apply -f "${kustomized}" --server-side \|\| true`
feat(ingress): add TLS configuration for staging hosts Add TLS configuration for staging-shiny and staging-shiny-api hosts in the ingress resources. Create a new namespace for ingress-nginx to better organize resources. Update kustomization files to include new certificates and secrets. Streamline setup process with improved wait commands for pod readiness. 2025-12-10 08:16:27 +01:00
			`printf "\nWait for pod app.kubernetes.io/component=controller to be created."`
			`while :; do`
			`sleep 2`
			`[ -n "$(kubectl -n ingress-nginx get pod --selector=app.kubernetes.io/component=controller 2>/dev/null)" ] && printf "\n\n" && break`
			`printf "."`
			`done`

			`echo "Wait for nginx to be available."`
			`until [[ $(kubectl -n ingress-nginx get endpointslices -l 'kubernetes.io/service-name=ingress-nginx-controller' -o=jsonpath='{.items[].endpoints[].addresses[*]}') ]]; do sleep 5; done`

			`kustomized="$(mktemp -t unboundinfra.yaml.XXXXXX)"`

			`kubectl kustomize --enable-helm "k8s/infra" >> "${kustomized}"`
			`kubectl apply -f "${kustomized}" --server-side \|\| true`

			`printf "\nWait for pod app.kubernetes.io/instance=cert-manager to be created."`
			`while :; do`
			`sleep 2`
			`[ -n "$(kubectl -n cert-manager get pod --selector=app.kubernetes.io/instance=cert-manager 2>/dev/null)" ] && printf "\n\n" && break`
			`printf "."`
			`done`
			`kubectl wait --for=condition=Ready pods -n cert-manager -l app=cert-manager --timeout 4m`
			`kubectl wait --for=condition=Ready pods -n cert-manager -l app=cainjector --timeout 4m`
			`kubectl wait --for=condition=Ready pods -n cert-manager -l app=webhook --timeout 4m`
chore: add cert-manager and external secrets 2023-04-10 22:30:16 +02:00			`kubectl wait --for=condition=Ready pods --all -n external-secrets --timeout=5m`
feat(ingress): add TLS configuration for staging hosts Add TLS configuration for staging-shiny and staging-shiny-api hosts in the ingress resources. Create a new namespace for ingress-nginx to better organize resources. Update kustomization files to include new certificates and secrets. Streamline setup process with improved wait commands for pod readiness. 2025-12-10 08:16:27 +01:00			`# Apply again to get any CRD's that wasn't applied earlier since the definitions wasn't available`
			`kubectl apply -f "${kustomized}" --server-side \|\| true`
			`kubectl apply -k k8s/app --server-side`
chore: add more info to README and wait for all pods to be available 2021-10-01 17:50:01 +02:00
feat(ingress): add TLS configuration for staging hosts Add TLS configuration for staging-shiny and staging-shiny-api hosts in the ingress resources. Create a new namespace for ingress-nginx to better organize resources. Update kustomization files to include new certificates and secrets. Streamline setup process with improved wait commands for pod readiness. 2025-12-10 08:16:27 +01:00			`kubectl wait --for=condition=Ready pods -n cert-manager -l app=cert-manager --timeout 4m`
			`kubectl wait --for=condition=Ready pods -n cert-manager -l app=cainjector --timeout 4m`
			`kubectl wait --for=condition=Ready pods -n cert-manager -l app=webhook --timeout 4m`
			`kubectl wait --for=condition=Ready pods --all -n external-secrets --timeout=5m`
			`kubectl wait --for=condition=Ready pods --all -n default --timeout 3m`