gitea_admin/k3s_auto_deploy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
master
k3s_auto_deploy/scripts/deploy-argocd.sh

136 lines
4.2 KiB
Bash
Executable File
Raw Permalink Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
#!/bin/bash
set -euo pipefail
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
PROJECT_DIR="$(dirname "$SCRIPT_DIR")"
CONFIG_FILE="$PROJECT_DIR/config/cluster-vars.yml"
# Source common library if available
if [ -f "$SCRIPT_DIR/lib/common.sh" ]; then
source "$SCRIPT_DIR/lib/common.sh"
else
# Fallback logging functions
log() { echo "[INFO] $1"; }
log_error() { echo "[ERROR] $1" >&2; }
log_warn() { echo "[WARN] $1"; }
fi
log "=== 部署ArgoCD ==="
# Check and install required tools
if [ -f "$SCRIPT_DIR/lib/common.sh" ]; then
ensure_yq || exit 1
ensure_htpasswd || exit 1
else
# Fallback: Install yq with retry
if ! command -v yq &> /dev/null; then
log "安装yq..."
for attempt in 1 2 3; do
if sudo wget -qO /usr/local/bin/yq https://github.com/mikefarah/yq/releases/latest/download/yq_linux_amd64 && \
sudo chmod +x /usr/local/bin/yq; then
log "✓ yq安装成功"
break
else
log_warn "yq安装失败 (尝试 $attempt/3)"
[ $attempt -lt 3 ] && sleep 5
fi
done
if ! command -v yq &> /dev/null; then
log_error "yq安装失败请手动安装"
exit 1
fi
fi
# Install htpasswd if not present
if ! command -v htpasswd &> /dev/null; then
log "安装htpasswd (apache2-utils)..."
if sudo apt update && sudo apt install -y apache2-utils; then
log "✓ htpasswd安装成功"
else
log_error "htpasswd安装失败请手动安装: sudo apt install apache2-utils"
exit 1
fi
fi
fi
# 读取配置变量
ARGOCD_DOMAIN=$(yq eval '.argocd_domain' "$CONFIG_FILE")
ARGOCD_PASSWORD=$(yq eval '.argocd_admin_password' "$CONFIG_FILE")
# 创建命名空间
kubectl create namespace argocd --dry-run=client -o yaml | kubectl apply -f -
# 安装ArgoCD with retry
log "安装ArgoCD..."
ARGOCD_MANIFEST_URL="https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml"
if [ -f "$SCRIPT_DIR/lib/common.sh" ]; then
retry 3 5 "kubectl apply -n argocd -f $ARGOCD_MANIFEST_URL" || {
log_error "ArgoCD安装失败"
exit 1
}
else
for attempt in 1 2 3; do
if kubectl apply -n argocd -f "$ARGOCD_MANIFEST_URL"; then
log "✓ ArgoCD清单应用成功"
break
else
log_warn "ArgoCD清单应用失败 (尝试 $attempt/3)"
[ $attempt -lt 3 ] && sleep 5
fi
done
fi
# 等待就绪
log "等待ArgoCD就绪..."
kubectl wait --for=condition=available --timeout=600s deployment/argocd-server -n argocd || {
log_error "ArgoCD部署超时"
log_error "请检查: kubectl get pods -n argocd"
exit 1
}
# 配置NodePort访问
kubectl patch svc argocd-server -n argocd -p '{"spec": {"type": "NodePort"}}' || {
log_warn "NodePort配置可能已存在"
}
# 更新admin密码
log "设置admin密码..."
BCRYPT_PASSWORD=$(htpasswd -nbBC 10 "" "$ARGOCD_PASSWORD" | tr -d ':\n' | sed 's/$2y/$2a/')
if [ -z "$BCRYPT_PASSWORD" ]; then
log_error "密码加密失败"
exit 1
fi
kubectl -n argocd patch secret argocd-secret \
-p "{\"stringData\": {\"admin.password\": \"$BCRYPT_PASSWORD\", \"admin.passwordMtime\": \"$(date +%FT%T%Z)\"}}" || {
log_error "密码设置失败"
exit 1
}
# 重启argocd-server
log "重启ArgoCD服务器..."
kubectl -n argocd rollout restart deployment argocd-server
kubectl -n argocd rollout status deployment argocd-server --timeout=300s || {
log_error "ArgoCD服务器重启超时"
exit 1
}
# 获取访问信息
NODEPORT=$(kubectl get svc argocd-server -n argocd -o jsonpath='{.spec.ports[0].nodePort}')
NODE_IP=$(kubectl get nodes -o jsonpath='{.items[0].status.addresses[?(@.type=="ExternalIP")].address}')
if [ -z "$NODE_IP" ]; then
NODE_IP=$(kubectl get nodes -o jsonpath='{.items[0].status.addresses[?(@.type=="InternalIP")].address}')
fi
log "=== ArgoCD部署完成 ==="
echo "🌐 访问地址: https://$NODE_IP:$NODEPORT"
echo "🌐 域名访问: https://$ARGOCD_DOMAIN (需配置Ingress)"
echo "👤 用户名: admin"
echo "🔑 密码: $ARGOCD_PASSWORD"
echo ""
log "提示: 首次访问可能需要接受自签名证书"
Reference in New Issue View Git Blame Copy Permalink