-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathdeploy-driver.sh
executable file
·61 lines (50 loc) · 2.03 KB
/
deploy-driver.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
#!/bin/bash
# This script will deploy the GCP Compute Persistent Disk CSI Driver to the
# currently available Kubernetes cluster
# Note: setup-cluster.yaml depends on the existence of cluster-roles
# system:csi-external-attacher and system:csi-external-provisioner
# which are in Kubernetes version 1.10.5+
# Args:
# GCE_PD_SA_DIR: Directory the service account key has been saved in (generated by setup-project.sh)
set -o nounset
set -o errexit
readonly PKGDIR="${GOPATH}/src/sigs.k8s.io/gcp-compute-persistent-disk-csi-driver"
readonly KUBEDEPLOY="${PKGDIR}/deploy/kubernetes"
. $(dirname $0)/../common.sh
function check_service_account()
{
# Using bash magic to parse JSON for IAM
# Grepping for a line with client email returning anything quoted after the colon
readonly IAM_NAME=$(grep -Po '"client_email": *\K"[^"]*"' ${GCE_PD_SA_DIR}/cloud-sa.json | tr -d '"')
# Grepping anything after the @ tell the first . as the project name
readonly PROJECT=$(grep -Po '.*@\K[^.]+'<<<${IAM_NAME})
readonly GOTTEN_BIND_ROLES=$(gcloud projects get-iam-policy ${PROJECT} --flatten="bindings[].members" --format='table(bindings.role)' --filter="bindings.members:${IAM_NAME}")
readonly BIND_ROLES=$(get_needed_roles)
MISSING_ROLES=false
for role in ${BIND_ROLES}
do
if ! grep -q $role <<<${GOTTEN_BIND_ROLES} ;
then
echo "Missing role: $role"
MISSING_ROLES=true
fi
done
if [ "${MISSING_ROLES}" = true ];
then
echo "Cannot deploy with missing roles in service account, please run setup-project.sh to setup Service Account"
exit 1
fi
}
check_service_account
if ! kubectl get secret cloud-sa;
then
kubectl create secret generic cloud-sa --from-file="${GCE_PD_SA_DIR}/cloud-sa.json"
fi
# GKE Required Setup
if ! kubectl get clusterrolebinding cluster-admin-binding;
then
kubectl create clusterrolebinding cluster-admin-binding --clusterrole cluster-admin --user $(gcloud config get-value account)
fi
kubectl apply -f "${KUBEDEPLOY}/setup-cluster.yaml"
kubectl apply -f "${KUBEDEPLOY}/node.yaml"
kubectl apply -f "${KUBEDEPLOY}/controller.yaml"