From c85cb506941606121640412218f6cc78ef50d4a8 Mon Sep 17 00:00:00 2001
From: Deavon McCaffery <dmccaffery@users.noreply.github.com>
Date: Mon, 4 Nov 2019 12:10:07 +0000
Subject: [PATCH] feat(init): install tiller in cluster

NOTE:

In order for flux and the helm-operator to work successfully, an instance
of tiller must be deployed into the cluster. This is a security vulnerability
in that the tiller account executes with a highly privileged role.

This should be removed once https://github.com/fluxcd/helm-operator/pull/79
has been released. The current version of the helm-operator (1.0.0-rc3) does
not include this PR.
---
 init.sh | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/init.sh b/init.sh
index 3024fc8..4b0ab83 100755
--- a/init.sh
+++ b/init.sh
@@ -193,6 +193,10 @@ __cluster_init() {
         $KUBECTL apply -f $INIT_WORKDIR/flux-git-credentials.yaml
     fi
 
+    # install tiller into the cluster
+    __fail "WARNING: THIS SHOULD BE REMOVED ONCE https://github.com/fluxcd/helm-operator/pull/79 IS RELEASED"
+    $HELM init --override 'spec.template.spec.containers[0].command'='{/tiller,--storage=secret}'
+
     # deploy flux
     $HELM upgrade flux $CHART_PATH/fluxcd/flux \
         --values=$GLOBAL_PATH/helm/gitops-system/flux.yaml \