scripts/setup.sh

#!/usr/bin/env bash

set -euo pipefail;

# cluster + ingress addons (nginx + ingress-dns)
# https://kubernetes.io/docs/tasks/access-application-cluster/ingress-minikube/
# https://minikube.sigs.k8s.io/docs/handbook/addons/ingress-dns/
minikube start --driver=docker || true;
minikube addons enable ingress;
minikube addons enable ingress-dns;

# namespaces
kubectl create namespace argocd --dry-run=client -o yaml | kubectl apply -f -;
kubectl create namespace ai --dry-run=client -o yaml | kubectl apply -f -;

# install argo cd (stable manifest)
# https://argo-cd.readthedocs.io/en/stable/operator-manual/installation/
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml;

# WAIT for argocd core components to be ready enough to accept apps (slow piece of-)
kubectl rollout status deploy/argocd-server -n argocd --timeout=180s || true;
kubectl rollout status deploy/argocd-repo-server -n argocd --timeout=180s || true;
kubectl rollout status deploy/argocd-application-controller -n argocd --timeout=180s || true;

# bootstrap this repo
# NOTE: creates the child Applications in apps/children/*
kubectl apply -n argocd -f apps/0-project-and-root.yaml;

# service!
# SEE???? I CAN USE DASHES AND NOT JUST CAMELCASE!!!
kubectl -n ai create secret generic airflow-fernet-key-secret --from-literal=fernet-key=$(python3 -c 'import secrets;print(secrets.token_urlsafe(32))')
kubectl -n ai create secret generic airflow-webserver-secret --from-literal="webserver-secret-key=$(python3 -c 'import secrets;print(secrets.token_hex(16))')";

# airflow stuffs
kubectl -n ai exec -it svc/postgresql-primary -- bash -lc "psql -U postgres -c 'CREATE DATABASE airflow;'";
set -l PGBOUNCER_SVC (kubectl -n ai get svc -l tier=airflow,component=pgbouncer -o jsonpath='{.items[0].metadata.name}');
echo $PGBOUNCER_SVC;

# stats (used by the metrics sidecar and also points to pgbouncer itself on 127.0.0.1:6543)
kubectl -n ai create secret generic airflow-pgbouncer-stats \
  --from-literal=connection="postgresql://postgres:mypassword@127.0.0.1:6543/pgbouncer?sslmode=disable";

kubectl -n ai create secret generic airflow-metadata \
  --from-literal=connection="postgresql+psycopg2://postgres:mypassword@$PGBOUNCER_SVC:6543/airflow";

minikube service -n ai airflow-webserver --url || echo "FAILED TO FIND SERVICE"

# port-forward argocd ui
echo "";
echo "argocd initial admin password (username 'admin'):";
kubectl -n argocd get secret argocd-initial-admin-secret \
-o jsonpath='{.data.password}' | base64 -d; echo "";
echo "";
echo "port-forwarding argocd ui to https://localhost:8443 (ctrl+c to stop) ...";
kubectl -n argocd port-forward svc/argocd-server 8443:443;
initial argo commit 2025-09-12 11:20:18 -04:00			`#!/usr/bin/env bash`

			`set -euo pipefail;`

			`# cluster + ingress addons (nginx + ingress-dns)`
			`# https://kubernetes.io/docs/tasks/access-application-cluster/ingress-minikube/`
			`# https://minikube.sigs.k8s.io/docs/handbook/addons/ingress-dns/`
			`minikube start --driver=docker \|\| true;`
			`minikube addons enable ingress;`
			`minikube addons enable ingress-dns;`

			`# namespaces`
			`kubectl create namespace argocd --dry-run=client -o yaml \| kubectl apply -f -;`
			`kubectl create namespace ai --dry-run=client -o yaml \| kubectl apply -f -;`

			`# install argo cd (stable manifest)`
			`# https://argo-cd.readthedocs.io/en/stable/operator-manual/installation/`
			`kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml;`

			`# WAIT for argocd core components to be ready enough to accept apps (slow piece of-)`
			`kubectl rollout status deploy/argocd-server -n argocd --timeout=180s \|\| true;`
			`kubectl rollout status deploy/argocd-repo-server -n argocd --timeout=180s \|\| true;`
			`kubectl rollout status deploy/argocd-application-controller -n argocd --timeout=180s \|\| true;`

			`# bootstrap this repo`
			`# NOTE: creates the child Applications in apps/children/*`
			`kubectl apply -n argocd -f apps/0-project-and-root.yaml;`

added airflow pipe 2025-09-12 21:52:11 -04:00			`# service!`
			`# SEE???? I CAN USE DASHES AND NOT JUST CAMELCASE!!!`
			`kubectl -n ai create secret generic airflow-fernet-key-secret --from-literal=fernet-key=$(python3 -c 'import secrets;print(secrets.token_urlsafe(32))')`
attempt to add airflow ini 2025-09-13 09:30:30 -04:00			`kubectl -n ai create secret generic airflow-webserver-secret --from-literal="webserver-secret-key=$(python3 -c 'import secrets;print(secrets.token_hex(16))')";`

			`# airflow stuffs`
			`kubectl -n ai exec -it svc/postgresql-primary -- bash -lc "psql -U postgres -c 'CREATE DATABASE airflow;'";`
			`set -l PGBOUNCER_SVC (kubectl -n ai get svc -l tier=airflow,component=pgbouncer -o jsonpath='{.items[0].metadata.name}');`
			`echo $PGBOUNCER_SVC;`

			`# stats (used by the metrics sidecar and also points to pgbouncer itself on 127.0.0.1:6543)`
			`kubectl -n ai create secret generic airflow-pgbouncer-stats \`
			`--from-literal=connection="postgresql://postgres:mypassword@127.0.0.1:6543/pgbouncer?sslmode=disable";`

			`kubectl -n ai create secret generic airflow-metadata \`
			`--from-literal=connection="postgresql+psycopg2://postgres:mypassword@$PGBOUNCER_SVC:6543/airflow";`
added airflow pipe 2025-09-12 21:52:11 -04:00
debugging 2025-09-12 22:33:26 -04:00			`minikube service -n ai airflow-webserver --url \|\| echo "FAILED TO FIND SERVICE"`
added airflow pipe 2025-09-12 21:52:11 -04:00
initial argo commit 2025-09-12 11:20:18 -04:00			`# port-forward argocd ui`
			`echo "";`
			`echo "argocd initial admin password (username 'admin'):";`
			`kubectl -n argocd get secret argocd-initial-admin-secret \`
			`-o jsonpath='{.data.password}' \| base64 -d; echo "";`
			`echo "";`
			`echo "port-forwarding argocd ui to https://localhost:8443 (ctrl+c to stop) ...";`
			`kubectl -n argocd port-forward svc/argocd-server 8443:443;`