zkt25/sk1/prepare-app.sh

#!/usr/bin/env bash
set -euo pipefail

# 0) Install GKE auth plugin if missing
if gcloud components list --quiet | grep -q "gke-gcloud-auth-plugin"; then
  echo "✓ gke-gcloud-auth-plugin already installed"
elif command -v apt-get &>/dev/null; then
  sudo apt-get update
  sudo apt-get install -y google-cloud-cli-gke-gcloud-auth-plugin
else
  echo "⚠️  Please install gke-gcloud-auth-plugin manually"
  exit 1
fi
export USE_GKE_GCLOUD_AUTH_PLUGIN=True

# 1) Set variables
PROJECT=$(gcloud config get-value project)
CLUSTER=sk1-cluster
REGION=us-central1
ZONE="${REGION}-a"
IP_NAME=sk1-static-ip

NUM_NODES=3
MACHINE_TYPE=e2-small
DISK_SIZE=50   # GB, pd-standard

# 2) Enable required APIs
echo "🔌 Enabling required APIs..."
gcloud services enable \
  cloudbuild.googleapis.com \
  container.googleapis.com \
  compute.googleapis.com \
  --quiet

# 3) Reserve a global static IP (idempotent)
echo "🌐 Reserving static IP..."
gcloud compute addresses create "${IP_NAME}" \
  --global --project="${PROJECT}" \
  || echo "Address ${IP_NAME} already exists"

# 4) Create (or reuse) a GKE cluster
echo "🚀 Creating GKE cluster..."
gcloud container clusters create "${CLUSTER}" \
  --zone "${ZONE}" \
  --num-nodes "${NUM_NODES}" \
  --machine-type "${MACHINE_TYPE}" \
  --disk-size "${DISK_SIZE}" \
  --disk-type pd-standard \
  --quiet || true

# 5) Fetch cluster credentials
echo "🔑 Fetching credentials..."
gcloud container clusters get-credentials "${CLUSTER}" --zone "${ZONE}"

# 6) Build & push Docker images
echo "🏗️ Building and pushing backend image..."
cd backend
gcloud builds submit --tag "gcr.io/${PROJECT}/backend:latest" .

echo "🏗️ Building and pushing frontend image..."
cd ../frontend
gcloud builds submit --tag "gcr.io/${PROJECT}/frontend:latest" .
cd ..

# 7) Deploy to Kubernetes
echo "📦 Deploying to Kubernetes..."
kubectl create namespace sk1 --dry-run=client -o yaml | kubectl apply -f -

# Apply MongoDB secret
kubectl apply -n sk1 -f k8s/mongo-secret.yml

# Apply deployments with project substitution
PROJECT_VALUE=$(gcloud config get-value project)
sed "s|\${PROJECT}|${PROJECT_VALUE}|g" k8s/backend-deployment.yml.tpl > /tmp/backend-deployment.yml
sed "s|\${PROJECT}|${PROJECT_VALUE}|g" k8s/frontend-deployment.yml.tpl > /tmp/frontend-deployment.yml
kubectl apply -n sk1 -f /tmp/backend-deployment.yml
kubectl apply -n sk1 -f /tmp/frontend-deployment.yml

# Apply Services, ManagedCertificate and Ingress
kubectl apply -n sk1 -f k8s/backend-config.yml  # Add this line
kubectl apply -n sk1 -f k8s/backend-service.yml
kubectl apply -n sk1 -f k8s/frontend-service.yml
kubectl apply -n sk1 -f k8s/managed-cert.yml
kubectl apply -n sk1 -f k8s/ingress.yml

# 8) Wait for the Ingress to get an external IP
echo "⏳ Waiting for Ingress IP assignment..."
kubectl -n sk1 wait --for=condition=ADDRESS_ALLOCATED ingress sk1-ingress --timeout=600s

# 9) Show your static IP for DNS
STATIC_IP=$(gcloud compute addresses describe "${IP_NAME}" --global --format="value(address)")
echo ""
echo "✅ Deployment complete!"
echo "Static IP: ${STATIC_IP}"
echo "👉 Create an A-record for nudges.works → ${STATIC_IP}"
echo ""
echo "🔍 Check certificate status with: kubectl get managedcertificates -n sk1"
echo "⏱️ It may take up to 60 minutes for the TLS certificate to be provisioned"