jiangkai
/
microservice-helm


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104
							#!/bin/bash

# ============================================================
# 自动生成 34 个微服务的 ConfigMap 和 Deployment
# 用途：根据 conf/ 目录中的配置文件自动生成 K8S 部署文件
# ============================================================

set -e

CONF_DIR="./conf"
OUTPUT_DIR="./k8s-manifests"
TEMPLATE_DIR="."

# 创建输出目录
mkdir -p "$OUTPUT_DIR/configmaps"
mkdir -p "$OUTPUT_DIR/deployments"
mkdir -p "$OUTPUT_DIR/secrets"

echo "🔍 正在读取配置文件..."
echo ""

# 遍历所有服务目录
for service_dir in $CONF_DIR/shop-recycle-*/; do
    service_name=$(basename "$service_dir")
    
    # 跳过不存在配置文件的目录
    if [ ! -f "$service_dir/conf/application.yml" ]; then
        echo "⚠️  跳过 $service_name (没有 application.yml)"
        continue
    fi
    
    echo "📝 处理服务: $service_name"
    
    # 提取端口号
    port=$(grep -oP '^\s*port:\s*\K[0-9]+' "$service_dir/conf/application.yml" | head -1)
    
    if [ -z "$port" ]; then
        echo "  ⚠️  无法提取端口号，使用默认 8080"
        port="8080"
    else
        echo "  ✅ 端口: $port"
    fi
    
    # 判断服务类型
    if grep -q "datasource:" "$service_dir/conf/application.yml"; then
        service_type="backend"
        echo "  📊 类型: Backend (包含数据库)"
    else
        service_type="web"
        echo "  🌐 类型: Web (无数据库)"
    fi
    
    # 判断是否包含微信配置
    if grep -q "app-secret" "$service_dir/conf/application.yml"; then
        echo "  🔐 需要微信 Secret: 是"
    fi
    
    # 判断是否包含 MongoDB
    if grep -q "mongodb:" "$service_dir/conf/application.yml"; then
        echo "  🗄️  需要 MongoDB Secret: 是"
    fi
    
    # 判断是否包含 Seata
    if grep -q "seata:" "$service_dir/conf/application.yml"; then
        echo "  🔀 需要 Seata Secret: 是"
    fi
    
    echo ""
done

echo ""
echo "✅ 配置分析完成！"
echo ""
echo "📊 统计信息："
echo "  - 总服务数: $(ls -d $CONF_DIR/shop-recycle-*/ 2>/dev/null | wc -l)"
echo "  - 需要数据库凭证的服务: $(grep -l 'datasource:' $CONF_DIR/*/conf/application.yml 2>/dev/null | wc -l)"
echo "  - 需要微信凭证的服务: $(grep -l 'app-secret' $CONF_DIR/*/conf/application.yml 2>/dev/null | wc -l)"
echo "  - 需要 MongoDB 凭证的服务: $(grep -l 'mongodb:' $CONF_DIR/*/conf/application.yml 2>/dev/null | wc -l)"
echo "  - 需要 Seata 凭证的服务: $(grep -l 'seata:' $CONF_DIR/*/conf/application.yml 2>/dev/null | wc -l)"
echo ""

echo "📋 生成步骤："
echo "1. ✅ 共享 Secret 已在 secret-templates-common.yaml 中定义"
echo "2. ⏳ 现在需要为每个服务生成 ConfigMap 和 Deployment"
echo "3. 📦 可以使用以下命令部署："
echo ""
echo "   # 创建共享 Secret"
echo "   kubectl apply -f secret-templates-common.yaml"
echo ""
echo "   # 创建服务特定的 ConfigMap 和 Deployment"
echo "   kubectl apply -f k8s-manifests/configmaps/"
echo "   kubectl apply -f k8s-manifests/deployments/"
echo ""

echo "🔗 相关文件："
echo "  - 分析文档: CONFIG-AND-SECRET-STRATEGY.md"
echo "  - 共享 Secret: secret-templates-common.yaml"
echo "  - 模板库: service-configmap-deployment-template.yaml"
echo ""
echo "💡 下一步建议："
echo "  1. 使用 Kustomize 或 Helm 生成所有服务的部署文件"
echo "  2. 配置 RBAC 限制 Secret 访问权限"
echo "  3. 考虑使用 External Secrets Operator 从外部密钥管理系统获取敏感信息"
echo "  4. 在 CI/CD 中集成密钥注入流程"