scripts/deploy/phase12-networking.sh

#!/bin/bash
#
# Phase 12: Networking & Gateways
# Configure ingress, DNS, SSL/TLS, WAF
#

set -euo pipefail

SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
source "${SCRIPT_DIR}/config.sh"

log_info "=========================================="
log_info "Phase 12: Networking & Gateways"
log_info "=========================================="

log_warning "This phase requires manual configuration for DNS and SSL certificates"
log_info "See docs/deployment/DEPLOYMENT_GUIDE.md Phase 12 for detailed instructions"

# 12.1 Deploy Ingress Controller
log_step "12.1 Deploying NGINX Ingress Controller..."

if ! command -v helm &> /dev/null; then
  log_warning "Helm not found. Install Helm to deploy ingress controller."
else
  if ! helm list -n ingress-nginx | grep -q ingress-nginx; then
    log_info "Installing NGINX Ingress Controller..."
    helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx
    helm repo update
    
    kubectl create namespace ingress-nginx --dry-run=client -o yaml | kubectl apply -f -
    helm install ingress-nginx ingress-nginx/ingress-nginx \
      --namespace ingress-nginx \
      --create-namespace \
      || log_warning "Ingress controller installation failed or already exists"
  else
    log_success "Ingress controller already installed"
  fi
fi

# 12.2 Apply Ingress Resources
log_step "12.2 Applying ingress resources..."

INGRESS_FILE="${K8S_DIR}/base/ingress.yaml"
if [ -f "${INGRESS_FILE}" ]; then
  kubectl apply -f "${INGRESS_FILE}" -n "${NAMESPACE}" || log_warning "Failed to apply ingress"
  log_success "Ingress resources applied"
else
  log_warning "Ingress configuration not found at ${INGRESS_FILE}"
  log_info "Create ingress.yaml in ${K8S_DIR}/base/"
fi

# 12.3 Install cert-manager (for Let's Encrypt)
log_step "12.3 Installing cert-manager..."

if ! kubectl get crd certificates.cert-manager.io &> /dev/null; then
  log_info "Installing cert-manager..."
  kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.13.0/cert-manager.yaml || \
    log_warning "Failed to install cert-manager"
  
  log_info "Waiting for cert-manager to be ready..."
  kubectl wait --for=condition=ready pod \
    -l app.kubernetes.io/instance=cert-manager \
    -n cert-manager \
    --timeout=300s || log_warning "cert-manager not ready yet"
else
  log_success "cert-manager already installed"
fi

log_info "Networking configuration complete"
log_info "Next steps (manual):"
log_info "  1. Configure DNS records"
log_info "  2. Create ClusterIssuer for Let's Encrypt"
log_info "  3. Configure WAF rules (if using Application Gateway)"

# Save state
save_state "phase12" "complete"

log_success "=========================================="
log_success "Phase 12: Networking & Gateways - COMPLETE"
log_success "=========================================="
feat: implement naming convention, deployment automation, and infrastructure updates - Add comprehensive naming convention (provider-region-resource-env-purpose) - Implement Terraform locals for centralized naming - Update all Terraform resources to use new naming convention - Create deployment automation framework (18 phase scripts) - Add Azure setup scripts (provider registration, quota checks) - Update deployment scripts config with naming functions - Create complete deployment documentation (guide, steps, quick reference) - Add frontend portal implementations (public and internal) - Add UI component library (18 components) - Enhance Entra VerifiedID integration with file utilities - Add API client package for all services - Create comprehensive documentation (naming, deployment, next steps) Infrastructure: - Resource groups, storage accounts with new naming - Terraform configuration updates - Outputs with naming convention examples Deployment: - Automated deployment scripts for all 15 phases - State management and logging - Error handling and validation Documentation: - Naming convention guide and implementation summary - Complete deployment guide (296 steps) - Next steps and quick start guides - Azure prerequisites and setup completion docs Note: ESLint warnings present - will be addressed in follow-up commit 2025-11-12 08:22:51 -08:00			`#!/bin/bash`
			`#`
			`# Phase 12: Networking & Gateways`
			`# Configure ingress, DNS, SSL/TLS, WAF`
			`#`

			`set -euo pipefail`

			`SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"`
			`source "${SCRIPT_DIR}/config.sh"`

			`log_info "=========================================="`
			`log_info "Phase 12: Networking & Gateways"`
			`log_info "=========================================="`

			`log_warning "This phase requires manual configuration for DNS and SSL certificates"`
			`log_info "See docs/deployment/DEPLOYMENT_GUIDE.md Phase 12 for detailed instructions"`

			`# 12.1 Deploy Ingress Controller`
			`log_step "12.1 Deploying NGINX Ingress Controller..."`

			`if ! command -v helm &> /dev/null; then`
			`log_warning "Helm not found. Install Helm to deploy ingress controller."`
			`else`
			`if ! helm list -n ingress-nginx \| grep -q ingress-nginx; then`
			`log_info "Installing NGINX Ingress Controller..."`
			`helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx`
			`helm repo update`

			`kubectl create namespace ingress-nginx --dry-run=client -o yaml \| kubectl apply -f -`
			`helm install ingress-nginx ingress-nginx/ingress-nginx \`
			`--namespace ingress-nginx \`
			`--create-namespace \`
			`\|\| log_warning "Ingress controller installation failed or already exists"`
			`else`
			`log_success "Ingress controller already installed"`
			`fi`
			`fi`

			`# 12.2 Apply Ingress Resources`
			`log_step "12.2 Applying ingress resources..."`

			`INGRESS_FILE="${K8S_DIR}/base/ingress.yaml"`
			`if [ -f "${INGRESS_FILE}" ]; then`
			`kubectl apply -f "${INGRESS_FILE}" -n "${NAMESPACE}" \|\| log_warning "Failed to apply ingress"`
			`log_success "Ingress resources applied"`
			`else`
			`log_warning "Ingress configuration not found at ${INGRESS_FILE}"`
			`log_info "Create ingress.yaml in ${K8S_DIR}/base/"`
			`fi`

			`# 12.3 Install cert-manager (for Let's Encrypt)`
			`log_step "12.3 Installing cert-manager..."`

			`if ! kubectl get crd certificates.cert-manager.io &> /dev/null; then`
			`log_info "Installing cert-manager..."`
			`kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.13.0/cert-manager.yaml \|\| \`
			`log_warning "Failed to install cert-manager"`

			`log_info "Waiting for cert-manager to be ready..."`
			`kubectl wait --for=condition=ready pod \`
			`-l app.kubernetes.io/instance=cert-manager \`
			`-n cert-manager \`
			`--timeout=300s \|\| log_warning "cert-manager not ready yet"`
			`else`
			`log_success "cert-manager already installed"`
			`fi`

			`log_info "Networking configuration complete"`
			`log_info "Next steps (manual):"`
			`log_info " 1. Configure DNS records"`
			`log_info " 2. Create ClusterIssuer for Let's Encrypt"`
			`log_info " 3. Configure WAF rules (if using Application Gateway)"`

			`# Save state`
			`save_state "phase12" "complete"`

			`log_success "=========================================="`
			`log_success "Phase 12: Networking & Gateways - COMPLETE"`
			`log_success "=========================================="`