#!/usr/bin/env bash set -euo pipefail # ── helpers ────────────────────────────────────────────────────────── RED='\033[0;31m'; GREEN='\033[0;32m'; YELLOW='\033[1;33m'; NC='\033[0m' log() { echo -e "${GREEN}[OK]${NC} $*"; } warn() { echo -e "${YELLOW}[WARN]${NC} $*"; } err() { echo -e "${RED}[ERR]${NC} $*"; exit 1; } command_exists() { command -v "$1" &>/dev/null; } # ── defaults ───────────────────────────────────────────────────────── NAMESPACE="${NAMESPACE:-app}" RELEASE="${RELEASE:-deploy}" CHART_DIR="${CHART_DIR:-./deploy}" REGISTRY="${REGISTRY:-harbor.gitdata.me/gtateam}" TAG="${TAG:-$(git rev-parse --short HEAD)}" CONFIG_MAP="${CONFIG_MAP:-app-env}" PVC_NAME="${PVC_NAME:-shared-data}" # ── prerequisites ──────────────────────────────────────────────────── command_exists helm || err "helm not found — install via https://helm.sh/docs/intro/install/" command_exists kubectl || err "kubectl not found — install via https://kubernetes.io/docs/tasks/tools/" log "helm $(helm version --short)" log "kubectl $(kubectl version --client --short 2>/dev/null || kubectl version -o json 2>/dev/null | grep gitVersion)" # ── 1. Ensure namespace (not managed by Helm — preserved on uninstall) ── log "Ensuring namespace $NAMESPACE exists..." kubectl create namespace "$NAMESPACE" --dry-run=client -o yaml | kubectl apply -f - # ── 2. Ensure prerequisites ───────────────────────────────────────── # Namespace must exist (not managed by Helm) if ! kubectl get namespace "$NAMESPACE" &>/dev/null; then err "Namespace '$NAMESPACE' not found — create it first: kubectl create namespace $NAMESPACE" fi # ConfigMap (must exist before Helm install) if ! kubectl get configmap "$CONFIG_MAP" -n "$NAMESPACE" &>/dev/null; then err "ConfigMap '$CONFIG_MAP' not found in namespace '$NAMESPACE' — create it first" fi # PVC (must exist before Helm install) if ! kubectl get pvc "$PVC_NAME" -n "$NAMESPACE" &>/dev/null; then err "PVC '$PVC_NAME' not found in namespace '$NAMESPACE' — create it first" fi # cert-manager ClusterIssuer if ! kubectl get clusterissuer letsencrypt-prod &>/dev/null; then warn "ClusterIssuer 'letsencrypt-prod' not found — TLS certificate issuance will fail" fi log "Prerequisites verified" # ── 3. Lint chart ──────────────────────────────────────────────────── log "Linting Helm chart..." helm lint "$CHART_DIR" || err "Helm lint failed" # ── 4. Deploy ──────────────────────────────────────────────────────── log "Deploying release $RELEASE with tag $TAG..." helm upgrade --install "$RELEASE" "$CHART_DIR" \ --namespace "$NAMESPACE" \ --set imageRegistry="$REGISTRY" \ --set imageTag="$TAG" \ --set configMapName="$CONFIG_MAP" \ --set pvcName="$PVC_NAME" \ --wait \ --timeout 5m log "Release $RELEASE deployed successfully" # ── 5. Verify ──────────────────────────────────────────────────────── log "Checking deployment status..." kubectl get deployments -n "$NAMESPACE" -l app.kubernetes.io/instance="$RELEASE" kubectl get pods -n "$NAMESPACE" -l app.kubernetes.io/instance="$RELEASE" kubectl get services -n "$NAMESPACE" -l app.kubernetes.io/instance="$RELEASE" kubectl get ingress -n "$NAMESPACE" log "Deployment complete"