diff --git a/docs/helm_chart/.gitignore b/docs/helm_chart/.gitignore deleted file mode 100644 index 616f649b..00000000 --- a/docs/helm_chart/.gitignore +++ /dev/null @@ -1,3 +0,0 @@ -*values.yaml -/.idea -deploy.sh diff --git a/docs/helm_chart/Chart.yaml b/docs/helm_chart/Chart.yaml deleted file mode 100644 index 417e7d80..00000000 --- a/docs/helm_chart/Chart.yaml +++ /dev/null @@ -1,24 +0,0 @@ -apiVersion: v2 -name: opal -description: A Helm chart for deploying the OPAL application in Kubernetes - -# A chart can be either an 'application' or a 'library' chart. -# -# Application charts are a collection of templates that can be packaged into versioned archives -# to be deployed. -# -# Library charts provide useful utilities or functions for the chart developer. They're included as -# a dependency of application charts to inject those utilities and functions into the rendering -# pipeline. Library charts do not define any templates and therefore cannot be deployed. -type: application - -# This is the chart version. This version number should be incremented each time you make changes -# to the chart and its templates, including the app version. -# Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.1.1 - -# This is the version number of the application being deployed. This version number should be -# incremented each time you make changes to the application. Versions are not expected to -# follow Semantic Versioning. They should reflect the version the application is using. -# It is recommended to use it with quotes. -appVersion: "2" diff --git a/docs/helm_chart/templates/opal-db-postgres-persistent-volume.yaml b/docs/helm_chart/templates/opal-db-postgres-persistent-volume.yaml deleted file mode 100644 index f649caf7..00000000 --- a/docs/helm_chart/templates/opal-db-postgres-persistent-volume.yaml +++ /dev/null @@ -1,29 +0,0 @@ ---- -apiVersion: v1 -kind: PersistentVolume -metadata: - annotations: - longhorn.io/volume-scheduling-error: '' - pv.kubernetes.io/bound-by-controller: 'yes' - pv.kubernetes.io/provisioned-by: driver.longhorn.io - finalizers: - - kubernetes.io/pv-protection - - external-attacher/driver-longhorn-io - name: {{ .Values.volume_name }} -spec: - accessModes: - - ReadWriteOnce - capacity: - storage: 10Gi - csi: - driver: driver.longhorn.io - fsType: ext4 - volumeAttributes: - diskSelector: '' - nodeSelector: '' - numberOfReplicas: '3' - staleReplicaTimeout: '20' - volumeHandle: {{ .Values.volume_name }} - persistentVolumeReclaimPolicy: Retain - storageClassName: longhorn-static - volumeMode: Filesystem diff --git a/docs/helm_chart/templates/opal-db-postgres-volume-claim.yaml b/docs/helm_chart/templates/opal-db-postgres-volume-claim.yaml deleted file mode 100644 index 4236b472..00000000 --- a/docs/helm_chart/templates/opal-db-postgres-volume-claim.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - labels: - app: opal-db - name: {{ .Values.volume_name }} - namespace: {{ .Values.namespace | quote }} -spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 10Gi - storageClassName: longhorn-static - volumeMode: Filesystem - volumeName: {{ .Values.volume_name }} - diff --git a/docs/helm_chart/templates/opal-db-service.yaml b/docs/helm_chart/templates/opal-db-service.yaml deleted file mode 100644 index 703b23f8..00000000 --- a/docs/helm_chart/templates/opal-db-service.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: opal-db - namespace: {{ .Values.namespace | quote }} -spec: - internalTrafficPolicy: Cluster - ports: - - port: 5432 - protocol: TCP - targetPort: 5432 - selector: - component: opal-db - sessionAffinity: None - type: ClusterIP \ No newline at end of file diff --git a/docs/helm_chart/templates/opal-db.yaml b/docs/helm_chart/templates/opal-db.yaml deleted file mode 100644 index 11b92060..00000000 --- a/docs/helm_chart/templates/opal-db.yaml +++ /dev/null @@ -1,66 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: opal-postgres-db - namespace: {{ .Values.namespace | quote }} -spec: - replicas: 1 - selector: - matchLabels: - component: opal-db - app: opal - template: - metadata: - labels: - component: opal-db - app: opal - spec: - affinity: - nodeAffinity: - requiredDuringSchedulingIgnoredDuringExecution: - nodeSelectorTerms: - - matchExpressions: - - key: node-role.kubernetes.io/control-plane - operator: DoesNotExist - containers: - - image: {{ .Values.repo.webapp }}/opal-db:{{ .Values.version }} - imagePullPolicy: Always - name: opal-db - ports: - - containerPort: 5432 - name: 5432tcp - protocol: TCP - env: - - name: POSTGRES_PASSWORD - valueFrom: - secretKeyRef: - key: POSTGRES_OPAL_PASSWORD - name: opal-passwords - - name: POSTGRES_USER - value: opal - - name: PGDATA - value: /usr/src/app/data - - name: POSTGRES_DB - value: opal - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: ["ALL"] - runAsNonRoot: true - seccompProfile: - type: "RuntimeDefault" - runAsUser: 999 - volumeMounts: - - mountPath: /usr/src/app - name: postgresdata - resources: - requests: - memory: "64Mi" - cpu: "250m" - limits: - memory: "128Mi" - cpu: "500m" - volumes: - - name: postgresdata - persistentVolumeClaim: - claimName: {{ .Values.volume_name }} \ No newline at end of file diff --git a/docs/helm_chart/templates/opal-ingress.yaml b/docs/helm_chart/templates/opal-ingress.yaml deleted file mode 100644 index b95709e0..00000000 --- a/docs/helm_chart/templates/opal-ingress.yaml +++ /dev/null @@ -1,20 +0,0 @@ -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: opal-ingress - namespace: {{ .Values.namespace | quote }} -spec: - rules: - - host: {{ .Values.hostname }} - http: - paths: - - backend: - service: - name: opal - port: - number: 80 - pathType: ImplementationSpecific - tls: - - hosts: - - {{ .Values.hostname }} - secretName: {{ .Values.tls_secret }} \ No newline at end of file diff --git a/docs/helm_chart/templates/opal-passwords.yaml b/docs/helm_chart/templates/opal-passwords.yaml deleted file mode 100644 index 376cf930..00000000 --- a/docs/helm_chart/templates/opal-passwords.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: v1 -metadata: - name: opal-passwords - namespace: {{ .Values.namespace }} -kind: Secret -type: Opaque -data: - POSTGRES_OPAL_PASSWORD: {{ .Values.secret.postgres_opal_password | b64enc | quote }} - POSTGRES_PASSWORD: {{ .Values.secret.postgres_password | b64enc | quote }} diff --git a/docs/helm_chart/templates/opal-service.yaml b/docs/helm_chart/templates/opal-service.yaml deleted file mode 100644 index a4e883d7..00000000 --- a/docs/helm_chart/templates/opal-service.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: opal - namespace: {{ .Values.namespace | quote }} -spec: - internalTrafficPolicy: Cluster - ports: - - port: 80 - protocol: TCP - targetPort: 8000 - selector: - component: opal - sessionAffinity: None - type: ClusterIP \ No newline at end of file diff --git a/docs/helm_chart/templates/opal-web.yaml b/docs/helm_chart/templates/opal-web.yaml deleted file mode 100644 index 86397269..00000000 --- a/docs/helm_chart/templates/opal-web.yaml +++ /dev/null @@ -1,94 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: opal - namespace: {{ .Values.namespace | quote }} -spec: - replicas: 1 - selector: - matchLabels: - component: opal - app: opal - template: - metadata: - labels: - component: opal - app: opal - spec: - affinity: - nodeAffinity: - requiredDuringSchedulingIgnoredDuringExecution: - nodeSelectorTerms: - - matchExpressions: - - key: node-role.kubernetes.io/control-plane - operator: DoesNotExist - containers: - - image: {{ .Values.repo.webapp }}/opal:{{ .Values.version }} - imagePullPolicy: Always - name: opal - ports: - - containerPort: 8000 - name: 8000tcp - protocol: TCP - env: - - name: ENVIRONMENT - value: {{ .Values.env }} - - name: DEBUG - value: "False" - - name: LOG_LEVEL - value: INFO - - name: HOST_NAME - value: {{ .Values.hostname }} -# - name: SECRET_KEY -# value: 20mUVZU8a-aVUoEzvWX-b5QWIvpGFQULfFhhsCdwRpE - - name: ALLOWED_HOSTS - value: {{ .Values.hostname }} - - name: SSL_ACTIVE - value: "True" - - name: ENABLE_SAML - value: '{{ .Values.saml.ENABLE_SAML }}' - - name: SAML_PROVIDERS - value: '{{ .Values.saml.SAML_PROVIDERS }}' - - name: SAML_HTTPS - value: '{{ .Values.saml.SAML_HTTPS }}' - - name: SAML_HTTP_HOST - value: '{{ .Values.saml.SAML_HTTP_HOST }}' - - name: SAML_SERVER_PORT - value: '{{ .Values.saml.SAML_SERVER_PORT }}' - - name: HTTP_PROXY - value: {{ .Values.proxy.http_proxy }} - - name: HTTPS_PROXY - value: {{ .Values.proxy.https_proxy }} - - name: DATABASE - value: postgres - - name: DB_HOST - value: opal-db - - name: DB_PORT - value: "5432" - - name: DB_USER - value: opal - - name: DB_NAME - value: opal - - name: DB_PASSWORD - valueFrom: - secretKeyRef: - key: POSTGRES_OPAL_PASSWORD - name: opal-passwords - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: ["ALL"] - runAsNonRoot: true - runAsUser: 1001 - seccompProfile: - type: "RuntimeDefault" - resources: - requests: - memory: "64Mi" - cpu: "250m" - limits: - memory: "128Mi" - cpu: "500m" - restartPolicy: Always - imagePullSecrets: - - name: harbor-secret \ No newline at end of file diff --git a/docs/k8/readme.md b/docs/k8/readme.md deleted file mode 100755 index 359fa8fa..00000000 --- a/docs/k8/readme.md +++ /dev/null @@ -1 +0,0 @@ -Helm deployment files and instructions can be found at https://github.com/eop-omb/opal-chart diff --git a/docs/other_scripts/init-user-db/init-user-db.sh b/docs/other_scripts/init-user-db/init-user-db.sh deleted file mode 100755 index 40cbc160..00000000 --- a/docs/other_scripts/init-user-db/init-user-db.sh +++ /dev/null @@ -1,8 +0,0 @@ -#!/bin/sh - -psql -U postgres <<-EOSQL - CREATE USER opal; - CREATE DATABASE opal; - GRANT ALL PRIVILEGES ON DATABASE opal TO opal; - ALTER ROLE opal WITH PASSWORD '$POSTGRES_OPAL_PASSWORD'; -EOSQL \ No newline at end of file diff --git a/docs/other_scripts/admin_scripts.py b/docs/scripts/admin_scripts.py similarity index 100% rename from docs/other_scripts/admin_scripts.py rename to docs/scripts/admin_scripts.py diff --git a/docs/other_scripts/auth_functions.py b/docs/scripts/auth_functions.py similarity index 100% rename from docs/other_scripts/auth_functions.py rename to docs/scripts/auth_functions.py diff --git a/docs/other_scripts/import_controls.py b/docs/scripts/import_controls.py similarity index 100% rename from docs/other_scripts/import_controls.py rename to docs/scripts/import_controls.py diff --git a/docs/web_app/Dockerfile_nginx b/docs/web_app/Dockerfile_nginx deleted file mode 100644 index cfe3cbbc..00000000 --- a/docs/web_app/Dockerfile_nginx +++ /dev/null @@ -1,21 +0,0 @@ -FROM python:3.12.0a3-slim - -RUN apt-get update && apt-get install nginx vim -y --no-install-recommends -COPY nginx.default /etc/nginx/sites-available/default -RUN ln -sf /dev/stdout /var/log/nginx/access.log \ - && ln -sf /dev/stderr /var/log/nginx/error.log - -RUN mkdir -p /opt/app -RUN mkdir -p /opt/app/pip_cache -RUN mkdir -p /opt/app/opal -COPY requirements.txt start-server.sh /opt/app/ -#COPY .pip_cache /opt/app/pip_cache/ -RUN git clone https:// -WORKDIR /opt/app -RUN pip install -r requirements.txt --cache-dir /opt/app/pip_cache -RUN pip install gunicorn -RUN chown -R www-data:www-data /opt/app - -EXPOSE 8000 -STOPSIGNAL SIGTERM -CMD ["/opt/app/start-server.sh"] \ No newline at end of file diff --git a/docs/web_app/start-server.sh b/docs/web_app/start-server.sh deleted file mode 100755 index 0e246fde..00000000 --- a/docs/web_app/start-server.sh +++ /dev/null @@ -1,14 +0,0 @@ -#!/usr/bin/env bash -#!/bin/bash - -set -e - -python manage.py migrate --noinput -python manage.py bootstrap --noinput -python manage.py collectstatic --noinput - -##mod_wsgi-express start-server opal/wsgi.py -#mod_wsgi-express start-server --url-alias /static static opal/wsgi.py - -(cd opal; gunicorn opal/opal.wsgi --user www-data --bind 0.0.0.0:8000 --workers 3) & -nginx -g "daemon off;" \ No newline at end of file