garystafford/part2_deploy_resources.sh

## part2_deploy_resources.sh
#!/bin/bash
#
# author: Gary A. Stafford
# site: https://programmaticponderings.com
# license: MIT License
# purpose: Deploy Kubernetes/Istio resources

# Constants - CHANGE ME!
readonly CERT_PATH=~/Documents/Articles/gke-kafka/sslforfree_non_prod
readonly NAMESPACES=( 'dev' 'test' 'uat' )

# Kubernetes Secret to hold the server’s certificate and private key
kubectl create -n istio-system secret tls istio-ingressgateway-certs \
  --key $CERT_PATH/private.key --cert $CERT_PATH/certificate.crt

# Istio Gateway and three ServiceEntry resources
kubectl apply -f ./resources/other/istio-gateway.yaml

# End-user auth applied per environment
kubectl apply -f ./resources/other/auth-policy-dev.yaml
kubectl apply -f ./resources/other/auth-policy-test.yaml
kubectl apply -f ./resources/other/auth-policy-uat.yaml

# Loop through each non-prod Namespace (environment)
# Re-use same resources (incld. credentials) for all environments, just for the demo
for namespace in ${NAMESPACES[@]}; do
  kubectl apply -n $namespace -f ./resources/config/confluent-cloud-kafka-configmap.yaml
  kubectl apply -n $namespace -f ./resources/config/mongodb-atlas-secret.yaml
  kubectl apply -n $namespace -f ./resources/config/confluent-cloud-kafka-secret.yaml

  kubectl apply -n $namespace -f ./resources/other/mongodb-atlas-external-mesh.yaml
  kubectl apply -n $namespace -f ./resources/other/confluent-cloud-external-mesh.yaml

  kubectl apply -n $namespace -f ./resources/services/accounts.yaml
  kubectl apply -n $namespace -f ./resources/services/fulfillment.yaml
  kubectl apply -n $namespace -f ./resources/services/orders.yaml
done
	#!/bin/bash
	#
	# author: Gary A. Stafford
	# site: https://programmaticponderings.com
	# license: MIT License
	# purpose: Deploy Kubernetes/Istio resources

	# Constants - CHANGE ME!
	readonly CERT_PATH=~/Documents/Articles/gke-kafka/sslforfree_non_prod
	readonly NAMESPACES=( 'dev' 'test' 'uat' )

	# Kubernetes Secret to hold the server’s certificate and private key
	kubectl create -n istio-system secret tls istio-ingressgateway-certs \
	--key $CERT_PATH/private.key --cert $CERT_PATH/certificate.crt

	# Istio Gateway and three ServiceEntry resources
	kubectl apply -f ./resources/other/istio-gateway.yaml

	# End-user auth applied per environment
	kubectl apply -f ./resources/other/auth-policy-dev.yaml
	kubectl apply -f ./resources/other/auth-policy-test.yaml
	kubectl apply -f ./resources/other/auth-policy-uat.yaml

	# Loop through each non-prod Namespace (environment)
	# Re-use same resources (incld. credentials) for all environments, just for the demo
	for namespace in ${NAMESPACES[@]}; do
	kubectl apply -n $namespace -f ./resources/config/confluent-cloud-kafka-configmap.yaml
	kubectl apply -n $namespace -f ./resources/config/mongodb-atlas-secret.yaml
	kubectl apply -n $namespace -f ./resources/config/confluent-cloud-kafka-secret.yaml

	kubectl apply -n $namespace -f ./resources/other/mongodb-atlas-external-mesh.yaml
	kubectl apply -n $namespace -f ./resources/other/confluent-cloud-external-mesh.yaml

	kubectl apply -n $namespace -f ./resources/services/accounts.yaml
	kubectl apply -n $namespace -f ./resources/services/fulfillment.yaml
	kubectl apply -n $namespace -f ./resources/services/orders.yaml
	done