deploy demo alpr

README.md

@@ -1,3 +1,34 @@
+# RUN DOCKER DEMO
+
+ADD a clean argo
+```
+./run_argo.sh
+```
+Verify with `kubectl get pods -n argo -w` -> all server are running and 1/1
+Any problem with this, can be a top problem from your k3s or k8s (FIX IT BEFORE)
+
+```
+sudo ./clone_opencloud_microservices.sh demo-alpr
+cd ./docker
+./start-demo.sh
+```
+
+GO on localhost:8000, prefer a "chromium-browser --disable-web-security" chrome no CORS session to reach img. 
+
+Before launch or to stop properly 
+
+```
+cd ./docker
+./stop.sh
+```
+
+if you want a linux app : 
+
+```
+cd ../oc-front
+./local_run_traefik.sh
+```
+
 # Purpose of this component
 
 The purpose of oc-deploy, is to deploy all the OC components over a Kubernetes cluster.

clone_opencloud_microservices.sh

@@ -32,7 +32,7 @@ clone_repo() {
     echo "Check in $branche & pull"
     ls
     echo "Repository '$repo_name' already exists. Pulling latest changes..."
-    cd "$repo_name" && git checkout $branche && git pull 
+    cd "$repo_name" && git stash && git checkout $branche 
     cd ..
 }
 

docker/kube.exemple.env

@@ -1,4 +0,0 @@
-KUBERNETES_SERVICE_HOST=192.168.47.20
-KUBE_CA="LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJkekNDQVIyZ0F3SUJBZ0lCQURBS0JnZ3Foa2pPUFFRREFqQWpNU0V3SHdZRFZRUUREQmhyTTNNdGMyVnkKZG1WeUxXTmhRREUzTWpNeE1USXdNell3SGhjTk1qUXdPREE0TVRBeE16VTJXaGNOTXpRd09EQTJNVEF4TXpVMgpXakFqTVNFd0h3WURWUVFEREJock0zTXRjMlZ5ZG1WeUxXTmhRREUzTWpNeE1USXdNell3V1RBVEJnY3Foa2pPClBRSUJCZ2dxaGtqT1BRTUJCd05DQUFTVlk3ZHZhNEdYTVdkMy9jMlhLN3JLYjlnWXgyNSthaEE0NmkyNVBkSFAKRktQL2UxSVMyWVF0dzNYZW1TTUQxaStZdzJSaVppNUQrSVZUamNtNHdhcnFvMEl3UURBT0JnTlZIUThCQWY4RQpCQU1DQXFRd0R3WURWUjBUQVFIL0JBVXdBd0VCL3pBZEJnTlZIUTRFRmdRVWtlUVJpNFJiODduME5yRnZaWjZHClc2SU55NnN3Q2dZSUtvWkl6ajBFQXdJRFNBQXdSUUlnRXA5ck04WmdNclRZSHYxZjNzOW5DZXZZeWVVa3lZUk4KWjUzazdoaytJS1FDSVFDbk05TnVGKzlTakIzNDFacGZ5ays2NEpWdkpSM3BhcmVaejdMd2lhNm9kdz09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K"
-KUBE_CERT="LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJrVENDQVRlZ0F3SUJBZ0lJWUxWNkFPQkdrU1F3Q2dZSUtvWkl6ajBFQXdJd0l6RWhNQjhHQTFVRUF3d1kKYXpOekxXTnNhV1Z1ZEMxallVQXhOekl6TVRFeU1ETTJNQjRYRFRJME1EZ3dPREV3TVRNMU5sb1hEVEkxTURndwpPREV3TVRNMU5sb3dNREVYTUJVR0ExVUVDaE1PYzNsemRHVnRPbTFoYzNSbGNuTXhGVEFUQmdOVkJBTVRESE41CmMzUmxiVHBoWkcxcGJqQlpNQk1HQnlxR1NNNDlBZ0VHQ0NxR1NNNDlBd0VIQTBJQUJGQ2Q1MFdPeWdlQ2syQzcKV2FrOWY4MVAvSkJieVRIajRWOXBsTEo0ck5HeHFtSjJOb2xROFYxdUx5RjBtOTQ2Nkc0RmRDQ2dqaXFVSk92Swp3NVRPNnd5alNEQkdNQTRHQTFVZER3RUIvd1FFQXdJRm9EQVRCZ05WSFNVRUREQUtCZ2dyQmdFRkJRY0RBakFmCkJnTlZIU01FR0RBV2dCVFJkOFI5cXVWK2pjeUVmL0ovT1hQSzMyS09XekFLQmdncWhrak9QUVFEQWdOSUFEQkYKQWlFQTArbThqTDBJVldvUTZ0dnB4cFo4NVlMalF1SmpwdXM0aDdnSXRxS3NmUVVDSUI2M2ZNdzFBMm5OVWU1TgpIUGZOcEQwSEtwcVN0Wnk4djIyVzliYlJUNklZCi0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0KLS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJlRENDQVIyZ0F3SUJBZ0lCQURBS0JnZ3Foa2pPUFFRREFqQWpNU0V3SHdZRFZRUUREQmhyTTNNdFkyeHAKWlc1MExXTmhRREUzTWpNeE1USXdNell3SGhjTk1qUXdPREE0TVRBeE16VTJXaGNOTXpRd09EQTJNVEF4TXpVMgpXakFqTVNFd0h3WURWUVFEREJock0zTXRZMnhwWlc1MExXTmhRREUzTWpNeE1USXdNell3V1RBVEJnY3Foa2pPClBRSUJCZ2dxaGtqT1BRTUJCd05DQUFRc3hXWk9pbnIrcVp4TmFEQjVGMGsvTDF5cE01VHAxOFRaeU92ektJazQKRTFsZWVqUm9STW0zNmhPeVljbnN3d3JoNnhSUnBpMW5RdGhyMzg0S0Z6MlBvMEl3UURBT0JnTlZIUThCQWY4RQpCQU1DQXFRd0R3WURWUjBUQVFIL0JBVXdBd0VCL3pBZEJnTlZIUTRFRmdRVTBYZkVmYXJsZm8zTWhIL3lmemx6Cnl0OWlqbHN3Q2dZSUtvWkl6ajBFQXdJRFNRQXdSZ0loQUxJL2dNYnNMT3MvUUpJa3U2WHVpRVMwTEE2cEJHMXgKcnBlTnpGdlZOekZsQWlFQW1wdjBubjZqN3M0MVI0QzFNMEpSL0djNE53MHdldlFmZWdEVGF1R2p3cFk9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K"
-KUBE_DATA="LS0tLS1CRUdJTiBFQyBQUklWQVRFIEtFWS0tLS0tCk1IY0NBUUVFSU5ZS1BFb1dhd1NKUzJlRW5oWmlYMk5VZlY1ZlhKV2krSVNnV09TNFE5VTlvQW9HQ0NxR1NNNDkKQXdFSG9VUURRZ0FFVUozblJZN0tCNEtUWUx0WnFUMS96VS84a0Z2Sk1lUGhYMm1Vc25pczBiR3FZblkyaVZEeApYVzR2SVhTYjNqcm9iZ1YwSUtDT0twUWs2OHJEbE03ckRBPT0KLS0tLS1FTkQgRUMgUFJJVkFURSBLRVktLS0tLQo="

docker/start-demo.sh

@@ -1,12 +1,21 @@
 #!/bin/bash
-KUBERNETES_ENV_FILE=$(realpath ${1:-"./kube.exemple.env"})
+server=$(grep 'server:' ~/.kube/config | awk '{print $2}')
+
+host=$(ip -4 addr show $(ip route | awk '/default/ {print $5}') | awk '/inet / {print $2}' | cut -d/ -f1)
+port=6443
+ca=$(kubectl config view --raw --minify -o jsonpath='{.clusters[0].cluster.certificate-authority-data}')
+cert=$(kubectl config view --raw --minify -o jsonpath='{.users[0].user.client-certificate-data}')
+key=$(kubectl config view --raw --minify -o jsonpath='{.users[0].user.client-key-data}')
+
 HOST=${2:-"http://localhost:8000"}
 docker network create oc | true
 
 docker compose down
+
 cd ./tools && docker compose  -f ./docker-compose.dev.yml up --force-recreate -d
 docker compose  -f ./docker-compose.traefik.yml up --force-recreate -d  && cd ..
 
+
 cd ./db && ./add.sh && cd ..
 
 cd ../..
@@ -30,7 +39,10 @@ do
    docker kill $i | true
    docker rm $i | true
    cd ./$i 
-   cp $KUBERNETES_ENV_FILE ./env.env
-   docker build . -t $i --build-arg=HOST=$HOST && docker compose up -d
+   docker build . -t $i --build-arg=HOST=$HOST --build-arg=KUBERNETES_SERVICE_HOST=$host \
+   --build-arg=KUBERNETES_SERVICE_PORT=$port --build-arg=KUBE_CA=$ca --build-arg=KUBE_CERT=$cert \
+   --build-arg=KUBE_DATA=$key  && docker compose up -d
    cd ..
 done
+
+cd ./oc-deploy/docker/tools && docker compose  -f ./docker-compose.dev.yml up hydra-client --force-recreate -d

docker/start.sh

@@ -1,5 +1,12 @@
 #!/bin/bash
-export KUBERNETES_ENV_FILE=$(realpath ${KUBERNETES_ENV_FILE=:-"./kube.exemple.env"})
+server=$(grep 'server:' ~/.kube/config | awk '{print $2}')
+
+host=$(ip -4 addr show $(ip route | awk '/default/ {print $5}') | awk '/inet / {print $2}' | cut -d/ -f1)
+port=6443
+ca=$(kubectl config view --raw --minify -o jsonpath='{.clusters[0].cluster.certificate-authority-data}')
+cert=$(kubectl config view --raw --minify -o jsonpath='{.users[0].user.client-certificate-data}')
+key=$(kubectl config view --raw --minify -o jsonpath='{.users[0].user.client-key-data}')
+
 export HOST=${HOST:-"http://localhost:8000"}
 docker network create oc | true
 
@@ -7,6 +14,7 @@ docker compose down
 cd ./tools && docker compose  -f ./docker-compose.dev.yml up --force-recreate -d
 docker compose  -f ./docker-compose.traefik.yml up --force-recreate -d  && cd ..
 
+
 cd ../..
 
 REPOS=(
@@ -28,7 +36,15 @@ do
    docker kill $i | true
    docker rm $i | true
    cd ./$i 
-   cp $KUBERNETES_ENV_FILE ./env.env
+   cat > ./env.env <<EOF
+KUBERNETES_SERVICE_HOST=$hostdocker 
+KUBERNETES_SERVICE_PORT=$port
+KUBE_CA="$ca"
+KUBE_CERT="$cert"
+KUBE_DATA="$key"
+EOF
    make run-docker
    cd ..
 done
+
+cd ./oc-deploy/docker/tools && docker compose  -f ./docker-compose.dev.yml up hydra-client --force-recreate -d

docker/tools/docker-compose.dev.yml

@@ -90,6 +90,33 @@ services:
       deploy:
         restart_policy:
           condition: on-failure
+  ldap:
+    image: pgarrett/ldap-alpine
+    container_name: ldap
+    volumes:  
+      - "./ldap.ldif:/ldif/ldap.ldif"
+    networks:
+      - oc
+    ports:
+      - "390:389"
+    deploy:
+      restart_policy:
+        condition: on-failure
+  keto:
+    image: oryd/keto:v0.7.0-alpha.1-sqlite
+    ports:
+      - "4466:4466"
+      - "4467:4467"
+    command: serve -c /home/ory/keto.yml
+    restart: on-failure
+    volumes:
+      - type: bind
+        source: .
+        target: /home/ory
+    container_name: keto
+    networks: 
+      - oc
+  
   hydra-client: 
         image: oryd/hydra:v2.2.0
         container_name: hydra-client
@@ -127,32 +154,6 @@ services:
             interval: 10s
             timeout: 10s
             retries: 10
-  ldap:
-    image: pgarrett/ldap-alpine
-    container_name: ldap
-    volumes:  
-      - "./ldap.ldif:/ldif/ldap.ldif"
-    networks:
-      - oc
-    ports:
-      - "390:389"
-    deploy:
-      restart_policy:
-        condition: on-failure
-  keto:
-    image: oryd/keto:v0.7.0-alpha.1-sqlite
-    ports:
-      - "4466:4466"
-      - "4467:4467"
-    command: serve -c /home/ory/keto.yml
-    restart: on-failure
-    volumes:
-      - type: bind
-        source: .
-        target: /home/ory
-    container_name: keto
-    networks: 
-      - oc
 
 volumes:
   oc-data:

env.env

@@ -1,4 +1,5 @@
-KUBERNETES_SERVICE_HOST=192.168.1.169
-KUBE_CA="LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJkekNDQVIyZ0F3SUJBZ0lCQURBS0JnZ3Foa2pPUFFRREFqQWpNU0V3SHdZRFZRUUREQmhyTTNNdGMyVnkKZG1WeUxXTmhRREUzTWpNeE1USXdNell3SGhjTk1qUXdPREE0TVRBeE16VTJXaGNOTXpRd09EQTJNVEF4TXpVMgpXakFqTVNFd0h3WURWUVFEREJock0zTXRjMlZ5ZG1WeUxXTmhRREUzTWpNeE1USXdNell3V1RBVEJnY3Foa2pPClBRSUJCZ2dxaGtqT1BRTUJCd05DQUFTVlk3ZHZhNEdYTVdkMy9jMlhLN3JLYjlnWXgyNSthaEE0NmkyNVBkSFAKRktQL2UxSVMyWVF0dzNYZW1TTUQxaStZdzJSaVppNUQrSVZUamNtNHdhcnFvMEl3UURBT0JnTlZIUThCQWY4RQpCQU1DQXFRd0R3WURWUjBUQVFIL0JBVXdBd0VCL3pBZEJnTlZIUTRFRmdRVWtlUVJpNFJiODduME5yRnZaWjZHClc2SU55NnN3Q2dZSUtvWkl6ajBFQXdJRFNBQXdSUUlnRXA5ck04WmdNclRZSHYxZjNzOW5DZXZZeWVVa3lZUk4KWjUzazdoaytJS1FDSVFDbk05TnVGKzlTakIzNDFacGZ5ays2NEpWdkpSM3BhcmVaejdMd2lhNm9kdz09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K"
-KUBE_CERT="LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJrVENDQVRlZ0F3SUJBZ0lJWUxWNkFPQkdrU1F3Q2dZSUtvWkl6ajBFQXdJd0l6RWhNQjhHQTFVRUF3d1kKYXpOekxXTnNhV1Z1ZEMxallVQXhOekl6TVRFeU1ETTJNQjRYRFRJME1EZ3dPREV3TVRNMU5sb1hEVEkxTURndwpPREV3TVRNMU5sb3dNREVYTUJVR0ExVUVDaE1PYzNsemRHVnRPbTFoYzNSbGNuTXhGVEFUQmdOVkJBTVRESE41CmMzUmxiVHBoWkcxcGJqQlpNQk1HQnlxR1NNNDlBZ0VHQ0NxR1NNNDlBd0VIQTBJQUJGQ2Q1MFdPeWdlQ2syQzcKV2FrOWY4MVAvSkJieVRIajRWOXBsTEo0ck5HeHFtSjJOb2xROFYxdUx5RjBtOTQ2Nkc0RmRDQ2dqaXFVSk92Swp3NVRPNnd5alNEQkdNQTRHQTFVZER3RUIvd1FFQXdJRm9EQVRCZ05WSFNVRUREQUtCZ2dyQmdFRkJRY0RBakFmCkJnTlZIU01FR0RBV2dCVFJkOFI5cXVWK2pjeUVmL0ovT1hQSzMyS09XekFLQmdncWhrak9QUVFEQWdOSUFEQkYKQWlFQTArbThqTDBJVldvUTZ0dnB4cFo4NVlMalF1SmpwdXM0aDdnSXRxS3NmUVVDSUI2M2ZNdzFBMm5OVWU1TgpIUGZOcEQwSEtwcVN0Wnk4djIyVzliYlJUNklZCi0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0KLS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJlRENDQVIyZ0F3SUJBZ0lCQURBS0JnZ3Foa2pPUFFRREFqQWpNU0V3SHdZRFZRUUREQmhyTTNNdFkyeHAKWlc1MExXTmhRREUzTWpNeE1USXdNell3SGhjTk1qUXdPREE0TVRBeE16VTJXaGNOTXpRd09EQTJNVEF4TXpVMgpXakFqTVNFd0h3WURWUVFEREJock0zTXRZMnhwWlc1MExXTmhRREUzTWpNeE1USXdNell3V1RBVEJnY3Foa2pPClBRSUJCZ2dxaGtqT1BRTUJCd05DQUFRc3hXWk9pbnIrcVp4TmFEQjVGMGsvTDF5cE01VHAxOFRaeU92ektJazQKRTFsZWVqUm9STW0zNmhPeVljbnN3d3JoNnhSUnBpMW5RdGhyMzg0S0Z6MlBvMEl3UURBT0JnTlZIUThCQWY4RQpCQU1DQXFRd0R3WURWUjBUQVFIL0JBVXdBd0VCL3pBZEJnTlZIUTRFRmdRVTBYZkVmYXJsZm8zTWhIL3lmemx6Cnl0OWlqbHN3Q2dZSUtvWkl6ajBFQXdJRFNRQXdSZ0loQUxJL2dNYnNMT3MvUUpJa3U2WHVpRVMwTEE2cEJHMXgKcnBlTnpGdlZOekZsQWlFQW1wdjBubjZqN3M0MVI0QzFNMEpSL0djNE53MHdldlFmZWdEVGF1R2p3cFk9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K"
-KUBE_DATA="LS0tLS1CRUdJTiBFQyBQUklWQVRFIEtFWS0tLS0tCk1IY0NBUUVFSU5ZS1BFb1dhd1NKUzJlRW5oWmlYMk5VZlY1ZlhKV2krSVNnV09TNFE5VTlvQW9HQ0NxR1NNNDkKQXdFSG9VUURRZ0FFVUozblJZN0tCNEtUWUx0WnFUMS96VS84a0Z2Sk1lUGhYMm1Vc25pczBiR3FZblkyaVZEeApYVzR2SVhTYjNqcm9iZ1YwSUtDT0twUWs2OHJEbE03ckRBPT0KLS0tLS1FTkQgRUMgUFJJVkFURSBLRVktLS0tLQo="
+KUBERNETES_SERVICE_HOST=127.0.0.1
+KUBERNETES_SERVICE_PORT=6443
+KUBE_CA=""
+KUBE_CERT=""
+KUBE_DATA=""

run_argo.sh

@@ -0,0 +1,19 @@
+#!/bin/bash
+set -e
+
+kubectl get pods -n kube-system -o name | xargs -n1 kubectl delete --force --grace-period=0 -n kube-system
+
+NAMESPACE="argo"
+ARGO_MANIFEST="https://raw.githubusercontent.com/argoproj/argo-workflows/stable/manifests/install.yaml"
+
+echo "=== Create namespace if missing ==="
+kubectl get ns $NAMESPACE >/dev/null 2>&1 || kubectl create ns $NAMESPACE
+
+echo "=== Delete all dangling pods in $NAMESPACE ==="
+kubectl delete pod --all -n $NAMESPACE --ignore-not-found
+
+echo "=== Apply Argo manifests ==="
+kubectl apply -n $NAMESPACE -f $ARGO_MANIFEST
+
+echo "=== All done! ==="
+kubectl get pods -n $NAMESPACE