diff --git a/iac/src/main/core.cljs b/iac/src/main/core.cljs index 74854b2..b17305a 100644 --- a/iac/src/main/core.cljs +++ b/iac/src/main/core.cljs @@ -9,23 +9,38 @@ (def init-stack (clj->js {:projectName "hetzner-k3s" - :stackName "init" - :workDir "/home/jaggar/dotfiles/iac" - :program base/quick-deploy-base})) + :stackName "init" + :workDir "/home/jaggar/dotfiles/iac" + :program base/quick-deploy-base})) (def shared-platform-stack (clj->js {:projectName "hetzner-k3s" :stackName "shared" :workDir "/home/jaggar/dotfiles/iac" :program base/quick-deploy-shared})) +(def prepare-deployment-stack (clj->js {:projectName "hetzner-k3s" + :stackName "prepare" + :workDir "/home/jaggar/dotfiles/iac" + :program base/quick-deploy-prepare})) + (def deployment-stack (clj->js {:projectName "hetzner-k3s" - :stackName "deployment" - :workDir "/home/jaggar/dotfiles/iac" - :program base/quick-deploy-services})) + :stackName "deployment" + :workDir "/home/jaggar/dotfiles/iac" + :program base/quick-deploy-services})) + +(defn config-core [stack kubeconfig vault-token vault-address] + (p/do (.setConfig stack "hetzner-k3s:sshKeyName" #js {:value (-> cfg :sshKeyName) :secret false}) + (.setConfig stack "hetzner-k3s:sshPersonalKeyName" #js {:value (-> cfg :sshPersonalKeyName) :secret false}) + (.setConfig stack "hetzner-k3s:privateKeySsh" #js {:value (-> cfg :privateKeySsh) :secret true}) + (.setConfig stack "kubeconfig" #js {:value kubeconfig :secret true}) + (.setConfig stack "vault:token" #js {:value vault-token :secret true}) + (.setConfig stack "hcloud:token" #js {:value (-> cfg :hcloudToken) :secret true}) + (.setConfig stack "vault:address" #js {:value vault-address :secret true}) + (.setConfig stack "hetzner-k3s:apiToken" #js {:value (-> cfg :apiToken) :secret true}))) (defn run [] - - (p/let [_ (println "Deploying cluster") + + (p/let [_ (println "Deploying cluster") core-stack (.createOrSelectStack pulumi-auto/LocalWorkspace init-stack) @@ -33,16 +48,16 @@ _ (.setConfig core-stack "hetzner-k3s:sshPersonalKeyName" #js {:value (-> cfg :sshPersonalKeyName) :secret false}) _ (.setConfig core-stack "hcloud:token" #js {:value (-> cfg :hcloudToken) :secret true}) _ (.setConfig core-stack "hetzner-k3s:privateKeySsh" #js {:value (-> cfg :privateKeySsh) :secret true}) - core-result (.up core-stack #js {:onOutput println}) + core-result (.up core-stack #js {:onOutput println}) ;; Checks for changes on the core and prevents deleting the app-stack needlessly. ;; Important for the Openbao vault as it is deployed here and configured on the app-stack generally ;;core-preview-result (.preview core-stack #js {:onOutput println}) ;;core-change-summary (js->clj (.-changeSummary core-preview-result) :keywordize-keys true) #_core-result #_(when (or (zero? (:delete core-change-summary 0)) - (pos? (:update core-change-summary 0)) - (pos? (:create core-change-summary 0))) - (.up core-stack #js {:onOutput println})) + (pos? (:update core-change-summary 0)) + (pos? (:create core-change-summary 0))) + (.up core-stack #js {:onOutput println})) core-outputs (.outputs core-stack) vault-address (-> core-outputs (aget "vaultAddress") (.-value)) @@ -60,38 +75,36 @@ "-n" "vault"]) - _ (p/delay 2000) + _ (p/delay 3000) + shared-stack (.createOrSelectStack pulumi-auto/LocalWorkspace shared-platform-stack) - _ (.setConfig shared-stack "hetzner-k3s:sshKeyName" #js {:value (-> cfg :sshKeyName) :secret false}) - _ (.setConfig shared-stack "hetzner-k3s:sshPersonalKeyName" #js {:value (-> cfg :sshPersonalKeyName) :secret false}) - _ (.setConfig shared-stack "hcloud:token" #js {:value (-> cfg :hcloudToken) :secret true}) - _ (.setConfig shared-stack "kubeconfig" #js {:value kubeconfig :secret true}) - _ (.setConfig shared-stack "vault:token" #js {:value vault-token :secret true}) - _ (.setConfig shared-stack "vault:address" #js {:value vault-address :secret true}) - _ (.setConfig shared-stack "hetzner-k3s:apiToken" #js {:value (-> cfg :apiToken) :secret true}) - + _ (config-core shared-stack kubeconfig vault-token vault-address) + shared-results (.up shared-stack #js {:onOutput println}) shared-outputs (.outputs shared-stack) _ (println shared-outputs) + _ (p/delay 2000) + prepare-stack (.createOrSelectStack pulumi-auto/LocalWorkspace + prepare-deployment-stack) + _ (config-core prepare-stack kubeconfig vault-token vault-address) + + prepare-results (.up prepare-stack #js {:onOutput println}) + prepare-outputs (.outputs prepare-stack) + _ (println prepare-outputs) + _ (p/delay 3000) app-stack (.createOrSelectStack pulumi-auto/LocalWorkspace deployment-stack) - _ (.setConfig app-stack "hetzner-k3s:sshKeyName" #js {:value (-> cfg :sshKeyName) :secret false}) - _ (.setConfig app-stack "hetzner-k3s:sshPersonalKeyName" #js {:value (-> cfg :sshPersonalKeyName) :secret false}) - _ (.setConfig app-stack "hetzner-k3s:privateKeySsh" #js {:value (-> cfg :privateKeySsh) :secret true}) - _ (.setConfig app-stack "kubeconfig" #js {:value kubeconfig :secret true}) - _ (.setConfig app-stack "vault:token" #js {:value vault-token :secret true}) - _ (.setConfig app-stack "hcloud:token" #js {:value (-> cfg :hcloudToken) :secret true}) - _ (.setConfig app-stack "vault:address" #js {:value vault-address :secret true}) - _ (.setConfig app-stack "hetzner-k3s:apiToken" #js {:value (-> cfg :apiToken) :secret true}) -;; app-result (.up app-stack #js {:onOutput println}) + _ (config-core app-stack kubeconfig vault-token vault-address) - ;; app-outputs (.outputs app-stack) - ;; _ (println app-outputs) + app-result (.up app-stack #js {:onOutput println}) + + app-outputs (.outputs app-stack) + _ (println app-outputs) _ (.kill port-forward)] "All stacks deployed and cleaned up successfully."))