3f575d2bd77c44e7c2a50e0a89889922f1f378a5
[iec.git] / scripts / helm.sh
1 #!/bin/bash -ex
2
3 VERSION='v2.12.3'
4 TILLER_SA_RBAC=~/tiller-rbac.yaml
5 if [ "$(uname -m)" == 'aarch64' ]; then
6   FLAVOR='linux-arm64'
7 else
8   FLAVOR='linux-amd64'
9 fi
10
11 URI_ROOT='https://storage.googleapis.com/kubernetes-helm'
12 TGZ_NAME="helm-${VERSION}-${FLAVOR}.tar.gz"
13
14 if [ ! -e /usr/bin/helm ] || [ ! -e /usr/bin/tiller ]; then
15   wget -O "/tmp/${TGZ_NAME}" "${URI_ROOT}/${TGZ_NAME}"
16   sudo tar xpPf "/tmp/${TGZ_NAME}" --overwrite \
17     --transform "s|${FLAVOR}|/usr/bin|" "${FLAVOR}/"{helm,tiller}
18   rm -f "/tmp/${TGZ_NAME}"
19 fi
20
21 if ! kubectl get serviceaccounts --namespace=kube-system | grep -q tiller; then
22   cat <<EOF > "${TILLER_SA_RBAC}"
23 apiVersion: v1
24 kind: ServiceAccount
25 metadata:
26   name: tiller
27   namespace: kube-system
28 ---
29 apiVersion: rbac.authorization.k8s.io/v1
30 kind: ClusterRoleBinding
31 metadata:
32   name: tiller
33 roleRef:
34   apiGroup: rbac.authorization.k8s.io
35   kind: ClusterRole
36   name: cluster-admin
37 subjects:
38   - kind: ServiceAccount
39     name: tiller
40     namespace: kube-system
41 EOF
42   kubectl create -f "${TILLER_SA_RBAC}"
43   helm init --service-account tiller --tiller-image="jessestuart/tiller:${VERSION}"
44 fi