138-crossplane-chicken-egg.sh

# Source: https://gist.github.com/2e67c67a36a2e782422ebefb4a0a2612

git clone https://github.com/vfarcic/devops-toolkit-crossplane

cd devops-toolkit-crossplane

# Create a local Kubernetes cluster.

kubectl create namespace crossplane-system

kubectl create namespace a-team

#########
# Azure #
#########

az ad sp create-for-rbac \
    --sdk-auth \
    --role Owner \
    | tee azure-creds.json

export AZURE_CLIENT_ID=$(\
    cat azure-creds.json \
    | grep clientId \
    | cut -c 16-51)

export AAD_GRAPH_API=00000003-0000-0000-c000-000000000000

az ad app permission add \
    --id "${AZURE_CLIENT_ID}" \
    --api ${AAD_GRAPH_API} \
    --api-permissions \
    e1fe6dd8-ba31-4d61-89e7-88639da4683d=Scope \
    06da0dbc-49e2-44d2-8312-53f166ab848a=Scope \
    7ab1d382-f21e-4acd-a863-ba3e13f7da61=Role

az ad app permission grant \
    --id $AZURE_CLIENT_ID \
    --api $AAD_GRAPH_API \
    --expires never

az ad app permission admin-consent \
    --id "${AZURE_CLIENT_ID}"

kubectl --namespace crossplane-system \
    create secret generic azure-creds \
    --from-file creds=./azure-creds.json

####################
# Setup Crossplane #
####################

helm repo add crossplane-stable \
    https://charts.crossplane.io/stable

helm repo update

helm upgrade --install \
    crossplane crossplane-stable/crossplane \
    --namespace crossplane-system \
    --create-namespace \
    --wait

kubectl apply \
    --filename crossplane-config/provider-azure.yaml

kubectl apply \
    --filename crossplane-config/provider-config-azure.yaml

# Please re-run the previous command if the output is `unable to recognize ...`

########
# Demo #
########

# Already running Crossplane in a temp cluster

cat crossplane-config/config-k8s.yaml

kubectl apply \
    --filename crossplane-config/config-k8s.yaml

cat examples/azure-aks.yaml

kubectl --namespace a-team apply \
    --filename examples/azure-aks.yaml

kubectl get managed

# Shut down the temporary cluster

export KUBECONFIG=$PWD/kubeconfig.yaml

# Get KubeConfig of the newly created cluster

kubectl create namespace crossplane-system

kubectl create namespace a-team

kubectl --namespace crossplane-system \
    create secret generic azure-creds \
    --from-file creds=./azure-creds.json

helm upgrade --install \
    crossplane crossplane-stable/crossplane \
    --namespace crossplane-system \
    --create-namespace \
    --wait

kubectl apply \
    --filename crossplane-config/provider-azure.yaml

kubectl apply \
    --filename crossplane-config/provider-config-azure.yaml

kubectl apply \
    --filename crossplane-config/config-k8s.yaml

cat examples/azure-aks.yaml

kubectl --namespace a-team apply \
    --filename examples/azure-aks.yaml

kubectl get managed

# Set `spec.parameters.nodeSize` to `5` in `examples/azure-aks.yaml`

kubectl --namespace a-team apply \
    --filename examples/azure-aks.yaml

kubectl get managed

kubectl get nodes

kubectl describe kubernetescluster ateamaks

# This works only with resources that can be named explicitly. Otherwise, we'd need to use the `external-name` label.
# Open https://github.com/crossplane/crossplane/blob/master/design/one-pager-managed-resource-api-design.md#external-resource-name

###########
# Destroy #
###########

unset KUBECONFIG

az group delete --name ateamaks

cat examples/azure-aks.yaml \
    | sed -e "s@minNodeCount: .*@minNodeCount: 3@g" \
    | tee examples/azure-aks.yaml