feat(init): install tiller in cluster

NOTE: In order for flux and the helm-operator to work successfully, an instance of tiller must be deployed into the cluster. This is a security vulnerability in that the tiller account executes with a highly privileged role. This should be removed once fluxcd/helm-operator#79 has been released. The current version of the helm-operator (1.0.0-rc3) does not include this PR.
deavon-and-tiffany · Nov 5, 2019 · c85cb50 · c85cb50
1 parent 5e99bc0
commit c85cb50
Showing 1 changed file with 4 additions and 0 deletions.
diff --git a/init.sh b/init.sh
@@ -193,6 +193,10 @@ __cluster_init() {
         $KUBECTL apply -f $INIT_WORKDIR/flux-git-credentials.yaml
     fi
 
+    # install tiller into the cluster
+    __fail "WARNING: THIS SHOULD BE REMOVED ONCE https://github.com/fluxcd/helm-operator/pull/79 IS RELEASED"
+    $HELM init --override 'spec.template.spec.containers[0].command'='{/tiller,--storage=secret}'
+
     # deploy flux
     $HELM upgrade flux $CHART_PATH/fluxcd/flux \
         --values=$GLOBAL_PATH/helm/gitops-system/flux.yaml \