Deploy the typo3scan helm chart on Azure Managed Openshift Service

Question

Pulumi · Accepted Answer

In order to deploy the TYPO3Scan Helm chart to an Azure Managed OpenShift Service using Pulumi, you will need to perform the following steps:

1. Set up the Azure Managed OpenShift Service where you'll deploy your applications. You can use the `azure-native.containerservice.OpenShiftManagedCluster` resource to define an OpenShift managed cluster.

2. Install and configure the Helm chart on the OpenShift cluster. You can use the `kubernetes.helm.sh/v3.Chart` resource to specify the Helm chart you want to deploy.

Here is a Pulumi program that would perform both steps. This TypeScript code will:
- Create an Azure Managed OpenShift Cluster.
- Deploy the `typo3scan` Helm chart to it.

Please replace the placeholders `RESOURCE_GROUP_NAME`, `CLUSTER_NAME`, `SSH_KEY`, `LOCATION`, `ADMIN_USERNAME`, `PASSWORD`, `CHART_VERSION`, and `RELEASE_NAME` with your own values. For instance, `SSH_KEY` should be replaced with your actual public SSH key that will be used to authenticate, `LOCATION` should contain the Azure region, and `CHART_VERSION` should specify the version of the Helm chart you wish to install.

```typescript
import * as azureNative from "@pulumi/azure-native";
import * as k8s from "@pulumi/kubernetes";
import * as pulumi from "@pulumi/pulumi";

const resourceGroupName = "RESOURCE_GROUP_NAME";
const clusterName = "CLUSTER_NAME";
const location = "LOCATION"; // Example: "East US"

// Create an Azure Resource Group if it doesn't exist
const resourceGroup = new azureNative.resources.ResourceGroup(resourceGroupName, {
    location: location,
});

// Create an OpenShift managed cluster.
const openshiftCluster = new azureNative.containerservice.OpenShiftManagedCluster(clusterName, {
    // Required properties
    location: location,
    resourceName: clusterName,
    resourceGroupName: resourceGroupName,
    openShiftVersion: "v4.3", // Use an appropriate OpenShift version
    networkProfile: {
        vnetCidr: "10.0.0.0/8",
    },
    masterPoolProfile: {
        count: 1,
        vmSize: "Standard_D4s_v3",
    },
    agentPoolProfiles: [{
        name: "agentpool",
        count: 3,
        vmSize: "Standard_D4s_v3",
    }],
    authProfile: {
        identityProviders: [{
            name: "Azure AD",
            provider: {
                // Provide Azure Active Directory details here
                clientId: "AZURE_AD_CLIENT_ID",
                clientSecret: "AZURE_AD_CLIENT_SECRET",
                tenantId: "AZURE_AD_TENANT_ID",
            },
        }],
    },
    // SSH Public Key for login
    linuxProfile: {
        ssh: {
            publicKeys: [{ keyData: "SSH_KEY" }],
        },
        adminUsername: "ADMIN_USERNAME",
    },
}, { dependsOn: resourceGroup });

// Configure the Kubernetes provider to the deployed OpenShift cluster
const k8sProvider = new k8s.Provider("k8sProvider", {
    kubeconfig: openshiftCluster.config.rawConfig,
});

// Deploy TYPO3Scan using a Helm Chart
const typo3scanChart = new k8s.helm.v3.Chart("typo3scan-chart", {
    chart: "typo3scan",
    version: "CHART_VERSION", // Define the version of the chart you want to deploy
    namespace: "default", // Define the namespace where the chart will be installed
    fetchOpts: {
        repo: "https://helm-repository-containing-typo3scan/", // Specify the repo URL where the chart is located
    },
    values: {
        // Specify any values you want to override in the chart here
    },
}, { provider: k8sProvider });

// Export the kubeconfig to access your cluster
export const kubeConfig = pulumi.secret(openshiftCluster.config.rawConfig);
```

Before running this program, ensure the following:
- You have Pulumi installed and configured for use with Azure.
- You have `kubectl` installed to interact with the Kubernetes cluster.
- Azure CLI installed and you are logged in using `az login`.
- A valid Azure subscription and necessary permissions to create resources.

Keep in mind that running the above Pulumi code will incur costs in your Azure account for the resources deployed, and make sure to clean up any resources you no longer use to avoid unnecessary charges.

This program assumes that you have a Helm repository containing the TYPO3Scan chart. Replace the placeholder in `fetchOpts` (`https://helm-repository-containing-typo3scan/`) with the correct URL for this chart repository. If the Helm chart requires specific configuration through values, you can pass them in the `values` object in the `typo3scanChart` definition.

Deploying this Pulumi program would typically involve running `pulumi up` through the Pulumi CLI. This command will prompt you to confirm the actions before any resources are actually created or modified.

Once the deployment is successful, you can use the exported KubeConfig to interact with your cluster using `kubectl`. For example, you could list Helm releases by running `kubectl get pods --namespace default`.