♻️ Get rds url from secret rather than hard coding (#85)

* update values for opensearch * add makefile +chart changes * Update values.yaml * Update values.yaml * update makefile * Update values.yaml * Update values.yaml * Update values.yaml * vars * Update values.yaml * Update values.yaml * images * config map * Revert "config map" This reverts commit d326d03fb58771365f496b6eafc089609e3de561. * Reapply "config map" This reverts commit a3b1c2cc2e80811e3312c0e7ff69d4338251a9dc. * config map * images * Squashed commit of the following: commit 942386b Merge: d32bca0 545ec88 Author: George Taylor <[email protected]> Date: Tue Jul 16 15:03:01 2024 +0100 Merge pull request #75 from ministryofjustice/fix-ingress-share-real Revert share ingress to dedicated hostname + enable redirect to /share commit 545ec88 Author: George Taylor <[email protected]> Date: Tue Jul 16 13:15:37 2024 +0100 redirect to /share commit d32bca0 Merge: d498d90 374e7a7 Author: George Taylor <[email protected]> Date: Tue Jul 16 11:23:05 2024 +0100 Merge pull request #74 from ministryofjustice/remove-share-sub-domain Remove share subdomain commit 374e7a7 Author: George Taylor <[email protected]> Date: Tue Jul 16 11:21:18 2024 +0100 remove share subdomain commit d498d90 Merge: 03d9a01 91137dd Author: George Taylor <[email protected]> Date: Thu Jul 11 15:36:49 2024 +0100 Merge pull request #73 from ministryofjustice/workflow-changes Update cloud-platform-deploy-release.yml commit 91137dd Author: George Taylor <[email protected]> Date: Thu Jul 11 15:35:57 2024 +0100 Update cloud-platform-deploy-release.yml commit 03d9a01 Merge: 015e99c 5911dd7 Author: George Taylor <[email protected]> Date: Thu Jul 11 15:09:57 2024 +0100 Merge pull request #72 from ministryofjustice/add-airflow-ips chore: Add templated directory to .gitignore and update IP whitelist in values files commit 5911dd7 Author: George Taylor <[email protected]> Date: Thu Jul 11 15:08:14 2024 +0100 chore: Add templated directory to .gitignore and update IP whitelist in values files commit 015e99c Merge: c4d030e 9bcace2 Author: Prem Basumatary <[email protected]> Date: Fri Jul 5 09:10:27 2024 +0100 Merge pull request #71 from ministryofjustice/NIT-1305-custom-scaling-times NIT-1305 fix error in script commit 9bcace2 Author: Prem Basumatary <[email protected]> Date: Fri Jul 5 09:03:12 2024 +0100 NIT-1305 fix error in script * Update ingress-share.yaml * vals * kustomize base * ingress * setup makefiel * ingress poc patches * correct poc ingress * Update values.yaml * update for helm values mergign * updates * kustomization base * rearrange patching for ingress to repeat less * fix ingress patching with allow list * :fire: remove alf charts * rename values files * :fire: disable reindexing job from helm values * :sparkles: Uncouple the reindexing job from the main helm charts tidy * set helm values dynamically * Update makefile
ministryofjustice · Aug 9, 2024 · 403230e · 403230e
1 parent f168d7a
commit 403230e
Show file tree

Hide file tree

Showing 6 changed files with 14 additions and 15 deletions.
diff --git a/kustomize/base/patch-ingress-repository.yaml b/kustomize/base/patch-ingress-repository.yaml
@@ -2,7 +2,6 @@ apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
   name: delius-alfresco-cs-repository
-  name: alfresco-content-services-alfresco-cs-repository
   annotations:
     external-dns.alpha.kubernetes.io/aws-weight: "100"
     kubernetes.io/ingress.class: default

diff --git a/kustomize/base/values.yaml b/kustomize/base/values.yaml
@@ -1111,7 +1111,7 @@ global:
   elasticsearch:
     # -- The host where service is available. The provided default is for when
     # elasticsearch.enabled is true
-    host: opensearch-proxy-service-cloud-platform-62a206e0.hmpps-delius-alfrsco-poc.svc.cluster.local
+    host: null
     # -- The port where service is available
     port: 8080
     # -- Valid values are http or https

diff --git a/kustomize/dev/values.yaml b/kustomize/dev/values.yaml
@@ -3,8 +3,6 @@ repository:
   replicaCount: 2
 share:
   replicaCount: 1
-database:
-  url: jdbc:postgresql://cloud-platform-9a95f5dfd5d72b23.cdwm328dlye6.eu-west-2.rds.amazonaws.com:5432/alfresco
 externalHost: hmpps-delius-alfresco-dev.apps.live.cloud-platform.service.justice.gov.uk
 externalProtocol: https
 externalPort: 443
diff --git a/kustomize/poc/patch-ingress-repository.yaml b/kustomize/poc/patch-ingress-repository.yaml
@@ -4,6 +4,7 @@ metadata:
   name: delius-alfresco-cs-repository
   annotations:
     external-dns.alpha.kubernetes.io/set-identifier: delius-alfresco-cs-repository-hmpps-delius-alfrsco-poc-green
+    nginx.ingress.kubernetes.io/whitelist-source-range: "placeholder"
     nginx.ingress.kubernetes.io/whitelist-source-range: placeholder
 spec:
   rules:

diff --git a/kustomize/poc/values.yaml b/kustomize/poc/values.yaml
@@ -3,8 +3,6 @@ repository:
   replicaCount: 1
 share:
   replicaCount: 1
-database:
-  url: jdbc:postgresql://cloud-platform-f05612b0b7cdbf33.cdwm328dlye6.eu-west-2.rds.amazonaws.com:5432/alfresco
 externalHost: hmpps-delius-alfrsco-poc.apps.live.cloud-platform.service.justice.gov.uk
 externalProtocol: https
 externalPort: 443
diff --git a/makefile b/makefile
@@ -3,6 +3,9 @@ CHART_NAME := delius
 DEBUG := false
 ATOMIC := true
 
+# Environment variable (ensure this is set or default it)
+ENV ?= poc
+
 # Helm upgrade/install command
 helm_upgrade:
 	$(eval BUCKET_NAME := $(shell kubectl get secrets s3-bucket-output -o jsonpath='{.data.BUCKET_NAME}' | base64 -d))
@@ -12,31 +15,31 @@ helm_upgrade:
 		NAMESPACE=hmpps-delius-alfresco-$(ENV); \
 	fi; \
 	echo "Using namespace: $${NAMESPACE}"; \
+	DEBUG_FLAG=""; \
+	HELM_POST_RENDERER_ARGS="-d false"; \
 	if [ "$(DEBUG)" = "true" ]; then \
 		DEBUG_FLAG="--debug"; \
 		HELM_POST_RENDERER_ARGS="-d true"; \
-	else \
-		DEBUG_FLAG=""; \
-		HELM_POST_RENDERER_ARGS="-d false"; \
 	fi; \
+	ATOMIC_FLAG=""; \
 	if [ "$(ATOMIC)" = "true" ]; then \
 		ATOMIC_FLAG="--atomic"; \
-	else \
-		ATOMIC_FLAG=""; \
 	fi; \
 	echo "BUCKET_NAME: $(BUCKET_NAME)"; \
 	cd ./kustomize/$${ENV}; \
     extracted=$$(yq 'join(",")' ./allowlist.yaml); \
-    echo "Whitelist: $$extracted"; \
-    export extracted=$$extracted; \
+    echo "Whitelist: $${extracted}"; \
     yq '.metadata.annotations."nginx.ingress.kubernetes.io/whitelist-source-range" = strenv(extracted)' -i ./patch-ingress-repository.yaml; \
     yq '.metadata.annotations."nginx.ingress.kubernetes.io/whitelist-source-range" = strenv(extracted)' -i ./patch-ingress-share.yaml; \
     helm repo add alfresco https://kubernetes-charts.alfresco.com/stable --force-update; \
 	helm upgrade --install $(CHART_NAME) alfresco/alfresco-content-services --version 6.0.2 --namespace $${NAMESPACE} \
 	--values=../base/values.yaml --values=./values.yaml \
 	--set s3connector.config.bucketName=$(BUCKET_NAME) \
-    --wait --timeout=20m \
-	--post-renderer ../kustomizer.sh --post-renderer-args "$${HELM_POST_RENDERER_ARGS}"; \
+	--set database.url=$$(kubectl get secrets rds-instance-output -o json | jq -r ".data | map_values(@base64d) | .RDS_JDBC_URL") \
+        --set global.elasticsearch.host=$$(kubectl get svc | grep 'opensearch-proxy-service-cloud-platform' | awk '{print $$1}').$${NAMESPACE}.svc.cluster.local \
+        --wait --timeout=20m \
+	--post-renderer ../kustomizer.sh --post-renderer-args "$${HELM_POST_RENDERER_ARGS}" \
+	$${DEBUG_FLAG} $${ATOMIC_FLAG}; \
 	yq '.metadata.annotations."nginx.ingress.kubernetes.io/whitelist-source-range" = "placeholder"' -i ./patch-ingress-repository.yaml; \
 	yq '.metadata.annotations."nginx.ingress.kubernetes.io/whitelist-source-range" = "placeholder"' -i ./patch-ingress-share.yaml