diff --git a/Makefile b/Makefile deleted file mode 100644 index 1570733c3..000000000 --- a/Makefile +++ /dev/null @@ -1,91 +0,0 @@ -DOCKER_REGISTRY := $(or $(DOCKER_REGISTRY),$(REGISTRY_HOST)) -VALUES_REGISTRY_TMPL := $(or $(VALUES_REGISTRY_TMPL), values-registry.tmpl) - -.EXPORT_ALL_VARIABLES: - -ALPINE_TAG := 3.8 -SELENIUM_TAG := v1 -KEYCLOAK_TAG := 11.0.2.Final -POSTGRES_TAG := 11.7 -AAE_TAG := 7.1.0-M10 -MINIDEB_EXTRAS_TAG := stretch - -IMAGES := alpine@$(ALPINE_TAG) \ -jboss/keycloak@$(KEYCLOAK_TAG) \ -unguiculus/docker-python3-phantomjs-selenium@$(SELENIUM_TAG) \ -postgres@$(POSTGRES_TAG) \ -bitnami/minideb-extras@${MINIDEB_EXTRAS_TAG} \ -docker@${DIND_TAG} \ -quay.io/alfresco/alfresco-admin-app@${AAA_TAG} \ -quay.io/alfresco/alfresco-deployment-service@${AAE_TAG} \ -quay.io/alfresco/alfresco-modeling-app@${AMA_TAG} \ -quay.io/alfresco/alfresco-modeling-service@${AAE_TAG} \ -quay.io/alfresco/alfresco-process-runtime-bundle-service@${AAE_TAG} \ -quay.io/alfresco/alfresco-process-query-service@${AAE_TAG} \ -quay.io/alfresco/alfresco-process-storage-service@${AAE_TAG} \ -quay.io/alfresco/alfresco-process-notifications-graphql-service@${AAE_TAG} \ -quay.io/alfresco/alfresco-process-workspace-app@${AAE_TAG} \ -quay.io/alfresco/alfresco-process-camel-connector-service@${AAE_TAG} \ -quay.io/alfresco/alfresco-process-comprehend-connector-service@${AAE_TAG} \ -quay.io/alfresco/alfresco-process-content-connector-service@${AAE_TAG} \ -quay.io/alfresco/alfresco-process-docgen-connector-service@${AAE_TAG} \ -quay.io/alfresco/alfresco-process-docusign-connector-service@${AAE_TAG} \ -quay.io/alfresco/alfresco-process-email-connector-service@${AAE_TAG} \ -quay.io/alfresco/alfresco-process-lambda-connector-service@${AAE_TAG} \ -quay.io/alfresco/alfresco-process-rekognition-connector-service@${AAE_TAG} \ -quay.io/alfresco/alfresco-process-rest-connector-service@${AAE_TAG} \ -quay.io/alfresco/alfresco-process-salesforce-connector-service@${AAE_TAG} \ -quay.io/alfresco/alfresco-process-slack-connector-service@${AAE_TAG} \ -quay.io/alfresco/alfresco-process-textract-connector-service@${AAE_TAG} \ -quay.io/alfresco/alfresco-process-twilio-connector-service@${AAE_TAG} \ -quay.io/alfresco/alfresco-process-elasticsearch-bridge-service@${AAE_TAG} \ -quay.io/alfresco/alfresco-process-kafka-bridge-service@${AAE_TAG} - -.PHONY: $(IMAGES) - -all: images values-registry.yaml - -test: - @if test -z "$(DOCKER_REGISTRY)"; then echo "Error: missing DOCKER_REGISTRY argument or env variable."; exit 1; fi - -login: test - docker login quay.io - docker login $(DOCKER_REGISTRY) - -pull: $(foreach image,$(IMAGES),$(image)\pull) - -tag: test $(foreach image,$(IMAGES),$(image)\tag) - -push: test $(foreach image,$(IMAGES),$(image)\push) - -list: $(foreach image,$(IMAGES),$(image)\print) - -images: test pull tag push - -values-registry.yaml: test - @envsubst < $(VALUES_REGISTRY_TMPL) > values-registry.yaml - @echo Values generated in values-registry.yaml - -clean: - rm values-registry.yaml || true - -$(IMAGES): - make $@\\pull - make $@\\tag - make $@\\push - -$(foreach image,$(IMAGES),$(image)\pull): ## Pull container image - $(eval IMAGE := $(subst \, ,$@)) - docker pull $(word 1, $(subst @,:,$(IMAGE))) - -$(foreach image,$(IMAGES),$(image)\tag): ## Tag container image - $(eval IMAGE := $(subst \, ,$@)) - docker tag $(word 1, $(subst @,:,$(IMAGE))) $(DOCKER_REGISTRY)/$(word 1, $(subst @,:,$(IMAGE))) - -$(foreach image,$(IMAGES),$(image)\push): ## Push container image - $(eval IMAGE := $(subst \, ,$@)) - docker push $(DOCKER_REGISTRY)/$(word 1, $(subst @,:,$(IMAGE))) - -$(foreach image,$(IMAGES),$(image)\print): ## Print container image - $(eval IMAGE := $(subst \, ,$@)) - @echo $(word 1, $(subst @,:,$(IMAGE))) diff --git a/README.md b/README.md index 3f2ab184b..eff0eed04 100644 --- a/README.md +++ b/README.md @@ -259,18 +259,12 @@ kubectl get secret \ realm-secret -o jsonpath="{['data']['alfresco-realm\.json']}" | base64 -D > alfresco-realm.json ``` -### override Docker images with internal Docker Registry +### Use an internal Docker Registry -Upload images to your internal registry and generate a values file with the new image locations for helm with: +In an [air gapped](https://en.wikipedia.org/wiki/Air_gap_(networking)) environment where the Kubernetes cluster has no direct access to external image repositories, use a tool like [helm-image-mirror](https://github.com/shashankv02/helm-image-mirror) to tag and push images to your internal registry and modify helm charts with the new image locations. -```bash -export REGISTRY_HOST=internal.registry.io -make login -make values-registry.yaml -export HELM_OPTS+=" -f values-registry.yaml" -``` -### use an external PostgreSQL database +### Use an external PostgreSQL database Modify the file values-external-postgresql.yaml providing values for your external database per each service, then run: diff --git a/helm/alfresco-process-infrastructure/Chart.yaml b/helm/alfresco-process-infrastructure/Chart.yaml index a27f94aaa..bcbd77896 100644 --- a/helm/alfresco-process-infrastructure/Chart.yaml +++ b/helm/alfresco-process-infrastructure/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v1 name: alfresco-process-infrastructure -version: 7.1.0-M12 -appVersion: 7.1.0-M12 +version: 7.1.0-M11 +appVersion: 7.1.0-M11 kubeVersion: '>=1.15.0-0' description: A Helm chart for Alfresco Activiti Enterprise infrastructure keywords: diff --git a/helm/alfresco-process-infrastructure/README.md b/helm/alfresco-process-infrastructure/README.md index 5e0fcfb26..25f2f2c43 100644 --- a/helm/alfresco-process-infrastructure/README.md +++ b/helm/alfresco-process-infrastructure/README.md @@ -1,6 +1,6 @@ # alfresco-process-infrastructure -![Version: 7.1.0-M12](https://img.shields.io/badge/Version-7.1.0--M12-informational?style=flat-square) ![AppVersion: 7.1.0-M12](https://img.shields.io/badge/AppVersion-7.1.0--M12-informational?style=flat-square) +![Version: 7.1.0-M11](https://img.shields.io/badge/Version-7.1.0--M11-informational?style=flat-square) ![AppVersion: 7.1.0-M11](https://img.shields.io/badge/AppVersion-7.1.0--M11-informational?style=flat-square) A Helm chart for Alfresco Activiti Enterprise infrastructure @@ -19,10 +19,10 @@ Kubernetes: `>=1.15.0-0` | https://activiti.github.io/activiti-cloud-helm-charts | common | 7.1.0-M11 | | https://charts.bitnami.com/bitnami | postgresql | 8.9.6 | | https://charts.bitnami.com/bitnami | rabbitmq | 7.8.0 | -| https://kubernetes-charts.alfresco.com/incubator | alfresco-adf-app | 7.1.0-M12 | -| https://kubernetes-charts.alfresco.com/incubator | alfresco-adf-app | 7.1.0-M12 | -| https://kubernetes-charts.alfresco.com/incubator | alfresco-process-springboot-service | 7.1.0-M12 | -| https://kubernetes-charts.alfresco.com/incubator | alfresco-process-springboot-service | 7.1.0-M12 | +| https://kubernetes-charts.alfresco.com/incubator | alfresco-adf-app | 7.1.0-M11 | +| https://kubernetes-charts.alfresco.com/incubator | alfresco-adf-app | 7.1.0-M11 | +| https://kubernetes-charts.alfresco.com/incubator | alfresco-process-springboot-service | 7.1.0-M11 | +| https://kubernetes-charts.alfresco.com/incubator | alfresco-process-springboot-service | 7.1.0-M11 | | https://kubernetes-charts.alfresco.com/stable | alfresco-identity-service | 2.1.0 | ## Values @@ -35,9 +35,9 @@ Kubernetes: `>=1.15.0-0` | alfresco-admin-app.env.APP_CONFIG_BPM_HOST | string | `"{{ include \"common.gateway-url\" . }}"` | | | alfresco-admin-app.env.APP_CONFIG_IDENTITY_HOST | string | `"{{ include \"common.keycloak-url\" . }}/admin/realms/{{ include \"common.keycloak-realm\" . }}"` | | | alfresco-admin-app.extraEnv | string | `"- name: APP_ALLOW_CUSTOM_RESOURCES\n value: \"{{ .Values.applications.allowCustomResources }}\"\n{{- if .Values.global.acs.enabled }}\n- name: APP_CONFIG_ECM_HOST\n value: '{{ template \"alfresco-process-infrastructure.acs-url\" . }}'\n{{- end }}"` | | -| alfresco-admin-app.image.pullPolicy | string | `"Always"` | | +| alfresco-admin-app.image.pullPolicy | string | `"IfNotPresent"` | | | alfresco-admin-app.image.repository | string | `"quay.io/alfresco/alfresco-admin-app"` | | -| alfresco-admin-app.image.tag | string | `"7.1.0-A13"` | | +| alfresco-admin-app.image.tag | string | `"7.1.0-M11"` | | | alfresco-admin-app.ingress.hostName | string | `nil` | | | alfresco-admin-app.ingress.path | string | `"/admin"` | | | alfresco-admin-app.nameOverride | string | `"alfresco-admin-app"` | | @@ -48,8 +48,8 @@ Kubernetes: `>=1.15.0-0` | alfresco-deployment-service.applications.connectors.emailConnector.port | string | `""` | email port | | alfresco-deployment-service.applications.connectors.emailConnector.username | string | `""` | email username | | alfresco-deployment-service.applications.database.external | bool | `true` | | -| alfresco-deployment-service.applications.image.pullPolicy | string | `"Always"` | default pull policy for all images used in application | -| alfresco-deployment-service.applications.image.tag | string | `"7.1.0-A13"` | default tag for all images used in application | +| alfresco-deployment-service.applications.image.pullPolicy | string | `"IfNotPresent"` | default pull policy for all images used in application | +| alfresco-deployment-service.applications.image.tag | string | `"7.1.0-M11"` | default tag for all images used in application | | alfresco-deployment-service.applications.maxNumber | int | 20 applications can be deployed by default | maximum number of application can be deployed | | alfresco-deployment-service.applications.processStorageService.clientSecret | string | `"08102f0f-025c-4226-8a3e-674343bff231"` | client secret for process storage | | alfresco-deployment-service.applications.rabbitmq.admin.url | string | `""` | RabbitMQ admin URL, derived from host if not set | @@ -64,9 +64,9 @@ Kubernetes: `>=1.15.0-0` | alfresco-deployment-service.extraInitContainers | string | `"{{- if not .Values.db.uri }}\n- name: wait-for-postgresql\n image: {{ .Values.init.image.repository }}:{{ .Values.init.image.tag }}\n imagePullPolicy: {{ .Values.init.image.pullPolicy }}\n command:\n - sh\n - -c\n - |-\n until printf \".\" && nc -z -w 2 {{ .Release.Name }}-{{ .Values.postgres.name }}.{{ .Release.Namespace }} {{ .Values.postgres.port }}; do\n sleep 2;\n done;\n echo 'PostgreSQL OK ✓'\n{{- end }}"` | | | alfresco-deployment-service.extraVolumeMounts | string | `"- name: license\n mountPath: \"/root/.activiti/enterprise-license/\"\n readOnly: true"` | | | alfresco-deployment-service.extraVolumes | string | `"- name: config\n configMap:\n name: {{ .Release.Name }}-deployment-config\n defaultMode: 0744\n- name: license\n secret:\n secretName: licenseaps"` | | -| alfresco-deployment-service.image.pullPolicy | string | `"Always"` | | +| alfresco-deployment-service.image.pullPolicy | string | `"IfNotPresent"` | | | alfresco-deployment-service.image.repository | string | `"quay.io/alfresco/alfresco-deployment-service"` | | -| alfresco-deployment-service.image.tag | string | `"7.1.0-A13"` | | +| alfresco-deployment-service.image.tag | string | `"7.1.0-M11"` | | | alfresco-deployment-service.ingress.enabled | bool | `true` | | | alfresco-deployment-service.ingress.path | string | `"/deployment-service"` | | | alfresco-deployment-service.nameOverride | string | `"alfresco-deployment-service"` | | @@ -292,9 +292,9 @@ Kubernetes: `>=1.15.0-0` | alfresco-modeling-app.env.APP_CONFIG_BPM_HOST | string | `"{{ include \"common.gateway-url\" . }}"` | | | alfresco-modeling-app.env.APP_CONFIG_ECM_HOST | string | `"{{ template \"alfresco-process-infrastructure.acs-url\" . }}"` | | | alfresco-modeling-app.env.APP_CONFIG_IDENTITY_HOST | string | `"{{ include \"common.keycloak-url\" . }}/admin/realms/{{ include \"common.keycloak-realm\" . }}"` | | -| alfresco-modeling-app.image.pullPolicy | string | `"Always"` | | +| alfresco-modeling-app.image.pullPolicy | string | `"IfNotPresent"` | | | alfresco-modeling-app.image.repository | string | `"quay.io/alfresco/alfresco-modeling-app"` | | -| alfresco-modeling-app.image.tag | string | `"7.1.0-A13"` | | +| alfresco-modeling-app.image.tag | string | `"7.1.0-M11"` | | | alfresco-modeling-app.ingress.path | string | `"/modeling"` | | | alfresco-modeling-app.nameOverride | string | `"alfresco-modeling-app"` | | | alfresco-modeling-service.activiti.keycloak.clientPassword | string | `"client"` | activiti keycloak client password | @@ -305,9 +305,9 @@ Kubernetes: `>=1.15.0-0` | alfresco-modeling-service.extraEnv | string | `"- name: SERVER_PORT\n value: \"8080\"\n- name: SERVER_USEFORWARDHEADERS\n value: \"true\"\n- name: SERVER_TOMCAT_INTERNALPROXIES\n value: \".*\"\n- name: MANAGEMENT_ENDPOINTS_WEB_EXPOSURE_INCLUDE\n value: \"*\"\n- name: CONTENT_CLIENT_ID\n value: \"{{ .Values.content.client.id }}\"\n- name: CONTENT_CLIENT_SECRET\n value: \"{{ .Values.content.client.secret }}\"\n- name: CONTENT_SERVICE_URL\n value: '{{ template \"alfresco-process-infrastructure.acs-url\" . }}'\n- name: CONTENT_SERVICE_PATH\n value: \"{{ .Values.content.service.path }}\"\n{{- with .Values.activiti.keycloak.clientPassword }}\n- name: ACTIVITI_KEYCLOAK_CLIENT_PASSWORD\n value: \"{{ . }}\"\n{{- end }}"` | | | alfresco-modeling-service.extraVolumeMounts | string | `"- name: license\n mountPath: \"/root/.activiti/enterprise-license/\"\n readOnly: true"` | | | alfresco-modeling-service.extraVolumes | string | `"- name: license\n secret:\n secretName: licenseaps"` | | -| alfresco-modeling-service.image.pullPolicy | string | `"Always"` | | +| alfresco-modeling-service.image.pullPolicy | string | `"IfNotPresent"` | | | alfresco-modeling-service.image.repository | string | `"quay.io/alfresco/alfresco-modeling-service"` | | -| alfresco-modeling-service.image.tag | string | `"7.1.0-A13"` | | +| alfresco-modeling-service.image.tag | string | `"7.1.0-M11"` | | | alfresco-modeling-service.ingress.annotations."nginx.ingress.kubernetes.io/rewrite-target" | string | `"/$1"` | | | alfresco-modeling-service.ingress.enabled | bool | `true` | | | alfresco-modeling-service.ingress.path | string | `""` | | diff --git a/helm/alfresco-process-infrastructure/requirements.yaml b/helm/alfresco-process-infrastructure/requirements.yaml index 483a412ec..469ea747f 100644 --- a/helm/alfresco-process-infrastructure/requirements.yaml +++ b/helm/alfresco-process-infrastructure/requirements.yaml @@ -8,7 +8,7 @@ dependencies: condition: alfresco-identity-service.enabled - name: alfresco-process-springboot-service alias: alfresco-modeling-service - version: 7.1.0-M12 + version: 7.1.0-M11 repository: https://kubernetes-charts.alfresco.com/incubator condition: alfresco-modeling-service.enabled - name: postgresql @@ -21,16 +21,16 @@ dependencies: condition: rabbitmq.enabled - name: alfresco-adf-app alias: alfresco-modeling-app - version: 7.1.0-M12 + version: 7.1.0-M11 repository: https://kubernetes-charts.alfresco.com/incubator condition: alfresco-modeling-app.enabled - name: alfresco-process-springboot-service alias: alfresco-deployment-service - version: 7.1.0-M12 + version: 7.1.0-M11 repository: https://kubernetes-charts.alfresco.com/incubator condition: alfresco-deployment-service.enabled - name: alfresco-adf-app alias: alfresco-admin-app - version: 7.1.0-M12 + version: 7.1.0-M11 repository: https://kubernetes-charts.alfresco.com/incubator condition: alfresco-admin-app.enabled diff --git a/helm/alfresco-process-infrastructure/values.yaml b/helm/alfresco-process-infrastructure/values.yaml index e4c87ff57..54d003b0c 100644 --- a/helm/alfresco-process-infrastructure/values.yaml +++ b/helm/alfresco-process-infrastructure/values.yaml @@ -397,8 +397,8 @@ alfresco-modeling-service: readOnly: true image: repository: quay.io/alfresco/alfresco-modeling-service - tag: 7.1.0-A13 - pullPolicy: Always + tag: 7.1.0-M11 + pullPolicy: IfNotPresent postgres: enabled: true name: postgresql @@ -446,8 +446,8 @@ alfresco-modeling-app: path: /modeling image: repository: quay.io/alfresco/alfresco-modeling-app - tag: 7.1.0-A13 - pullPolicy: Always + tag: 7.1.0-M11 + pullPolicy: IfNotPresent env: APP_CONFIG_AUTH_TYPE: OAUTH APP_CONFIG_ECM_HOST: '{{ template "alfresco-process-infrastructure.acs-url" . }}' @@ -461,8 +461,8 @@ alfresco-deployment-service: enabled: false image: repository: quay.io/alfresco/alfresco-deployment-service - tag: 7.1.0-A13 - pullPolicy: Always + tag: 7.1.0-M11 + pullPolicy: IfNotPresent postgres: # workaround to use the namespace qualified postgres hostname enabled: false @@ -472,9 +472,9 @@ alfresco-deployment-service: applications: image: # alfresco-deployment-service.applications.image.tag -- default tag for all images used in application - tag: 7.1.0-A13 + tag: 7.1.0-M11 # alfresco-deployment-service.applications.image.pullPolicy -- default pull policy for all images used in application - pullPolicy: Always + pullPolicy: IfNotPresent maxNumber: 20 # alfresco-deployment-service.applications.maxNumber -- maximum number of application can be deployed # @default -- 20 applications can be deployed by default @@ -665,8 +665,8 @@ alfresco-admin-app: path: /admin image: repository: quay.io/alfresco/alfresco-admin-app - tag: 7.1.0-A13 - pullPolicy: Always + tag: 7.1.0-M11 + pullPolicy: IfNotPresent applications: allowCustomResources: true env: diff --git a/values-registry.tmpl b/values-registry.tmpl deleted file mode 100644 index 8d6df9cb6..000000000 --- a/values-registry.tmpl +++ /dev/null @@ -1,49 +0,0 @@ -alfresco-admin-app: - image: - repository: ${DOCKER_REGISTRY}/quay.io/alfresco/alfresco-admin-app - tag: "${AAE_TAG}" - -alfresco-deployment-service: - image: - repository: ${DOCKER_REGISTRY}/quay.io/alfresco/alfresco-deployment-service - tag: "${AAE_TAG}" - init: - image: - repository: ${DOCKER_REGISTRY}/alpine - tag: "${ALPINE_TAG}" - extraInit: - image: - repository: ${DOCKER_REGISTRY}/bitnami/minideb-extras - tag: "${MINIDEB_EXTRAS_TAG}" - -alfresco-modeling-app: - image: - repository: ${DOCKER_REGISTRY}/quay.io/alfresco/alfresco-modeling-app - tag: "${AAE_TAG}" - -alfresco-modeling-service: - image: - repository: ${DOCKER_REGISTRY}/quay.io/alfresco/alfresco-modeling-service - tag: "${AAE_TAG}" - init: - image: - repository: ${DOCKER_REGISTRY}/alpine - tag: "${ALPINE_TAG}" - -postgresql: - image: ${DOCKER_REGISTRY}/postgres - imageTag: "${POSTGRES_TAG}" - -alfresco-identity-service: - keycloak: - init: - image: - repository: ${DOCKER_REGISTRY}/alpine - tag: "${ALPINE_TAG}" - keycloak: - image: - repository: ${DOCKER_REGISTRY}/jboss/keycloak - tag: "${KEYCLOAK_TAG}" - postgresql: - image: ${DOCKER_REGISTRY}/postgres - imageTag: "${POSTGRES_TAG}"