#!/usr/bin/env bash # Start the Sunbeam local dev stack. # Idempotent: safe to run multiple times. set -euo pipefail SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" REPO_ROOT="$(cd "$SCRIPT_DIR/.." && pwd)" # --------------------------------------------------------------------------- # 1. Check prerequisites # --------------------------------------------------------------------------- echo "==> Checking prerequisites..." for tool in limactl mkcert kubectl helm linkerd; do if ! command -v "$tool" &>/dev/null; then echo "ERROR: '$tool' not found. Install with: brew install $tool" >&2 exit 1 fi done echo " OK" # --------------------------------------------------------------------------- # 2. Start Lima VM (skip if already running) # --------------------------------------------------------------------------- LIMA_STATUS=$(limactl list --json 2>/dev/null | \ python3 -c "import sys,json; vms=[v for v in json.load(sys.stdin) if v['name']=='sunbeam']; print(vms[0]['status'] if vms else 'none')" 2>/dev/null || echo "none") if [[ "$LIMA_STATUS" == "Running" ]]; then echo "==> Lima VM 'sunbeam' already running." elif [[ "$LIMA_STATUS" == "Stopped" ]]; then echo "==> Starting existing Lima VM 'sunbeam'..." limactl start sunbeam else echo "==> Creating Lima VM 'sunbeam' (k3s, 6 CPU / 12 GB / 60 GB)..." limactl start \ --name=sunbeam \ template://k3s \ --memory=12 \ --cpus=6 \ --disk=60 \ --vm-type=vz \ --mount-type=virtiofs fi # --------------------------------------------------------------------------- # 3. Export kubeconfig # --------------------------------------------------------------------------- echo "==> Exporting kubeconfig..." mkdir -p ~/.kube limactl shell sunbeam kubectl config view --raw > ~/.kube/sunbeam.yaml export KUBECONFIG=~/.kube/sunbeam.yaml echo " KUBECONFIG=$KUBECONFIG" # --------------------------------------------------------------------------- # 4. Install Linkerd CRDs + control plane # --------------------------------------------------------------------------- echo "==> Adding Linkerd Helm repo..." helm repo add linkerd https://helm.linkerd.io/stable --force-update helm repo update linkerd echo "==> Installing Linkerd CRDs..." helm upgrade --install linkerd-crds linkerd/linkerd-crds \ -n mesh --create-namespace --wait echo "==> Installing Linkerd control plane..." helm upgrade --install linkerd-control-plane linkerd/linkerd-control-plane \ -n mesh \ --set-file identityTrustAnchorsPEM="$(linkerd identity trust-anchors 2>/dev/null || echo '')" \ --wait || { echo "==> Bootstrapping Linkerd identity (first install)..." linkerd install --crds | kubectl apply -f - linkerd install | kubectl apply -f - linkerd check } # --------------------------------------------------------------------------- # 5. Generate mkcert wildcard cert # --------------------------------------------------------------------------- echo "==> Generating TLS cert..." bash "$SCRIPT_DIR/local-certs.sh" LIMA_IP=$(limactl shell sunbeam hostname -I | awk '{print $1}') DOMAIN="${LIMA_IP}.sslip.io" # --------------------------------------------------------------------------- # 6. Create TLS Secret in ingress namespace # --------------------------------------------------------------------------- echo "==> Applying TLS Secret to ingress namespace..." kubectl create namespace ingress --dry-run=client -o yaml | kubectl apply -f - kubectl create secret tls pingora-tls \ --cert="$REPO_ROOT/secrets/local/tls.crt" \ --key="$REPO_ROOT/secrets/local/tls.key" \ -n ingress \ --dry-run=client -o yaml | kubectl apply -f - # --------------------------------------------------------------------------- # 7. Substitute domain and apply manifests # --------------------------------------------------------------------------- echo "==> Applying manifests (domain: $DOMAIN)..." # Substitute DOMAIN_SUFFIX placeholder before piping to kubectl kubectl kustomize "$REPO_ROOT/overlays/local" --enable-helm | \ sed "s/DOMAIN_SUFFIX/${DOMAIN}/g" | \ kubectl apply -f - # --------------------------------------------------------------------------- # 8. Wait for core components # --------------------------------------------------------------------------- echo "==> Waiting for PostgreSQL cluster..." kubectl wait --for=condition=Ready cluster/postgres -n data --timeout=180s || true echo "==> Waiting for Redis..." kubectl rollout status deployment/redis -n data --timeout=120s || true echo "==> Waiting for Kratos..." kubectl rollout status deployment/kratos -n ory --timeout=120s || true echo "==> Waiting for Hydra..." kubectl rollout status deployment/hydra -n ory --timeout=120s || true # --------------------------------------------------------------------------- # 9. Print URLs # --------------------------------------------------------------------------- bash "$SCRIPT_DIR/local-urls.sh"