feat: add a config when deploy sealos cloud in sealos-system

deploy/admin/Kubefile

@@ -0,0 +1,8 @@
+FROM scratch
+
+USER 65532:65532
+
+COPY tars tars
+COPY scripts scripts
+
+CMD ["bash scripts/init.sh"]

deploy/admin/init.sh

@@ -0,0 +1,29 @@
+#!/bin/bash
+set -e
+export readonly ARCH=${1:-amd64}
+mkdir -p tars
+
+RetryPullImageInterval=3
+RetrySleepSeconds=3
+
+retryPullImage() {
+    local image=$1
+    local retry=0
+    local retryMax=3
+    set +e
+    while [ $retry -lt $RetryPullImageInterval ]; do
+        sealos pull --policy=always --platform=linux/"${ARCH}" $image >/dev/null && break
+        retry=$(($retry + 1))
+        echo "retry pull image $image, retry times: $retry"
+        sleep $RetrySleepSeconds
+    done
+    set -e
+    if [ $retry -eq $retryMax ]; then
+        echo "pull image $image failed"
+        exit 1
+    fi
+}
+
+retryPullImage ghcr.io/labring/sealos-cloud-admin:latest
+
+sealos save -o tars/frontend-admin.tar ghcr.io/labring/sealos-cloud-admin:latest

deploy/admin/scripts/init.sh

@@ -0,0 +1,34 @@
+# get sealos config
+function get_sealos_config {
+  # get cloudDomain from sealos-config configmap
+  cloudDomain=$(kubectl get configmap sealos-config -o jsonpath='{.data.cloudDomain}')
+  cloudPort=$(kubectl get configmap sealos-config -o jsonpath='{.data.cloudPort}')
+  certSecretName=$(kubectl get configmap sealos-config -o jsonpath='{.data.certSecretName}')
+  regionUID=$(kubectl get configmap sealos-config -o jsonpath='{.data.regionUID}')
+  databaseMongodbURI=$(kubectl get configmap sealos-config -o jsonpath='{.data.databaseMongodbURI}')
+  databaseGlobalCockroachdbURI=$(kubectl get configmap sealos-config -o jsonpath='{.data.databaseGlobalCockroachdbURI}')
+  databaseRegionalCockroachdbURI=$(kubectl get configmap sealos-config -o jsonpath='{.data.databaseRegionalCockroachdbURI}')
+  passwordEnabled=$(kubectl get configmap sealos-config -o jsonpath='{.data.passwordEnabled}')
+  passwordSalt=$(kubectl get configmap sealos-config -o jsonpath='{.data.passwordSalt}')
+  jwtInternal=$(kubectl get configmap sealos-config -o jsonpath='{.data.jwtInternal}')
+  jwtGlobal=$(kubectl get configmap sealos-config -o jsonpath='{.data.jwtGlobal}')
+  jwtRegional=$(kubectl get configmap sealos-config -o jsonpath='{.data.jwtRegional}')
+}
+
+function install_admin {
+  # get sealos config
+  get_sealos_config
+
+  # install admin
+  echo "run sealos admin frontend"
+  sealos run tars/frontend-admin.tar \
+  --env cloudDomain=$cloudDomain \
+  --env cloudPort=$cloudPort \
+  --env certSecretName=$certSecretName \
+  --env regionUid=$regionUID \
+  --env databaseMongodbURI="${databaseMongodbURI}/sealos-auth?authSource=admin" \
+  --env databaseGlobalCockroachdbURI=$databaseGlobalCockroachdbURI \
+  --env databaseRegionalCockroachdbURI=$databaseRegionalCockroachdbURI \
+  --env jwtInternal=$jwtInternal \
+  --env jwtGlobal=$jwtGlobal
+}

deploy/cloud/manifests/sealos-config.yaml

@@ -0,0 +1,18 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: sealos-config
+  namespace: sealos-system
+data:
+  cloudDomain: "<cloud-domain-placeholder>"
+  cloudPort: "<cloud-port-placeholder>"
+  certSecretName: "<cert-secret-placeholder>"
+  regionUID: "<region-uid-placeholder>"
+  databaseMongodbURI: "<mongodb-uri-placeholder>"
+  databaseLocalCockroachdbURI: "<local-cockroachdb-uri-placeholder>"
+  databaseGlobalCockroachdbURI: "<global-cockroachdb-uri-placeholder>"
+  passwordEnabled: "<password-enabled-placeholder>"
+  passwordSalt: "<password-salt-placeholder>"
+  jwtInternal: "<jwt-internal-placeholder>"
+  jwtRegional: "<jwt-regional-placeholder>"
+  jwtGlobal: "<jwt-global-placeholder>"

deploy/cloud/scripts/init.sh

@@ -11,6 +11,19 @@ localRegionUID=""
 
 tlsCrtPlaceholder="<tls-crt-placeholder>"
 acmednsSecretPlaceholder="<acmedns-secret-placeholder>"
+cloudDomainPlaceholder="<cloud-domain-placeholder>"
+cloudPortPlaceholder="<cloud-port-placeholder>"
+certSecretNamePlaceholder="<cert-secret-placeholder>"
+regionUIDPlaceholder="<region-uid-placeholder>"
+databaseMongodbURIPlaceholder="<mongodb-uri-placeholder>"
+databaseLocalCockroachdbURIPlaceholder="<local-cockroachdb-uri-placeholder>"
+databaseGlobalCockroachdbURIPlaceholder="<global-cockroachdb-uri-placeholder>"
+passwordEnabledPlaceholder="<password-enabled-placeholder>"
+passwordSaltPlaceholder="<password-salt-placeholder>"
+jwtInternalPlaceholder="<jwt-internal-placeholder>"
+jwtRegionalPlaceholder="<jwt-regional-placeholder>"
+jwtGlobalPlaceholder="<jwt-global-placeholder>"
+
 
 saltKey=""
 jwtInternal=""
@@ -43,6 +56,9 @@ function prepare {
 
   # create tls secret
   create_tls_secret
+
+  # update sealos-config configmap
+  update_sealos_config
 }
 
 # Function to retry `kubectl apply -f` command until it succeeds or reaches a maximum number of attempts
@@ -193,6 +209,24 @@ function create_tls_secret {
   fi
 }
 
+function update_sealos_config {
+  # use generated values to update sealos-config configmap
+  sed -i "s/$cloudDomainPlaceholder/$cloudDomain/g" manifests/sealos-config.yaml
+  sed -i "s/$cloudPortPlaceholder/$cloudPort/g" manifests/sealos-config.yaml
+  sed -i "s/$certSecretNamePlaceholder/$certSecretName/g" manifests/sealos-config.yaml
+  sed -i "s/$regionUIDPlaceholder/$localRegionUID/g" manifests/sealos-config.yaml
+  sed -i "s/$databaseMongodbURIPlaceholder/$mongodbUri/g" manifests/sealos-config.yaml
+  sed -i "s/$databaseLocalCockroachdbURIPlaceholder/$cockroachdbLocalUri/g" manifests/sealos-config.yaml
+  sed -i "s/$databaseGlobalCockroachdbURIPlaceholder/$cockroachdbGlobalUri/g" manifests/sealos-config.yaml
+  sed -i "s/$passwordEnabledPlaceholder/$passwordEnabled/g" manifests/sealos-config.yaml
+  sed -i "s/$passwordSaltPlaceholder/$saltKey/g" manifests/sealos-config.yaml
+  sed -i "s/$jwtInternalPlaceholder/$jwtInternal/g" manifests/sealos-config.yaml
+  sed -i "s/$jwtRegionalPlaceholder/$jwtRegional/g" manifests/sealos-config.yaml
+  sed -i "s/$jwtGlobalPlaceholder/$jwtGlobal/g" manifests/sealos-config.yaml
+  kubectl apply -f manifests/sealos-config.yaml
+}
+
+
 function sealos_run_desktop {
     echo "run desktop frontend"
     sealos run tars/frontend-desktop.tar \