diff --git a/.github/workflows/chart-lint-publish.yml b/.github/workflows/chart-lint-publish.yml index 878861a9d65..c8d6ba3bd31 100644 --- a/.github/workflows/chart-lint-publish.yml +++ b/.github/workflows/chart-lint-publish.yml @@ -37,10 +37,9 @@ on: - 1.* - 0.* - develop - - MOSIP* - release* paths: - - './helm/**' + - 'helm/**' jobs: chart-lint-publish: @@ -57,6 +56,7 @@ jobs: LINTING_LINTCONF_YAML_URL: "https://raw.githubusercontent.com/mosip/kattu/master/.github/helm-lint-configs/lintconf.yaml" LINTING_CHART_TESTING_CONFIG_YAML_URL: "https://raw.githubusercontent.com/mosip/kattu/master/.github/helm-lint-configs/chart-testing-config.yaml" LINTING_HEALTH_CHECK_SCHEMA_YAML_URL: "https://raw.githubusercontent.com/mosip/kattu/master/.github/helm-lint-configs/health-check-schema.yaml" + DEPENDENCIES: "mosip,https://mosip.github.io/mosip-helm;" secrets: TOKEN: ${{ secrets.ACTION_PAT }} SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} diff --git a/deploy/README.md b/deploy/README.md index 67984445fbc..23d6e4aa675 100644 --- a/deploy/README.md +++ b/deploy/README.md @@ -4,7 +4,6 @@ ``` ./install.sh ``` - ## Admin proxy Admin service accesses other services like Materdata and Keymanager and currently there is only one URL that is used to connect to both these services. This will get fixed in future versions, but as a an interim solution, Admin Proxy docker has been created, which is basically an Nginx proxy connecting to the above services with these URLs: ``` diff --git a/deploy/copy_cm.sh b/deploy/copy_cm.sh index 3dde9b90d39..3ea1d8b99eb 100755 --- a/deploy/copy_cm.sh +++ b/deploy/copy_cm.sh @@ -3,9 +3,12 @@ # DST_NS: Destination namespace function copying_cm() { + UTIL_URL=https://github.com/mosip/mosip-infra/blob/master/deployment/v3/utils/copy_cm_func.sh COPY_UTIL=./copy_cm_func.sh DST_NS=admin + wget -q $UTIL_URL -O copy_cm_func.sh && chmod +x copy_cm_func.sh + $COPY_UTIL configmap global default $DST_NS $COPY_UTIL configmap artifactory-share artifactory $DST_NS $COPY_UTIL configmap config-server-share config-server $DST_NS diff --git a/deploy/copy_cm_func.sh b/deploy/copy_cm_func.sh deleted file mode 100755 index 185ae3e5f4a..00000000000 --- a/deploy/copy_cm_func.sh +++ /dev/null @@ -1,33 +0,0 @@ -#!/bin/bash -# Copy configmap and secret from one namespace to another. -# ./copy_cm_func.sh [name] -# Parameters: -# resource: configmap|secret -# name: Optional new name of the configmap or secret in destination namespace. This may be needed if there is -# clash of names - -if [ $1 = "configmap" ] -then - RESOURCE=configmap -elif [ $1 = "secret" ] -then - RESOURCE=secret -else - echo "Incorrect resource $1. Exiting.." - exit 1 -fi - - -if [ $# -ge 5 ] -then - kubectl -n $4 delete --ignore-not-found=true $RESOURCE $5 - kubectl -n $3 get $RESOURCE $2 -o yaml | sed "s/namespace: $3/namespace: $4/g" | sed "s/name: $2/name: $5/g" | kubectl -n $4 create -f - -else - kubectl -n $4 delete --ignore-not-found=true $RESOURCE $2 - kubectl -n $3 get $RESOURCE $2 -o yaml | sed "s/namespace: $3/namespace: $4/g" | kubectl -n $4 create -f - -fi - - - - - diff --git a/deploy/copy_cm_kernel.sh b/deploy/copy_cm_kernel.sh new file mode 100755 index 00000000000..87442932e2a --- /dev/null +++ b/deploy/copy_cm_kernel.sh @@ -0,0 +1,25 @@ +#!/bin/bash +# Copy configmaps from other namespaces +# DST_NS: Destination namespace + +function copying_cm() { + UTIL_URL=https://github.com/mosip/mosip-infra/blob/master/deployment/v3/utils/copy_cm_func.sh + COPY_UTIL=./copy_cm_func.sh + DST_NS=kernel + + wget -q $UTIL_URL -O copy_cm_func.sh && chmod +x copy_cm_func.sh + + $COPY_UTIL configmap global default $DST_NS + $COPY_UTIL configmap artifactory-share artifactory $DST_NS + $COPY_UTIL configmap config-server-share config-server $DST_NS + return 0 +} + +# set commands for error handling. +set -e +set -o errexit ## set -e : exit the script if any statement returns a non-true return value +set -o nounset ## set -u : exit the script if you try to use an uninitialised variable +set -o errtrace # trace ERR through 'time command' and other functions +set -o pipefail # trace ERR through pipes +copying_cm # calling function + diff --git a/deploy/delete.sh b/deploy/delete.sh index 0e4225aaac2..6909e955c00 100755 --- a/deploy/delete.sh +++ b/deploy/delete.sh @@ -12,10 +12,11 @@ function deleting_admin() { read -p "Are you sure you want to delete ALL Admin helm charts?(Y/n) " yn if [ $yn = "Y" ] then - kubectl delete -n $NS -f admin-proxy.yaml + kubectl delete -n $NS -f admin-proxy.yaml helm -n $NS delete admin-hotlist helm -n $NS delete admin-service - helm -n $NS delete admin-ui + helm -n $KNS delete otpmanager + helm -n $KNS delete masterdata break else break @@ -30,4 +31,4 @@ set -o errexit ## set -e : exit the script if any statement returns a non-true set -o nounset ## set -u : exit the script if you try to use an uninitialised variable set -o errtrace # trace ERR through 'time command' and other functions set -o pipefail # trace ERR through pipes -deleting_admin # calling function \ No newline at end of file +deleting_admin # calling function diff --git a/deploy/install.sh b/deploy/install.sh index e59847f1e38..c8dfc9e1cec 100755 --- a/deploy/install.sh +++ b/deploy/install.sh @@ -8,9 +8,7 @@ if [ $# -ge 1 ] ; then fi NS=admin -NS_KERNEL=kernel -CHART_VERSION=12.1.0 -ADMIN_UI_CHART_VERSION=12.0.1 +CHART_VERSION=12.1.0-develop echo Create $NS namespace kubectl create ns $NS @@ -30,26 +28,24 @@ function installing_admin() { echo Installing Admin-Proxy into Masterdata and Keymanager. kubectl -n $NS apply -f admin-proxy.yaml + ADMIN_HOST=$(kubectl get cm global -o jsonpath={.data.mosip-admin-host}) + echo Installing masterdata and allowing Admin UI to access masterdata services. + helm -n $KNS install masterdata mosip/masterdata --set istio.corsPolicy.allowOrigins\[0\].exact=https://$ADMIN_HOST --version $CHART_VERSION + + echo Installing syncdata + helm -n $KNS install syncdata mosip/syncdata --version $CHART_VERSION + echo Installing admin hotlist service. helm -n $NS install admin-hotlist mosip/admin-hotlist --version $CHART_VERSION echo Installing admin service. Will wait till service gets installed. helm -n $NS install admin-service mosip/admin-service --set istio.corsPolicy.allowOrigins\[0\].prefix=https://$ADMIN_HOST --wait --version $CHART_VERSION - echo Installing admin-ui - helm -n $NS install admin-ui mosip/admin-ui --set admin.apiUrl=https://$API_HOST/v1/ --set istio.hosts\[0\]=$ADMIN_HOST --version $ADMIN_UI_CHART_VERSION - kubectl -n $NS get deploy -o name | xargs -n1 -t kubectl -n $NS rollout status echo Installed admin services echo "Admin portal URL: https://$ADMIN_HOST/admin-ui/" - - echo Installing masterdata and allowing Admin UI to access masterdata services. - helm -n $NS_KERNEL install masterdata mosip/masterdata --set istio.corsPolicy.allowOrigins\[0\].exact=https://$ADMIN_HOST --version $CHART_VERSION - - echo Installing syncdata - helm -n $NS_KERNEL install syncdata mosip/syncdata --version $CHART_VERSION return 0 } diff --git a/helm/admin-hotlist/Chart.yaml b/helm/admin-hotlist/Chart.yaml index d63b40a1105..fa0af552e5a 100644 --- a/helm/admin-hotlist/Chart.yaml +++ b/helm/admin-hotlist/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: admin-hotlist description: A Helm chart for MOSIP Admin Hotlist type: application -version: 12.1.0 +version: 12.1.0-develop appVersion: "" dependencies: - name: common diff --git a/helm/admin-hotlist/templates/clusterrolebinding.yaml b/helm/admin-hotlist/templates/clusterrolebinding.yaml deleted file mode 100644 index 443ca8e924e..00000000000 --- a/helm/admin-hotlist/templates/clusterrolebinding.yaml +++ /dev/null @@ -1,19 +0,0 @@ -kind: ClusterRoleBinding -apiVersion: {{ include "common.capabilities.rbac.apiVersion" . }} -metadata: - labels: {{- include "common.labels.standard" . | nindent 4 }} - {{- if .Values.commonLabels }} - {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- end }} - name: {{ template "common.names.fullname" . }} - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: {{ template "common.names.fullname" . }} -subjects: - - kind: ServiceAccount - name: {{ template "admin-hotlist.serviceAccountName" . }} - namespace: {{ .Release.Namespace }} diff --git a/helm/admin-hotlist/values.yaml b/helm/admin-hotlist/values.yaml index 53297b8bec0..f279918baeb 100644 --- a/helm/admin-hotlist/values.yaml +++ b/helm/admin-hotlist/values.yaml @@ -52,7 +52,7 @@ service: image: registry: docker.io repository: mosipid/hotlist-service - tag: 1.2.1.0 + tag: 1.2.0.1 ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' diff --git a/helm/admin-service/Chart.yaml b/helm/admin-service/Chart.yaml index 12c30e721fc..f9c5b8b00a3 100644 --- a/helm/admin-service/Chart.yaml +++ b/helm/admin-service/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: admin-service description: A Helm chart for MOSIP Admin module type: application -version: 12.1.0 +version: 12.1.0-develop appVersion: "" dependencies: - name: common diff --git a/helm/admin-service/templates/clusterrolebinding.yaml b/helm/admin-service/templates/clusterrolebinding.yaml deleted file mode 100644 index 25ca93ae85b..00000000000 --- a/helm/admin-service/templates/clusterrolebinding.yaml +++ /dev/null @@ -1,19 +0,0 @@ -kind: ClusterRoleBinding -apiVersion: {{ include "common.capabilities.rbac.apiVersion" . }} -metadata: - labels: {{- include "common.labels.standard" . | nindent 4 }} - {{- if .Values.commonLabels }} - {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- end }} - name: {{ template "common.names.fullname" . }} - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: {{ template "common.names.fullname" . }} -subjects: - - kind: ServiceAccount - name: {{ template "admin-service.serviceAccountName" . }} - namespace: {{ .Release.Namespace }} diff --git a/helm/admin-service/values.yaml b/helm/admin-service/values.yaml index d634bda3ff5..6346d36bf81 100644 --- a/helm/admin-service/values.yaml +++ b/helm/admin-service/values.yaml @@ -52,7 +52,7 @@ service: image: registry: docker.io repository: mosipid/admin-service - tag: 1.2.1.0 + tag: 1.2.0.1 ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' diff --git a/helm/masterdata/Chart.yaml b/helm/masterdata/Chart.yaml index ec14c52b4b5..bda1d633992 100644 --- a/helm/masterdata/Chart.yaml +++ b/helm/masterdata/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: masterdata description: A Helm chart for MOSIP Masterdata module type: application -version: 12.1.0 +version: 12.1.0-develop appVersion: "" dependencies: - name: common diff --git a/helm/masterdata/templates/clusterrolebinding.yaml b/helm/masterdata/templates/clusterrolebinding.yaml deleted file mode 100644 index 90065c68a93..00000000000 --- a/helm/masterdata/templates/clusterrolebinding.yaml +++ /dev/null @@ -1,19 +0,0 @@ -kind: ClusterRoleBinding -apiVersion: {{ include "common.capabilities.rbac.apiVersion" . }} -metadata: - labels: {{- include "common.labels.standard" . | nindent 4 }} - {{- if .Values.commonLabels }} - {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- end }} - name: {{ template "common.names.fullname" . }} - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: {{ template "common.names.fullname" . }} -subjects: - - kind: ServiceAccount - name: {{ template "masterdata.serviceAccountName" . }} - namespace: {{ .Release.Namespace }} diff --git a/helm/masterdata/values.yaml b/helm/masterdata/values.yaml index 5de1f62c1ef..3f5b12b6fa2 100644 --- a/helm/masterdata/values.yaml +++ b/helm/masterdata/values.yaml @@ -53,7 +53,7 @@ service: image: registry: docker.io repository: mosipid/kernel-masterdata-service - tag: 1.2.1.0 + tag: 1.2.0.1 ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' ## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images diff --git a/helm/syncdata/Chart.yaml b/helm/syncdata/Chart.yaml index cb7bfcf4f9f..9d5cec33c3e 100644 --- a/helm/syncdata/Chart.yaml +++ b/helm/syncdata/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: syncdata description: A Helm chart for MOSIP Syncdata module type: application -version: 12.1.0 +version: 12.1.0-develop appVersion: "" dependencies: - name: common diff --git a/helm/syncdata/templates/clusterrolebinding.yaml b/helm/syncdata/templates/clusterrolebinding.yaml deleted file mode 100644 index 06e8b0887f1..00000000000 --- a/helm/syncdata/templates/clusterrolebinding.yaml +++ /dev/null @@ -1,19 +0,0 @@ -kind: ClusterRoleBinding -apiVersion: {{ include "common.capabilities.rbac.apiVersion" . }} -metadata: - labels: {{- include "common.labels.standard" . | nindent 4 }} - {{- if .Values.commonLabels }} - {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- end }} - name: {{ template "common.names.fullname" . }} - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: {{ template "common.names.fullname" . }} -subjects: - - kind: ServiceAccount - name: {{ template "syncdata.serviceAccountName" . }} - namespace: {{ .Release.Namespace }} diff --git a/helm/syncdata/values.yaml b/helm/syncdata/values.yaml index bf119e528a2..2bf7cdf5004 100644 --- a/helm/syncdata/values.yaml +++ b/helm/syncdata/values.yaml @@ -53,7 +53,7 @@ service: image: registry: docker.io repository: mosipid/kernel-syncdata-service - tag: 1.2.1.0 + tag: 1.2.0.1 ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' ## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images