139 lines
5.0 KiB
Makefile
139 lines
5.0 KiB
Makefile
set fallback := true
|
|
|
|
export METABASE_NAMESPACE := env("METABASE_NAMESPACE", "metabase")
|
|
export METABASE_CHART_VERSION := env("METABASE_CHART_VERSION", "2.22.2")
|
|
export METABASE_HOST := env("METABASE_HOST", "")
|
|
export EXTERNAL_SECRETS_NAMESPACE := env("EXTERNAL_SECRETS_NAMESPACE", "external-secrets")
|
|
export K8S_VAULT_NAMESPACE := env("K8S_VAULT_NAMESPACE", "vault")
|
|
|
|
[private]
|
|
default:
|
|
@just --list --unsorted --list-submodules
|
|
|
|
# Add Helm repository
|
|
add-helm-repo:
|
|
helm repo add pmint93 https://pmint93.github.io/helm-charts
|
|
helm repo update
|
|
|
|
# Remove Helm repository
|
|
remove-helm-repo:
|
|
helm repo remove pmint93
|
|
|
|
# Create Metabase namespace
|
|
create-namespace:
|
|
@kubectl get namespace ${METABASE_NAMESPACE} &>/dev/null || \
|
|
kubectl create namespace ${METABASE_NAMESPACE}
|
|
|
|
# Delete Metabase namespace
|
|
delete-namespace:
|
|
@kubectl delete namespace ${METABASE_NAMESPACE} --ignore-not-found
|
|
|
|
# Create Metabase session secret
|
|
create-session-secret:
|
|
#!/bin/bash
|
|
set -euo pipefail
|
|
session_secret=$(just utils::random-password)
|
|
|
|
if helm status external-secrets -n ${EXTERNAL_SECRETS_NAMESPACE} &>/dev/null; then
|
|
echo "External Secrets Operator detected. Storing session secret in Vault..."
|
|
just vault::put metabase/config session="${session_secret}"
|
|
|
|
kubectl delete secret metabase-config -n ${METABASE_NAMESPACE} --ignore-not-found
|
|
kubectl delete externalsecret metabase-config -n ${METABASE_NAMESPACE} --ignore-not-found
|
|
|
|
# gomplate -f metabase-config-external-secret.gomplate.yaml | kubectl apply -f -
|
|
gomplate -f metabase-config-external-secret.gomplate.yaml \
|
|
-o metabase-config-external-secret.yaml
|
|
kubectl apply -f metabase-config-external-secret.yaml
|
|
|
|
echo "Waiting for ExternalSecret to sync..."
|
|
kubectl wait --for=condition=Ready externalsecret/metabase-config \
|
|
-n ${METABASE_NAMESPACE} --timeout=60s
|
|
else
|
|
echo "External Secrets Operator not found. Creating secret directly..."
|
|
kubectl delete secret metabase-config -n ${METABASE_NAMESPACE} --ignore-not-found
|
|
kubectl create secret generic metabase-config -n ${METABASE_NAMESPACE} \
|
|
--from-literal=session="${session_secret}"
|
|
|
|
if helm status vault -n ${K8S_VAULT_NAMESPACE} &>/dev/null; then
|
|
just vault::put metabase/config session="${session_secret}"
|
|
fi
|
|
fi
|
|
|
|
# Create Metabase database secret
|
|
create-database-secret:
|
|
#!/bin/bash
|
|
set -euo pipefail
|
|
if kubectl get secret database-config -n ${METABASE_NAMESPACE} &>/dev/null; then
|
|
kubectl delete secret database-config -n ${METABASE_NAMESPACE}
|
|
fi
|
|
kubectl create secret generic database-config -n ${METABASE_NAMESPACE} \
|
|
--from-literal=host=postgres-cluster-rw.postgres \
|
|
--from-literal=port=5432 \
|
|
--from-literal=user=$(just postgres::admin-username) \
|
|
--from-literal=password=$(just postgres::admin-password) \
|
|
--from-literal=database=metabase
|
|
|
|
# Delete Metabase database secret
|
|
delete-database-secret:
|
|
@kubectl delete secret database-config -n ${METABASE_NAMESPACE} --ignore-not-found
|
|
|
|
|
|
# Install Metabase
|
|
install:
|
|
#!/bin/bash
|
|
set -euo pipefail
|
|
while [ -z "${METABASE_HOST}" ]; do
|
|
METABASE_HOST=$(
|
|
gum input --prompt="Metabase host (FQDN): " --width=100 \
|
|
--placeholder="e.g., metabase.example.com"
|
|
)
|
|
done
|
|
|
|
just create-namespace
|
|
just postgres::create-db metabase
|
|
just create-database-secret
|
|
just create-session-secret
|
|
|
|
just add-helm-repo
|
|
gomplate -f metabase-values.gomplate.yaml -o metabase-values.yaml
|
|
|
|
helm upgrade --cleanup-on-fail --install metabase pmint93/metabase \
|
|
--version ${METABASE_CHART_VERSION} -n ${METABASE_NAMESPACE} --wait \
|
|
-f metabase-values.yaml
|
|
|
|
# Upgrade Metabase
|
|
upgrade:
|
|
#!/bin/bash
|
|
set -euo pipefail
|
|
while [ -z "${METABASE_HOST}" ]; do
|
|
METABASE_HOST=$(
|
|
gum input --prompt="Metabase host (FQDN): " --width=100 \
|
|
--placeholder="e.g., metabase.example.com"
|
|
)
|
|
done
|
|
echo "Upgrading Metabase..."
|
|
gomplate -f metabase-values.gomplate.yaml -o metabase-values.yaml
|
|
helm upgrade metabase pmint93/metabase \
|
|
--version ${METABASE_CHART_VERSION} -n ${METABASE_NAMESPACE} --wait \
|
|
-f metabase-values.yaml
|
|
echo "Metabase upgraded successfully"
|
|
|
|
# Uninstall Metabase
|
|
uninstall delete-db='true':
|
|
#!/bin/bash
|
|
set -euo pipefail
|
|
helm uninstall metabase -n ${METABASE_NAMESPACE} --ignore-not-found --wait
|
|
kubectl delete secret metabase-config -n ${METABASE_NAMESPACE} --ignore-not-found
|
|
kubectl delete externalsecret metabase-config -n ${METABASE_NAMESPACE} --ignore-not-found
|
|
just delete-database-secret
|
|
just delete-namespace
|
|
if [ "{{ delete-db }}" = "true" ]; then
|
|
just postgres::delete-db metabase
|
|
fi
|
|
|
|
# Clean up Vault entries if present
|
|
if helm status vault -n ${K8S_VAULT_NAMESPACE} &>/dev/null; then
|
|
just vault::delete metabase/config || true
|
|
fi
|