110 lines
		
	
	
		
			2.4 KiB
		
	
	
	
		
			Bash
		
	
	
	
	
	
			
		
		
	
	
			110 lines
		
	
	
		
			2.4 KiB
		
	
	
	
		
			Bash
		
	
	
	
	
	
| #!/usr/bin/env bash
 | |
| #
 | |
| set -euo pipefail
 | |
| IFS=$'\n\t'
 | |
| DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
 | |
| 
 | |
| ############## Setup #########################
 | |
| 
 | |
| function cleanup {
 | |
|     for f in "${pods[@]}"; do
 | |
|         log "Deleting $f"
 | |
|         kubectl delete pod --force=true --grace-period=0 --namespace homepage "$f"
 | |
|     done
 | |
| }
 | |
| pods=()
 | |
| for sig in EXIT; do
 | |
|   trap "set +e; cleanup" "$sig"
 | |
| done
 | |
| 
 | |
| function die {
 | |
|     local status_code="$1"
 | |
|     shift
 | |
|     (>&2 echo "${@}")
 | |
|     exit "$status_code"
 | |
| }
 | |
| 
 | |
| function log {
 | |
|     (>&2 echo "${@}")
 | |
| }
 | |
| 
 | |
| ############## Program #########################
 | |
| 
 | |
| function main {
 | |
|     local pod_name="tom-$(uuidgen | cut -d '-' -f 1)"
 | |
|     pods+=("$pod_name")
 | |
|     create_pod "$pod_name"
 | |
|     kubectl wait pods -n homepage "$pod_name" --for condition=Ready --timeout=90s
 | |
|     kubectl exec -i -t --namespace homepage "$pod_name" -- "${@}"
 | |
| }
 | |
| 
 | |
| function create_pod {
 | |
|     local pod_name="$1"
 | |
|     kubectl apply -f - <<EOF
 | |
| apiVersion: v1
 | |
| kind: Pod
 | |
| metadata:
 | |
|   labels:
 | |
|     run: $pod_name
 | |
|   name: $pod_name
 | |
|   namespace: homepage
 | |
| spec:
 | |
|   imagePullSecrets:
 | |
|     - name: registry-credentials
 | |
|   containers:
 | |
|   - args:
 | |
|     - /bin/sleep
 | |
|     - infinity
 | |
|     image: harbor.fizz.buzz/dockerhub/library/alpine:3.18
 | |
|     imagePullPolicy: IfNotPresent
 | |
|     name: $pod_name
 | |
|     stdin: true
 | |
|     stdinOnce: true
 | |
|     terminationMessagePath: /dev/termination-log
 | |
|     terminationMessagePolicy: File
 | |
|     tty: true
 | |
|     volumeMounts:
 | |
|     - mountPath: /var/run/secrets/kubernetes.io/serviceaccount
 | |
|       name: kube-api-access-hskj7
 | |
|       readOnly: true
 | |
|   # serviceAccount: default
 | |
|   # serviceAccountName: default
 | |
|   terminationGracePeriodSeconds: 30
 | |
|   tolerations:
 | |
|   - effect: NoExecute
 | |
|     key: node.kubernetes.io/not-ready
 | |
|     operator: Exists
 | |
|     tolerationSeconds: 300
 | |
|   - effect: NoExecute
 | |
|     key: node.kubernetes.io/unreachable
 | |
|     operator: Exists
 | |
|     tolerationSeconds: 300
 | |
|   volumes:
 | |
|   - name: kube-api-access-hskj7
 | |
|     projected:
 | |
|       defaultMode: 420
 | |
|       sources:
 | |
|       - serviceAccountToken:
 | |
|           expirationSeconds: 3607
 | |
|           path: token
 | |
|       - configMap:
 | |
|           items:
 | |
|           - key: ca.crt
 | |
|             path: ca.crt
 | |
|           name: kube-root-ca.crt
 | |
|       - downwardAPI:
 | |
|           items:
 | |
|           - fieldRef:
 | |
|               apiVersion: v1
 | |
|               fieldPath: metadata.namespace
 | |
|             path: namespace
 | |
| EOF
 | |
| }
 | |
| 
 | |
| function delete_pod {
 | |
|     local pod_name="$1"
 | |
|     kubectl delete pod --force=true --grace-period=0 --namespace homepage "$pod_name"
 | |
| }
 | |
| 
 | |
| main "$@"
 | 
