From 2cf7ba466afdf15ea5312c40e939a2b0ee1e010b Mon Sep 17 00:00:00 2001
From: greg pereira <grpereir@redhat.com>
Date: Sun, 8 Dec 2024 10:18:13 -0800
Subject: [PATCH] saving full work

Signed-off-by: greg pereira <grpereir@redhat.com>
---
 .devcontainer/Containerfile        | 31 +++++++++++++++++++++++++++++-
 .devcontainer/devcontainer.json    | 12 ++++++++----
 .devcontainer/install-kind.sh      | 10 ++++++++++
 .devcontainer/install-kubectl.sh   | 23 ++++++++++++++++++++++
 .devcontainer/install-kubeseal.sh  | 30 +++++++++++++++++++++++++++++
 Makefile                           | 29 +++++++++++++++++-----------
 deploy/k8s/overlays/kind/kind.yaml |  2 ++
 7 files changed, 121 insertions(+), 16 deletions(-)
 create mode 100755 .devcontainer/install-kind.sh
 create mode 100755 .devcontainer/install-kubectl.sh
 create mode 100755 .devcontainer/install-kubeseal.sh

diff --git a/.devcontainer/Containerfile b/.devcontainer/Containerfile
index b5d208d0..731746b1 100644
--- a/.devcontainer/Containerfile
+++ b/.devcontainer/Containerfile
@@ -1,5 +1,7 @@
 FROM registry.access.redhat.com/ubi9/nodejs-22:9.5-1730543890
 
+WORKDIR /opt/app-root/src
+
 ARG USERNAME=default
 ARG NPM_GLOBAL=/usr/local/share/npm-global
 
@@ -10,13 +12,40 @@ USER root
 
 RUN umask 0002 
 
+# install zsh and oh-my-zsh
+RUN dnf install -y zsh && \
+    bash -c "$(curl -fsSL https://raw.githubusercontent.com/ohmyzsh/ohmyzsh/master/tools/install.sh)"
+
 RUN groupadd npm && \
     usermod -a -G npm ${USERNAME} && \
     bash <(curl https://raw.githubusercontent.com/rhysd/actionlint/main/scripts/download-actionlint.bash) && \
     chown -R ${USERNAME}:npm /usr/local/ && \
     mkdir -p /opt/app-root/src/.npm && chown -R ${USERNAME}:npm /opt/app-root/src/ && \
-    dnf install -y vim
+    dnf install -y vim jq
+
+# install kubectl
+ADD install-kubectl.sh /tmp
+RUN /tmp/install-kubectl.sh; \
+    rm /tmp/install-kubectl.sh
+    
+# install kubseal
+ADD install-kubeseal.sh /tmp
+RUN /tmp/install-kubeseal.sh; \
+    rm /tmp/install-kubeseal.sh
+
+# install docker as a dependency of kind
+# only need the CLI and runtime, binding to host docker socket for access to host docker context
+RUN dnf -y install dnf-plugins-core; \
+    dnf config-manager --add-repo https://download.docker.com/linux/rhel/docker-ce.repo; \
+    dnf install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
+
+# install kind
+ADD install-kind.sh /tmp
+RUN /tmp/install-kind.sh; \
+    rm /tmp/install-kind.sh
 
+# symlink oc because cannot install stable stream without RH auth
+RUN ln -sf /usr/local/bin/kubectl /usr/local/bin/oc 
 
 USER default
 
diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json
index b0d2203e..e8e3463a 100644
--- a/.devcontainer/devcontainer.json
+++ b/.devcontainer/devcontainer.json
@@ -11,16 +11,20 @@
         "dbaeumer.vscode-eslint",
         "esbenp.prettier-vscode",
         "DavidAnson.vscode-markdownlint",
-        "ms-vscode-remote.remote-containers"
+        "ms-vscode-remote.remote-containers",
+        "foxundermoon.shell-format",
+        "timonwong.shellcheck"
       ],
       "settings": {
-        "terminal.integrated.shell.linux": "/bin/bash"
+        "terminal.integrated.shell.linux": "/bin/zsh"
       }
     }
   },
-  "forwardPorts": [3000],
+  "forwardPorts": [3000, 6443],
   "mounts": [
-    "type=bind,source=${localWorkspaceFolder}/.env,target=/workspace/ui/.env,consistency=cached"
+    "type=bind,source=${localWorkspaceFolder}/.env,target=/workspace/ui/.env,consistency=cached",
+    "source=${env:HOME}/.kube,target=/opt/app-root/src/.kube,type=bind,consistency=cached",
+    "source=/var/run/docker.sock,target=/var/run/docker.sock,type=bind"
   ],
   "runArgs": ["-p", "3000:3000"]
 }
diff --git a/.devcontainer/install-kind.sh b/.devcontainer/install-kind.sh
new file mode 100755
index 00000000..46a1aa75
--- /dev/null
+++ b/.devcontainer/install-kind.sh
@@ -0,0 +1,10 @@
+#!/bin/bash
+# -*- indent-tabs-mode: nil; tab-width: 2; sh-indentation: 2; -*-
+
+# Install the kind binary
+
+[ $(uname -m) = x86_64 ] && curl -Lo /tmp/kind https://kind.sigs.k8s.io/dl/v0.25.0/kind-linux-amd64
+[ $(uname -m) = aarch64 ] && curl -Lo /tmp/kind https://kind.sigs.k8s.io/dl/v0.25.0/kind-linux-arm64
+chmod +x /tmp/kind
+mv /tmp/kind /usr/local/bin/kind
+kind completion zsh > ~/.oh-my-zsh/cache/completions/_kind
diff --git a/.devcontainer/install-kubectl.sh b/.devcontainer/install-kubectl.sh
new file mode 100755
index 00000000..648372ab
--- /dev/null
+++ b/.devcontainer/install-kubectl.sh
@@ -0,0 +1,23 @@
+#!/bin/bash
+# -*- indent-tabs-mode: nil; tab-width: 2; sh-indentation: 2; -*-
+
+# Install the  kubectl binary
+
+ARCH=$(uname -m)
+if [ "$ARCH" == "x86_64" ] || [ "$ARCH" == "amd64" ]; then
+    ARCH="amd64"
+elif [ "$ARCH" == "aarch64" ] || [ "$ARCH" == "arm64" ]; then
+    ARCH="arm64"
+else
+    echo "Unsupported architecture: $ARCH"
+    exit 1
+fi
+
+KUBECTL_VERSION=$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)
+echo "Installing kubectl version $KUBECTL_VERSION for $ARCH..."
+curl -LO "https://dl.k8s.io/release/${KUBECTL_VERSION}/bin/linux/${ARCH}/kubectl"
+chmod +x kubectl
+mv kubectl /usr/local/bin/
+kubectl completion zsh > $ZSH/cache/completions/_kubectl
+
+curl -sLO https://access.cdn.redhat.com/content/origin/files/sha256/99/99f0ecb5477ed1a038e7279252971b4c5d50fa9a877f78610b7d4e4ee02e0589/openshift-client-linux-amd64-rhel9-4.17.6.tar.gz
diff --git a/.devcontainer/install-kubeseal.sh b/.devcontainer/install-kubeseal.sh
new file mode 100755
index 00000000..b38688e7
--- /dev/null
+++ b/.devcontainer/install-kubeseal.sh
@@ -0,0 +1,30 @@
+#!/bin/bash
+# -*- indent-tabs-mode: nil; tab-width: 2; sh-indentation: 2; -*-
+
+# Install the kubeseal binary
+
+set -x
+set -e
+set -o pipefail
+
+# Determine architecture
+ARCH=$(uname -m)
+if [ "$ARCH" == "x86_64" ] || [ "$ARCH" == "amd64" ]; then
+    ARCH="amd64"
+elif [ "$ARCH" == "aarch64" ] || [ "$ARCH" == "arm64" ]; then
+    ARCH="arm64"
+else
+    echo "Unsupported architecture: $ARCH"
+    exit 1
+fi
+
+KUBESEAL_VERSION=$(curl -s https://api.github.com/repos/bitnami-labs/sealed-secrets/tags | jq -r '.[0].name' | cut -c 2-)
+if [ -z "$KUBESEAL_VERSION" ]; then
+    echo "Failed to fetch the latest KUBESEAL_VERSION"
+    exit 1
+fi
+
+curl -OL "https://github.com/bitnami-labs/sealed-secrets/releases/download/v${KUBESEAL_VERSION}/kubeseal-${KUBESEAL_VERSION}-linux-${ARCH}.tar.gz"
+tar -xvzf kubeseal-${KUBESEAL_VERSION}-linux-${ARCH}.tar.gz kubeseal
+install -m 755 kubeseal /usr/local/bin/kubeseal
+kubeseal completion zsh > ~/.oh-my-zsh/cache/completions/_kubeseal
diff --git a/Makefile b/Makefile
index d812a972..516a471b 100644
--- a/Makefile
+++ b/Makefile
@@ -20,7 +20,8 @@ ILAB_KUBE_CONTEXT?=kind-instructlab-ui
 ILAB_KUBE_NAMESPACE?=instructlab
 ILAB_KUBE_CLUSTER_NAME?=instructlab-ui
 CONTAINER_ENGINE?=docker
-DEVCONTAINER_BINARY_EXISTS ?= $(shell command -v devcontainer)
+DEVCONTAINER_BINARY_EXISTS?=$(shell command -v devcontainer)
+DEVCONTAINER_DEFAULT_SHELL?=zsh
 TAG=$(shell git rev-parse HEAD)
 ##@ Development - Helper commands for development
 .PHONY: md-lint
@@ -111,6 +112,14 @@ check-kubectl:
 		exit 1 ; \
 	fi
 
+.PHONY: check-kubeseal
+check-kubeseal:
+	$(CMD_PREFIX) if [ -z "$(shell which kubeseal)" ]; then \
+		echo "Please install kubeseal" ; \
+		echo "https://github.com/bitnami-labs/sealed-secrets?tab=readme-ov-file#kubeseal" ; \
+		exit 1 ; \
+	fi
+
 .PHONY: load-images
 load-images: ## Load images onto Kind cluster
 	$(CMD_PREFIX) kind load --name $(ILAB_KUBE_CLUSTER_NAME) docker-image ghcr.io/instructlab/ui/ui:main
@@ -130,8 +139,8 @@ wait-for-readiness: # Wait for operators to be ready
 	$(CMD_PREFIX) kubectl --context=$(ILAB_KUBE_CONTEXT) -n ingress-nginx rollout restart deployment ingress-nginx-controller
 	$(CMD_PREFIX) kubectl --context=$(ILAB_KUBE_CONTEXT) -n ingress-nginx rollout status deployment ingress-nginx-controller --timeout=10m
 
-.PHONY: deploy
-deploy: wait-for-readiness ## Deploy a InstructLab UI development stack onto a kubernetes cluster
+.PHONY: deploy-kind
+deploy-kind: wait-for-readiness ## Deploy a InstructLab UI development stack onto a kubernetes cluster
 	$(CMD_PREFIX) if [ ! -f .env ]; then \
 		echo "Please create a .env file in the root of the project." ; \
 		exit 1 ; \
@@ -140,20 +149,20 @@ deploy: wait-for-readiness ## Deploy a InstructLab UI development stack onto a k
 	$(CMD_PREFIX) kubectl --context=$(ILAB_KUBE_CONTEXT) apply -k ./deploy/k8s/overlays/kind
 	$(CMD_PREFIX) kubectl --context=$(ILAB_KUBE_CONTEXT) wait --for=condition=Ready pods -n $(ILAB_KUBE_NAMESPACE) --all -l app.kubernetes.io/part-of=ui --timeout=15m
 
-.PHONY: redeploy
-redeploy: ui-image load-images ## Redeploy the InstructLab UI stack onto a kubernetes cluster
+.PHONY: redeploy-kind
+redeploy-kind: ui-image load-images ## Redeploy the InstructLab UI stack onto a kubernetes cluster
 	$(CMD_PREFIX) kubectl --context=$(ILAB_KUBE_CONTEXT) -n $(ILAB_KUBE_NAMESPACE) rollout restart deploy/ui
 	$(CMD_PREFIX) kubectl --context=$(ILAB_KUBE_CONTEXT) -n $(ILAB_KUBE_NAMESPACE) rollout restart deploy/pathservice
 
-.PHONY: undeploy
-undeploy: ## Undeploy the InstructLab UI stack from a kubernetes cluster
+.PHONY: undeploy-kind
+undeploy-kind: ## Undeploy the InstructLab UI stack from a kubernetes cluster
 	$(CMD_PREFIX) if [ -f ./deploy/k8s/overlays/kind/.env ]; then \
 		rm ./deploy/k8s/overlays/kind/.env ; \
 	fi
 	$(CMD_PREFIX) kubectl --context=$(ILAB_KUBE_CONTEXT) delete namespace $(ILAB_KUBE_NAMESPACE)
 
 .PHONY: start-dev-kind ## Run the development environment on Kind cluster
-start-dev-kind: setup-kind deploy ## Setup a Kind cluster and deploy InstructLab UI on it
+start-dev-kind: setup-kind load-images deploy-kind ## Setup a Kind cluster and deploy InstructLab UI on it
 
 ##@ OpenShift - UI prod and qa deployment on OpenShift
 .PHONY: deploy-qa-openshift
@@ -162,7 +171,6 @@ deploy-qa-openshift: ## Deploy QA stack of the InstructLab UI on OpenShift
 		echo "Please create a .env file in the root of the project." ; \
 		exit 1 ; \
 	fi
-
 	$(CMD_PREFIX) yes | cp -rf .env ./deploy/k8s/overlays/openshift/qa/.env
 	$(CMD_PREFIX) oc apply -k ./deploy/k8s/overlays/openshift/qa
 	$(CMD_PREFIX) oc wait --for=condition=Ready pods -n $(ILAB_KUBE_NAMESPACE) --all -l app.kubernetes.io/part-of=ui --timeout=15m
@@ -172,7 +180,6 @@ redeploy-qa-openshift: ## Redeploy QA stack of the InstructLab UI on OpenShift
 	$(CMD_PREFIX) oc -n $(ILAB_KUBE_NAMESPACE) rollout restart deploy/ui
 	$(CMD_PREFIX) oc -n $(ILAB_KUBE_NAMESPACE) rollout restart deploy/pathservice
 
-
 .PHONY: undeploy-qa-openshift
 undeploy-qa-openshift: ## Undeploy QA stack of the InstructLab UI on OpenShift
 	$(CMD_PREFIX) oc delete -k ./deploy/k8s/overlays/openshift/qa
@@ -224,7 +231,7 @@ start-dev-container:
 .PHONY: enter-dev-container
 enter-dev-container:
 	$(MAKE) check-dev-container-installed
-	devcontainer exec --workspace-folder=./ --docker-path=${CONTAINER_ENGINE} bash
+	devcontainer exec --workspace-folder=./ --docker-path=${CONTAINER_ENGINE} ${DEVCONTAINER_DEFAULT_SHELL}
 
 .PHONY: cycle-dev-container
 cycle-dev-container:
diff --git a/deploy/k8s/overlays/kind/kind.yaml b/deploy/k8s/overlays/kind/kind.yaml
index 7afee7f2..4580a1d6 100644
--- a/deploy/k8s/overlays/kind/kind.yaml
+++ b/deploy/k8s/overlays/kind/kind.yaml
@@ -24,3 +24,5 @@ nodes:
     image: kindest/node:v1.30.0
   - role: worker
     image: kindest/node:v1.30.0
+networking:
+  apiServerPort: 6443