From bcdef58e285ef907c6b52152fcee2b75bd8281bd Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jo=C3=A3o=20Lino?= <jl@joaolino.com>
Date: Fri, 17 Apr 2020 20:43:12 +0100
Subject: [PATCH] Remove secrets and make a smarter startup script.

---
 demo-infra-jenkins-install.sh      | 41 ++++++++++++++++++++++--------
 templates/jenkins-credentials.yaml |  6 -----
 templates/jenkins-secrets.yaml     |  7 -----
 values.yaml                        |  4 +--
 4 files changed, 32 insertions(+), 26 deletions(-)
 delete mode 100644 templates/jenkins-credentials.yaml
 delete mode 100644 templates/jenkins-secrets.yaml

diff --git a/demo-infra-jenkins-install.sh b/demo-infra-jenkins-install.sh
index 644e8ad..a27b8dc 100644
--- a/demo-infra-jenkins-install.sh
+++ b/demo-infra-jenkins-install.sh
@@ -1,7 +1,6 @@
 #!/bin/sh
 
 __is_pod_ready() {
-
   POD_STATUS="False"
   while [ "$POD_STATUS" != "True" ];
   do
@@ -11,16 +10,36 @@ __is_pod_ready() {
   done
 }
 
-# install jenkins
-helm install -f values.yaml --namespace demo-infra --kubeconfig ~/.kube/config demo-infra-jenkins stable/jenkins
+__expose_pod() {
+  # kill any previous proxy
+  kill $(ps aux | grep '8180[:]8080' | awk '{print $2}')
+
+  # print admin password
+  export JENKINS_PASS=$(kubectl get secret --namespace demo-infra demo-infra-jenkins -o jsonpath="{.data.jenkins-admin-password}" | base64 --decode)
+  echo "HOST: http://192.168.1.194:8180  USERNAME: admin  PASSWORD: $JENKINS_PASS"
+
+  # expose
+  export POD_NAME=$(kubectl get pods --namespace demo-infra -l "app.kubernetes.io/component=jenkins-master" -l "app.kubernetes.io/instance=demo-infra-jenkins" -o jsonpath="{.items[0].metadata.name}")
+  kubectl --namespace demo-infra port-forward $POD_NAME 8180:8080  --address 0.0.0.0 &
+}
+
+POD_STATUS=$(kubectl get pods --namespace demo-infra -l "app.kubernetes.io/component=jenkins-master" -l "app.kubernetes.io/instance=demo-infra-jenkins" -o jsonpath='{..status.conditions[?(@.type=="Ready")].status}')
+if [ "$POD_STATUS" = 'True' ]; then
+  echo "pod already installed, exposing it..."
+
+  # create proxy into the pod
+  __expose_pod
+
+else
+  echo "pod missing, installing it..."
+
+  # install nexus
+  helm install -f values.yaml --namespace demo-infra --kubeconfig ~/.kube/config demo-infra-jenkins ./
 
-# wait for it to become ready
-__is_pod_ready
+  # wait for it to become ready
+  __is_pod_ready
 
-# print admin password
-export JENKINS_PASS=$(kubectl get secret --namespace demo-infra demo-infra-jenkins -o jsonpath="{.data.jenkins-admin-password}" | base64 --decode)
-echo "HOST: http://192.168.1.194:8180  USERNAME: admin  PASSWORD: $JENKINS_PASS"
+  # create proxy into the pod
+  __expose_pod
 
-# expose
-export POD_NAME=$(kubectl get pods --namespace demo-infra -l "app.kubernetes.io/component=jenkins-master" -l "app.kubernetes.io/instance=demo-infra-jenkins" -o jsonpath="{.items[0].metadata.name}")
-kubectl --namespace demo-infra port-forward $POD_NAME 8180:8080  --address 0.0.0.0 &
+fi
diff --git a/templates/jenkins-credentials.yaml b/templates/jenkins-credentials.yaml
deleted file mode 100644
index 19d08f3..0000000
--- a/templates/jenkins-credentials.yaml
+++ /dev/null
@@ -1,6 +0,0 @@
-apiVersion: v1
-kind: Secret
-metadata:
-  name: jenkins-credentials
-data:
-  credentials.xml: PD94bWwgdmVyc2lvbj0nMS4xJyBlbmNvZGluZz0nVVRGLTgnPz4KPGNvbS5jbG91ZGJlZXMucGx1Z2lucy5jcmVkZW50aWFscy5TeXN0ZW1DcmVkZW50aWFsc1Byb3ZpZGVyIHBsdWdpbj0iY3JlZGVudGlhbHNAMi4zLjciPgogIDxkb21haW5DcmVkZW50aWFsc01hcCBjbGFzcz0iaHVkc29uLnV0aWwuQ29weU9uV3JpdGVNYXAkSGFzaCI+CiAgICA8ZW50cnk+CiAgICAgIDxjb20uY2xvdWRiZWVzLnBsdWdpbnMuY3JlZGVudGlhbHMuZG9tYWlucy5Eb21haW4+CiAgICAgICAgPHNwZWNpZmljYXRpb25zLz4KICAgICAgPC9jb20uY2xvdWRiZWVzLnBsdWdpbnMuY3JlZGVudGlhbHMuZG9tYWlucy5Eb21haW4+CiAgICAgIDxqYXZhLnV0aWwuY29uY3VycmVudC5Db3B5T25Xcml0ZUFycmF5TGlzdD4KICAgICAgICA8aW8uamVua2lucy5wbHVnaW5zLmdpdGxhYnNlcnZlcmNvbmZpZy5jcmVkZW50aWFscy5QZXJzb25hbEFjY2Vzc1Rva2VuSW1wbCBwbHVnaW49ImdpdGxhYi1icmFuY2gtc291cmNlQDEuNC42Ij4KICAgICAgICAgIDxzY29wZT5HTE9CQUw8L3Njb3BlPgogICAgICAgICAgPGlkPnNlcnZpY2UtY29uZmlnLXRva2VuPC9pZD4KICAgICAgICAgIDxkZXNjcmlwdGlvbj5UaGUgdXNlciB0aGF0IG1hbmFnZXIgdGhlIGdpdGxhYiBpbnRlZ3JhdGlvbiBmb3IgQ0kvQ0QgcHJvamVjdHMuPC9kZXNjcmlwdGlvbj4KICAgICAgICAgIDx0b2tlbj57QVFBQUFCQUFBQUFnbC9ldnBFY2pzcnRpclZ4YkVNZXp1NlQrV0tJcnFPcUlqV2IwZXRXWDJOdmo5VTExWXZrd2hyN0NiM2lMK0UxbH08L3Rva2VuPgogICAgICAgIDwvaW8uamVua2lucy5wbHVnaW5zLmdpdGxhYnNlcnZlcmNvbmZpZy5jcmVkZW50aWFscy5QZXJzb25hbEFjY2Vzc1Rva2VuSW1wbD4KICAgICAgPC9qYXZhLnV0aWwuY29uY3VycmVudC5Db3B5T25Xcml0ZUFycmF5TGlzdD4KICAgIDwvZW50cnk+CiAgPC9kb21haW5DcmVkZW50aWFsc01hcD4KPC9jb20uY2xvdWRiZWVzLnBsdWdpbnMuY3JlZGVudGlhbHMuU3lzdGVtQ3JlZGVudGlhbHNQcm92aWRlcj4=
\ No newline at end of file
diff --git a/templates/jenkins-secrets.yaml b/templates/jenkins-secrets.yaml
deleted file mode 100644
index 6db120f..0000000
--- a/templates/jenkins-secrets.yaml
+++ /dev/null
@@ -1,7 +0,0 @@
-apiVersion: v1
-kind: Secret
-metadata:
-  name: jenkins-secrets
-data:
-  master.key: YTdhMjQyMTZiMWUxZTdjMDNkNDhiMGEyYmI2OWFhYjMzNDcyNjlmZmUzYWU0MjYwZjhmMTY5ZTZkMjFjNjhiMWVmMmVlYjhhMjAxNGUyN2U0ZjExNDMxY2IwNDA1ZTQ3NjFhNmJmNjg3YTVhNDRlNjU2YTdkYTQ5ZTk5Y2E4NjlhMzZhZjIxMjE4NmMzNGY5NDEzOWZjODQ2NTU5NzkyNTdkY2IxODY2MmFiOTcyMGE4YmQyYmEzN2QyOThiMzU1NGZkNDU4MjFkZDM1ZmQyYTg1Y2U1MzI2OTQ1ZDM0OThmY2IxYjk1YWNlODNhMWRhYmY0ZjI0NTUyNWJhYTUzMg==
-  hudson.util.Secret: +z3+/YnKuRQBoGObj6Dg4MW6Csz/M5Hw2NMmHX1BnOSvSel+cyn7AEtxXBNOiJtkqjEuUm4MHo/BuuQ3aWSeuDAIoHvZWZqIctk8D7/azrkjt0hnAPdnrLAwDX4mhNT3yZAbssx/YzjzIPkHVdgHcGyL9TdBdkrbbyEZZEFBBWuD8C71cLyidfK/571/qtNBO2mLllh9JReL12EKVLZz3fvnlgC/D2IrCvlb4Y9xYvKYw2+FL98cweOBQV57SvN7XkHvSFdaAejsT5UOIkcU8dKBnVyfHM7qxcjXnX+ZyEiX6LuRoKcYKXfD2V4jddd9vsWyBAi+vx/oiiBXbr/W2bxESlEplV2bvdxCkttxl6c=
\ No newline at end of file
diff --git a/values.yaml b/values.yaml
index df9933f..11f484c 100644
--- a/values.yaml
+++ b/values.yaml
@@ -235,11 +235,11 @@ master:
   #  - |
   #    print 'adding global pipeline libraries, register properties, bootstrap jobs...'
   # Kubernetes secret that contains a 'credentials.xml' for Jenkins
-  credentialsXmlSecret: jenkins-credentials
+  #credentialsXmlSecret: jenkins-credentials
   # Kubernetes secret that contains files to be put in the Jenkins 'secrets' directory,
   # useful to manage encryption keys used for credentials.xml for instance (such as
   # master.key and hudson.util.Secret)
-  secretsFilesSecret: jenkins-secrets
+  #secretsFilesSecret: jenkins-secrets
   # Jenkins XML job configs to provision
   jobs:
     #  test: |-
-- 
2.24.1