nkreiger · July 8, 2025 21:31 · Jul 8, 2025 · Mar 19, 2025 · Feb 3, 2025
diff --git a/install_dependencies.sh b/install_dependencies.sh
@@ -14,7 +14,8 @@ SCRIPT_FILE="$(basename "$SCRIPT")"
 
 # Default Parameters
 VALUES_FILE_APP=${VALUES_FILE_APP:-"values/fianu/values.yaml"}
-VALUES_FILE_MAIN=${VALUES_FILE_MAIN:-"values/dependencies.yaml"}
+VALUES_FILE_MAIN=${VALUES_FILE_MAIN:-"values/main.yaml"}
+VALUES_FILE_DEP=${VALUES_FILE_DEP:-"values/dependencies.yaml"}
 VALUES_FILE_IMAGES=${VALUES_FILE_IMAGES:-"values/dependencies-images.yaml"}
 
 ##############################################################################
@@ -55,7 +56,7 @@ is_component_enabled() {
   local enabled_value
 
   # Look for lines under "component:" until we find "enabled:"
-  enabled_value=$(grep -A 1 -E "^\s*${component}:\s*$" "$VALUES_FILE_MAIN" \
+  enabled_value=$(grep -A 1 -E "^\s*${component}:\s*$" "$VALUES_FILE_DEP" \
     | grep -E 'enabled:' \
     | awk -F ': ' '{print $2}' \
     | tr -d '[:space:]')
@@ -117,6 +118,7 @@ install_component() {
         # Knative script calls for two extra namespaces: knative-serving, knative-eventing
         create_namespace_helm_managed "$namespace" "$namespace" "knative-serving"
         create_namespace_helm_managed "$namespace" "$namespace" "knative-eventing"
+        create_namespace_helm_managed "$namespace" "$namespace" "kourier-system"
         ;;
     esac
 
@@ -127,6 +129,7 @@ install_component() {
       --create-namespace \
       --values "$VALUES_FILE_APP" \
       --values "$VALUES_FILE_MAIN" \
+      --values "$VALUES_FILE_DEP" \
       --values "$VALUES_FILE_IMAGES" \
       $helm_flags \
       --timeout 5m

diff --git a/install_dependencies.sh b/install_dependencies.sh
@@ -14,7 +14,8 @@ SCRIPT_FILE="$(basename "$SCRIPT")"
 
 # Default Parameters
 VALUES_FILE_APP=${VALUES_FILE_APP:-"values/fianu/values.yaml"}
-VALUES_FILE_MAIN=${VALUES_FILE_MAIN:-"values/master.yaml"}
+VALUES_FILE_MAIN=${VALUES_FILE_MAIN:-"values/dependencies.yaml"}
+VALUES_FILE_IMAGES=${VALUES_FILE_IMAGES:-"values/dependencies-images.yaml"}
 
 ##############################################################################
 # Logging helper for structured logs
@@ -94,9 +95,9 @@ install_component() {
       --set keycloak.enabled=false \
       --set openfga.enabled=false \
       --set sigstore.enabled=false \
-      --set core.enabled=false \
-      --set plugins.enabled=false \
-      --set ingress.enabled=false \
+      --set fianu-core.enabled=false \
+      --set fianu-plugins.enabled=false \
+      --set nginx.enabled=false \
       --set ${component}.enabled=true \
     "
 
@@ -126,6 +127,7 @@ install_component() {
       --create-namespace \
       --values "$VALUES_FILE_APP" \
       --values "$VALUES_FILE_MAIN" \
+      --values "$VALUES_FILE_IMAGES" \
       $helm_flags \
       --timeout 5m
 
@@ -153,6 +155,7 @@ main() {
   install_component "keycloak" "keycloak"
   install_component "openfga" "openfga"
   install_component "sigstore" "sigstore"
+  install_component "nginx" "nginx"
 
   log "SUCCESS" "Script Completion" "Fianu installation script completed successfully."
 }

diff --git a/install_dependencies.sh b/install_dependencies.sh
@@ -0,0 +1,160 @@
+#!/bin/bash
+# bashsupport disable=BP5006
+
+set -euo pipefail
+
+##############################################################################
+# Global Script Variables
+##############################################################################
+SCRIPT="$(command -v "$0")"
+if [[ ! "$SCRIPT" =~ ^/ ]]; then SCRIPT="$PWD/$SCRIPT"; fi
+SCRIPT_DIR="${SCRIPT%/*}"
+SCRIPT_PARENT_DIR="$(dirname "$SCRIPT_DIR")"
+SCRIPT_FILE="$(basename "$SCRIPT")"
+
+# Default Parameters
+VALUES_FILE_APP=${VALUES_FILE_APP:-"values/fianu/values.yaml"}
+VALUES_FILE_MAIN=${VALUES_FILE_MAIN:-"values/master.yaml"}
+
+##############################################################################
+# Logging helper for structured logs
+##############################################################################
+log() {
+  local level="$1"
+  local action="$2"
+  local details="$3"
+  echo "$(date +'%Y-%m-%d %H:%M:%S') | LEVEL=$level | ACTION=$action | DETAILS=$details"
+}
+
+##############################################################################
+# Namespace Utilities
+##############################################################################
+namespace_exists() {
+  local ns="$1"
+  kubectl get namespace "$ns" &>/dev/null
+}
+
+create_namespace_helm_managed() {
+  local ns="$1"
+  local release_ns="$2"
+  local release_name="$3"
+
+  if ! namespace_exists "$ns"; then
+    echo "creating and patching namespace for helm: $ns" >&2
+    kubectl create namespace "$ns"
+    kubectl patch namespace "$ns" -p '{"metadata":{"labels":{"app.kubernetes.io/managed-by":"Helm"},"annotations":{"meta.helm.sh/release-name":"'"$release_name"'","meta.helm.sh/release-namespace":"'"$release_ns"'"}}}'
+  fi
+}
+
+##############################################################################
+# Check if a component is enabled in master.yaml
+##############################################################################
+is_component_enabled() {
+  local component="$1"
+  local enabled_value
+
+  # Look for lines under "component:" until we find "enabled:"
+  enabled_value=$(grep -A 1 -E "^\s*${component}:\s*$" "$VALUES_FILE_MAIN" \
+    | grep -E 'enabled:' \
+    | awk -F ': ' '{print $2}' \
+    | tr -d '[:space:]')
+
+  [[ "$enabled_value" == "true" ]]
+}
+
+##############################################################################
+# Generalized Component Installer
+##############################################################################
+install_component() {
+  local component="$1"
+  local default_ns="$2"
+
+  # Determine final namespace from environment variable override
+  # e.g., EXTERNAL_SECRETS_NAMESPACE, KAFKA_NAMESPACE, etc.
+  local upper_component
+  upper_component=$(echo "$component" | tr '[:lower:]' '[:upper:]')
+  local ns_var="${upper_component}_NAMESPACE"
+  # If $ns_var is set, use it; otherwise, fall back to $default_ns
+  local namespace="${!ns_var:-$default_ns}"
+
+  log "INFO" "$component" "Checking if $component is enabled..."
+
+  if is_component_enabled "$component"; then
+    log "INFO" "$component" "Installing $component into namespace $namespace"
+
+    # Create the namespace if it doesn't exist
+    create_namespace_helm_managed "$namespace" "$namespace" "$component"
+
+    # Base flags: disable everything except the target component
+    # "core" and "plugins" appear in your script, so we disable them too
+    local helm_flags="\
+      --set external-secrets.enabled=false \
+      --set kafka.enabled=false \
+      --set knative.enabled=false \
+      --set keycloak.enabled=false \
+      --set openfga.enabled=false \
+      --set sigstore.enabled=false \
+      --set core.enabled=false \
+      --set plugins.enabled=false \
+      --set ingress.enabled=false \
+      --set ${component}.enabled=true \
+    "
+
+    # Some components require extra flags or multiple namespaces
+    case "$component" in
+      openfga)
+        helm_flags+=" --set openfga.datastore.applyMigrations=true"
+        ;;
+      sigstore)
+        helm_flags+=" --set sigstore.fulcio.createcerts.enabled=true"
+        helm_flags+=" --set sigstore.copySecretJob.enabled=true"
+        ;;
+      keycloak)
+        helm_flags+=" --set keycloak.keycloakConfigCli.enabled=true"
+        ;;
+      knative)
+        # Knative script calls for two extra namespaces: knative-serving, knative-eventing
+        create_namespace_helm_managed "$namespace" "$namespace" "knative-serving"
+        create_namespace_helm_managed "$namespace" "$namespace" "knative-eventing"
+        ;;
+    esac
+
+    # Perform the Helm install/upgrade
+    helm upgrade "$component" . \
+      --install \
+      --namespace "$namespace" \
+      --create-namespace \
+      --values "$VALUES_FILE_APP" \
+      --values "$VALUES_FILE_MAIN" \
+      $helm_flags \
+      --timeout 5m
+
+    if [[ $? -ne 0 ]]; then
+      log "ERROR" "$component" "Failed to install $component. Exiting."
+      exit 1
+    fi
+
+    log "SUCCESS" "$component" "$component installed successfully."
+  else
+    log "INFO" "$component" "Skipping $component as it is disabled in master.yaml"
+  fi
+}
+
+##############################################################################
+# Main Control Flow
+##############################################################################
+main() {
+  log "INFO" "Script Start" "Fianu Core installation script started."
+
+  # Install components in your desired order
+  install_component "external-secrets" "external-secrets"
+  install_component "kafka" "kafka"
+  install_component "knative" "default"  # old script used "default" for Knative
+  install_component "keycloak" "keycloak"
+  install_component "openfga" "openfga"
+  install_component "sigstore" "sigstore"
+
+  log "SUCCESS" "Script Completion" "Fianu installation script completed successfully."
+}
+
+main