feat: add color to scripts and update document without any CVE.

.gitignore

@@ -137,6 +137,7 @@ dist
 *.tfstate
 terraform.tfstate.backup
 terraform.tfvars
+terraform.plan
 values.yaml
 git-creds.yaml
 shared-storage/

INFRASTRUCTURE.md

@@ -22,10 +22,12 @@ This file contains all necessary configurations and definitions for setting up a
 
 This application uses 2 ways to build Docker images
 
-- **By [Wolfi](https://github.com/wolfi-dev) docker based**, a security-first, minimal base image (`Dockerfile`). These images are designed to provide a secure foundation, minimizing vulnerabilities that are common in more bloated base images.
+- **By [Wolfi](https://github.com/wolfi-dev) docker based**, a security-first, minimal base image (`Dockerfile`). These images are designed to provide a secure foundation, minimizing vulnerabilities that are common in more bloated base images. There is no CVE for this docker image.
 
 - **By multi-stage docker image**, build from scratch with `Dockerfile.scratch`. If you want to build from scratch, use `docker-compose.scratch.yml` and run `docker-compose  -f docker-compose.scratch.yml up --build`
 
+![alt text](images/no-cve.png "Docker without CVE")
+
 ## GitOps with Helm and ArgoCD
 
 - I use GitOps to deploy this application according to the following diagram:

infras/terraform/modules/.env.sample

@@ -9,3 +9,4 @@ GH_TOKEN_B64="xxxx"     # Base64 of GH_TOKEN
 GH_USERNAME_B64="xxxx"  # Base64 of GH_USERNAME_B64
 DOCKERHUB_USER="xxxx"   # Dockerhub username for pull image
 DOCKERHUB_PAT="xxxx"    # DockerHub PAT
+DOCKER_MAIL="xxxx"      # Docker email

infras/terraform/modules/deploy.sh

@@ -1,43 +1,93 @@
-#!/bin/sh
+#!/bin/bash
 
-# Set the script to exit immediately if any command exits with a non-zero status.
-set -e
-# Echo commands for debugging purposes
-set -x
+# Define functions to log with different color backgrounds
+log() { echo -e "\033[30;47m ${1} \033[0m ${@:2}"; }          # $1 background white
+info() { echo -e "\033[48;5;28m ${1} \033[0m ${@:2}"; }       # $1 background green
+warn() { echo -e "\033[48;5;202m ${1} \033[0m ${@:2}" >&2; }  # $1 background orange
+error() { echo -e "\033[48;5;196m ${1} \033[0m ${@:2}" >&2; } # $1 background red
+
+log START $(date "+%Y-%d-%m %H:%M:%S")
+START=$SECONDS
+
+# https://www.cyberciti.biz/faq/linux-bash-exit-status-set-exit-statusin-bash/
+# exit code `0` : Success
+# exit code `1` : Operation not permitted
+check_exit_code() {
+	[[ $1 == 0 ]] && return
+	error ABORT exit code $1 returned
+	info DURATION $(($SECONDS - $START)) seconds
+	exit 0
+}
+
+# very very useful for saving THOUSANDS of megabytes on your computer
+export TF_PLUGIN_CACHE_DIR="$HOME/.terraform.d/plugin-cache"
 
 # Init terraform provider
-terraform init
+info "Terraform init"
+terraform init -upgrade
+# abort if exit code != 0
+check_exit_code $?
 
 # Plan change
-terraform plan
+info "Terraform plan"
+terraform plan -out=terraform.plan
+# abort if exit code != 0
+check_exit_code $?
 
 # Apply change
-terraform apply --auto-approve
+info "Terraform apply"
+terraform apply --auto-approve terraform.plan
+# abort if exit code != 0
+check_exit_code $?
 
 # Create ArgoCD namespace
-kubectl get namespace argocd || kubectl create namespace argocd
+info "Creating ArgoCD namespace"
+if kubectl get namespace argocd >/dev/null 2>&1; then
+	info "Namespace 'argocd' already exists."
+else
+	kubectl create namespace argocd >/dev/null 2>&1 && info "Namespace created" || warn "Failed to create namespace 'argocd'"
+fi
 
 # Substitute variables in template
+info "Substitute variables in template"
 set -a
 source .env
 set +a
 envsubst <config.yaml.tpl >values.yaml
 envsubst <git-creds.yaml.tpl >git-creds.yaml
+# abort if exit code != 0
+check_exit_code $?
+info "All manifests and values created!"
 
 # Deploy with Helm
+info "Deploy with ArgoCD Helm"
 helm repo add argoproj https://argoproj.github.io/argo-helm
-helm repo update
+helm repo update >/dev/null 2>&1 && info "Helm repository has been updated successfully." || warn "Failed to update Helm repository."
 helm upgrade --install argocd argoproj/argo-cd -f values.yaml -n argocd
+# abort if exit code != 0
+check_exit_code $?
+info "ArgoCD created!"
 
 # Bootstrap app of apps
+info "Bootstrap ArgoCD App of Apps and DockerHub credentials"
 kubectl apply -f values/application-dev.yaml -n argocd
 kubectl apply -f git-creds.yaml -n argocd
-kubectl get secret regcred || kubectl create secret docker-registry regcred \
-	--docker-server=https://index.docker.io/v1/ \
-	--docker-username=${DOCKERHUB_USER} \
-	--docker-password=${DOCKERHUB_PAT} \
-	[email protected] \
-	-n argocd
+# Check if the 'regcred' secret exists
+if ! kubectl get secret regcred -n argocd >/dev/null 2>&1; then
+	info "Creating docker secrets..."
+	kubectl get secret regcred || kubectl create secret docker-registry regcred \
+		--docker-server=https://index.docker.io/v1/ \
+		--docker-username=${DOCKERHUB_USER} \
+		--docker-password=${DOCKERHUB_PAT} \
+		--docker-email=${DOCKER_MAIL} \
+		-n argocd
+else
+	info "'regcred' secret already exists."
+fi
+# abort if exit code != 0
+check_exit_code $?
 
 # DONE
-echo "Provisioned!"
+info PROVISIONED!!!
+
+info "Run this command to show password for admin user in ArgoCD: 'kubectl get secret argocd-initial-admin-secret -n argocd -o jsonpath='{.data.password}' | base64 --decode; echo'"

infras/terraform/modules/helm.tf

@@ -31,7 +31,7 @@ resource "null_resource" "wait_for_ingress" {
 
   provisioner "local-exec" {
     command = <<EOF
-      printf "\nWaiting for the nginx ingress controller...\n"
+      printf "....Waiting for the nginx ingress controller..."
       kubectl wait --namespace ${helm_release.ingress_controller.namespace} \
         --for=condition=ready pod \
         --selector=app.kubernetes.io/component=controller \

infras/terraform/modules/teardown.sh

@@ -1,20 +1,34 @@
 #!/bin/bash
 
-# Set the script to exit immediately if any command exits with a non-zero status.
-set -e
-
-# Echo commands for debugging purposes
-set -x
+# Define functions to log with different color backgrounds
+log() { echo -e "\033[30;47m ${1} \033[0m ${@:2}"; }          # $1 background white
+info() { echo -e "\033[48;5;28m ${1} \033[0m ${@:2}"; }       # $1 background green
+warn() { echo -e "\033[48;5;202m ${1} \033[0m ${@:2}" >&2; }  # $1 background orange
+error() { echo -e "\033[48;5;196m ${1} \033[0m ${@:2}" >&2; } # $1 background red
+
+log START $(date "+%Y-%d-%m %H:%M:%S")
+START=$SECONDS
+
+# https://www.cyberciti.biz/faq/linux-bash-exit-status-set-exit-statusin-bash/
+# exit code `0` : Success
+# exit code `1` : Operation not permitted
+check_exit_code() {
+	[[ $1 == 0 ]] && return
+	error ABORT exit code $1 returned
+	info DURATION $(($SECONDS - $START)) seconds
+	exit 0
+}
 
 # Remove Terraform state files
+info "Remove Terraform state files"
+info "Deleting state file..."
 rm -f *.tfstate *.tfstate.backup
 rm -f *.hcl
-
 # Delete the .terraform directory
+info "Deleting generated terraform module..."
 rm -rf .terraform
-
-# Delete the Kind cluster
-# Get all running container IDs
+info "Delete the Kind cluster"
+info "Get all running container IDs, stop and remove all..."
 containers=$(docker ps -aq)
 
 if [ -n "$containers" ]; then
@@ -24,11 +38,16 @@ if [ -n "$containers" ]; then
 	# Remove all Docker containers
 	docker rm $containers
 else
-	echo "No containers to stop or remove."
+	info "No containers to stop or remove."
 fi
-
+# abort if exit code != 0
+check_exit_code $?
+info "Remove all network (very important) and prune Docker resource after delete kind cluster"
+kind delete cluster -n kind-stakefish
 docker network prune -f
 docker system prune -f
-kind delete cluster -n kind-stakefish
 
-echo "Cleanup complete!"
+# abort if exit code != 0
+check_exit_code $?
+
+info "BYE BYE!"