#!/bin/bash DEBUG="${DEBUG:-false}" PROMPT="${PROMPT:-true}" APP_NAME="event-gateway" OUTPUT_DIR="/tmp/kong/${APP_NAME}" mkdir -p "${OUTPUT_DIR}" GET_KONGHQ_COM_URL="https://get.konghq.com" LOG_FILE="${OUTPUT_DIR}/event-gateway.log" QUICKSTART_SCRIPT_PATH="${OUTPUT_DIR}/quickstart" DEFAULT_KONNECT_EVENT_GATEWAY_NAME="event-gateway-quickstart" KONNECT_DOMAIN="${KONNECT_DOMAIN:-konghq.com}" DEFAULT_KONG_EVENT_GATEWAY_IMAGE_NAME="kong-event-gateway" DEFAULT_KONG_EVENT_GATEWAY_IMAGE_TAG="latest" DEFAULT_KONG_IMAGE_REPO="kong" KONG_EVENT_GATEWAY_IMAGE_NAME="${KONG_EVENT_GATEWAY_IMAGE_NAME:-$DEFAULT_KONG_EVENT_GATEWAY_IMAGE_NAME}" KONG_EVENT_GATEWAY_IMAGE_TAG="${KONG_EVENT_GATEWAY_IMAGE_TAG:-$DEFAULT_KONG_EVENT_GATEWAY_IMAGE_TAG}" download_quickstart_script() { if [ "${DEBUG}" = "false" ]; then echo "Downloading quickstart script to ${QUICKSTART_SCRIPT_PATH}" >> "${LOG_FILE}" curl -s -f -o "${QUICKSTART_SCRIPT_PATH}" "${GET_KONGHQ_COM_URL}/quickstart" || \ return 1 else echo "Copying local quickstart script to ${QUICKSTART_SCRIPT_PATH}" >> "${LOG_FILE}" cp ./quickstart "${QUICKSTART_SCRIPT_PATH}" fi } parse_konnect_event_gateway() { echo ">parse_konnect_event_gateway" >> $LOG_FILE KONNECT_EVENT_GATEWAY_ID=$(echo "${KONNECT_EVENT_GATEWAY_INFO}" | docker run -i --rm ${JQ_IMAGE} -r '.id') echo "Event Gateway ID: ${KONNECT_EVENT_GATEWAY_ID}" >> $LOG_FILE echo "Event Gateway Name: ${KONNECT_EVENT_GATEWAY_NAME}" >> $LOG_FILE echo "> $LOG_FILE } create_event_gateway() { echo ">create_event_gateway" >> $LOG_FILE local name="${1}" local description="${2}" local body="{\"name\":\"$name\",\"description\":\"$description\"}" local response=$(curl -s --fail-with-body \ --header "Authorization: Bearer ${KONNECT_TOKEN}" \ --url "https://${KONNECT_REGION}.api.${KONNECT_DOMAIN}/v1/event-gateways" \ --header 'Content-Type: application/json' \ --header 'Accept: application/json' \ --data "${body}") local rv=$? if [[ $rv -ne 0 ]]; then echo_fail "Unable to create Event Gateway" exit 1 else KONNECT_EVENT_GATEWAY_INFO="${response}" fi echo "> $LOG_FILE return $rv } delete_event_gateway() { echo ">delete_event_gateway" >> $LOG_FILE docker rm -f event-gateway-quickstart >> $LOG_FILE 2>&1 local response=$(curl -s -g --fail-with-body \ --header "Authorization: Bearer ${KONNECT_TOKEN}" \ --url "https://${KONNECT_REGION}.api.${KONNECT_DOMAIN}/v1/event-gateways?filter[name][contains]=${KONNECT_EVENT_GATEWAY_NAME}" \ --header 'Content-Type: application/json' \ --header 'Accept: application/json') local rv=$? if [[ $rv -ne 0 ]]; then echo_fail "Unable to delete Event Gateway" exit 1 else KONNECT_EVENT_GATEWAY_INFO="${response}" local eg_id=$(echo "${KONNECT_EVENT_GATEWAY_INFO}" | docker run -i --rm ${JQ_IMAGE} -r '.data[0].id') if [[ "$eg_id" != "null" && -n "$eg_id" ]]; then curl -s -X DELETE \ --header "Authorization: Bearer ${KONNECT_TOKEN}" \ --url "https://${KONNECT_REGION}.api.${KONNECT_DOMAIN}/v1/event-gateways/${eg_id}" \ --header 'accept: application/json' >> $LOG_FILE 2>&1 fi fi echo "> $LOG_FILE return $rv } deploy_event_gateway_certs() { local eg_id="${1}" echo ">deploy_konnect_certs" >> $LOG_FILE echo "Generating escaped certificate to ${OUTPUT_DIR}/tls.crt.escaped" >> $LOG_FILE awk 'NF {sub(/\r/, ""); printf "%s\\n",$0;}' "${OUTPUT_DIR}/tls.crt" > "${OUTPUT_DIR}/tls.crt.escaped" echo "Deploying certificate to Event Gateway ${eg_id}" >> $LOG_FILE curl --fail-with-body -s --request POST \ --header "Authorization: Bearer ${KONNECT_TOKEN}" \ --url "https://${KONNECT_REGION}.api.${KONNECT_DOMAIN}/v1/event-gateways/${eg_id}/data-plane-certificates" \ --header 'Content-Type: application/json' \ --header 'accept: application/json' \ --data "{\"certificate\":\"$(cat ${OUTPUT_DIR}/tls.crt.escaped)\"}" >> $LOG_FILE 2>&1 local rv=$? echo >> $LOG_FILE echo "> $LOG_FILE return $rv } create_dp() { echo ">create_dp" >> $LOG_FILE local eg_id="${1}" local image="${KONG_IMAGE_REPO}/${KONG_EVENT_GATEWAY_IMAGE_NAME}:${KONG_EVENT_GATEWAY_IMAGE_TAG}" docker rm -f event-gateway-quickstart >/dev/null 2>&1 || true docker_args=( --rm --name event-gateway-quickstart -d -e KONNECT_REGION="${KONNECT_REGION}" -e KONNECT_DOMAIN="${KONNECT_DOMAIN}" -e KONNECT_GATEWAY_CLUSTER_ID="${eg_id}" -e KONNECT_CLIENT_CERT="$(cat ${OUTPUT_DIR}/tls.crt)" -e KONNECT_CLIENT_KEY="$(cat ${OUTPUT_DIR}/key.crt)" -p 19092-19101:19092-19101 ) if [[ -n "${NETWORK_NAME}" ]]; then docker_args+=(--network "${NETWORK_NAME}") fi docker run "${docker_args[@]}" ${image} >> $LOG_FILE 2>&1 declare -i rv=$? if [[ $rv -ne 0 ]]; then echo "Failed to create Data Plane" >> $LOG_FILE echo_fail exit 1 fi echo "> $LOG_FILE return $rv } event_gateway_usage() { echo "Runs a Kong Event Gateway. The following documents the arguments and variables supported by the script." echo echo "Supported arguments:" echo " -k Provide the Konnect personal access token" echo " -n Provide the Konnect Event Gateway Name" echo " -N Specify an optional docker network for the data plane to connect to when running the Kafka cluster locally." echo " -r Specify a different docker image registry (Default: $KONG_IMAGE_REPO)" echo " -i Specify a different docker image name (Default: $KONG_EVENT_GATEWAY_IMAGE_NAME)" echo " -t Specify a different docker image tag (Default: $KONG_EVENT_GATEWAY_IMAGE_TAG)" echo " -h Shows this help" echo " -d Destroys the current running instance." exit 0 } event_gateway_main() { local do_usage=false local do_destroy=false echo ">event_gateway_main" >> "${LOG_FILE}" download_quickstart_script || { echo "Failed to download quickstart script" >> "${LOG_FILE}" return 1 } source "${QUICKSTART_SCRIPT_PATH}" --source echo "Sourced ${QUICKSTART_SCRIPT_PATH}" >> "${LOG_FILE}" while getopts "k:r:n:N:o:i:t:dh" o; do case "${o}" in r) KONG_IMAGE_REPO=${OPTARG} ;; k) KONNECT_TOKEN=${OPTARG} ;; n) KONNECT_EVENT_GATEWAY_NAME=${OPTARG} ;; N) NETWORK_NAME=${OPTARG} ;; i) KONG_EVENT_GATEWAY_IMAGE_NAME=${OPTARG} ;; t) KONG_EVENT_GATEWAY_IMAGE_TAG=${OPTARG} ;; d) do_destroy=true ;; h) do_usage=true ;; *) exit 1 ;; esac done if [ "$do_usage" = true ] ; then event_gateway_usage fi KONNECT_EVENT_GATEWAY_NAME="${KONNECT_EVENT_GATEWAY_NAME:-$DEFAULT_KONNECT_EVENT_GATEWAY_NAME}" if [ -z "$KONNECT_TOKEN" ]; then echo "Error: Konnect Personal Access Token is required." echo "Usage: $0 -k " exit 1 fi ensure_docker || { echo_fail "Docker is not available, check $LOG_FILE"; exit 1 } if [ "$do_destroy" = true ] ; then echo "Destroying local Event Gateway Deployment..." echo echo_bullet "Thanks for trying the Kong Event Gateway quickstart!" echo_bullet "The quickest way to get started in production is with Kong Konnect" delete_event_gateway exit 0 fi echo "This CLI deploys the Kong Event Gateway data plane on a local Docker instance." echo "By default, Kong Konnect (https://konghq.com/kong-konnect) provides " echo "a serverless control plane and many other advanced API management capabilities." echo echo_bullet "A Kong Konnect account is required to proceed. If you need an account, visit " echo " https://konghq.com/products/kong-konnect/register to sign up." echo echo_bullet "Once you have an account, a Konnect Personal Access Token (PAT)" echo " or System Account Token is required to configure the Event Gateway." echo echo_bullet "Login to your account and create a PAT (https://cloud.konghq.com/global/account/tokens)" echo " or use the Organization feature to create a System Account Token." echo echo_bullet "This quickstart will prompt your for you token and use it to create resources " echo " in Kong Konnect to support the Event Gateway." echo echo_warn "⚠️ If you have an existing Event Gateway named '${KONNECT_EVENT_GATEWAY_NAME}', it will be DELETED" echo echo_info "Debugging info logged to:" echo " $LOG_FILE" echo_wait "Deleting previous Event Gateway '${KONNECT_EVENT_GATEWAY_NAME}'... " noline delete_event_gateway echo_pass "" clear_konnect_certs echo_wait "Creating Event Gateway '${KONNECT_EVENT_GATEWAY_NAME}'... " noline create_event_gateway "${KONNECT_EVENT_GATEWAY_NAME}" "Created by the quickstart script" if [[ $? -ne 0 ]]; then echo_fail "" echo "Failed to create Event Gateway" exit 1 fi parse_konnect_event_gateway || { echo_fail "" echo_fail "Failed to parse Event Gateway info, check $LOG_FILE" exit 1 } generate_konnect_certs || { echo_fail "" echo_fail "Failed to generate TLS certificate, check $LOG_FILE" exit 1 } deploy_event_gateway_certs "${KONNECT_EVENT_GATEWAY_ID}" || { echo_fail "" echo_fail "Failed to deploy TLS certificate to Event Gateway, check $LOG_FILE" exit 1 } echo_pass "" echo_wait "Creating Data Plane... " noline create_dp "${KONNECT_EVENT_GATEWAY_ID}" || { echo_fail "" echo_fail "Failed to create a Data Plane, check $LOG_FILE" exit 1 } echo_pass "" echo echo "🐵 Kong Event Gateway Ready 🐵" echo "=======================================================" echo echo "Run the following commands in your terminal to" echo "configure the required environment variables:" echo echo "export EVENT_GATEWAY_ID=${KONNECT_EVENT_GATEWAY_ID}" echo "> "${LOG_FILE}" } # If a user wants to source this script they need to provide this argument # otherwise it's a challenge to detect execution vs sourcing in all contexts # (like piping from a curl or cat command) if [ "${1}" != "--source" ]; then echo event_gateway_main "$@" fi