image-viewer (#69)

* image-viewer

* force add

* fix mongodb

* remove unused files

* Add back in mongodb pv to add support for Ubuntu deployments

* aviator (viv)

* adds image repo

* values

* values

* overwride .gitignore

* fix linting error

* small fixes

* Adds fixes for grip/mongodb initialization

* Adds support for specifying ENV Vars for frontend pod

* Add schema initialization to grip

* update requestor chart with upstream to fix chart error

* add fhir server service.yaml and update gitignore (#74)

Co-authored-by: matthewpeterkort <[email protected]>

* Minor Helm Chart linting fixes

---------

Co-authored-by: matthewpeterkort <[email protected]>
Co-authored-by: matthewpeterkort <[email protected]>
Co-authored-by: Jawad Qureshi <[email protected]>
Co-authored-by: Quinn Wai Wong <[email protected]>
Co-authored-by: Liam Beckman <[email protected]>

.gitignore

@@ -2,7 +2,6 @@ postgres.txt
 **/charts/
 notes/
 Chart.lock
-service.*
 *.crt
 *.key
 *.csr

.secrets.baseline

@@ -330,14 +330,14 @@
         "hashed_secret": "2546383b95bb44732e9be6a877fd476c0442fdab",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 51,
+        "line_number": 52,
         "type": "Secret Keyword"
       },
       {
         "hashed_secret": "d84ce25b0f9bc2cc263006ae39453efb22cc2900",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 53,
+        "line_number": 54,
         "type": "Secret Keyword"
       }
     ],

helm/common/README.md

@@ -1,31 +1,30 @@
 # common
 
-![Version: 0.1.10](https://img.shields.io/badge/Version-0.1.10-informational?style=flat-square) ![Type: library](https://img.shields.io/badge/Type-library-informational?style=flat-square) ![AppVersion: master](https://img.shields.io/badge/AppVersion-master-informational?style=flat-square)
+![Version: 0.1.12](https://img.shields.io/badge/Version-0.1.12-informational?style=flat-square) ![Type: library](https://img.shields.io/badge/Type-library-informational?style=flat-square) ![AppVersion: master](https://img.shields.io/badge/AppVersion-master-informational?style=flat-square)
 
 A Helm chart for provisioning databases in gen3
 
 ## Values
 
-| Key | Type | Default | Description |
-|-----|------|---------|-------------|
-| global.ddEnabled | bool | `false` | Whether Datadog is enabled. |
-| global.dev | bool | `true` | Whether the deployment is for development purposes. |
-| global.dictionaryUrl | string | `"https://s3.amazonaws.com/dictionary-artifacts/datadictionary/develop/schema.json"` | URL of the data dictionary. |
-| global.dispatcherJobNum | int | `"10"` | Number of dispatcher jobs. |
-| global.environment | string | `"default"` | Environment name. This should be the same as vpcname if you're doing an AWS deployment. Currently this is being used to share ALB's if you have multiple namespaces. Might be used other places too. |
-| global.hostname | string | `"localhost"` | Hostname for the deployment. |
-| global.kubeBucket | string | `"kube-gen3"` | S3 bucket name for Kubernetes manifest files. |
-| global.logsBucket | string | `"logs-gen3"` | S3 bucket name for log files. |
-| global.netPolicy | bool | `true` | Whether network policies are enabled. |
-| global.portalApp | string | `"gitops"` | Portal application name. |
-| global.postgres.dbCreate | bool | `true` | Whether the database should be created. |
-| global.postgres.externalSecret | string | `""` | Name of external secret. Disabled if empty |
-| global.postgres.master | map | `{"host":null,"password":null,"port":"5432","username":"postgres"}` | Master credentials to postgres. This is going to be the default postgres server being used for each service, unless each service specifies their own postgres |
-| global.postgres.master.host | string | `nil` | hostname of postgres server |
-| global.postgres.master.password | string | `nil` | password for superuser in postgres. This is used to create or restore databases |
-| global.postgres.master.port | string | `"5432"` | Port for Postgres. |
-| global.postgres.master.username | string | `"postgres"` | username of superuser in postgres. This is used to create or restore databases |
-| global.publicDataSets | bool | `true` | Whether public datasets are enabled. |
-| global.revproxyArn | string | `"arn:aws:acm:us-east-1:123456:certificate"` | ARN of the reverse proxy certificate. |
-| global.tierAccessLevel | string | `"libre"` | Access level for tiers. acceptable values for `tier_access_level` are: `libre`, `regular` and `private`. If omitted, by default common will be treated as `private` |
-
+| Key                             | Type   | Default                                                                              | Description                                                                                                                                                                                          |
+| ------------------------------- | ------ | ------------------------------------------------------------------------------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
+| global.ddEnabled                | bool   | `false`                                                                              | Whether Datadog is enabled.                                                                                                                                                                          |
+| global.dev                      | bool   | `true`                                                                               | Whether the deployment is for development purposes.                                                                                                                                                  |
+| global.dictionaryUrl            | string | `"https://s3.amazonaws.com/dictionary-artifacts/datadictionary/develop/schema.json"` | URL of the data dictionary.                                                                                                                                                                          |
+| global.dispatcherJobNum         | int    | `"10"`                                                                               | Number of dispatcher jobs.                                                                                                                                                                           |
+| global.environment              | string | `"default"`                                                                          | Environment name. This should be the same as vpcname if you're doing an AWS deployment. Currently this is being used to share ALB's if you have multiple namespaces. Might be used other places too. |
+| global.hostname                 | string | `"localhost"`                                                                        | Hostname for the deployment.                                                                                                                                                                         |
+| global.kubeBucket               | string | `"kube-gen3"`                                                                        | S3 bucket name for Kubernetes manifest files.                                                                                                                                                        |
+| global.logsBucket               | string | `"logs-gen3"`                                                                        | S3 bucket name for log files.                                                                                                                                                                        |
+| global.netPolicy                | bool   | `true`                                                                               | Whether network policies are enabled.                                                                                                                                                                |
+| global.portalApp                | string | `"gitops"`                                                                           | Portal application name.                                                                                                                                                                             |
+| global.postgres.dbCreate        | bool   | `true`                                                                               | Whether the database should be created.                                                                                                                                                              |
+| global.postgres.externalSecret  | string | `""`                                                                                 | Name of external secret. Disabled if empty                                                                                                                                                           |
+| global.postgres.master          | map    | `{"host":null,"password":null,"port":"5432","username":"postgres"}`                  | Master credentials to postgres. This is going to be the default postgres server being used for each service, unless each service specifies their own postgres                                        |
+| global.postgres.master.host     | string | `nil`                                                                                | hostname of postgres server                                                                                                                                                                          |
+| global.postgres.master.password | string | `nil`                                                                                | password for superuser in postgres. This is used to create or restore databases                                                                                                                      |
+| global.postgres.master.port     | string | `"5432"`                                                                             | Port for Postgres.                                                                                                                                                                                   |
+| global.postgres.master.username | string | `"postgres"`                                                                         | username of superuser in postgres. This is used to create or restore databases                                                                                                                       |
+| global.publicDataSets           | bool   | `true`                                                                               | Whether public datasets are enabled.                                                                                                                                                                 |
+| global.revproxyArn              | string | `"arn:aws:acm:us-east-1:123456:certificate"`                                         | ARN of the reverse proxy certificate.                                                                                                                                                                |
+| global.tierAccessLevel          | string | `"libre"`                                                                            | Access level for tiers. acceptable values for `tier_access_level` are: `libre`, `regular` and `private`. If omitted, by default common will be treated as `private`                                  |

helm/fence/README.md

@@ -186,7 +186,7 @@ A Helm chart for gen3 Fence
 | serviceAccount.create | bool | `true` | Specifies whether a service account should be created. |
 | serviceAccount.name | string | `"fence-sa"` | The name of the service account |
 | tolerations | list | `[]` | Tolerations for the pods |
-| usersync | map | `{"addDbgap":false,"custom_image":null,"onlyDbgap":false,"schedule":"*/30 * * * *","slack_send_dbgap":false,"slack_webhook":"None","syncFromDbgap":false,"userYamlS3Path":"s3://cdis-gen3-users/helm-test/user.yaml","usersync":true}` | Configuration options for usersync cronjob. |
+| usersync | map | `{"addDbgap":false,"custom_image":null,"onlyDbgap":false,"schedule":"*/30 * * * *","slack_send_dbgap":false,"slack_webhook":"None","syncFromDbgap":false,"userYamlS3Path":"s3://cdis-gen3-users/helm-test/user.yaml","usersync":false}` | Configuration options for usersync cronjob. |
 | usersync.addDbgap | bool | `false` | Force attempting a dbgap sync if "true", falls back on user.yaml |
 | usersync.custom_image | string | `nil` | To set a custom image for pulling the user.yaml file from S3. Default is the Gen3 Awshelper image. |
 | usersync.onlyDbgap | bool | `false` | Forces ONLY a dbgap sync if "true", IGNORING user.yaml |

helm/fhir-server/templates/server-config.yaml

@@ -3,6 +3,8 @@ kind: ConfigMap
 metadata:
   name: fhir-server-config
 data:
-  serviceName: {{ .Values.serviceName | quote }}
-  gripServiceName: {{ .Values.fhirServerConfig.gripServiceName | quote}}
-  gripGraphName: {{ .Values.fhirServerConfig.gripGraphName | quote}}
+  serviceName: {{ .Values.serviceName | default "fhir-server-service" | quote }}
+  {{- if .Values.fhirServerConfig }}
+  gripServiceName: {{ .Values.fhirServerConfig.gripServiceName | default "grip-service" | quote }}
+  gripGraphName: {{ .Values.fhirServerConfig.gripGraphName | default "CALIPER" | quote }}
+  {{- end }}

helm/fhir-server/templates/service.yaml

@@ -0,0 +1,15 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ .Values.serviceName | quote }}
+  labels:
+    {{- include "fhir-server.labels" . | nindent 4 }}
+spec:
+  type: {{ .Values.service.type }}
+  ports:
+    - port: {{ .Values.service.port }}
+      targetPort: http
+      protocol: TCP
+      name: http
+  selector:
+    {{- include "fhir-server.selectorLabels" . | nindent 4 }}

helm/frontend-framework/Chart.yaml

@@ -15,7 +15,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.1.1
+version: 0.1.2
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to

helm/frontend-framework/README.md

@@ -1,14 +1,14 @@
 # frontend-framework
 
-![Version: 0.1.1](https://img.shields.io/badge/Version-0.1.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: develop](https://img.shields.io/badge/AppVersion-develop-informational?style=flat-square)
+![Version: 0.1.2](https://img.shields.io/badge/Version-0.1.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: develop](https://img.shields.io/badge/AppVersion-develop-informational?style=flat-square)
 
 A Helm chart for the gen3 frontend framework
 
 ## Requirements
 
 | Repository | Name | Version |
 |------------|------|---------|
-| file://../common | common | 0.1.10 |
+| file://../common | common | 0.1.12 |
 
 ## Values
 
@@ -32,6 +32,7 @@ A Helm chart for the gen3 frontend framework
 | datadogLogsInjection | bool | `false` | If enabled, the Datadog Agent will automatically inject Datadog-specific metadata into your application logs. |
 | datadogProfilingEnabled | bool | `false` | If enabled, the Datadog Agent will collect profiling data for your application using the Continuous Profiler. This data can be used to identify performance bottlenecks and optimize your application. |
 | datadogTraceSampleRate | int | `1` | A value between 0 and 1, that represents the percentage of requests that will be traced. For example, a value of 0.5 means that 50% of requests will be traced. |
+| env | list | `[]` | List of environment variables to add to the deployment. |
 | fullnameOverride | string | `""` | Override the full name of the deployment. |
 | global | map | `{"aws":{"awsAccessKeyId":null,"awsSecretAccessKey":null,"enabled":false},"ddEnabled":false,"dev":true,"dictionaryUrl":"https://s3.amazonaws.com/dictionary-artifacts/datadictionary/develop/schema.json","dispatcherJobNum":10,"environment":"default","hostname":"localhost","kubeBucket":"kube-gen3","logsBucket":"logs-gen3","netPolicy":true,"portalApp":"gitops","postgres":{"dbCreate":true,"master":{"host":null,"password":null,"port":"5432","username":"postgres"}},"publicDataSets":true,"revproxyArn":"arn:aws:acm:us-east-1:123456:certificate","syncFromDbgap":false,"tierAccessLevel":"libre","userYamlS3Path":"s3://cdis-gen3-users/test/user.yaml"}` | Global configuration options. |
 | global.aws | map | `{"awsAccessKeyId":null,"awsSecretAccessKey":null,"enabled":false}` | AWS configuration |

helm/frontend-framework/templates/configMap.yaml

@@ -0,0 +1,10 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "frontend-framework.fullname" . }}-configmap
+  labels:
+    {{- include "frontend-framework.labels" . | nindent 4 }}
+data:
+  {{- range $key, $val := .Values.env }}
+  {{ $key }}: {{ $val | quote }}
+  {{- end }}

helm/frontend-framework/templates/deployment.yaml

@@ -12,13 +12,13 @@ spec:
     matchLabels:
       {{- include "frontend-framework.selectorLabels" . | nindent 6 }}
   revisionHistoryLimit: {{ .Values.revisionHistoryLimit }}
-
   strategy:
     {{- toYaml .Values.strategy | nindent 8 }}
   template:
     metadata:
-      {{- with .Values.podAnnotations }}
       annotations:
+        checksum/config: {{ include (print $.Template.BasePath "/configMap.yaml") . | sha256sum }}
+      {{- with .Values.podAnnotations }}
         {{- toYaml . | nindent 8 }}
       {{- end }}
       labels:
@@ -62,6 +62,10 @@ spec:
             - containerPort: 80
               name: http
               protocol: TCP
+          envFrom:
+            - configMapRef:
+                name: {{ include "frontend-framework.fullname" . }}-configmap
+                optional: true
           env:
             {{- if .Values.global.ddEnabled }}
             {{- include "common.datadogEnvVar" . | nindent 12 }}

helm/frontend-framework/values.yaml

@@ -122,6 +122,9 @@ autoscaling:
   targetCPUUtilizationPercentage: 80
   # targetMemoryUtilizationPercentage: 80
 
+# -- (list) List of environment variables to add to the deployment.
+env: []
+
 # -- (map) Node selector to apply to the pod
 nodeSelector: {}
 

helm/gen3/Chart.yaml

@@ -32,7 +32,7 @@ dependencies:
   repository: file://../etl
   condition: etl.enabled
 - name: frontend-framework
-  version: 0.1.1
+  version: 0.1.2
   repository: "file://../frontend-framework"
   condition: frontend-framework.enabled
 - name: fence
@@ -68,15 +68,15 @@ dependencies:
   repository: "file://../metadata"
   condition: metadata.enabled
 - name: mongodb
-  version: "13.16.3"
+  version: "16.0.3"
   repository: "file://../mongodb"
   condition: mongodb.enabled
 - name: portal
   version: 0.1.13
   repository: "file://../portal"
   condition: portal.enabled
 - name: requestor
-  version: 0.1.11
+  version: 0.1.16
   repository: "file://../requestor"
   condition: requestor.enabled
 - name: revproxy
@@ -103,6 +103,14 @@ dependencies:
   version: 11.9.13
   repository: "https://charts.bitnami.com/bitnami"
   condition: global.dev
+- name: image-viewer
+  version: 0.1.0
+  repository: "file://../image-viewer"
+  condition: image-viewer.enabled
+- name: viv
+  version: 0.1.0
+  repository: "file://../viv"
+  condition: viv.enabled
 
 # A chart can be either an 'application' or a 'library' chart.
 #