mpwsh/138-crossplane-chicken-egg.sh

## 138-crossplane-chicken-egg.sh
# Source: https://gist.github.com/2e67c67a36a2e782422ebefb4a0a2612

git clone https://github.com/vfarcic/devops-toolkit-crossplane

cd devops-toolkit-crossplane

# Create a local Kubernetes cluster.

kubectl create namespace crossplane-system

kubectl create namespace a-team

#########
# Azure #
#########

az ad sp create-for-rbac \
    --sdk-auth \
    --role Owner \
    | tee azure-creds.json

export AZURE_CLIENT_ID=$(\
    cat azure-creds.json \
    | grep clientId \
    | cut -c 16-51)

export AAD_GRAPH_API=00000003-0000-0000-c000-000000000000

az ad app permission add \
    --id "${AZURE_CLIENT_ID}" \
    --api ${AAD_GRAPH_API} \
    --api-permissions \
    e1fe6dd8-ba31-4d61-89e7-88639da4683d=Scope \
    06da0dbc-49e2-44d2-8312-53f166ab848a=Scope \
    7ab1d382-f21e-4acd-a863-ba3e13f7da61=Role

az ad app permission grant \
    --id $AZURE_CLIENT_ID \
    --api $AAD_GRAPH_API \
    --expires never

az ad app permission admin-consent \
    --id "${AZURE_CLIENT_ID}"

kubectl --namespace crossplane-system \
    create secret generic azure-creds \
    --from-file creds=./azure-creds.json

####################
# Setup Crossplane #
####################

helm repo add crossplane-stable \
    https://charts.crossplane.io/stable

helm repo update

helm upgrade --install \
    crossplane crossplane-stable/crossplane \
    --namespace crossplane-system \
    --create-namespace \
    --wait

kubectl apply \
    --filename crossplane-config/provider-azure.yaml

kubectl apply \
    --filename crossplane-config/provider-config-azure.yaml

# Please re-run the previous command if the output is `unable to recognize ...`

########
# Demo #
########

# Already running Crossplane in a temp cluster

cat crossplane-config/config-k8s.yaml

kubectl apply \
    --filename crossplane-config/config-k8s.yaml

cat examples/azure-aks.yaml

kubectl --namespace a-team apply \
    --filename examples/azure-aks.yaml

kubectl get managed

# Shut down the temporary cluster

export KUBECONFIG=$PWD/kubeconfig.yaml

# Get KubeConfig of the newly created cluster

kubectl create namespace crossplane-system

kubectl create namespace a-team

kubectl --namespace crossplane-system \
    create secret generic azure-creds \
    --from-file creds=./azure-creds.json

helm upgrade --install \
    crossplane crossplane-stable/crossplane \
    --namespace crossplane-system \
    --create-namespace \
    --wait

kubectl apply \
    --filename crossplane-config/provider-azure.yaml

kubectl apply \
    --filename crossplane-config/provider-config-azure.yaml

kubectl apply \
    --filename crossplane-config/config-k8s.yaml

cat examples/azure-aks.yaml

kubectl --namespace a-team apply \
    --filename examples/azure-aks.yaml

kubectl get managed

# Set `spec.parameters.nodeSize` to `5` in `examples/azure-aks.yaml`

kubectl --namespace a-team apply \
    --filename examples/azure-aks.yaml

kubectl get managed

kubectl get nodes

kubectl describe kubernetescluster ateamaks

# This works only with resources that can be named explicitly. Otherwise, we'd need to use the `external-name` label.
# Open https://github.com/crossplane/crossplane/blob/master/design/one-pager-managed-resource-api-design.md#external-resource-name

###########
# Destroy #
###########

unset KUBECONFIG

az group delete --name ateamaks

cat examples/azure-aks.yaml \
    | sed -e "s@minNodeCount: .*@minNodeCount: 3@g" \
    | tee examples/azure-aks.yaml
	# Source: https://gist.github.com/2e67c67a36a2e782422ebefb4a0a2612

	git clone https://github.com/vfarcic/devops-toolkit-crossplane

	cd devops-toolkit-crossplane

	# Create a local Kubernetes cluster.

	kubectl create namespace crossplane-system

	kubectl create namespace a-team

	#########
	# Azure #
	#########

	az ad sp create-for-rbac \
	--sdk-auth \
	--role Owner \
	\| tee azure-creds.json

	export AZURE_CLIENT_ID=$(\
	cat azure-creds.json \
	\| grep clientId \
	\| cut -c 16-51)

	export AAD_GRAPH_API=00000003-0000-0000-c000-000000000000

	az ad app permission add \
	--id "${AZURE_CLIENT_ID}" \
	--api ${AAD_GRAPH_API} \
	--api-permissions \
	e1fe6dd8-ba31-4d61-89e7-88639da4683d=Scope \
	06da0dbc-49e2-44d2-8312-53f166ab848a=Scope \
	7ab1d382-f21e-4acd-a863-ba3e13f7da61=Role

	az ad app permission grant \
	--id $AZURE_CLIENT_ID \
	--api $AAD_GRAPH_API \
	--expires never

	az ad app permission admin-consent \
	--id "${AZURE_CLIENT_ID}"

	kubectl --namespace crossplane-system \
	create secret generic azure-creds \
	--from-file creds=./azure-creds.json

	####################
	# Setup Crossplane #
	####################

	helm repo add crossplane-stable \
	https://charts.crossplane.io/stable

	helm repo update

	helm upgrade --install \
	crossplane crossplane-stable/crossplane \
	--namespace crossplane-system \
	--create-namespace \
	--wait

	kubectl apply \
	--filename crossplane-config/provider-azure.yaml

	kubectl apply \
	--filename crossplane-config/provider-config-azure.yaml

	# Please re-run the previous command if the output is `unable to recognize ...`

	########
	# Demo #
	########

	# Already running Crossplane in a temp cluster

	cat crossplane-config/config-k8s.yaml

	kubectl apply \
	--filename crossplane-config/config-k8s.yaml

	cat examples/azure-aks.yaml

	kubectl --namespace a-team apply \
	--filename examples/azure-aks.yaml

	kubectl get managed

	# Shut down the temporary cluster

	export KUBECONFIG=$PWD/kubeconfig.yaml

	# Get KubeConfig of the newly created cluster

	kubectl create namespace crossplane-system

	kubectl create namespace a-team

	kubectl --namespace crossplane-system \
	create secret generic azure-creds \
	--from-file creds=./azure-creds.json

	helm upgrade --install \
	crossplane crossplane-stable/crossplane \
	--namespace crossplane-system \
	--create-namespace \
	--wait

	kubectl apply \
	--filename crossplane-config/provider-azure.yaml

	kubectl apply \
	--filename crossplane-config/provider-config-azure.yaml

	kubectl apply \
	--filename crossplane-config/config-k8s.yaml

	cat examples/azure-aks.yaml

	kubectl --namespace a-team apply \
	--filename examples/azure-aks.yaml

	kubectl get managed

	# Set `spec.parameters.nodeSize` to `5` in `examples/azure-aks.yaml`

	kubectl --namespace a-team apply \
	--filename examples/azure-aks.yaml

	kubectl get managed

	kubectl get nodes

	kubectl describe kubernetescluster ateamaks

	# This works only with resources that can be named explicitly. Otherwise, we'd need to use the `external-name` label.
	# Open https://github.com/crossplane/crossplane/blob/master/design/one-pager-managed-resource-api-design.md#external-resource-name

	###########
	# Destroy #
	###########

	unset KUBECONFIG

	az group delete --name ateamaks

	cat examples/azure-aks.yaml \
	\| sed -e "s@minNodeCount: .*@minNodeCount: 3@g" \
	\| tee examples/azure-aks.yaml