pjbgf/aks-cluster-provisioning.yml

## aks-cluster-provisioning.yml
version: 2
jobs:

  provision_cluster:
    docker:
      - image: azuresdk/azure-cli-python
    environment:
      RESOURCE_GROUP: aks-poc-euw-rg
      CLUSTER_LOCATION: westeurope
      CONTAINER_REPOSITORY: akspoc
      KEYVAULT_NAME: aks-poc-keyvault-euw
      CLUSTER_NAME: aks-poc-euw
    steps:
      # LOGIN ONTO AZURE WITH EXISTING SERVICE PRINCIPAL
      - run: |
            az login --service-principal -u $SERVICE_PRINCIPAL --password $SERVICE_PRINCIPAL_PASS --tenant $SERVICE_TENANT
            az account set --subscription $SUBSCRIPTION_NAME_OR_ID

      # CREATE RESOURCE GROUP
      - run: az group create --name $RESOURCE_GROUP --location $CLUSTER_LOCATION

      # GENERATE SSH KEY
      - run: ssh-keygen -t rsa -b 2048 -N '' -f ./cluster-ssh

      # CREATE CONTAINER REPOSITORY (IDEALLY THIS WOULD BE REGION AGNOSTIC)
      - run: az acr create --name $CONTAINER_REPOSITORY --resource-group $RESOURCE_GROUP --sku Basic
      # CHECK FOR A BETTER WAY TO AUTOMATICALLY ENABLE AUTH
      - run: az acr update -n $CONTAINER_REPOSITORY --admin-enabled true

      # CREATE KEYVAULT AND UPLOAD SSH KEY
      - run: az provider register -n Microsoft.KeyVault
      - run: az keyvault create --name $KEYVAULT_NAME --resource-group $RESOURCE_GROUP --location $CLUSTER_LOCATION
      - run: az keyvault secret set --vault-name $KEYVAULT_NAME --name cluster-ssh --file ./cluster-ssh
      - run: az keyvault secret set --vault-name $KEYVAULT_NAME --name cluster-ssh-pub --file ./cluster-ssh.pub

      # CREATE AKS CLUSTER, THEN DELETE SSH KEY
      - run: az provider register -n Microsoft.ContainerService
      - run: az aks create --resource-group $RESOURCE_GROUP --name $CLUSTER_NAME --location $CLUSTER_LOCATION --ssh-key-value ./cluster-ssh.pub --service-principal $SERVICE_PRINCIPAL --client-secret $SERVICE_PRINCIPAL_PASS #--kubernetes-version 1.8.2

      - run: kubectl create secret docker-registry acr-credentials --docker-server=$CONTAINER_REPOSITORY.azurecr.io --docker-username=$CONTAINER_REPOSITORY --docker-password=$(az acr credential show --name $CONTAINER_REPOSITORY --out table | tail -n1 | sed 's/  /|/g' | sed 's/||/|/g' | sed 's/||/|/g' | cut -f 2 -d '|') --docker-email=any@email.c.o

      # DELETE GENERATED SSH KEYS
      - run: rm cluster-ssh*


  delete_all_resources:
    docker:
      - image: azuresdk/azure-cli-python
    environment:
      RESOURCE_GROUP: aks-poc2-euw-rg
    steps:
      - run: |
           az login --service-principal -u $SERVICE_PRINCIPAL --password $SERVICE_PRINCIPAL_PASS --tenant $SERVICE_TENANT
           az account set --subscription $SUBSCRIPTION_NAME_OR_ID
           az group delete --yes --name $RESOURCE_GROUP


workflows:
  version: 2

  on_demand_provisioning:
    jobs:
      - provision_cluster

  nightly:
    triggers:
      - schedule:
          cron: "0 0 * * *"
          filters:
            branches:
              only:
                - master
    jobs:
      - delete_all_resources
	version: 2
	jobs:

	provision_cluster:
	docker:
	- image: azuresdk/azure-cli-python
	environment:
	RESOURCE_GROUP: aks-poc-euw-rg
	CLUSTER_LOCATION: westeurope
	CONTAINER_REPOSITORY: akspoc
	KEYVAULT_NAME: aks-poc-keyvault-euw
	CLUSTER_NAME: aks-poc-euw
	steps:
	# LOGIN ONTO AZURE WITH EXISTING SERVICE PRINCIPAL
	- run: \|
	az login --service-principal -u $SERVICE_PRINCIPAL --password $SERVICE_PRINCIPAL_PASS --tenant $SERVICE_TENANT
	az account set --subscription $SUBSCRIPTION_NAME_OR_ID

	# CREATE RESOURCE GROUP
	- run: az group create --name $RESOURCE_GROUP --location $CLUSTER_LOCATION

	# GENERATE SSH KEY
	- run: ssh-keygen -t rsa -b 2048 -N '' -f ./cluster-ssh

	# CREATE CONTAINER REPOSITORY (IDEALLY THIS WOULD BE REGION AGNOSTIC)
	- run: az acr create --name $CONTAINER_REPOSITORY --resource-group $RESOURCE_GROUP --sku Basic
	# CHECK FOR A BETTER WAY TO AUTOMATICALLY ENABLE AUTH
	- run: az acr update -n $CONTAINER_REPOSITORY --admin-enabled true

	# CREATE KEYVAULT AND UPLOAD SSH KEY
	- run: az provider register -n Microsoft.KeyVault
	- run: az keyvault create --name $KEYVAULT_NAME --resource-group $RESOURCE_GROUP --location $CLUSTER_LOCATION
	- run: az keyvault secret set --vault-name $KEYVAULT_NAME --name cluster-ssh --file ./cluster-ssh
	- run: az keyvault secret set --vault-name $KEYVAULT_NAME --name cluster-ssh-pub --file ./cluster-ssh.pub

	# CREATE AKS CLUSTER, THEN DELETE SSH KEY
	- run: az provider register -n Microsoft.ContainerService
	- run: az aks create --resource-group $RESOURCE_GROUP --name $CLUSTER_NAME --location $CLUSTER_LOCATION --ssh-key-value ./cluster-ssh.pub --service-principal $SERVICE_PRINCIPAL --client-secret $SERVICE_PRINCIPAL_PASS #--kubernetes-version 1.8.2

	- run: kubectl create secret docker-registry acr-credentials --docker-server=$CONTAINER_REPOSITORY.azurecr.io --docker-username=$CONTAINER_REPOSITORY --docker-password=$(az acr credential show --name $CONTAINER_REPOSITORY --out table \| tail -n1 \| sed 's/ /\|/g' \| sed 's/\|\|/\|/g' \| sed 's/\|\|/\|/g' \| cut -f 2 -d '\|') --docker-email=any@email.c.o

	# DELETE GENERATED SSH KEYS
	- run: rm cluster-ssh*


	delete_all_resources:
	docker:
	- image: azuresdk/azure-cli-python
	environment:
	RESOURCE_GROUP: aks-poc2-euw-rg
	steps:
	- run: \|
	az login --service-principal -u $SERVICE_PRINCIPAL --password $SERVICE_PRINCIPAL_PASS --tenant $SERVICE_TENANT
	az account set --subscription $SUBSCRIPTION_NAME_OR_ID
	az group delete --yes --name $RESOURCE_GROUP


	workflows:
	version: 2

	on_demand_provisioning:
	jobs:
	- provision_cluster

	nightly:
	triggers:
	- schedule:
	cron: "0 0 * * *"
	filters:
	branches:
	only:
	- master
	jobs:
	- delete_all_resources