UNCLASSIFIED - NO CUI

Skip to content

Added the ability to control k3d clusters, and to deploy flux and bigbang to your cluster

Andrew Kesterson requested to merge feature/k3d into main

General MR

Summary

This MR improves the developer experience for bigbang by moving common operations into the bbctl command line tool, creating a unified interface to the platform. Specifically, this MR abstracts away the usage of the k3d-dev.sh script, the install_flux script, and the initial helm bigbang deployment, into bbctl commands.

This MR adds several new commands to bbctl:

  • bbctl k3d create

  • bbctl k3d destroy

  • bbctl k3d shellprofile

  • bbctl k3d ssh

  • bbctl k3d hosts

  • bbctl deploy flux

  • bbctl deploy bigbang

This simplifies your workflow in dev and will allow us to simplify the onboarding documentation. Now, to get a k3d cluster up running bigbang:

export BIG_BANG_REPO=/your/repo/location
export BIG_BANG_CREDENTIAL_HELPER=/your/credential/helper
bbctl k3d create
# source your shell profile for kubectl(works in bash, might need adjustment in others)
eval $(bbctl k3d shellprofile)
bbctl deploy flux
bbctl deploy bigbang

BigBang Credential Helper

The deploy command expect the presence of a credential helper that is an executable program that conforms to the following interface:

CREDENTIAL_HELPER <TARGET_URI> [username|password]

... where TARGET_URI is a URI (like registry1.dso.mil). The credential helper's job is to provide the username or password (as requested) for the target uri on standard output (no trailing newline). Return codes are currently ignored. It is up to the user to provide this credential helper. We can improve later or ship a default or something. This opens the way for us to manage other credentials in the future. The credential helper can be provided by the --big-bang-credential-helper flag or the BIG_BANG_CREDENTIAL_HELPER environment variable. Here is an intentionally primitive example of it working:

$ cat ~/bin/credentialhelper.sh 
#!/bin/bash

if [[ "$1" == "registry1.dso.mil" ]]; then
        if [[ "$2" == "username" ]]; then
                echo -n "AndrewKesterson"
        elif [[ "$2" == "password" ]]; then
                echo -n "*****"
        fi
fi

$ ./bbctl deploy flux
REGISTRY_URL: registry1.dso.mil
REGISTRY_USERNAME: AndrewKesterson
Creating flux-system namespace so that the docker-registry secret can be added first.

... output snipped, but we can see the credential provider working, otherwise the username would not have been provided to the install_flux script. The credential helper can be smart enough to interact with password managers, yaml files, whatever - but that's outside of bbctl's scope, we just need the credentials.

If no credential helper is provided, you are given a useful error

$ unset BIG_BANG_CREDENTIAL_HELPER
$ ./bbctl deploy flux
2024/03/29 06:28:01 No credential helper defined

BigBang Repository Location

The big bang repo must be checked out somewhere in order for the k3d-dev script to be executed, and for flux and bigbang to be deployed. This can be provided by the --big-bang-repo flag or the BIG_BANG_REPO environment variable.

If you do not provide the repo location, you are given a useful error

$ ./bbctl deploy bigbang
2024/03/29 06:29:03 No big bang repository path defined

Tests

There are no tests for this yet. I'm not familiar enough with golang's test suite yet to write tests here.

Relevant logs/screenshots

(Include any relevant logs/screenshots)

Linked Issue

No linked issue, this is something came up during my onboarding and was the outgrowth of an IL2 mattermost discussion

https://chat.il2.dso.mil/platform-one/pl/dhjztcsgt3n65gbx39h1cc4yxo

Upgrade Notices

N/A

Edited by Andrew Kesterson

Merge request reports

UNCLASSIFIED - NO CUI