#!/usr/bin/env bash set -euo pipefail # 0) Install GKE auth plugin if missing if gcloud components list --quiet | grep -q "gke-gcloud-auth-plugin"; then echo "✓ gke-gcloud-auth-plugin already installed" elif command -v apt-get &>/dev/null; then sudo apt-get update sudo apt-get install -y google-cloud-cli-gke-gcloud-auth-plugin else echo "⚠️ Please install gke-gcloud-auth-plugin manually" exit 1 fi export USE_GKE_GCLOUD_AUTH_PLUGIN=True # 1) Set variables PROJECT=$(gcloud config get-value project) CLUSTER=sk1-cluster REGION=us-central1 ZONE="${REGION}-a" IP_NAME=sk1-static-ip NUM_NODES=3 MACHINE_TYPE=e2-small DISK_SIZE=50 # GB, pd-standard # 2) Enable required APIs echo "🔌 Enabling required APIs..." gcloud services enable \ cloudbuild.googleapis.com \ container.googleapis.com \ compute.googleapis.com \ --quiet # 3) Reserve a global static IP (idempotent) echo "🌐 Reserving static IP..." gcloud compute addresses create "${IP_NAME}" \ --global --project="${PROJECT}" \ || echo "Address ${IP_NAME} already exists" # 4) Create (or reuse) a GKE cluster echo "🚀 Creating GKE cluster..." gcloud container clusters create "${CLUSTER}" \ --zone "${ZONE}" \ --num-nodes "${NUM_NODES}" \ --machine-type "${MACHINE_TYPE}" \ --disk-size "${DISK_SIZE}" \ --disk-type pd-standard \ --quiet || true # 5) Fetch cluster credentials echo "🔑 Fetching credentials..." gcloud container clusters get-credentials "${CLUSTER}" --zone "${ZONE}" # 6) Build & push Docker images echo "🏗️ Building and pushing backend image..." cd backend gcloud builds submit --tag "gcr.io/${PROJECT}/backend:latest" . echo "🏗️ Building and pushing frontend image..." cd ../frontend gcloud builds submit --tag "gcr.io/${PROJECT}/frontend:latest" . cd .. # 7) Deploy to Kubernetes echo "📦 Deploying to Kubernetes..." kubectl create namespace sk1 --dry-run=client -o yaml | kubectl apply -f - # Apply MongoDB secret kubectl apply -n sk1 -f k8s/mongo-secret.yml # Apply deployments with project substitution PROJECT_VALUE=$(gcloud config get-value project) sed "s|\${PROJECT}|${PROJECT_VALUE}|g" k8s/backend-deployment.yml.tpl > /tmp/backend-deployment.yml sed "s|\${PROJECT}|${PROJECT_VALUE}|g" k8s/frontend-deployment.yml.tpl > /tmp/frontend-deployment.yml kubectl apply -n sk1 -f /tmp/backend-deployment.yml kubectl apply -n sk1 -f /tmp/frontend-deployment.yml # Apply Services, ManagedCertificate and Ingress kubectl apply -n sk1 -f k8s/backend-config.yml # Add this line kubectl apply -n sk1 -f k8s/backend-service.yml kubectl apply -n sk1 -f k8s/frontend-service.yml kubectl apply -n sk1 -f k8s/managed-cert.yml kubectl apply -n sk1 -f k8s/ingress.yml # 8) Wait for the Ingress to get an external IP echo "⏳ Waiting for Ingress IP assignment..." kubectl -n sk1 wait --for=condition=ADDRESS_ALLOCATED ingress sk1-ingress --timeout=600s # 9) Show your static IP for DNS STATIC_IP=$(gcloud compute addresses describe "${IP_NAME}" --global --format="value(address)") echo "" echo "✅ Deployment complete!" echo "Static IP: ${STATIC_IP}" echo "👉 Create an A-record for nudges.works → ${STATIC_IP}" echo "" echo "🔍 Check certificate status with: kubectl get managedcertificates -n sk1" echo "⏱️ It may take up to 60 minutes for the TLS certificate to be provisioned"