diff --git a/.github/workflows/site_deploy.yml b/.github/workflows/site_deploy.yml index bb9c762ebb..65d186c279 100644 --- a/.github/workflows/site_deploy.yml +++ b/.github/workflows/site_deploy.yml @@ -199,7 +199,7 @@ jobs: singularity remote login -u ${{ secrets.ACTION_USER }} -p ${{ secrets.ACTION_TOKEN }} oras://ghcr.io singularity pull $BATCH_SINGULARITY_FILENAME oras://${VCELL_REPO_NAMESPACE}/vcell-batch-singularity:${{ github.event.inputs.vcell_version }}.${{ github.event.inputs.vcell_build }} singularity pull $OPT_SINGULARITY_FILENAME oras://${VCELL_REPO_NAMESPACE}/vcell-opt-singularity:${{ github.event.inputs.vcell_version }}.${{ github.event.inputs.vcell_build }} - - name: deploy to kubernetes site + - name: deploy installers and singularity to kubernetes site if: ${{ github.event.inputs.deployment_type == 'kubernetes' }} run: | set -ux @@ -226,6 +226,19 @@ jobs: ${VCELL_MANAGER_NODE} \ ./${VCELL_CONFIG_FILE_NAME} fi + - name: Call webhook to deploy to kubernetes cluster (overlay 'stage') + if: ${{ github.event.inputs.deployment_type == 'kubernetes' }} + env: + GHCR_USERNAME: "${{ secrets.GHCR_USERNAME }}" + GHCR_TOKEN: "${{ secrets.GHCR_TOKEN }}" + BRANCH: "stage" + run: | + git_sha=$(git rev-parse --short "$GITHUB_SHA") + echo '{"ref": "main","inputs":{"overlay": "'$BRANCH'","tag":"'${{github.ref_name}}'"}}' >body + curl -X POST 'https://api.github.com/repos/virtualcell/vcell-fluxcd/actions/workflows/deploy.yml/dispatches' \ + -H 'Authorization: Bearer ${{ secrets.GHCR_TOKEN }}' \ + -H 'Content-Type: application/json' \ + --data "@body" - name: deploy to swarm site if: ${{ github.event.inputs.deployment_type == 'swarm' }} run: | diff --git a/docker/kustomize/README-Minikube.md b/docker/kustomize/README-Minikube.md deleted file mode 100644 index a4f0bd9d43..0000000000 --- a/docker/kustomize/README-Minikube.md +++ /dev/null @@ -1,161 +0,0 @@ -# local minikube config -## ArgoCD setup -according to https://argo-cd.readthedocs.io/en/stable/getting_started/ -```bash -kubectl create namespace argocd -kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml -``` - -make the following a table - - -| technology | description | -|----------------------------------------|------------------------------------------------------------------------| -| Kubespray (on prem cluster) | ArgoCD (GitOps),
Sealed Secrets,
Certificate Manager | -| Lens | nice visual tool for Kubernetes clusters | -| minikube (local dev cluster) | kubectl (manual deploy),
plain secrets,
self-signed certs | -| Kustomize | to organize k8s manifests for multiple environments | -| ArgoCD | for continuous deployment and GitOps | -| Sealed Secrets | for secret management of encrypted secrets in Git per each cluster | -| Certificate Manager with Let's Encrypt | for automatic refresh of SSL certificates | -| Ingress controller | for reverse proxies and CORS handling | -| Persistent Volumes/Claims | to map NFS mounts to pods | - -# local minikube config - -### install Lens - -### install and start minikube on macos -```bash -brew install qemu -brew install socket_vmnet -brew tap homebrew/services -HOMEBREW=$(which brew) && sudo ${HOMEBREW} services start socket_vmnet -# minikube start --driver qemu --network socket_vmnet --memory=8g --cpus=2 -minikube start --base-image gcr.io/k8s-minikube/kicbase-builds:v0.0.42-1703092832-17830 --driver docker --memory=32g --cpus=8 -minikube addons enable metrics-server - -brew install kubectl -brew install helm -``` - -### install kube-prometheus-stack -see https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack -```bash -helm repo add prometheus-community https://prometheus-community.github.io/helm-charts -helm repo update - -kubectl create namespace monitoring -helm install prometheus --namespace monitoring prometheus-community/kube-prometheus-stack -``` -in Lens, you can see the prometheus pods and services in the monitoring namespace. -Log into Grafana with admin and the password from the following command. -```bash -kubectl get secret --namespace monitoring prometheus-grafana -o jsonpath="{.data.admin-password}" | base64 --decode ; echo -``` - -### set up ingress controller -```bash -minikube addons enable ingress -kubectl get pods -n ingress-nginx -``` - -### Sealed Secrets setup -install sealed secrets and the controller -```bash -brew install kubeseal -helm repo add sealed-secrets https://bitnami-labs.github.io/sealed-secrets -helm install sealed-secrets -n kube-system \ - --set-string fullnameOverride=sealed-secrets-controller sealed-secrets/sealed-secrets -``` -create a secret and seal it -```bash -kubectl create secret generic secret-name --dry-run=client --from-literal=foo=bar -o yaml | \ - kubeseal \ - --controller-name=sealed-secrets-controller \ - --controller-namespace=kube-system \ - --format yaml > mysealedsecret.yaml - -kubectl apply -f mysealedsecret.yaml -``` - -### ArgoCD setup - -### Certificate Manager setup -```bash -brew install cmctl -kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.14.4/cert-manager.yaml -cmctl check api -``` - -# Configure minikube networking for local development - -### set up DNS entries for ingress rounting -* vcell-api, vcell-rest, and s3proxy services are mapped to minikube.local -* vcell-webapp is mapped to minikube.local - -* create local DNS entries for minikube.local and webapp.minikube.local - ```bash - #echo "$(minikube ip) minikube.local" | sudo tee -a /etc/hosts - echo "127.0.0.1 minikube.local" | sudo tee -a /etc/hosts - echo "127.0.0.1 webapp.minikube.local" | sudo tee -a /etc/hosts - ``` -* **note** on mapping to localhost rather than minikube ip address: - from https://github.com/kubernetes/minikube/issues/13510. "Hi, I can confirm that running minikube tunnel works for me on m1 with the docker driver. - Keep in mind that your etc/hosts file needs to map to 127.0.0.1, instead of the output - of minikube ip or kubectl get ingress - this is an important gotcha." - - -# deploying the vcell services to minikube - -### verify the kustomization scripts -```bash -kubectl create namespace devjim -kubectl kustomize overlays/devjim | kubectl apply --dry-run=client --validate=true -f - -``` -### apply the kustomization scripts -```bash -kubectl kustomize overlays/devjim | kubectl apply -f - -``` - -### create sealed secrets (see [scripts/README.md](scripts/README.md)) - -# expose services from minikube cluster -### expose ingress routing to localhost as minikube.local and webapp.minikube.local -for vcell-rest, vcell-api and s3proxy services -```bash -sudo minikube tunnel -``` -### expose JMS and Mongo services to UCH routable ip address -for activemqsim service to receive status messages from simulation workers on HPC cluster -```bash -export EXTERNAL_IP=$(ifconfig | grep 155.37 | awk '{print $2}' | cut -d'-' -f1) -export DEV_NAMESPACE=devjim -# bypass services of type LoadBalancer or NodePort - directly export deployment ports -sudo kubectl port-forward --address ${EXTERNAL_IP} -n ${DEV_NAMESPACE} deployment/activemqsim 8161:8161 -sudo kubectl port-forward --address ${EXTERNAL_IP} -n ${DEV_NAMESPACE} deployment/activemqsim 61616:61616 -sudo kubectl port-forward --address ${EXTERNAL_IP} -n ${DEV_NAMESPACE} deployment/mongodb 27017:27017 -# set jmshost_sim_external to $EXTERNAL_IP in ./config/jimdev/submit.env -sed -i '' "s/jmshost_sim_external=.*/jmshost_sim_external=${EXTERNAL_IP}/" ./config/jimdev/submit.env -``` - -# running the VCell Client -run VCell Java Client (cbit.vcell.client.VCellClientMain) against local minikube -1) set VM Option flags to tolerate the self-signed cert - ``` - -Dvcell.ssl.ignoreHostMismatch=true - -Dvcell.ssl.ignoreCertProblems=true - ``` -2) use local DNS entry for minikube cluster (see spec.tls.hosts in /overlays/devjim/vcell-ingress.yaml) - ``` - --api-host=minikube.local:443 - ``` - -# debugging - -1) lightweight local log tailing with logtail - ```bash - brew tap johanhaleby/kubetail - brew install kubetail - kubetail -n devjim - ``` diff --git a/docker/kustomize/base/activemqint.yaml b/docker/kustomize/base/activemqint.yaml deleted file mode 100644 index cf4c1680d1..0000000000 --- a/docker/kustomize/base/activemqint.yaml +++ /dev/null @@ -1,50 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: activemqint - name: activemqint -spec: - replicas: 0 - selector: - matchLabels: - app: activemqint - template: - metadata: - labels: - app: activemqint - spec: - containers: - - name: activemqint - image: webcenter/activemq:5.14.3 - envFrom: - - configMapRef: - name: activemqint-config - ports: - - containerPort: 61616 - protocol: TCP - - containerPort: 8161 - protocol: TCP - resources: - limits: - memory: "2000Mi" - requests: - memory: "700Mi" - restartPolicy: Always ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app: activemqint - name: activemqint -spec: - ports: - - name: "61616" - port: 61616 - targetPort: 61616 - - name: "8161" - port: 8161 - targetPort: 8161 - selector: - app: activemqint diff --git a/docker/kustomize/base/activemqsim.yaml b/docker/kustomize/base/activemqsim.yaml deleted file mode 100644 index 0ba5d8b015..0000000000 --- a/docker/kustomize/base/activemqsim.yaml +++ /dev/null @@ -1,33 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: activemqsim - name: activemqsim -spec: - replicas: 0 - selector: - matchLabels: - app: activemqsim - template: - metadata: - labels: - app: activemqsim - spec: - containers: - - name: activemqsim - image: webcenter/activemq:5.14.3 - envFrom: - - configMapRef: - name: activemqsim-config - ports: - - containerPort: 61616 - protocol: TCP - - containerPort: 8161 - protocol: TCP - resources: - limits: - memory: "2000Mi" - requests: - memory: "700Mi" - restartPolicy: Always diff --git a/docker/kustomize/base/api.yaml b/docker/kustomize/base/api.yaml deleted file mode 100644 index 9861a467dc..0000000000 --- a/docker/kustomize/base/api.yaml +++ /dev/null @@ -1,113 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: api - name: api -spec: - selector: - matchLabels: - app: api - replicas: 0 - template: - metadata: - labels: - app: api - spec: - securityContext: - runAsUser: 10001 - runAsGroup: 10000 - fsGroup: 10000 - containers: - - name: api - image: ghcr.io/virtualcell/vcell-api - imagePullPolicy: "Always" - resources: - requests: - memory: "400Mi" - cpu: "200m" - limits: - memory: "2000Mi" -# cpu: "500m" - envFrom: - - configMapRef: - name: api-config -# command: [ "/bin/sh", "-c", "env; cat /run/secrets/api-secrets/dbpswd" ] - env: - - name: jmspswdfile - value: "/run/secrets/api-secrets/jmspswd" - - name: dbpswdfile - value: "/run/secrets/api-secrets/dbpswd" - - name: vcellapi_privatekeyfile - value: "/run/secrets/jwt-secret/apiprivkey" - - name: vcellapi_publickeyfile - value: "/run/secrets/jwt-secret/apipubkey" - ports: - - containerPort: 8080 - - containerPort: 8000 - volumeMounts: - - name: api-secrets - mountPath: /run/secrets/api-secrets - - name: jwt-secret - mountPath: /run/secrets/jwt-secret - - - name: nfs-primary-pvc - mountPath: /n5DataDir - subPath: n5 - - name: nfs-primary-pvc - mountPath: /exportdir - subPath: export - - name: nfs-primary-pvc - mountPath: /simdata - subPath: users - - name: nfs-archive-pvc - mountPath: /share/apps/vcell12/users - subPath: users -# - name: nfs-secondary-pvc - - name: nfs-primary-pvc - mountPath: /simdata_secondary - subPath: users - restartPolicy: Always - imagePullSecrets: - - name: ghcr-secret - volumes: - - name: api-secrets - secret: - items: - - key: dbpswd - path: dbpswd - - key: jmspswd - path: jmspswd - secretName: api-secrets - - name: jwt-secret - secret: - items: - - key: apiprivkey - path: apiprivkey - - key: apipubkey - path: apipubkey - secretName: jwt-secret - - name: nfs-primary-pvc - persistentVolumeClaim: - claimName: nfs-primary-pvc - - name: nfs-archive-pvc - persistentVolumeClaim: - claimName: nfs-archive-pvc -# - name: nfs-secondary-pvc -# persistentVolumeClaim: -# claimName: nfs-secondary-pvc - ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app: api - name: api -spec: - ports: - - name: "8080" - port: 8080 - targetPort: 8080 - selector: - app: api diff --git a/docker/kustomize/base/data.yaml b/docker/kustomize/base/data.yaml deleted file mode 100644 index aca00a5561..0000000000 --- a/docker/kustomize/base/data.yaml +++ /dev/null @@ -1,100 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: data - name: data -spec: - selector: - matchLabels: - app: data - replicas: 0 - strategy: - type: Recreate - template: - metadata: - labels: - app: data - spec: - securityContext: - runAsUser: 10001 - runAsGroup: 10000 - fsGroup: 10000 - containers: - - name: data - image: ghcr.io/virtualcell/vcell-data - imagePullPolicy: "Always" - resources: - requests: - memory: "250Mi" - cpu: "200m" - limits: - memory: "3000Mi" -# cpu: "500m" - envFrom: - - configMapRef: - name: data-config - # command: [ "/bin/sh", "-c", "env; cat /run/secrets/api-secrets/dbpswd" ] - env: - - name: jmspswdfile - value: "/run/secrets/api-secrets/jmspswd" - - name: dbpswdfile - value: "/run/secrets/api-secrets/dbpswd" - ports: - - containerPort: 8000 - volumeMounts: - - name: api-secrets - mountPath: /run/secrets/api-secrets - - - name: nfs-primary-pvc - mountPath: /n5DataDir - subPath: n5 - - name: nfs-primary-pvc - mountPath: /exportdir - subPath: export - - name: nfs-primary-pvc - mountPath: /simdata - subPath: users - - name: nfs-archive-pvc - mountPath: /share/apps/vcell12/users - subPath: users -# - name: nfs-secondary-pvc - - name: nfs-primary-pvc - mountPath: /simdata_secondary - subPath: users - restartPolicy: Always - imagePullSecrets: - - name: ghcr-secret - volumes: - - name: api-secrets - secret: - items: - - key: dbpswd - path: dbpswd - - key: jmspswd - path: jmspswd - secretName: api-secrets - - name: nfs-primary-pvc - persistentVolumeClaim: - claimName: nfs-primary-pvc - - name: nfs-archive-pvc - persistentVolumeClaim: - claimName: nfs-archive-pvc -# - name: nfs-secondary-pvc -# persistentVolumeClaim: -# claimName: nfs-secondary-pvc - ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app: data - name: data -spec: - ports: - - name: "5002" - port: 5002 - targetPort: 8000 - selector: - app: data diff --git a/docker/kustomize/base/db.yaml b/docker/kustomize/base/db.yaml deleted file mode 100644 index 1f5f7c718c..0000000000 --- a/docker/kustomize/base/db.yaml +++ /dev/null @@ -1,71 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: db - name: db -spec: - selector: - matchLabels: - app: db - replicas: 0 - template: - metadata: - labels: - app: db - spec: - securityContext: - runAsUser: 10001 - runAsGroup: 10000 - fsGroup: 10000 - containers: - - name: db - image: ghcr.io/virtualcell/vcell-db - imagePullPolicy: "Always" - resources: - requests: - memory: "700Mi" - cpu: "200m" - limits: - memory: "2000Mi" -# cpu: "500m" - envFrom: - - configMapRef: - name: db-config -# command: [ "/bin/sh", "-c", "env; cat /run/secrets/api-secrets/dbpswd" ] - env: - - name: jmspswdfile - value: "/run/secrets/api-secrets/jmspswd" - - name: dbpswdfile - value: "/run/secrets/api-secrets/dbpswd" - ports: - - containerPort: 8000 - volumeMounts: - - mountPath: /run/secrets/api-secrets - name: api-secrets - restartPolicy: Always - imagePullSecrets: - - name: ghcr-secret - volumes: - - name: api-secrets - secret: - items: - - key: dbpswd - path: dbpswd - - key: jmspswd - path: jmspswd - secretName: api-secrets ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app: db - name: db -spec: - ports: - - name: "5003" - port: 5003 - targetPort: 8000 - selector: - app: db diff --git a/docker/kustomize/base/kustomization.yaml b/docker/kustomize/base/kustomization.yaml deleted file mode 100644 index 16f2d517d4..0000000000 --- a/docker/kustomize/base/kustomization.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization - -resources: - - api.yaml - - data.yaml - - db.yaml - - rest.yaml - - s3proxy.yaml - - sched.yaml - - submit.yaml - - webapp.yaml - - activemqint.yaml - - activemqsim.yaml - - mongodb.yaml diff --git a/docker/kustomize/base/mongodb.yaml b/docker/kustomize/base/mongodb.yaml deleted file mode 100644 index 05aa95cd74..0000000000 --- a/docker/kustomize/base/mongodb.yaml +++ /dev/null @@ -1,76 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: mongodb - name: mongodb -spec: - replicas: 0 - selector: - matchLabels: - app: mongodb - strategy: {} - template: - metadata: - labels: - app: mongodb - spec: - containers: - - name: mongodb -# image: ghcr.io/virtualcell/vcell-mongo - image: zcube/bitnami-compat-mongodb:6.0.5 -# args: ["--dbpath","/data/db"] -# livenessProbe: -# exec: -# command: -# - mongo -# - --disableImplicitSessions -# - --eval -# - "db.adminCommand('ping')" -# initialDelaySeconds: 30 -# periodSeconds: 10 -# timeoutSeconds: 5 -# successThreshold: 1 -# failureThreshold: 6 -# readinessProbe: -# exec: -# command: -# - mongo -# - --disableImplicitSessions -# - --eval -# - "db.adminCommand('ping')" -# initialDelaySeconds: 30 -# periodSeconds: 10 -# timeoutSeconds: 5 -# successThreshold: 1 -# failureThreshold: 6 - imagePullPolicy: "Always" - env: - - name: MONGODB_INITDB_ROOT_PASSWORD - valueFrom: - secretKeyRef: - name: api-secrets - key: mongo-password - - name: MONGODB_INITDB_ROOT_USERNAME - valueFrom: - secretKeyRef: - name: api-secrets - key: mongo-username - ports: - - containerPort: 27017 - name: "mongodb" - resources: - limits: - memory: "1500Mi" - requests: - memory: "250Mi" - volumeMounts: - - mountPath: /data/db - name: mongodb-data-dir - restartPolicy: Always - imagePullSecrets: - - name: ghcr-secret - volumes: - - name: mongodb-data-dir - persistentVolumeClaim: - claimName: mongodb-pvc diff --git a/docker/kustomize/base/rest.yaml b/docker/kustomize/base/rest.yaml deleted file mode 100644 index b27e4ad600..0000000000 --- a/docker/kustomize/base/rest.yaml +++ /dev/null @@ -1,80 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: rest - name: rest -spec: - selector: - matchLabels: - app: rest - replicas: 0 - strategy: - type: Recreate - template: - metadata: - labels: - app: rest - spec: - securityContext: - runAsUser: 10001 - runAsGroup: 10000 - fsGroup: 10000 - containers: - - name: rest - image: ghcr.io/virtualcell/vcell-rest - imagePullPolicy: "Always" - resources: - requests: - memory: "400Mi" - cpu: "200m" - limits: - memory: "1000Mi" - # cpu: "500m" - envFrom: - - configMapRef: - name: rest-config - - secretRef: - name: rest-secrets - # command: [ "/bin/sh", "-c", "env; cat /run/secrets/api-secrets/dbpswd" ] - env: - - name: JAVA_OPTS - value: > - -agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:5005 - -Dquarkus.http.host=0.0.0.0 - -Djava.util.logging.manager=org.jboss.logmanager.LogManager - -Dvcellapi.privateKey.file=/run/secrets/jwt-secret/apiprivkey - -Dvcellapi.publicKey.file=/run/secrets/jwt-secret/apipubkey - ports: - - containerPort: 80 - - containerPort: 5005 - volumeMounts: - - name: jwt-secret - mountPath: /run/secrets/jwt-secret - restartPolicy: Always - imagePullSecrets: - - name: ghcr-secret - volumes: - - name: jwt-secret - secret: - items: - - key: apiprivkey - path: apiprivkey - - key: apipubkey - path: apipubkey - secretName: jwt-secret - ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app: rest - name: rest -spec: - ports: - - name: "80" - port: 80 - targetPort: 80 - selector: - app: rest diff --git a/docker/kustomize/base/s3proxy.yaml b/docker/kustomize/base/s3proxy.yaml deleted file mode 100644 index 0c3b10f415..0000000000 --- a/docker/kustomize/base/s3proxy.yaml +++ /dev/null @@ -1,61 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: s3proxy - name: s3proxy -spec: - selector: - matchLabels: - app: s3proxy - replicas: 0 - strategy: - type: Recreate - template: - metadata: - labels: - app: s3proxy - spec: - securityContext: - runAsUser: 10001 - runAsGroup: 10000 - fsGroup: 10000 - containers: - - name: s3proxy - image: andrewgaul/s3proxy:sha-10469f40c0b27a091fde70ee065bd6ee1c945bca - resources: - requests: - memory: "150Mi" - cpu: "200m" - limits: - memory: "300Mi" -# cpu: "500m" - envFrom: - - configMapRef: - name: s3proxy-config - ports: - - containerPort: 80 - volumeMounts: - - name: nfs-primary-pvc - mountPath: /data - subPath: n5 - restartPolicy: Always - volumes: - - name: nfs-primary-pvc - persistentVolumeClaim: - claimName: nfs-primary-pvc - readOnly: true ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app: s3proxy - name: s3proxy -spec: - ports: - - name: "80" - port: 80 - targetPort: 80 - selector: - app: s3proxy diff --git a/docker/kustomize/base/sched.yaml b/docker/kustomize/base/sched.yaml deleted file mode 100644 index 2cc9f3e632..0000000000 --- a/docker/kustomize/base/sched.yaml +++ /dev/null @@ -1,101 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: sched - name: sched -spec: - selector: - matchLabels: - app: sched - replicas: 0 - strategy: - type: Recreate - template: - metadata: - labels: - app: sched - spec: - securityContext: - runAsUser: 10001 - runAsGroup: 10000 - fsGroup: 10000 - containers: - - name: sched - image: ghcr.io/virtualcell/vcell-sched - imagePullPolicy: "Always" - resources: - requests: - memory: "250Mi" - cpu: "200m" - limits: - memory: "2000Mi" -# cpu: "500m" - envFrom: - - configMapRef: - name: sched-config - # command: [ "/bin/sh", "-c", "env; cat /run/secrets/api-secrets/dbpswd" ] - env: - - name: batchuserkeyfile - value: "/run/secrets/batchuserkeyfile/ssh-privatekey" - - name: jmspswdfile - value: "/run/secrets/api-secrets/jmspswd" - - name: dbpswdfile - value: "/run/secrets/api-secrets/dbpswd" - ports: - - containerPort: 8000 - volumeMounts: - - name: api-secrets - mountPath: /run/secrets/api-secrets - - name: batchuserkeyfile - mountPath: /run/secrets/batchuserkeyfile - - - name: nfs-primary-pvc - mountPath: /htclogs - subPath: htclogs - - name: nfs-primary-pvc - mountPath: /simdata - subPath: users - - name: nfs-archive-pvc - mountPath: /share/apps/vcell12/users - subPath: users - restartPolicy: Always - imagePullSecrets: - - name: ghcr-secret - volumes: - - name: api-secrets - secret: - items: - - key: dbpswd - path: dbpswd - - key: jmspswd - path: jmspswd - secretName: api-secrets - - name: batchuserkeyfile - secret: - defaultMode: 256 - items: - - key: ssh-privatekey - path: ssh-privatekey - secretName: vcell-ssh-secret - - name: nfs-primary-pvc - persistentVolumeClaim: - claimName: nfs-primary-pvc - - name: nfs-archive-pvc - persistentVolumeClaim: - claimName: nfs-archive-pvc - ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app: sched - name: sched -spec: - ports: - - name: "5004" - port: 5004 - targetPort: 8000 - selector: - app: sched diff --git a/docker/kustomize/base/submit.yaml b/docker/kustomize/base/submit.yaml deleted file mode 100644 index aa63b58973..0000000000 --- a/docker/kustomize/base/submit.yaml +++ /dev/null @@ -1,112 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: submit - name: submit -spec: - selector: - matchLabels: - app: submit - replicas: 0 - strategy: - type: Recreate - template: - metadata: - labels: - app: submit - spec: - securityContext: - runAsUser: 10001 - runAsGroup: 10000 - fsGroup: 10000 - containers: - - name: submit - image: ghcr.io/virtualcell/vcell-submit - imagePullPolicy: "Always" - resources: - requests: - memory: "250Mi" - cpu: "200m" - limits: - memory: "2000Mi" -# cpu: "500m" - envFrom: - - configMapRef: - name: submit-config - # command: [ "/bin/sh", "-c", "env; cat /run/secrets/api-secrets/dbpswd" ] - env: - - name: batchuserkeyfile - value: "/run/secrets/batchuserkeyfile/ssh-privatekey" - - name: jmspswdfile - value: "/run/secrets/api-secrets/jmspswd" - - name: dbpswdfile - value: "/run/secrets/api-secrets/dbpswd" - ports: - - containerPort: 8000 - - containerPort: 8877 - protocol: TCP - volumeMounts: - - name: api-secrets - mountPath: /run/secrets/api-secrets - - name: batchuserkeyfile - mountPath: /run/secrets/batchuserkeyfile - - - name: nfs-primary-pvc - mountPath: /htclogs - subPath: htclogs - - name: nfs-primary-pvc - mountPath: /simdata - subPath: users - - name: nfs-archive-pvc - mountPath: /share/apps/vcell12/users - subPath: users -# - name: nfs-secondary-pvc - - name: nfs-primary-pvc - mountPath: /simdata_secondary - subPath: users - restartPolicy: Always - imagePullSecrets: - - name: ghcr-secret - volumes: - - name: api-secrets - secret: - items: - - key: dbpswd - path: dbpswd - - key: jmspswd - path: jmspswd - secretName: api-secrets - - name: batchuserkeyfile - secret: - defaultMode: 256 - items: - - key: ssh-privatekey - path: ssh-privatekey - secretName: vcell-ssh-secret - - name: nfs-primary-pvc - persistentVolumeClaim: - claimName: nfs-primary-pvc - - name: nfs-archive-pvc - persistentVolumeClaim: - claimName: nfs-archive-pvc -# - name: nfs-secondary-pvc -# persistentVolumeClaim: -# claimName: nfs-secondary-pvc ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app: submit - name: submit -spec: - ports: - - name: "5005" - port: 5005 - targetPort: 8000 - - name: "8877" - port: 8877 - targetPort: 8877 - selector: - app: submit diff --git a/docker/kustomize/base/webapp.yaml b/docker/kustomize/base/webapp.yaml deleted file mode 100644 index 73c7ecaf86..0000000000 --- a/docker/kustomize/base/webapp.yaml +++ /dev/null @@ -1,44 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: webapp -spec: - selector: - matchLabels: - app: webapp - replicas: 0 - strategy: - type: Recreate - template: - metadata: - labels: - app: webapp - spec: - containers: - - name: webapp - image: ghcr.io/virtualcell/vcell-webapp - imagePullPolicy: "Always" - resources: - requests: - memory: "200Mi" - cpu: "200m" - limits: - memory: "400Mi" - # cpu: "500m" - ports: - - containerPort: 80 - restartPolicy: Always - imagePullSecrets: - - name: ghcr-secret ---- -apiVersion: v1 -kind: Service -metadata: - name: webapp -spec: - selector: - app: webapp - ports: - - protocol: TCP - port: 80 - targetPort: 80 diff --git a/docker/kustomize/cluster/letsencrypt-prod-Issuer.yaml b/docker/kustomize/cluster/letsencrypt-prod-Issuer.yaml deleted file mode 100644 index 21f577d596..0000000000 --- a/docker/kustomize/cluster/letsencrypt-prod-Issuer.yaml +++ /dev/null @@ -1,18 +0,0 @@ -apiVersion: cert-manager.io/v1 -kind: ClusterIssuer -metadata: - name: letsencrypt-prod -spec: - acme: - # The ACME server URL - server: https://acme-v02.api.letsencrypt.org/directory - # Email address used for ACME registration - email: vcell_support@uchc.edu - # Name of a secret used to store the ACME account private key - privateKeySecretRef: - name: letsencrypt-prod - # Enable the HTTP-01 challenge provider - solvers: - - http01: - ingress: - class: nginx \ No newline at end of file diff --git a/docker/kustomize/cluster/letsencrypt-staging-Issuer.yaml b/docker/kustomize/cluster/letsencrypt-staging-Issuer.yaml deleted file mode 100644 index d9d8b042d3..0000000000 --- a/docker/kustomize/cluster/letsencrypt-staging-Issuer.yaml +++ /dev/null @@ -1,18 +0,0 @@ -apiVersion: cert-manager.io/v1 -kind: ClusterIssuer -metadata: - name: letsencrypt-staging -spec: - acme: - # The ACME server URL - server: https://acme-staging-v02.api.letsencrypt.org/directory - # Email address used for ACME registration - email: vcell_support@uchc.edu - # Name of a secret used to store the ACME account private key - privateKeySecretRef: - name: letsencrypt-staging - # Enable the HTTP-01 challenge provider - solvers: - - http01: - ingress: - class: nginx \ No newline at end of file diff --git a/docker/kustomize/config/devjim/activemqint.env b/docker/kustomize/config/devjim/activemqint.env deleted file mode 100644 index 94fd206d61..0000000000 --- a/docker/kustomize/config/devjim/activemqint.env +++ /dev/null @@ -1,9 +0,0 @@ -ACTIVEMQ_CONFIG_AUTHENABLED=true -ACTIVEMQ_ENABLED_SCHEDULER=true -ACTIVEMQ_GROUPS_reads=clientUser -ACTIVEMQ_GROUPS_writes=clientUser -ACTIVEMQ_MAX_MEMORY=2048 -ACTIVEMQ_MIN_MEMORY=512 -ACTIVEMQ_STATIC_QUEUES=simReq;dataReq;dbReq;simJob -ACTIVEMQ_STATIC_TOPICS=clientStatus -ACTIVEMQ_USERS_clientUser=dummy diff --git a/docker/kustomize/config/devjim/activemqsim.env b/docker/kustomize/config/devjim/activemqsim.env deleted file mode 100644 index 579b873858..0000000000 --- a/docker/kustomize/config/devjim/activemqsim.env +++ /dev/null @@ -1,9 +0,0 @@ -ACTIVEMQ_CONFIG_AUTHENABLED=true -ACTIVEMQ_ENABLED_SCHEDULER=true -ACTIVEMQ_GROUPS_reads=clientUser -ACTIVEMQ_GROUPS_writes=clientUser -ACTIVEMQ_MAX_MEMORY=2048 -ACTIVEMQ_MIN_MEMORY=512 -ACTIVEMQ_STATIC_QUEUES=workerEvent -ACTIVEMQ_STATIC_TOPICS=serviceControl -ACTIVEMQ_USERS_clientUser=dummy diff --git a/docker/kustomize/config/devjim/api.env b/docker/kustomize/config/devjim/api.env deleted file mode 100644 index 83397fb64e..0000000000 --- a/docker/kustomize/config/devjim/api.env +++ /dev/null @@ -1,11 +0,0 @@ -simdataCacheSize=10000000 - -smtp_emailaddress=VCell_Support@uchc.edu -smtp_hostname=vdsmtp.cam.uchc.edu -smtp_port=25 - -ssl_ignoreCertProblems="true" -ssl_ignoreHostMismatch="true" -protocol=http - -submit_service_host=submit diff --git a/docker/kustomize/config/devjim/data.env b/docker/kustomize/config/devjim/data.env deleted file mode 100644 index f8fc4815a4..0000000000 --- a/docker/kustomize/config/devjim/data.env +++ /dev/null @@ -1,8 +0,0 @@ -simdataCacheSize=10000000 - -s3ProxyPortExternal=8089 -s3export_baseURL=https://localhost - -export_baseurl=http://vcell.org/export/ - -servertype=CombinedData diff --git a/docker/kustomize/config/devjim/db.env b/docker/kustomize/config/devjim/db.env deleted file mode 100644 index cbc9fb0be6..0000000000 --- a/docker/kustomize/config/devjim/db.env +++ /dev/null @@ -1 +0,0 @@ -# empty for now \ No newline at end of file diff --git a/docker/kustomize/config/devjim/kustomization.yaml b/docker/kustomize/config/devjim/kustomization.yaml deleted file mode 100644 index 69fcd5ec2d..0000000000 --- a/docker/kustomize/config/devjim/kustomization.yaml +++ /dev/null @@ -1,38 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization - -configMapGenerator: - - name: api-config - envs: - - api.env - - shared.env - - name: db-config - envs: - - db.env - - shared.env - - name: data-config - envs: - - data.env - - shared.env - - name: sched-config - envs: - - sched.env - - shared.env - - name: submit-config - envs: - - submit.env - - shared.env - - name: rest-config - envs: - - rest.env - - shared.env - - - name: s3proxy-config - envs: - - s3proxy.env - - name: activemqint-config - envs: - - activemqint.env - - name: activemqsim-config - envs: - - activemqsim.env diff --git a/docker/kustomize/config/devjim/rest.env b/docker/kustomize/config/devjim/rest.env deleted file mode 100644 index d05d524058..0000000000 --- a/docker/kustomize/config/devjim/rest.env +++ /dev/null @@ -1,73 +0,0 @@ -QUARKUS_HTTP_PORT=80 -QUARKUS_HTTP_CORS=true -# QUARKUS_HTTP_CORS_ORIGINS=/.*/ -# QUARKUS_HTTP_CORS_METHODS=GET,POST,PUT,DELETE,OPTIONS - -QUARKUS_LOG_LEVEL=DEBUG - -QUARKUS_DATASOURCE_DB_KIND=other -QUARKUS_DATASOURCE_JDBC_URL=jdbc:oracle:thin:@vcell-oracle.cam.uchc.edu:1521/ORCLPDB1 -QUARKUS_DATASOURCE_JDBC_DRIVER=oracle.jdbc.driver.OracleDriver -QUARKUS_DATASOURCE_USERNAME=vcell -# QUARKUS_DATASOURCE_PASSWORD= - -ORACLE_JDBC_JAVANETNIO=false -ORACLE_JDBC_AUTOCOMMITSPECCOMPLIANT=false - -QUARKUS_DATASOURCE_METRICS_ENABLED=true -QUARKUS_DATASOURCE_JDBC_ENABLE_METRICS=true -QUARKUS_DATASOURCE_JDBC_ACQUISITION_TIMEOUT=20S - -## Auth OIDC Bearer Token -QUARKUS_OIDC_AUTH_SERVER_URL=https://dev-dzhx7i2db3x3kkvq.us.auth0.com -# QUARKUS_OIDC_CLIENT_ID=ViiDx0tdnXnv6OMiz9nS6MkHyWmlsRlG -# QUARKUS_OIDC_CREDENTIALS_SECRET= -QUARKUS_OIDC_APPLICATION_TYPE=hybrid -QUARKUS_OIDC_AUTHENTICATION_SCOPES=openid,profile,email - -QUARKUS_TEST_TYPE=quarkus-test - -## OpenAPI -QUARKUS_SMALLRYE_OPENAPI_ENABLE=true -QUARKUS_SMALLRYE_OPENAPI_STORE_SCHEMA_DIRECTORY=target/generated - -QUARKUS_SMALLRYE_OPENAPI_INFO_TITLE=VCell API (production) -QUARKUS_SMALLRYE_OPENAPI_INFO_VERSION=1.0.1 -QUARKUS_SMALLRYE_OPENAPI_INFO_DESCRIPTION=VCell API -QUARKUS_SMALLRYE_OPENAPI_INFO_TERMS_OF_SERVICE=Your terms of service here -QUARKUS_SMALLRYE_OPENAPI_INFO_CONTACT_EMAIL=vcell_support@uchc.com -QUARKUS_SMALLRYE_OPENAPI_INFO_CONTACT_NAME=VCell API Support -QUARKUS_SMALLRYE_OPENAPI_INFO_CONTACT_URL=http://exampleurl.com/contact -QUARKUS_SMALLRYE_OPENAPI_INFO_LICENSE_NAME=MIT -QUARKUS_SMALLRYE_OPENAPI_INFO_LICENSE_URL=http://opensource.org/licenses/MIT - -## OpenAPI Security -QUARKUS_SMALLRYE_OPENAPI_AUTO_ADD_SERVER=true -QUARKUS_SMALLRYE_OPENAPI_AUTO_ADD_SECURITY_REQUIREMENT=true -QUARKUS_SMALLRYE_OPENAPI_AUTO_ADD_SECURITY=true -QUARKUS_SMALLRYE_OPENAPI_SECURITY_SCHEME_NAME=openId -QUARKUS_SMALLRYE_OPENAPI_SERVERS=http://localhost:9000 - - -#QUARKUS_SMALLRYE_OPENAPI_SECURITY_SCHEME=oidc -#QUARKUS_SMALLRYE_OPENAPI_SECURITY_SCHEME_DESCRIPTION=Authentication -#QUARKUS_SMALLRYE_OPENAPI_OAUTH2_SECURITY_SCHEME_VALUE=authorizationCode -#QUARKUS_SMALLRYE_OPENAPI_OAUTH2_BEARER_FORMAT=JWT - - -QUARKUS_SMALLRYE_OPENAPI_OIDC_ISSUER_URL=https://dev-dzhx7i2db3x3kkvq.us.auth0.com -QUARKUS_SMALLRYE_OPENAPI_OIDC_OPEN_ID_CONNECT_URL=https://dev-dzhx7i2db3x3kkvq.us.auth0.com/.well-known/openid-configuration -QUARKUS_SMALLRYE_OPENAPI_OAUTH2_IMPLICIT_REFRESH_URL=https://dev-dzhx7i2db3x3kkvq.us.auth0.com/protocol/openid-connect/token -QUARKUS_SMALLRYE_OPENAPI_OAUTH2_IMPLICIT_AUTHORIZATION_URL=https://dev-dzhx7i2db3x3kkvq.us.auth0.com/protocol/openid-connect/auth -QUARKUS_SMALLRYE_OPENAPI_OAUTH2_IMPLICIT_TOKEN_URL=https://dev-dzhx7i2db3x3kkvq.us.auth0.com/protocol/openid-connect/token - -## Swagger UI (disable for production) -QUARKUS_SWAGGER_UI_ALWAYS_INCLUDE=true -# QUARKUS_SWAGGER_UI_OAUTH_CLIENT_ID=APQVObJMV2WCQAl3lLMJc2zixd4DU3uQ -# QUARKUS_SWAGGER_UI_OAUTH_CLIENT_SECRET= -##QUARKUS_SWAGGER_UI_OAUTH_REDIRECT_URI=http://localhost:9000/q/swagger-ui/oauth2-redirect.html -#QUARKUS_SWAGGER_UI_OAUTH_AUTHORIZATION_URI=https://dev-dzhx7i2db3x3kkvq.us.auth0.com/protocol/openid-connect/auth -#QUARKUS_SWAGGER_UI_OAUTH_TOKEN_URI=https://dev-dzhx7i2db3x3kkvq.us.auth0.com/protocol/openid-connect/token -#QUARKUS_SWAGGER_UI_OAUTH_SCOPES=openid,profile,email -#QUARKUS_SWAGGER_UI_OAUTH_USE_PKCE_WITH_AUTHORIZATION_CODE_GRANT=true -#QUARKUS_SWAGGER_UI_OAUTH_USE_PKCE_WITH_AUTHORIZATION_CODE_GRANT=false diff --git a/docker/kustomize/config/devjim/s3proxy.env b/docker/kustomize/config/devjim/s3proxy.env deleted file mode 100644 index 60a134b5f0..0000000000 --- a/docker/kustomize/config/devjim/s3proxy.env +++ /dev/null @@ -1,28 +0,0 @@ -JCLOUDS_FILESYSTEM_BASEDIR=/data -JCLOUDS_PROVIDER=filesystem -JCLOUDS_REGIONS=site2-low -S3PROXY_AUTHORIZATION=none -S3PROXY_KEYSTORE_PATH= - -LOG_LEVEL=info -S3PROXY_ENDPOINT=http://0.0.0.0:80 -S3PROXY_SECURE_ENDPOINT= -S3PROXY_VIRTUALHOST= -S3PROXY_CORS_ALLOW_ALL=false -S3PROXY_CORS_ALLOW_ORIGINS= -S3PROXY_CORS_ALLOW_METHODS= -S3PROXY_CORS_ALLOW_HEADERS= -S3PROXY_IGNORE_UNKNOWN_HEADERS=false -S3PROXY_ENCRYPTED_BLOBSTORE= -S3PROXY_ENCRYPTED_BLOBSTORE_PASSWORD= -S3PROXY_ENCRYPTED_BLOBSTORE_SALT= -S3PROXY_IDENTITY=local-identity -S3PROXY_CREDENTIAL=local-credential - -JCLOUDS_ENDPOINT= -JCLOUDS_REGION= -JCLOUDS_IDENTITY=remote-identity -JCLOUDS_CREDENTIAL=remote-credential -JCLOUDS_KEYSTONE_VERSION= -JCLOUDS_KEYSTONE_SCOPE= -JCLOUDS_KEYSTONE_PROJECT_DOMAIN_NAME= diff --git a/docker/kustomize/config/devjim/sched.env b/docker/kustomize/config/devjim/sched.env deleted file mode 100644 index 12bcba2ca3..0000000000 --- a/docker/kustomize/config/devjim/sched.env +++ /dev/null @@ -1,20 +0,0 @@ -simdataCacheSize=10000000 - -maxJobsPerScan=100 -maxOdeJobsPerUser=100 -maxPdeJobsPerUser=40 -batchhost=hpc-ext-1.cam.uchc.edu,hpc-ext-2.cam.uchc.edu,hpc-ext-3.cam.uchc.edu,hpc-ext-4.cam.uchc.edu -htcnodelist= -batchsystem=SLURM -batchuser=vcell -slurm_cmd_sacct=sacct -slurm_cmd_sbatch=sbatch -slurm_cmd_scancel=scancel -slurm_cmd_squeue=squeue -slurm_partition=vcell -slurm_partition_pu=vcellpu -slurm_reservation= -slurm_reservation_pu=vcellpu - -vcell_ssh_cmd_cmdtimeout=10000 -vcell_ssh_cmd_restoretimeout=5 diff --git a/docker/kustomize/config/devjim/shared.env b/docker/kustomize/config/devjim/shared.env deleted file mode 100644 index 254c17dca4..0000000000 --- a/docker/kustomize/config/devjim/shared.env +++ /dev/null @@ -1,16 +0,0 @@ -dbdriver=oracle.jdbc.driver.OracleDriver -dburl=jdbc:oracle:thin:@vcell-oracle.cam.uchc.edu:1521/ORCLPDB1 -dbuser=vcell - -jmshost_int_internal=activemqint -jmsport_int_internal=61616 -jmshost_sim_internal=activemqsim -jmsport_sim_internal=61616 -jmsuser=clientUser - -mongodb_database=test -mongodb_host_internal=mongodb -mongodb_port_internal=27017 - -serverid=TEST2 -softwareVersion=Test_Version_7.5.0_build_1234 diff --git a/docker/kustomize/config/devjim/submit.env b/docker/kustomize/config/devjim/submit.env deleted file mode 100644 index d2543d21bc..0000000000 --- a/docker/kustomize/config/devjim/submit.env +++ /dev/null @@ -1,51 +0,0 @@ -simdataCacheSize=10000000 - -maxJobsPerScan=100 -maxOdeJobsPerUser=100 -maxPdeJobsPerUser=40 -batchhost=hpc-ext-1.cam.uchc.edu,hpc-ext-2.cam.uchc.edu,hpc-ext-3.cam.uchc.edu,hpc-ext-4.cam.uchc.edu -htcnodelist= -batchsystem=SLURM -batchuser=vcell -slurm_cmd_sacct=sacct -slurm_cmd_sbatch=sbatch -slurm_cmd_scancel=scancel -slurm_cmd_squeue=squeue -slurm_partition=vcell -slurm_partition_pu=vcellpu -slurm_reservation= -slurm_reservation_pu=vcellpu -slurm_qos=vcell -slurm_qos_pu=vcellpu - -vcell_ssh_cmd_cmdtimeout=10000 -vcell_ssh_cmd_restoretimeout=5 - -# runtime settings for HPC singularity image -docker_name=ghcr.io/virtualcell/vcell-batch:dev -slurm_local_singularity_dir=/state/partition1/singularityImages -opt_singularity_imagefile=/state/partition1/singularityImages/ghcr.io_virtualcell_vcell-opt_dev.img -batch_singularity_imagefile=/state/partition1/singularityImages/ghcr.io_virtualcell_vcell-batch_dev.img -slurm_central_singularity_dir=/share/apps/vcell3/singularityImages -slurm_singularity_module_name=singularity/vcell-3.10.0 -slurm_tmpdir=/scratch/vcell - -# HPC worker messaging (host and java and rest ports exposed by activemqsim NodePort service) -# when running in UCH VPN and using minikube, use the following command -# "ifconfig | grep 155.37 | awk '{print $2}' | cut -d'-' -f1" -jmshost_sim_external=155.37.249.206 -jmsport_sim_external=31616 -jmsrestport_sim_external=30161 - -# HPC worker mongo (for large payload messaging) -mongodb_host_external=155.37.250.40 -mongodb_port_external=27020 - -htclogdir_external=/share/apps/vcell3/htclogs -nativesolverdir_external=/share/apps/vcell3/nativesolvers -simdatadir_archive_external=/share/apps/vcell12/users -simdatadir_parallel_external=/share/apps/vcell3parallel -simdatadir_secondary_external=/share/apps/vcell7/users -simdatadir_external=/share/apps/vcell3/users - -simdatadir_archive_internal=/share/apps/vcell12/users diff --git a/docker/kustomize/config/stage/activemqint.env b/docker/kustomize/config/stage/activemqint.env deleted file mode 100644 index 94fd206d61..0000000000 --- a/docker/kustomize/config/stage/activemqint.env +++ /dev/null @@ -1,9 +0,0 @@ -ACTIVEMQ_CONFIG_AUTHENABLED=true -ACTIVEMQ_ENABLED_SCHEDULER=true -ACTIVEMQ_GROUPS_reads=clientUser -ACTIVEMQ_GROUPS_writes=clientUser -ACTIVEMQ_MAX_MEMORY=2048 -ACTIVEMQ_MIN_MEMORY=512 -ACTIVEMQ_STATIC_QUEUES=simReq;dataReq;dbReq;simJob -ACTIVEMQ_STATIC_TOPICS=clientStatus -ACTIVEMQ_USERS_clientUser=dummy diff --git a/docker/kustomize/config/stage/activemqsim.env b/docker/kustomize/config/stage/activemqsim.env deleted file mode 100644 index 579b873858..0000000000 --- a/docker/kustomize/config/stage/activemqsim.env +++ /dev/null @@ -1,9 +0,0 @@ -ACTIVEMQ_CONFIG_AUTHENABLED=true -ACTIVEMQ_ENABLED_SCHEDULER=true -ACTIVEMQ_GROUPS_reads=clientUser -ACTIVEMQ_GROUPS_writes=clientUser -ACTIVEMQ_MAX_MEMORY=2048 -ACTIVEMQ_MIN_MEMORY=512 -ACTIVEMQ_STATIC_QUEUES=workerEvent -ACTIVEMQ_STATIC_TOPICS=serviceControl -ACTIVEMQ_USERS_clientUser=dummy diff --git a/docker/kustomize/config/stage/api.env b/docker/kustomize/config/stage/api.env deleted file mode 100644 index 5ecab23579..0000000000 --- a/docker/kustomize/config/stage/api.env +++ /dev/null @@ -1,13 +0,0 @@ -simdataCacheSize=10000000 - -serverPrefixV0=/api/v0 - -smtp_emailaddress=VCell_Support@uchc.edu -smtp_hostname=vdsmtp.cam.uchc.edu -smtp_port=25 - -ssl_ignoreCertProblems="true" -ssl_ignoreHostMismatch="true" -protocol=http - -submit_service_host=submit diff --git a/docker/kustomize/config/stage/data.env b/docker/kustomize/config/stage/data.env deleted file mode 100644 index f8fc4815a4..0000000000 --- a/docker/kustomize/config/stage/data.env +++ /dev/null @@ -1,8 +0,0 @@ -simdataCacheSize=10000000 - -s3ProxyPortExternal=8089 -s3export_baseURL=https://localhost - -export_baseurl=http://vcell.org/export/ - -servertype=CombinedData diff --git a/docker/kustomize/config/stage/db.env b/docker/kustomize/config/stage/db.env deleted file mode 100644 index cbc9fb0be6..0000000000 --- a/docker/kustomize/config/stage/db.env +++ /dev/null @@ -1 +0,0 @@ -# empty for now \ No newline at end of file diff --git a/docker/kustomize/config/stage/kustomization.yaml b/docker/kustomize/config/stage/kustomization.yaml deleted file mode 100644 index 69fcd5ec2d..0000000000 --- a/docker/kustomize/config/stage/kustomization.yaml +++ /dev/null @@ -1,38 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization - -configMapGenerator: - - name: api-config - envs: - - api.env - - shared.env - - name: db-config - envs: - - db.env - - shared.env - - name: data-config - envs: - - data.env - - shared.env - - name: sched-config - envs: - - sched.env - - shared.env - - name: submit-config - envs: - - submit.env - - shared.env - - name: rest-config - envs: - - rest.env - - shared.env - - - name: s3proxy-config - envs: - - s3proxy.env - - name: activemqint-config - envs: - - activemqint.env - - name: activemqsim-config - envs: - - activemqsim.env diff --git a/docker/kustomize/config/stage/rest.env b/docker/kustomize/config/stage/rest.env deleted file mode 100644 index 3213a9ff02..0000000000 --- a/docker/kustomize/config/stage/rest.env +++ /dev/null @@ -1,77 +0,0 @@ -QUARKUS_HTTP_PORT=80 -QUARKUS_HTTP_CORS=true -# QUARKUS_HTTP_CORS_ORIGINS=/.*/ -# QUARKUS_HTTP_CORS_METHODS=GET,POST,PUT,DELETE,OPTIONS - -QUARKUS_LOG_LEVEL=DEBUG - -QUARKUS_DATASOURCE_ORACLE_DB_KIND=other -QUARKUS_DATASOURCE_ORACLE_JDBC_URL=jdbc:oracle:thin:@vcell-oracle.cam.uchc.edu:1521/ORCLPDB1 -QUARKUS_DATASOURCE_ORACLE_JDBC_DRIVER=oracle.jdbc.driver.OracleDriver -QUARKUS_DATASOURCE_ORACLE_USERNAME=vcell -# QUARKUS_DATASOURCE_ORACLE_PASSWORD= - -ORACLE_JDBC_JAVANETNIO=false -ORACLE_JDBC_AUTOCOMMITSPECCOMPLIANT=false - -QUARKUS_DATASOURCE_POSTGRESQL_DB_KIND=jdbc:postgresql://localhost:5432/postgres -QUARKUS_DATASOURCE_POSTGRESQL_JDBC_URL=jdbc:postgresql://localhost:5432/postgres -QUARKUS_DATASOURCE_POSTGRESQL_JDBC_DRIVER=org.postgresql.Driver - -QUARKUS_DATASOURCE_METRICS_ENABLED=true -QUARKUS_DATASOURCE_JDBC_ENABLE_METRICS=true -QUARKUS_DATASOURCE_JDBC_ACQUISITION_TIMEOUT=20S - -## Auth OIDC Bearer Token -QUARKUS_OIDC_AUTH_SERVER_URL=https://dev-dzhx7i2db3x3kkvq.us.auth0.com -# QUARKUS_OIDC_CLIENT_ID=ViiDx0tdnXnv6OMiz9nS6MkHyWmlsRlG -# QUARKUS_OIDC_CREDENTIALS_SECRET= -QUARKUS_OIDC_APPLICATION_TYPE=hybrid -QUARKUS_OIDC_AUTHENTICATION_SCOPES=openid,profile,email - -QUARKUS_TEST_TYPE=quarkus-test - -## OpenAPI -QUARKUS_SMALLRYE_OPENAPI_ENABLE=true -QUARKUS_SMALLRYE_OPENAPI_STORE_SCHEMA_DIRECTORY=target/generated - -QUARKUS_SMALLRYE_OPENAPI_INFO_TITLE=VCell API (production) -QUARKUS_SMALLRYE_OPENAPI_INFO_VERSION=1.0.1 -QUARKUS_SMALLRYE_OPENAPI_INFO_DESCRIPTION=VCell API -QUARKUS_SMALLRYE_OPENAPI_INFO_TERMS_OF_SERVICE=Your terms of service here -QUARKUS_SMALLRYE_OPENAPI_INFO_CONTACT_EMAIL=vcell_support@uchc.com -QUARKUS_SMALLRYE_OPENAPI_INFO_CONTACT_NAME=VCell API Support -QUARKUS_SMALLRYE_OPENAPI_INFO_CONTACT_URL=http://exampleurl.com/contact -QUARKUS_SMALLRYE_OPENAPI_INFO_LICENSE_NAME=MIT -QUARKUS_SMALLRYE_OPENAPI_INFO_LICENSE_URL=http://opensource.org/licenses/MIT - -## OpenAPI Security -QUARKUS_SMALLRYE_OPENAPI_AUTO_ADD_SERVER=true -QUARKUS_SMALLRYE_OPENAPI_AUTO_ADD_SECURITY_REQUIREMENT=true -QUARKUS_SMALLRYE_OPENAPI_AUTO_ADD_SECURITY=true -QUARKUS_SMALLRYE_OPENAPI_SECURITY_SCHEME_NAME=openId -QUARKUS_SMALLRYE_OPENAPI_SERVERS=http://localhost:9000 - - -#QUARKUS_SMALLRYE_OPENAPI_SECURITY_SCHEME=oidc -#QUARKUS_SMALLRYE_OPENAPI_SECURITY_SCHEME_DESCRIPTION=Authentication -#QUARKUS_SMALLRYE_OPENAPI_OAUTH2_SECURITY_SCHEME_VALUE=authorizationCode -#QUARKUS_SMALLRYE_OPENAPI_OAUTH2_BEARER_FORMAT=JWT - - -QUARKUS_SMALLRYE_OPENAPI_OIDC_ISSUER_URL=https://dev-dzhx7i2db3x3kkvq.us.auth0.com -QUARKUS_SMALLRYE_OPENAPI_OIDC_OPEN_ID_CONNECT_URL=https://dev-dzhx7i2db3x3kkvq.us.auth0.com/.well-known/openid-configuration -QUARKUS_SMALLRYE_OPENAPI_OAUTH2_IMPLICIT_REFRESH_URL=https://dev-dzhx7i2db3x3kkvq.us.auth0.com/protocol/openid-connect/token -QUARKUS_SMALLRYE_OPENAPI_OAUTH2_IMPLICIT_AUTHORIZATION_URL=https://dev-dzhx7i2db3x3kkvq.us.auth0.com/protocol/openid-connect/auth -QUARKUS_SMALLRYE_OPENAPI_OAUTH2_IMPLICIT_TOKEN_URL=https://dev-dzhx7i2db3x3kkvq.us.auth0.com/protocol/openid-connect/token - -## Swagger UI (disable for production) -QUARKUS_SWAGGER_UI_ALWAYS_INCLUDE=true -# QUARKUS_SWAGGER_UI_OAUTH_CLIENT_ID=APQVObJMV2WCQAl3lLMJc2zixd4DU3uQ -# QUARKUS_SWAGGER_UI_OAUTH_CLIENT_SECRET= -##QUARKUS_SWAGGER_UI_OAUTH_REDIRECT_URI=http://localhost:9000/q/swagger-ui/oauth2-redirect.html -#QUARKUS_SWAGGER_UI_OAUTH_AUTHORIZATION_URI=https://dev-dzhx7i2db3x3kkvq.us.auth0.com/protocol/openid-connect/auth -#QUARKUS_SWAGGER_UI_OAUTH_TOKEN_URI=https://dev-dzhx7i2db3x3kkvq.us.auth0.com/protocol/openid-connect/token -#QUARKUS_SWAGGER_UI_OAUTH_SCOPES=openid,profile,email -#QUARKUS_SWAGGER_UI_OAUTH_USE_PKCE_WITH_AUTHORIZATION_CODE_GRANT=true -#QUARKUS_SWAGGER_UI_OAUTH_USE_PKCE_WITH_AUTHORIZATION_CODE_GRANT=false diff --git a/docker/kustomize/config/stage/s3proxy.env b/docker/kustomize/config/stage/s3proxy.env deleted file mode 100644 index 040ff65be2..0000000000 --- a/docker/kustomize/config/stage/s3proxy.env +++ /dev/null @@ -1,28 +0,0 @@ -JCLOUDS_FILESYSTEM_BASEDIR=/data -JCLOUDS_PROVIDER=filesystem -JCLOUDS_REGIONS=site2-low -S3PROXY_AUTHORIZATION=none -S3PROXY_KEYSTORE_PATH= - -LOG_LEVEL=debug -S3PROXY_ENDPOINT=http://0.0.0.0:80 -S3PROXY_SECURE_ENDPOINT= -S3PROXY_VIRTUALHOST= -S3PROXY_CORS_ALLOW_ALL=false -S3PROXY_CORS_ALLOW_ORIGINS= -S3PROXY_CORS_ALLOW_METHODS= -S3PROXY_CORS_ALLOW_HEADERS= -S3PROXY_IGNORE_UNKNOWN_HEADERS=false -S3PROXY_ENCRYPTED_BLOBSTORE= -S3PROXY_ENCRYPTED_BLOBSTORE_PASSWORD= -S3PROXY_ENCRYPTED_BLOBSTORE_SALT= -S3PROXY_IDENTITY=local-identity -S3PROXY_CREDENTIAL=local-credential - -JCLOUDS_ENDPOINT= -JCLOUDS_REGION= -JCLOUDS_IDENTITY=remote-identity -JCLOUDS_CREDENTIAL=remote-credential -JCLOUDS_KEYSTONE_VERSION= -JCLOUDS_KEYSTONE_SCOPE= -JCLOUDS_KEYSTONE_PROJECT_DOMAIN_NAME= diff --git a/docker/kustomize/config/stage/sched.env b/docker/kustomize/config/stage/sched.env deleted file mode 100644 index 12bcba2ca3..0000000000 --- a/docker/kustomize/config/stage/sched.env +++ /dev/null @@ -1,20 +0,0 @@ -simdataCacheSize=10000000 - -maxJobsPerScan=100 -maxOdeJobsPerUser=100 -maxPdeJobsPerUser=40 -batchhost=hpc-ext-1.cam.uchc.edu,hpc-ext-2.cam.uchc.edu,hpc-ext-3.cam.uchc.edu,hpc-ext-4.cam.uchc.edu -htcnodelist= -batchsystem=SLURM -batchuser=vcell -slurm_cmd_sacct=sacct -slurm_cmd_sbatch=sbatch -slurm_cmd_scancel=scancel -slurm_cmd_squeue=squeue -slurm_partition=vcell -slurm_partition_pu=vcellpu -slurm_reservation= -slurm_reservation_pu=vcellpu - -vcell_ssh_cmd_cmdtimeout=10000 -vcell_ssh_cmd_restoretimeout=5 diff --git a/docker/kustomize/config/stage/shared.env b/docker/kustomize/config/stage/shared.env deleted file mode 100644 index c14ac7b94f..0000000000 --- a/docker/kustomize/config/stage/shared.env +++ /dev/null @@ -1,16 +0,0 @@ -dbdriver=oracle.jdbc.driver.OracleDriver -dburl=jdbc:oracle:thin:@vcell-oracle.cam.uchc.edu:1521/ORCLPDB1 -dbuser=vcell - -jmshost_int_internal=activemqint -jmsport_int_internal=61616 -jmshost_sim_internal=activemqsim -jmsport_sim_internal=61616 -jmsuser=clientUser - -mongodb_database=test -mongodb_host_internal=mongodb -mongodb_port_internal=27017 - -serverid=TEST -softwareVersion=Test_Version_7.5.0_build_133.4 diff --git a/docker/kustomize/config/stage/submit.env b/docker/kustomize/config/stage/submit.env deleted file mode 100644 index 67c1ef5bb5..0000000000 --- a/docker/kustomize/config/stage/submit.env +++ /dev/null @@ -1,49 +0,0 @@ -simdataCacheSize=10000000 - -maxJobsPerScan=100 -maxOdeJobsPerUser=100 -maxPdeJobsPerUser=40 -batchhost=hpc-ext-1.cam.uchc.edu,hpc-ext-2.cam.uchc.edu,hpc-ext-3.cam.uchc.edu,hpc-ext-4.cam.uchc.edu -htcnodelist= -batchsystem=SLURM -batchuser=vcell -slurm_cmd_sacct=sacct -slurm_cmd_sbatch=sbatch -slurm_cmd_scancel=scancel -slurm_cmd_squeue=squeue -slurm_partition=vcell -slurm_partition_pu=vcellpu -slurm_reservation= -slurm_reservation_pu=vcellpu -slurm_qos=vcell -slurm_qos_pu=vcellpu - -vcell_ssh_cmd_cmdtimeout=10000 -vcell_ssh_cmd_restoretimeout=5 - -# runtime settings for HPC singularity image -docker_name=ghcr.io/virtualcell/vcell-batch:dev -slurm_local_singularity_dir=/state/partition1/singularityImages -opt_singularity_imagefile=/state/partition1/singularityImages/ghcr.io_virtualcell_vcell-opt_dev.img -batch_singularity_imagefile=/state/partition1/singularityImages/ghcr.io_virtualcell_vcell-batch_dev.img -slurm_central_singularity_dir=/share/apps/vcell3/singularityImages -slurm_singularity_module_name=singularity/vcell-3.10.0 -slurm_tmpdir=/scratch/vcell - -# HPC worker messaging (host and java and rest ports exposed by activemqsim NodePort service) -jmshost_sim_external=k8s-wn-01.cam.uchc.edu -jmsport_sim_external=31616 -jmsrestport_sim_external=30161 - -# HPC worker mongo (for large payload messaging) -mongodb_host_external=k8s-wn-01.cam.uchc.edu -mongodb_port_external=27020 - -htclogdir_external=/share/apps/vcell3/htclogs -nativesolverdir_external=/share/apps/vcell3/nativesolvers -simdatadir_archive_external=/share/apps/vcell12/users -simdatadir_parallel_external=/share/apps/vcell3parallel -simdatadir_secondary_external=/share/apps/vcell7/users -simdatadir_external=/share/apps/vcell3/users - -simdatadir_archive_internal=/share/apps/vcell12/users diff --git a/docker/kustomize/overlays/devjim/activemqsim-svc.yaml b/docker/kustomize/overlays/devjim/activemqsim-svc.yaml deleted file mode 100644 index ea0377d3e2..0000000000 --- a/docker/kustomize/overlays/devjim/activemqsim-svc.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: activemqsim -spec: - type: NodePort - ports: - - name: "61616" - port: 61616 - targetPort: 61616 - nodePort: 31616 # unique port for same cluster across different namespaces - - name: "8161" - port: 8161 - targetPort: 8161 - nodePort: 30161 # unique port for same cluster across different namespaces - selector: - app: activemqsim diff --git a/docker/kustomize/overlays/devjim/api-certificate.yaml b/docker/kustomize/overlays/devjim/api-certificate.yaml deleted file mode 100644 index 2d440d45b9..0000000000 --- a/docker/kustomize/overlays/devjim/api-certificate.yaml +++ /dev/null @@ -1,13 +0,0 @@ -apiVersion: cert-manager.io/v1 -kind: Certificate -metadata: - name: selfsigned-cert - namespace: cert-manager-test -spec: - dnsNames: - - minikube.local - commonName: minikube.local - secretName: selfsigned-cert-tls - issuerRef: - name: test-selfsigned - kind: ClusterIssuer \ No newline at end of file diff --git a/docker/kustomize/overlays/devjim/api-secrets.yaml b/docker/kustomize/overlays/devjim/api-secrets.yaml deleted file mode 100644 index c5bf307fe1..0000000000 --- a/docker/kustomize/overlays/devjim/api-secrets.yaml +++ /dev/null @@ -1,18 +0,0 @@ ---- -apiVersion: bitnami.com/v1alpha1 -kind: SealedSecret -metadata: - creationTimestamp: null - name: api-secrets - namespace: devjim -spec: - encryptedData: - dbpswd: AgBgACIP2ZTyzQiF0c6K3Uv85+2LHsAE/oFv63yiWtvBSs1FLucNRK/FwLwiw9DT+t8gm5QDLNF6YmdFX49tESsaFNaWUN1QTyTeluGeEGQkVcRKSGkHTss/H59ihvS4i7XoGDyIO98N+faHqZKoCCXd+lvcL+omvEjhIjJDw8Dxxl5jkeRR1JzGGk5693AOXUH/JhXs43sS4wHNl3d0AVFmljoEwCHuXRetoWxz2lNxPehAUm2qt5l7DHuV+eKIF+FJmuQb0lgMcb/FSKIv3qS2M8Bak8qprQ022v8t+C+gL/rn9jLbmobP91718IwWyLhVMCnuxwHxUr1IP4x1RceRloHYj0fjAozmT9fznyhOTiSV8ggp4HCW3N8SCUg6XmNGq+D36D27gaU5aSD/1vZDnhfW7bVheIcFJn8dR1jtnnnCUAOFqZanmmXosCOlvyKR2c4SEQva7IDABmohVP/zaxzz5jEdl09wmDdnX8QD2afyaiE1PHFezGybLjpygj551b9gQMXSVyuKdbD4j8rtkQ9AiYg+9d3boyMv/MTH3eJyvFxN2y94KGHR6Pz0OibgFhZPoY1O+YLKRqbQrVoCo69kTVyVGX3qSquX2YCzOAilAOVi2j3zLgc3n4Z8loAJbq6GdJjeWMRoHWdYzdKk+sdbrYI1G4E49MrlXPT/YZzbtFSrt/jRbckjAWSOgKnY8Zuw3yOXO+/pQ69+dyK40zqupzRKjaE= - jmspswd: AgANQcakv44gYweN6A8yTnqfSnFx5DIwcdbSGLfCnRsEr/xd1ootnKBvVx247PnHCZBHt3/w4Dxb8GfEgiaA3gYfMnOOdh07PrrhTtPdLGz7M9n6mKgBBkAB/o4d5i6teEWPcVS2rdrOlh5md2OxXDqhazJZXlysR/83eZzNryg3ThhD79xHRSienXA20UMiWkE/DpvPWtodj+KWFWCCDBxFGWstqkXgySE1eJEaBGnOad3qN6qq9kig19EGPFSt9O2RrwnEQONu0XnqhsHL06vuC3NF0iCQeZffY891xF5FLfULj2vRbwWY+hxAmMDrrW4iDoak6Nog3YiPL7z1W9EIdLHZLexTdle8sd9iCVuuzC/Y2hctw3xHffS36CyEoxvFT8Afq5SDp/4FiuySxLM4qtybWGe4kzQ1eBe+4jDNZmRqRTGY8W+AVgscCD+ZbvYtQpE5IyTq+JyUvfRl8B9iOw11Xkh81pqCBJ95AJVHaWBuZivyRghB00YgQFKS5g9g2Erj1zn0aYOsiIMyOKS1FlzMiZ56AMEzJRIYYjUodgl2pw2SBOjbdku9G12ZWC7tRWZqWCZdJc9JVbW7SXeQRruBOYcdXqO24N3gvWk0Av2Bx2N5nILqvFjyNfHogZBDF+SNMZuX0nz6Xmk8zWqBgkCnWYVJBX6oXN7A0U5KbeKGaWHt31DAvU9PdpM5/o9Sa73d/w== - mongo-password: AgCCpTxgp8Z+BXVFz+DAx4O83rVH+fjUsIQK6jhijcuQlgrgWmCeIqr/FfodFBdifnoj9h4Gm3CgQHTFZdJ7UK0UcQiOf0Wl5xmVRjkrAatmDiChDoUxSaj/YycHMPOKxfO4F0g4qy1bAA+CHTdbK1CQvqk28Uoe/3JZsVdiITUKV3SO7CjMzXGRUztm5U97XozP5v4XHxgjczj9Z4TnMUizKmMyDYubCtXdffjwYkEdyLpOukJzZClNvYSIDsm1NKRU182wg+TCd/0V0qgusy7fd9HKtFnsBJAQ+4lSAS3O/Nvzh89WXcG/U4LnT9R5BY5I5d+iBQI5WZInGn2bMBeba9hBEsDjYXQYtpY1B6zJhzwzLDfyLgCqqc5PYDbMDgoSjtyczjTCeC6/z3ea7HZK9HzdZHcuu+PwnD8tQQv2fN6MvyI5EG0rW2pLO5EgFpn8ugkK1I4SyPDRs+n0zK8w1TtEWNOopJl3OvMvPj+7EHWZYqhio8NooxW68fBa1jvmEF5wkTCfK34OZdpRlAcsBBQRJad619gl/5oMPifBluzfSA+luycJ9A/2j1pJQ8wo0Oq8zhQE0+ytzh5cLsRi5FHfDFRLdamFTdt4KsyZX5XflhnKYfoEzJqC9f6ICro4Xg4V3wcS6yITFF4OeeANxSxlURDMXSgQNCgjB2B9OiV11yKWeAjdfHZjzSm7xo1HCq6iG8sJ/PDI - mongo-username: AgCC1cOC5ynVUo6vVbX148ndraZG+mFTox2K2YtGhfaQgViNxMUpda/ZSPN96gSlwUNf/ajlWP9lAQiwUess2NME0ih+lP34B9OBrXldhLtuADwqiSrfxIIluw5ock7U6/OPZ8DYWKu6tgIM90YgdxIkha/bRJGI2+LRZtEI/U/7+k9+pLv6Ei0BNV7X3bL6IOZgFChVDIFPGpEf5UnRNGCduNoqOMhl2MleopKRbSwRJ4JHQtp15F39VCED0gX0UBGbWKx9/QV2/Lz2xx3jB+jVa1QT+gB7cOdcghr3Au19M/ZCL2HFNDyCRg+QTnkqfdw+OUjhJt4k1om7PSjJAJXuOEhhh67eDRsTOHI9qWHZYMx6B8V/GHa9AUagwOsRWXpB4oGKewwXaYiNoAWJcRxc+oN/FipOPTuswre4TluitxEbytr9javK6bV+h8U4NuuyZLlC4ocO99v8FgpMvz6JeRlU2Lb1Y27jkrTLkVYi07PXmVerNlTnHyCn6247Q0ewLsUwM6qII+3hVdPHq83TNoAXEwpeAJCrQJ6dn73t/bmVwQyAtEpBlc0QeOKqmNmhztKIdVE4gaypM5R0X+5MZsIDa9os/RWDZPDgbP7urgjbqke+m3X/VHDDIrBevGww26WKeHTe2bGjxmMry+VGJneu3PwtRLcpIPmU4HD1s/g7h6Fh1puNTBRx13Dhu1WfO+m9wzewpmf4 - template: - metadata: - creationTimestamp: null - name: api-secrets - namespace: devjim diff --git a/docker/kustomize/overlays/devjim/cfs07_vcell_pv.yaml b/docker/kustomize/overlays/devjim/cfs07_vcell_pv.yaml deleted file mode 100644 index ab758aea92..0000000000 --- a/docker/kustomize/overlays/devjim/cfs07_vcell_pv.yaml +++ /dev/null @@ -1,16 +0,0 @@ -apiVersion: v1 -kind: PersistentVolume -metadata: - name: cfs07-vcell-pv -spec: - capacity: - storage: 1000Gi - accessModes: - - ReadWriteMany - persistentVolumeReclaimPolicy: Retain - storageClassName: nfs - nfs: - path: /ifs/vcell - server: cfs07.cam.uchc.edu - mountOptions: - - nfsvers=3 diff --git a/docker/kustomize/overlays/devjim/cfs09_vcell_pv.yaml b/docker/kustomize/overlays/devjim/cfs09_vcell_pv.yaml deleted file mode 100644 index c4feaf9e84..0000000000 --- a/docker/kustomize/overlays/devjim/cfs09_vcell_pv.yaml +++ /dev/null @@ -1,16 +0,0 @@ -apiVersion: v1 -kind: PersistentVolume -metadata: - name: cfs09-vcell-pv -spec: - capacity: - storage: 1000Gi - accessModes: - - ReadWriteMany - persistentVolumeReclaimPolicy: Retain - storageClassName: nfs - nfs: - path: /vcell - server: cfs09.cam.uchc.edu -# mountOptions: -# - nfsvers=4.2 diff --git a/docker/kustomize/overlays/devjim/cfs12_vcell_pv.yaml b/docker/kustomize/overlays/devjim/cfs12_vcell_pv.yaml deleted file mode 100644 index 5fde5fbc6b..0000000000 --- a/docker/kustomize/overlays/devjim/cfs12_vcell_pv.yaml +++ /dev/null @@ -1,16 +0,0 @@ -apiVersion: v1 -kind: PersistentVolume -metadata: - name: cfs12-vcell-pv -spec: - capacity: - storage: 1000Gi - accessModes: - - ReadWriteMany - persistentVolumeReclaimPolicy: Retain - storageClassName: nfs - nfs: - path: /vcell - server: cfs12.cam.uchc.edu -# mountOptions: -# - nfsvers=4.2 diff --git a/docker/kustomize/overlays/devjim/kustomization.yaml b/docker/kustomize/overlays/devjim/kustomization.yaml deleted file mode 100644 index c76f87bbaf..0000000000 --- a/docker/kustomize/overlays/devjim/kustomization.yaml +++ /dev/null @@ -1,71 +0,0 @@ -# create kustimization.yaml file -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization - -namespace: devjim - -images: - - name: ghcr.io/virtualcell/vcell-api - newTag: dev - - name: ghcr.io/virtualcell/vcell-data - newTag: dev - - name: ghcr.io/virtualcell/vcell-db - newTag: dev - - name: ghcr.io/virtualcell/vcell-rest - newTag: dev - - name: ghcr.io/virtualcell/vcell-sched - newTag: dev - - name: ghcr.io/virtualcell/vcell-submit - newTag: dev - - name: ghcr.io/virtualcell/vcell-s3proxy - newTag: dev - - name: ghcr.io/virtualcell/vcell-webapp - newTag: dev - - name: webcenter/activemq - newTag: 5.14.3 - - name: ghcr.io/virtualcell/vcell-mongo - newTag: dev - -replicas: - - name: api - count: 1 - - name: data - count: 1 - - name: db - count: 1 - - name: rest - count: 1 - - name: s3proxy - count: 1 - - name: sched - count: 1 - - name: submit - count: 1 - - name: webapp - count: 1 - - name: activemqint - count: 1 - - name: activemqsim - count: 1 - - name: mongodb - count: 1 - -resources: -- vcell-ingress.yaml -- activemqsim-svc.yaml -- mongodb-srv.yaml -- mongodb-pvc.yaml -- api-certificate.yaml -- selfsigned-issuer.yaml -- api-secrets.yaml -- secret-ghcr.yaml -- vcell-ssh-secret.yaml -- rest-secrets.yaml -- cfs07_vcell_pv.yaml -- cfs12_vcell_pv.yaml -- cfs09_vcell_pv.yaml -- nfs-secondary-pvc.yaml -- nfs-archive-pvc.yaml -- nfs-primary-pvc.yaml -- ../../config/devjim -- ../../base \ No newline at end of file diff --git a/docker/kustomize/overlays/devjim/mongodb-pvc.yaml b/docker/kustomize/overlays/devjim/mongodb-pvc.yaml deleted file mode 100644 index bd8bf1c584..0000000000 --- a/docker/kustomize/overlays/devjim/mongodb-pvc.yaml +++ /dev/null @@ -1,13 +0,0 @@ -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: mongodb-pvc - labels: - app: mongodb -spec: - accessModes: - - ReadWriteOnce - storageClassName: standard - resources: - requests: - storage: 1000Mi diff --git a/docker/kustomize/overlays/devjim/mongodb-srv.yaml b/docker/kustomize/overlays/devjim/mongodb-srv.yaml deleted file mode 100644 index 6d8fd68957..0000000000 --- a/docker/kustomize/overlays/devjim/mongodb-srv.yaml +++ /dev/null @@ -1,16 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - labels: - app: mongodb - name: mongodb -spec: - ports: - - name: "mongodb" - protocol: "TCP" - port: 27017 - targetPort: 27017 - nodePort: 32000 # unique port for same cluster across different namespaces - type: NodePort - selector: - app: mongodb diff --git a/docker/kustomize/overlays/devjim/nfs-archive-pvc.yaml b/docker/kustomize/overlays/devjim/nfs-archive-pvc.yaml deleted file mode 100644 index 665e855e36..0000000000 --- a/docker/kustomize/overlays/devjim/nfs-archive-pvc.yaml +++ /dev/null @@ -1,13 +0,0 @@ -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - # corresponds to the NFS mount of cfs12:/vcell to /share/apps/vcell12 on swarm nodes - name: nfs-archive-pvc -spec: - accessModes: - - ReadWriteMany - storageClassName: nfs - resources: - requests: - storage: 1000Gi - volumeName: cfs12-vcell-pv \ No newline at end of file diff --git a/docker/kustomize/overlays/devjim/nfs-primary-pvc.yaml b/docker/kustomize/overlays/devjim/nfs-primary-pvc.yaml deleted file mode 100644 index e3cfff36af..0000000000 --- a/docker/kustomize/overlays/devjim/nfs-primary-pvc.yaml +++ /dev/null @@ -1,13 +0,0 @@ -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - # corresponds to the NFS mount of cfs09:/vcell to /share/apps/vcell3 on swarm nodes - name: nfs-primary-pvc -spec: - accessModes: - - ReadWriteMany - storageClassName: nfs - resources: - requests: - storage: 1000Gi - volumeName: cfs09-vcell-pv \ No newline at end of file diff --git a/docker/kustomize/overlays/devjim/nfs-secondary-pvc.yaml b/docker/kustomize/overlays/devjim/nfs-secondary-pvc.yaml deleted file mode 100644 index 7ea7179b0e..0000000000 --- a/docker/kustomize/overlays/devjim/nfs-secondary-pvc.yaml +++ /dev/null @@ -1,13 +0,0 @@ -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - # corresponds to the NFS mount of cfs07:/ifs/vcell to /share/apps/vcell7 on swarm nodes - name: nfs-secondary-pvc -spec: - accessModes: - - ReadWriteMany - storageClassName: nfs - resources: - requests: - storage: 1000Gi - volumeName: cfs07-vcell-pv \ No newline at end of file diff --git a/docker/kustomize/overlays/devjim/rest-secrets.yaml b/docker/kustomize/overlays/devjim/rest-secrets.yaml deleted file mode 100644 index bfd4c9f5f2..0000000000 --- a/docker/kustomize/overlays/devjim/rest-secrets.yaml +++ /dev/null @@ -1,19 +0,0 @@ ---- -apiVersion: bitnami.com/v1alpha1 -kind: SealedSecret -metadata: - creationTimestamp: null - name: rest-secrets - namespace: devjim -spec: - encryptedData: - quarkus.datasource.password: AgBfGsNhqUSMah9DRwnvxGt8GlJzoNniJQVffBFJ4xti8rniwOqsHhMKt6csmXTHWYAygbD54iPISldnWzHMNwmKEEDGSCoD8zOV4nhpImGRaX5Q5DTzQ9AWGTpMYr7mPveNEQ6U4TPtG4jvtpZRovxtHRFy8lCsYmtl7vCXDA5GfIp1U+m6NwMpHXa/PqypKirCEU3RYc6f6ZCACP0n8EnZrriU1h8n7pV/cMGM3pKSx6xu31wvVF9QTxtGKPSKObvU5+C/KD16+Pkin2BXx2bw/chJ1luhm00lzAAqEQsKL36CaJmuhZ/pnOMFet3l/YiV+FUilvp40k70PPyRUvyLACLYSxLJcLnADvoeDgpSLDnOVGbj7XG2Xq3wELNjRcCRJgJodwbMkrJmsqJ6GBWSpoXPP6DTDxIOyqh5dy29Rgyi5tVbUQn5Sjcgy1I+eDYg1pofZwKohN/ql7fj9n+fdrjI1NfNtgcVgoh8xi84ZCFOv3vOvz/vAIyppF7awMReX/SvKk48h8jnVXRMn86oU+1Ny5gyO6QjjRYUqEu82WXu9axsSvtCFPAc3qPitSVMwpvafFJqPkaxl2VxAAYa0OqeH/+lBe+IBXzNPCEfSZ2wZNrICxJ4J9d4rc8Fn3VPdU7YZpPyf7hI+PUYZka++kWLpXTilSFqFjakigxoiTkfXj57HfvZyBqmXYR7ZlLbNx/zkKtqyIe8hKA2+giFt+AvMB9sdMo= - quarkus.oidc.client-id: AgBWK/k5UUGBYd68N3XWwzpsHZ5RCOef24VwYvw6Yf4E8OvOwTwaRN9YR6Zn7PFR3te2ojdCR6+JTGv1vGVxbXOk7N5ZBM7xbPzE660l1k9AkOpNzjMoYa7lgyBdfFIz5pSBxuEZxCDNQT6FWpkSwEsMdrEKQ0yPsp2DBLGPq1H2xAqlwcTlOQ9X9mPXTKqnolCoFZj00/lDBYHON7MoYrHhsCCiKHetzXd68X0WNuIzjtBYZfpvTkOP9mrkOXr/6tfzIczRJYknreXGILZNJRqhnXhQq2HNL7uU7W133watimhpn94TEbMbiaNdAhuPB/LwNRQhAXmbmjXfsB8UyVYU2ux93FbxwgOVukBNOHuZk5GKi909BlT/sC8uMFGZHPTfkt17eUTjXxNwf3Sx15vWAEDol/UD5ju+2ZVoaOLJA0uoFygJAup/sQJbDglVOJwH0kMeEOg+47fA+62pWYFmcbR/TIQeusggIOMKnm+8MJmOP76nmQVMHg/YHKLW5JtIqRJZasuO8HQvEFaX6CrNWRcDKJ133uBN5nJh23Pb+0zGABZoiDt7hwdLYoln69+fNmKg7KbOqMbo9jRf9Bc8T2mM1Kjq/QzMZRhH0SHM9N+7NB1koJU14NM+zbAe1BaZKCMB8Rwj3c4rby9aG0SxfUTMP+KgZzQLhz4A4NG3VY3DsvC9Y4eFX61vp06umQ602GzAkjzrsND7YihWGZgB1OBZkKegOhe7NDZBEVlVww== - quarkus.oidc.credentials.secret: AgB+lKGohiQ86WnG0r1nwaAZ4PkNDxt7R8EUIZFz3b8QdbeFS/FvDvh8bXveThhGsr9oxOXNmsdl90eqmY7hrABFNzXTdhYow9A5nMmLpUtkqgFrsSKparnoSKK6rozsAKa9R+YKeanbXCJ+UYLAIn7tP4g8EckUJ4FyTiXk8l84fjoe/gTS36iIYCfbdw4zgwpTsc9Zx3LeaQgc/ytGKFZzAkqHIaQVmCdDXTekDY3k8dElBGCc0Etm4+md8I8faHgj8wjdMRvtaKKL3ul9F8o9otwfjmN6c/QW2Qdg9hVK6wfONshhptoDWbZU9BNpJPTU1Aa6L4tRZWdjtoNzqBdWtrfsI+AJk+a975SoYgbxMm206/RxQQtcfTo6z9yjI1+n4gVKsdsOwLqpLnJI6H1XrxRP7XCkunL70raNaSqqxhCrSnxdCS4qxRCj/NBTdhMcXBNz0HHJXhchFlLrd+wuYCOCmDVm1Yi0IjVh48U3TB5wEMHmbfkpY6G3KFH36VjGnf/kSndEkp2yDvwHCnmQahzSz/sOmrHmUMWyDtMjzp5KN67OV2ynF4pL9rj1uV1zmRtiwTulxGP/vWock3URIsMUGtGEoFlnn7/064aAOioFJ/UQZlyZl1UWafrKjBrn7uRArcuKsfNq1bYu3rn7Ulm1TDZrzG0rVKdXpP8LTQlh/zMsqmvTJbcE2FLF60iwOOemLVWXOvJYKgyxjbkREfF1asrH2B3LphvU10l3pL1HUORbRjMmldq7QRUZTBDSV1bPEM71k/z/kUOVWDHi - quarkus.swagger-ui.oauth-client-id: AgBhxCGiII+hRvaje4dEcuSLS6yjiADkWbh5ES9V3CJEIgxXH+0g5y5baZFU7OBfFmm7uvLf5pUMGavkhlfePvBVH8bc32Z1fONV/ypdf/1jI+DS1kRfWni23drD1CY0IxJJuiNSuNJ2Ol+3gNMOq1I8zdCRGimQ6GsqDtHfjhY8uW+jh+SOWkjY0/dWSif9SQQzzLowCJ7rIGCb9+XapMcXwZbj2tayZ5I4+moLE2ZgYZLsQQSbzd3VIB/KkbNd1K2xZ+BEQkeb5OeJhVOeN4ov7102mfSgV2FH1lB7IUdtqNJJASkcdYUvid3HJfgHwLK62eCg56VWh4eLTOLgqboO4KZFIspTffNkM5vODOH25hqXbwYiMq4/S4FdXgMEURoDZBuFy10lcLQzFHUcvT4Qd9CulSzX74ZIQ6kLEBkuL6J7fbUnvNo3JoD+1Ecbztfqiy9eFeqjM5l5VFYSyRfQ+YJIRWT4lxhY41V3Pfvlgrs0sfDstS53L7iWIomqPlWC1ggaGomdD9JG1kPV1m0wCD5t9Bf4vgaCRBsElExon5rQCiFK9FPsrROCbx41d0+VxfYqbHy8n5ghEnpyEQQNRM6h2Yc6RiFZrEEwIa5Ctkbjq05UHPv+UcgSBJ67azcuRGeXiY5NV08rEC9pnelorQDIBR7ID/VLv7jbkkfem06inAUeqBNUe380ivtfZTVH1E75hrgwEOGHzu2zoPJxkJwsdfNNkMIoeIwngSpFFA== - quarkus.swagger-ui.oauth-client-secret: AgACEIvzgcrzlGI8CXP9KPJSeP9Aw/5yLM0hT9LMGry76YjlySwQtxt+ErtAeDcsyGEr1lxxJr6vCw70AuolY4eyAm6XtlnTuaRBYBU+4UFhmF0v02kwJIAVUdTk1QHE58/bCWdmIRG84z7ZmZNLEyoIjJMXxChhzHNW2tJ5s7IA5IpcogPURZ0DnvHoBeJ47yxRMWXzBJF21VM5sLVNUqE+KMflRtKi+1/aBzagEFjOMd29M7fD4N0UeklFVkKkr/+Bh4DmwZY5xg5oTP7D7GAv7v+ioDs0G+ORto5NBTDUu2VNzrKLbsFR0RrwNKUu9RH6TERNE+vq93gF2peZbuIV//cmovl7QclY6yp9gfTEd/360jrwGVKQLojGoXAp5H/Rcj9MvDpTHfGMV+ExfkXFgXyRfhZbeOJ4mVN27RHbTwp082qtL6jyizeuhb7D+SzDDlTJtt+FFWfmH5Uovzn+Rqttua7lxsIAz3lt/LSwfIZzJKJXgEQtcsABZdMqFGm0J1Cb7AZlc1sj7RB9qmGxsesybyZoGsPNzcGkLdXfUPsxHRYEUa3SgW0DD/ond+LVd+2bgPVtV2ShNz2QjY1IC97zaRPQvtoTDqGytzSlwhuoXXUVCc3AyRL9bWB7sqM2MU0zfs1HXGChByyzMRTqBUPD+dr+p8BkXAdMzgHpBOJSBjXuN9c2kBLTDVy3LhaSpddnEOb4azFMtqlauh1Q+i0BRR7x53YlyxbcPbgHb7lISgkT27HLWLY68Np6RnDDcj9Of/Prvo5r6XVcKXgp - template: - metadata: - creationTimestamp: null - name: rest-secrets - namespace: devjim diff --git a/docker/kustomize/overlays/devjim/secret-ghcr.yaml b/docker/kustomize/overlays/devjim/secret-ghcr.yaml deleted file mode 100644 index e7509fc745..0000000000 --- a/docker/kustomize/overlays/devjim/secret-ghcr.yaml +++ /dev/null @@ -1,16 +0,0 @@ ---- -apiVersion: bitnami.com/v1alpha1 -kind: SealedSecret -metadata: - creationTimestamp: null - name: ghcr-secret - namespace: devjim -spec: - encryptedData: - .dockerconfigjson: AgBEMlHHAGJ2Tmss4hXMwtVDjKTwUflbFCQhs+xwknDVWYSVcOmFQ/juBTlPiZwb42okZMc/ciBw3i1ZguWX0HXETXRhVWp+jsBHZ3nK1i5mbGQ54KuqjiVPl4NOQxd1E5nFTnKyvaGbdQ7fbWD/ai25cpRILv71lgMNGYFh09sXvHXmMZDQG1yHulOqoOCEqTG/N6J4NhbbjQnH+Bfxq/Ja0C3EEuHMaFyLHX+Em1BFVGX7aCGAQ7IrlbIBE1mkflhIescNnbfEHppl8tCOCj9C+rLN0ZearilLZQmVl5u3R2FxMKNH9gs6C1laDx7UVOU+LtRNNG1XKm1IBC+q11wKwWnGNf6XxpTJsnRoVflPthMRjKNCBqhNwnC3CkYhIJLBswvg/tnVI+3XLv2/KqL8wK4W50EiHXn3XYnZhP65cbHy4equzs/sImVOcfVXtNqkWc0LgkyRLdbjzoDHGxI7ZLsbMFBm4aRpVgIXafdD8mraHG5y2W1HzzHKHyvSaeesXCactZbXqA7luCwR4mQg7UFtkPPXrGa13M23HliwXpRJbw93k4gU+iVDouG4sF71vX4YJX0Vz3uKuIpIqf4UlWavVEEkz4+X5JIG3pvvoIKj+DTdcPHMj64XkC9mJdzZNs5oxzvMsTtME5tZBA7J9/nESyY4mKLFL4YQkUztfezTSGK5FaWEgRQkPDgGGELfHI/i0C5lDsG2as17TIj+0wae0gLlmzEJuiVcJDaHboOfgpOPmMI3QiT4G7jCO8/8YRGq2R7pYura1ntVNhNcUEdaf8FyX7298X6gJfOUFnqJgErCD+kQkdE++POue8BQrkQBlil0kQ0yyAAI/t0sLTdTjdNvYfkOuM0m6GsWOyOMaDSe/KnBujAH94/a9T7GLwbV0DeRIFzQIQxeAWoPls8YCTNd6VnR8yKMSwi1n5bLYRnp7SXjsLKQvcYyphp2hKYdf1o3Bj4V6iwzZXxY - template: - metadata: - creationTimestamp: null - name: ghcr-secret - namespace: devjim - type: kubernetes.io/dockerconfigjson diff --git a/docker/kustomize/overlays/devjim/selfsigned-issuer.yaml b/docker/kustomize/overlays/devjim/selfsigned-issuer.yaml deleted file mode 100644 index 0c99df14d9..0000000000 --- a/docker/kustomize/overlays/devjim/selfsigned-issuer.yaml +++ /dev/null @@ -1,7 +0,0 @@ -apiVersion: cert-manager.io/v1 -kind: Issuer -metadata: - name: test-selfsigned -# namespace: cert-manager-test -spec: - selfSigned: {} diff --git a/docker/kustomize/overlays/devjim/vcell-ingress.yaml b/docker/kustomize/overlays/devjim/vcell-ingress.yaml deleted file mode 100644 index 13df40c726..0000000000 --- a/docker/kustomize/overlays/devjim/vcell-ingress.yaml +++ /dev/null @@ -1,51 +0,0 @@ -# ingress for api -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: vcell-ingress - labels: - app: api -spec: - tls: - - hosts: - - minikube.local - secretName: selfsigned-cert-tls - rules: - - host: minikube.local - http: - paths: - - path: /app - pathType: Prefix - backend: - service: - name: webapp - port: - number: 80 - - path: /api - pathType: Prefix - backend: - service: - name: rest - port: - number: 80 - - path: /me/users - pathType: Prefix - backend: - service: - name: rest - port: - number: 80 - - path: /n5Data - pathType: Prefix - backend: - service: - name: s3proxy - port: - number: 80 - - path: / - pathType: Prefix - backend: - service: - name: api - port: - number: 8080 diff --git a/docker/kustomize/overlays/devjim/vcell-ssh-secret.yaml b/docker/kustomize/overlays/devjim/vcell-ssh-secret.yaml deleted file mode 100644 index 4de63b206e..0000000000 --- a/docker/kustomize/overlays/devjim/vcell-ssh-secret.yaml +++ /dev/null @@ -1,16 +0,0 @@ ---- -apiVersion: bitnami.com/v1alpha1 -kind: SealedSecret -metadata: - creationTimestamp: null - name: vcell-ssh-secret - namespace: devjim -spec: - encryptedData: - ssh-privatekey: AgArUYTatAhFao0yQJONuytlSK+ZhAV5ZLhP3LAvxyWjzakMaVLmcYO5r/5y3hQ4a/JsZeEBtlK8OblI5Xs6q1nkgj9DM3pl6K6qX4Kl06gcDR0XkQN0j1fSruH0omTQvk6vuMsYjpjCR2N8kow+RbafymdMrw88wtmFc/gCF4r9CD0UTIsqoZbGsLCkZBjJ3EDdB4vv9WOMGKLsLn7ydRBInsCmb6J374quUp0/4v5/nG4WSo3zMbYEZzxao2x+ABXw7MtNc9BiOuX6dZ0KCKp7DsPqXNKhK73MKkR+hWd1F84FBl/kCorbWFYdc0xA30Q1bpQhPYolhWbyhGVovGA30/E4arQ5B3Jxbq1//MZV+Dddg3pL7C2G0rYxtM8RlgCuv4ELHXew4YivBtS3DjHzCBvnhg5iEDgLChwu8zOiQ2AVHyNaxecX2bfiCh1KMOOyAVzjOL+MAfZQK13gKCugPbJPLlCsaL+3sJv7C1N1XY3Utd5GWkfxQ6tYOZFwZVb6HBifEHlpNFQ/zkQakr+D3MNlrY0Kc86GFRoIgGtrH8O0nqjRC7st9z13DY7lt4RwZ9Z9LFr009kQjiaKIhgS3DsQzsd1AVa2sB2KIAlV/HhhoSGjbXexu4t0MWltlXDERZU5BxshVbu2DtZ1/kal/v5xUYIUs0s/57j4mn2p4aELtc2JQ6nivSc4Oszrpb/FrF/BNu1srBxEnz5bUB8n5QeTNbb+IERKq0toZX2VowUxDHVExsG/WlAhEBg1KqA/K38yoiSNWe79I7FMFn6oJRN14EsWTEPx0IQ7aKvNcIts6Zri1tuXotJNcT7V3IYGjnRI2eAJgwGjHQE2eQ2COMtRt9+0h3yT5cvT4TI672xpBZoV+qJwjUiqEzt0zNvJF9Q/WGnoZN+nXWe8UADAbAkvcQIySsdxFh6wiZjyOWECwMqxMm/3EpKbSeBYG6JLbu51IdMiczwd0JH+IUtcRfTBmh1fTGq5q4pVKYfGXojt2zBxFXFEgsZw73CZfIv7BGzEPQsWgi83CIRgNKb/SgnF2uPX33Bi8ej4ZeHS5gI3kbyjOC7V4XEN04akk2ImnYQis7IxT0+oFTvxh4R8Jj0/HOTjpowvwcT1JllIMvKLhUaVv00OnQQEXwIhoVvFzDwxrpym/YirgQwc1EAQ8mg+evH4S9p0M3gmOhLZ8Ldj6o5Nqs0DXEbnlXuef25mAjsEIALm7urCYqlLEy4di36UYdsk3uCxCyk6IH2Z8ClLgfKkEYW7v0A1f+ScMRO9RL5CswYplRvg8HFFnYqqmmgbPyAgNnlS6aK+8dWB6ayejsqkrj1uv+Ojq9SXaoH/uS2G8jZNh07/tgnRdiPqvY6O0oOjcWsxIyd4w1RnflAknpF62ujeN4safoi8OpfCwP1dDfCzscDG+w7CSAWRNPzmYKqZ2Qjn1Kemm36tVFs32URPwUU2a4nHdacBcn48ZjLpZ7nQ1tYlcqWBDgx6OZp4bxIeLNiVTrvqsW2VHTHRydqykr4q7SrRd2/X3Be0Zr3wIyucpJyCWXQBBBR+HtoKExH2oBow9TIoQkxUBpzdnRmeSbaDAoOuMLEFe0iNwtIE3z6sCBJFMKfE7OA+GNi1YB/IHXNpAFpS4SsBoVWguacgWYVMCo1c3SKcX9lthlKUFx6nDytX0qOs6fW1iV0aWcL6gUK2JdHwusgksEOB0Gvc1CDeC6D5VifoAJ9m/+5D8QZzESQawq7tIFfLcobvJehQbpKtYiCHqRD+pG5L+aKo5Zc760M/XdR/4HHHI1XzxGi2IAacdtuzVylY/VnAwHpIDiukW3bVB3x75/hPhPpCfC6OJi6POQbgc0YfLsMYqspNHJLo3wOkcq28KVQFgYuv72/c1U3BtIG1elaI9Vjhykri8u46K+qUSRXwsZMLlaaoL821iL+O/nLvpggSY2uvU2/hLRW4E0nP5PkCQyxwFP/ns/FHPpbN77WHwlQERwB8khQSxtiOm73lagjDzIePNw2VR+tu+hug2pzzsjR3Xt1yBS849iiiFdda7cawLTOCw3HhMGspL7EA3+CLhjooYYlM60hOvB4WGX1L11H6wsXpSmkLZA4TrA0wI5IiZ0M+YUxvMKX/fPjz5SAi8bqvbz1WuimepxKVC9piKLvyX2oAbyW04JJbf9CHMZNfAg/6nuhiPglQJpm1HzMN7oMhFjz+IhY/w2obAQA7IzU9ytukkOaeht22OxkecpeX5enrz49kYXnXept13sY8l6rnUriMtsMFt1MBYE0cD6AiR4cm5I/ex92RWVkoHaFqsk5U7y23MrV6N2QpTjEJeg2QJYZ2nkXMQ4Esh2mZ8vIpAowjwSYILQIKuc7lrBCL2qKRdABCLoNKdD251669X5Vlr9EeTK54j1ja8Eeqo5HO4OxRYipTgMsb+Q384czE+2oMYQCnCpVvFO2B7xQnSxuaU3DuoTUrRQDpcQJpTU7JXcmdL1m9TGCrEr1da9bIzzmF9VekFG79IuIkIprNcuzg5zo1m0DgMC9s+i/sL/Zxn0DfoRE31NRk0wr2/6QAXfy92IbMEUU+QRCioTuhKPpNJa7/urmny6vJwj8RVz3JnX84uMN66IRrblPzfs4ttzURzco8LrOyH5bLKaYB74uaorBQ06ERaWOeG9efn0Mn8TC9bqGHimCrqj3i/myYRwSeRVS1xig1JDX6Cw9kt9yLrUnjeKt1meI9nntlQtWfPMVCR6IjUoP0KenOfbguyfQVO2lM35hgRO09Xi36d/oxBY0X11/oXAKxSABKNo9KKsQpjC/lq8kXKsDxtSkGQWuWMelMWgSdskmdKywidEczn/U0+1msioNyhKD6zVg1/4VBcYHem1ylvnRQZcapTOYLUelsEdlbvUJpgO2SiBTu2Zu3SCjJoNwpriK/rUk4VAPlurbMrg5DJqVvXPG/KWE+QunFwSsF4IgGvxISJ0WrMwwKEphOkrnGTfkfVfUcN1ARm50shepazj3ZpvB3G6dL3x9bKr6h0hjvqZyJ9kd3Ea4RDagYRkSsU6canDJ/k56dSTM3phRyqZ7iDrOvoqzOKljKNUDbF6x8oivu0j00/rfutm6LBefhbO/SWcSe7x1WBzwoghBI//8u2K+J+Dzvw6e8DeK1XG0K2EfiTLCfeiELOSZGD6i7+2wtmuZgHvnb1f+mO3K50JL5FzlSLwvP70qLd7bU5GW0mg9dwjy34z3NXz/bzOu/GbGMtGgB5TaVXNdyplKhZuXAb9aX/WmJtmB+75E0A/pqGDWnjbw6kjzdW286nvMeMzA3/wngutqtlB2IYL3sVUwH3jUFZRyiCJr3VrcWxQ44AE07KICwNyT2Xk7NDDFpYjNpMxxXy9OzRZuHMgNSI11qPd14jkZm/xWmx4lB/2HtBYpvOjR7zrpJhoGOrlrPhJDO2+TDVq3YGuMHpi/QrR/IcC9cUYyG+Sojlp1m9oKoCXcD98vUmifyFg788e+A+D5tdTrU9MhA890Q2M6j3HSjI3FQ/jzQpUvH72REgISuh6H9kVrjs+4WA8WnX5sy8SFd8o4wMZ0/2wch+uju4rCsqCp8FKQbmav1A4J43d01oqX0wP01qFvQiBdTzhHDggV/CVfwNmxl0TpeLFXQFWjTyjnS3yxt5gOcXs5yiCnFbeheddGQdzafxapCIsfYWocQy4tgIAhmNqf6pkKq25/vh2K2NUSFF20zEwMnyDwpLuLmxuoF6tyzy2krtRla2HY0UTq/D/Ao7kcKebjLXnpspcuXQHdIoevz1+QKIbOvcyv/48RThEPyN9FTpjfHeNNDngVd+e3dssvYRGUkmmBLZI0nQ6KYNG+KA+CgQlssZJf4Dsj6OZtItkZPwIW3iaZCKxysV2xyMaWtLlNBESA9I67CLtHR3+hkektM6iS3tcKfJZJKZbfyxJREZddrr+rky7FYg7T/6wMKKsc3N3TL6o/HXeddn+dsNs0WVE67vLm5o0ouZmCN/0KG9kyZG5GFver3jbp+EaYqGVKm2QktddmaKVKNkfwwU3GtTGNPR86fsUYLflhqp4Xgm50FBAVMRVLJcPhQLr0yrGbTnw/rJl07QfrRP/obo8XeYzyYFe7iAtG6TWvZfTGDuMUX2lGHI8oWapm6x2XWJJksvB2u3DPZK56WPyTYC5f28+svDC+SYIDBs/pYPwr/OaW4rcb3e+KbhlGHFCTIS5xOpFIOXI0gmbKrhdlxD2g8liSIKoB9a4vDjyFFaDChaBqHizQ95zgLC1W8YpbrLCpPMPeZj2q0XlXXcet1BvClTjSaV0gHzXvAwgZdCexyJCW9Y5QTycYZjyWqX6nga8bUVAuC139C9v/EkGNuN3qJRDOKCEicEirx26Wu3YXvZ+DKXyHPKCJilgY0vF0eWafpdnXB1enNBxlCiJPJUeSATN7e9CBrbDG7otN2kMyYBNGxoVlhTT5Q+hHaxlvPzesmkIh0B2LZcNntWvDJgIiNmMcfCiSmz5xBvsCNvVSop3G9ffUt4K2SFFUp+Afd0vrRBRqoGJkxDJQJylhK/iPPAZ3ri7B5EdyIDensDo+3gbOxuFWDiqYuSu3VW3HjoVcq58PPC0S1CCxMI76ruwORGMOo5dIZTeAjwPMFGBLBGGGN58h5d1bec2wa4OsrqiQaob6tyrZFMgNY/Xo6Lyfrv7UDZ/bN+txw0OqpSJP6q52I404ixLGrK4DhxpBU+yscSKjBfSLxU99o5oHwYEZc6obiWJ7vkajtKShTtU5Crb/BopvBF+2twzw25kq0KZ5MCEhRMZior0+LX+Iib2pxcO9A72uKfVG4KFbNqsgqKO/6pRkFFGsIck1SreLrYWbW8EhAFm+qjOIA6eglfxigQCuorkHDQSJ5F/+LwNIaOsiYKsTCG/ip52iEbIPnxCrt8W8+QJv+2CzwnfdccDrsr08SRsbZKBJEXJotXKWvKdGdnqng0t4ij/8uhnY1CneKKlMhWDpjMKM5o0NMcOcaNstgXBxJx3CF4PS6gTfsWjLzWYxXoCX51zmaYM3Y3/sZ3eRldeoAixN7zwB8Y6Dwa0Faw1M0/plzeWBfm4gSPc0kIOF+YLqaz3JkBMcjd70L3ulFpVnnFQ7/i/0jMgd2mqwMFek4sMY5LSYsYDkuAr/ocZKr4NQM8A7pUgY+gAcCR4Oqs+nXuaqf+p6Tn8cY/GkxIQGgSNs= - ssh-publickey: AgCZvJEdwnw5bmwmWQeXDZxRLk+Az+9Q3+RBwUYmge9pzJKuCjuDKst9oAsPF+p+P5Mo7k148RcpAE/JRveiSk1HwZYDxUCXjs3dkLHIfsJ38Q4IvoqXMbaQ2bv5XDZC+4W9kEo3HV3K/5I7iuTx0xmBP1O16YAUKzwsMLNK3AbzS0BwUGkFAeVuy4VIe8OF8vZ8/Yu3cUem/POzi0T9H8iV+05JjPpq4VP1izy4n4mMxV7Ho9uRkl0KWLcgZ4CXXjsvRtSLSaEp00u9SZ6e5TXXgsgiodPtbI4AorTVT0b5cWcYX98dgZHbuZqGqSKAL+4dDl6VkUu3jS/TIZusTgp0LqKHWcQ1yH9/8DEbHTTehqtb7RBOkuY6gFwGm1EVcz+QBkftEb9ZBscot/Us/QzVWCTrvFMCzH0J8ymZOW2v8vVb5yFY8d8npmo4CqJTL0KgcZuYVTM8V39DePaBNmg/TZAZnmdvVrMBZEt5lPhQ3D6fq35jBWiTJDNvvuygqjfUyBYOLrPfSScbKCnSSyiBJSQW1UbIAEAU7TrOmDagHrWdZdtJiJ4PDRZGLPjiBcuNg1YPJcwVGCnjkNlBDmcVmbKIw81qLo0wRGx4bP09/j1qVu3SMOrzpK2pTbZnKSLujx5oxhqOfw4mvO58FylOsRw/e0JhpfDRI75TRbv95NVMBVLo8f81SI9ufNcY1cqiBBUMDPFdmN+XSwergYZMQdyh269z55LYmZ9bKhjdcdJJPPRoO00JfDRMWNBekB1gXRi6gagUikXaL79juMbioZPUX4+MYdD6/PGcR6KKZCdFH3AngKGouBfwDnxwRiarSK+4P/bwtd3p2a4avXtbFyjbY2yLDapL4+jSxYNHhj6pw45gl9VwogvocJ0Dn/GHiG061c28SEAhXiGsaSQfN4PV6Khl+mZP2uK+piJZdjHlZyNjLNxK1+02vglAPrYirTfABNK1It47ZaY0uh+UkV7lbv+UjayfbWP5tJR5jXb6TCnRM/nGvimmmSle8qpjl5S5LZavr0uSezNRRXRg0WYI0be87/OJFIP/CKI9qtp+MZzdgaghevK6u4v6wBUlB/Z7fgN/MkfRygt8ShjiK+jtsCdVfmhqWgbqksAPfiu1ySW4FRxdbGSkC2KCUd8Qx1e7NSFIc7qi74tv9GJGLmoBFFswH8fTB7K2gtJ1qvBKktJAeZAfxl0axXCh4todmInYY/MRlB4FwCeOYj4hkrLXpAUowmWTA5DZwe/E8e0yo76IJQcoahszeQz9Q9WeadfGSLerb4kk9fsgiTm1d6YqNClsxgOyLWYVWB0VG9By+1he+4IA0ZfJ8ZlgBd5F3OEj5TNr8YDZbypL7JR/Qxx+ghw3DkghiSWM7HgmOiLYrkCwgLcoPcFeE4DGeXviriZ0ycIA0XfdZFknKK2UZjUpuU4fte5YWNblAkZWNMzt8KQSvgmG/qzPkuAwFNi/DJbLSsGglO2Ynb798GijNhpjiv6Vw9sMajgkl9a0f/gQKlaryljXfFt4br8cFhG0zm02iawLb9boRTKQsk+EgwIqg04EwpNEQYtPez6r43OckXBmaE3udd0LFT0Xc7XYHOmQNo99xdC4Oyx2qGtcAmYd8y2I2jJmt0sdxon+A1cMjj5ZApzYPPd0s/ACZwwS1Oj2TSUs3TyiZtzh77LZoziQBg== - template: - metadata: - creationTimestamp: null - name: vcell-ssh-secret - namespace: devjim diff --git a/docker/kustomize/overlays/stage/activemqsim-svc.yaml b/docker/kustomize/overlays/stage/activemqsim-svc.yaml deleted file mode 100644 index ea0377d3e2..0000000000 --- a/docker/kustomize/overlays/stage/activemqsim-svc.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: activemqsim -spec: - type: NodePort - ports: - - name: "61616" - port: 61616 - targetPort: 61616 - nodePort: 31616 # unique port for same cluster across different namespaces - - name: "8161" - port: 8161 - targetPort: 8161 - nodePort: 30161 # unique port for same cluster across different namespaces - selector: - app: activemqsim diff --git a/docker/kustomize/overlays/stage/api-certificate.yaml b/docker/kustomize/overlays/stage/api-certificate.yaml deleted file mode 100644 index efe0f698da..0000000000 --- a/docker/kustomize/overlays/stage/api-certificate.yaml +++ /dev/null @@ -1,13 +0,0 @@ -apiVersion: cert-manager.io/v1 -kind: Certificate -metadata: - name: selfsigned-cert - namespace: cert-manager-test -spec: - dnsNames: - - k8s-in-01.cam.uchc.edu - commonName: k8s-in-01.cam.uchc.edu - secretName: selfsigned-cert-tls - issuerRef: - name: test-selfsigned - kind: ClusterIssuer \ No newline at end of file diff --git a/docker/kustomize/overlays/stage/api-secrets.yaml b/docker/kustomize/overlays/stage/api-secrets.yaml deleted file mode 100644 index 6e1973bdd5..0000000000 --- a/docker/kustomize/overlays/stage/api-secrets.yaml +++ /dev/null @@ -1,18 +0,0 @@ -apiVersion: bitnami.com/v1alpha1 -kind: SealedSecret -metadata: - creationTimestamp: null - name: api-secrets - namespace: stage -spec: - encryptedData: - dbpswd: AgBuLJ5LHtpY91uhqJSAo7v/kBP4p3MiI5noeP80g339NCzXt6g6ytdiNZ8cdjqugZTFrpjFjlJ7b2aRkV8D8W2tu7UPmCCJWxqYSZcCQ1gSJuj3a/BuLm6k1HP3RvBkOBpsR3qivLCKd0hQfdEhmesgYxY32V90nqBDWo2ENNMgglQc80SgHjmmuLrmUNguMwQ+GPPKIzbL5qyzw9iprzN0WWxoc9s3IgWcZ1IVV3ew1FyqPbkNJwR/ZrzZuOHCoDhUWyxSswYVJbUfIpGCDRms8SigzP10hItY2M/rZf27Q47GN5R5rJkcfcuct8udN/IHhFtMCGbnmyDliSXPn7eVquCGoHyZ9rADUDD4hMCBh4AsoLcZPGuuVkmLr21fEYVstcnqlZxvA+lP29ikyA5V1EbMVAGcQ9qrf4cInQZdJ26BVj2Yh0UJd4xG6qhyHyhslIi/9TJL4D3ubW/a8RNw8ADZ+qi1pCPr8UkZjIOHfYJ2yn/k604NhJkxB0z5fj2xdsRolW8P9UfPdvCTu9t4xXSWZtZF3REcGJa0CeKaavBryCU/cMd0QucqPMWuC7xV0HEMpSOdYdsgDk5C6UnrXX9GfWZCBSOonQM8pfvQ3o47dACN0wefdfV4k5+ARB5nJOAYNOuyqdMMm5nX5yD05B0DeasdiBNz4kbZx/5PWmh8BumzJepZYCzBlDvtgLocV2YDxkWUf2BmKq3utxKlxKaGskURyLs= - jmspswd: AgDasC/jA2oKEYfv3KSBxv5G8e+4SgH2w35gWRxnVteNTZMfJFMjVGq1E1qenBuKsneecHhthYgf7k8ZON3kZqOFOu/BAlOpGNpd7NusbbNodNofxJoM9SIznwf1VokMZYbS6ffylUcfJJ9xBy1CxVj694aU/bPJg4A2ERCvOKrnQiq+TNz9eGUYzou56Ewigk2CH4ELqqEAG5Uj/JsA+oKeZOLc39XQIgtERD1+OQVJsI8SU7lBBFv64yYFZChkJ4NvPAZWodSGesFXbjDfZQtD+7QGDg62Z5ZG6436AdXTd48I37UKWFtNpNhm6cB7in5CWqLk+thDmPaVHwiXv/Ix99agi9Kq0oqsKXEbqql6hZnpPF6iZ2Nv4IBrUiPsz8xL6B3Ai4xvqZ47kpT4JvYxvd6ciMM15mAPpSpK21/CVgrL/CFZpUc8+VoYR6TLT0RGWEhlCwtjhyKZGgavyJKGds4d4oK7yjcD2vYQpsBjmDlN6UpdqHponEZ3rd3acmaLHs49N5rbmOu3wnRJRWnBavsVLTMfhMmq99TqOCaNvdN0PcCj1SngKvwzn1fSa2ibxluNHl40zBE2sDw5oFNs3ZdnP/oOcMZz1m9rMFeFl1uoZEOqsoA1le2NaEYnSlljJhXlh5wWyrGmDpcOUuUi3zbgw2RN7Jd+x7Txufvjkuau4haNrathfCkRQRb7Nv6h/xI2gg== - mongo-password: AgAEQEr5e760BDjU0VzMAYHbBvklM1CeaXsEYhEqB/zT8qBLoKEnHmX4ELsKUmpxQ63OFzoQqjif4iTxdg+K5Zo3ZdUbMi+qEuUqa4TktLwr6olyZcsnYbKgfQJg6quJ9gL0KSNxeA05V1WpPfbegcB+/P+bjqjmUqitPZdtrDLnl4WrcHH6lv2tN/3ReIpnO66yPFtDerHFIkYJz6wiOdpiugwO7Q3H32o88QNfFd1YhlJIg6nXs5oOgrQHHB65pD1ALrKOEyD3gpyWEn1QZ2UWLPo1dw24L9U5iMGVZ3v0F12l6Z+R3OrAw+rAJh/uMid+aqeeNiFHiikWbu/sVq0kj6H9loTeG2RNf3oxtTu4uVNnXRx5IqkPJ6Q754ycIk+sWPQTXDyBTOiHdUHzNWZVwiNmtQCUpOf7XYclGwTlo0NkfYGQCTPFTmgbx0v2xIOD9OS036RBPdnvpIKFEypGef3fA9bF1id3lwD5hcCJIKrh0etu+9t+uoEvT/OU/Qrnk5Zgy7S4DaGxTF6GruVhXujCcu6P1oEgAKulGAtfmiJygJHvduTU425M6Sm/AtZjpz+nxnYmW5cZZfZdU8Og+gSK6lO4JPe4ho711C3cgjmJVArM3LNSWt2L2x6u52EFniS0mA/+n7B5B5F9XaHPsLxNEKm27kgvswHH+LdpFRQLZqIAhCAosEZ1Pe4joby0YFocuQ== - mongo-username: AgDjxAkMz3Oy4SDCo/uFMRnRvl2qS0AHrAF8GrGPCwnKqfdMQH4eQ7Ky7Qy2yMvlX3j6wot+nDkpo/Tm5h8Nyyr31c7jZLVIZIxRotS74JrcHZ1xgsO0gNEQdPxJAhmcx4Vy5IDaI0iL4+QaFU9nSdLqd/NvdiBtGRjVg+69W9uav1wevK/Dm4S65PCDE876SH4Ncti5d8+FYrLiIggIya8ILTC4XwXSMvr8ImAPBzQQ7pa1BsLjuTl6TlvQApj2aqE9oKONMDPvGJjdmrFcSn40gK11u5B+mdWXegk4zaF+dter/QuXWeBz3tOSTbkveVE5vkN0xc1wLMnqq7lvej5kjBATW/MVxwLcVtT+TKIX/6WQE0ZM3ZNOURz7EiP/hP3O4LX7BNu4Knp9zx6/0GVdu5cCxrAo1/+X8La2usn9mY8yuHf3QCbulkg41PSJKuiP+9yy/cTVs/w6Xk1pjBcvpVOD6Lz2iHM/GwVHg6uQz3lra217kRtIt7pq8bGErcpY9Nm9rSneSBTIbta28nMkCsuvsSyvZ36aT1+fGgPRxZad5/h6PVMP5P/aZoFia1flkFGsMugQoTURBLz+oDGUTc7hvP713rTpR2sppn6B0d9O/nc4xhVFjZLy/4+d1suBWBvpzrY1ifxWoYE5apXsWVu/pPNtR9bRUM2fztH0MYReAI9eS8MklLRanijQ3q3319wqyw== - template: - metadata: - creationTimestamp: null - name: api-secrets - namespace: stage - diff --git a/docker/kustomize/overlays/stage/cfs07_vcell_pv.yaml b/docker/kustomize/overlays/stage/cfs07_vcell_pv.yaml deleted file mode 100644 index cac6d84ef5..0000000000 --- a/docker/kustomize/overlays/stage/cfs07_vcell_pv.yaml +++ /dev/null @@ -1,16 +0,0 @@ -apiVersion: v1 -kind: PersistentVolume -metadata: - name: cfs07-vcell-pv -spec: - capacity: - storage: 1000Gi - accessModes: - - ReadWriteMany - persistentVolumeReclaimPolicy: Retain - storageClassName: nfs-csi - nfs: - path: /ifs/vcell - server: cfs07.cam.uchc.edu - mountOptions: - - nfsvers=3 diff --git a/docker/kustomize/overlays/stage/cfs09_vcell_pv.yaml b/docker/kustomize/overlays/stage/cfs09_vcell_pv.yaml deleted file mode 100644 index 97a9861dd3..0000000000 --- a/docker/kustomize/overlays/stage/cfs09_vcell_pv.yaml +++ /dev/null @@ -1,16 +0,0 @@ -apiVersion: v1 -kind: PersistentVolume -metadata: - name: cfs09-vcell-pv -spec: - capacity: - storage: 1000Gi - accessModes: - - ReadWriteMany - persistentVolumeReclaimPolicy: Retain - storageClassName: nfs-csi - nfs: - path: /vcell - server: cfs09.cam.uchc.edu - mountOptions: - - nfsvers=3 diff --git a/docker/kustomize/overlays/stage/cfs12_vcell_pv.yaml b/docker/kustomize/overlays/stage/cfs12_vcell_pv.yaml deleted file mode 100644 index eb2ff2cfff..0000000000 --- a/docker/kustomize/overlays/stage/cfs12_vcell_pv.yaml +++ /dev/null @@ -1,16 +0,0 @@ -apiVersion: v1 -kind: PersistentVolume -metadata: - name: cfs12-vcell-pv -spec: - capacity: - storage: 1000Gi - accessModes: - - ReadWriteMany - persistentVolumeReclaimPolicy: Retain - storageClassName: nfs-csi - nfs: - path: /vcell - server: cfs12.cam.uchc.edu - mountOptions: - - nfsvers=3 diff --git a/docker/kustomize/overlays/stage/jwt-secret.yaml b/docker/kustomize/overlays/stage/jwt-secret.yaml deleted file mode 100644 index da29e198fe..0000000000 --- a/docker/kustomize/overlays/stage/jwt-secret.yaml +++ /dev/null @@ -1,16 +0,0 @@ -apiVersion: bitnami.com/v1alpha1 -kind: SealedSecret -metadata: - creationTimestamp: null - name: jwt-secret - namespace: stage -spec: - encryptedData: - apiprivkey: AgCV8eFdZP1HpAPduXu4/EmVkQseS4j+EYGvBOQs1sSRT/zbYDUI/1wXKUhnS+jOsC+e8D8hIpe4j8/aARQcHQePFbP7jF488ajioR094lnv1O3fOYql8s/VolYoo0dXBzVByc60Klj51Rtsqn2B7I9guCHH8qLYsxdg63nZLiiHLiVw3PAwWM1hCFajzZRTrXHqmRaDSVZjBWgs+cwq/A0wMYAfC1qzN0OcnnlUNtS5t15JqrP4rRZZeDbOBlx/OwqmT8gizJ9t/VeyIb3ihdUKtDjMvf6ZsnZncOdbOyTXUqYOlI5GbvBOgc0wsIbECq5rR/SHtB8pldYo1mkVoDz0Z3XZGcY+koU7MCkKi2w1fXXhUheGaFbVGk0iCczm4AkLRcUxkO0daor7r4jLfIfnToBpFiU47ISDn8F5swggQcKCSs8fBrR58sr6kqtCSEnyibIkl/JxR6Kd2j2krB3+vN2D6izzSojlRF1Np+PF5ylGxyVENegd8rvPhKiOfyB7HW5PeXBiqFkiLx2fTFLq1gcTbuEzqwE8k6hth/4yHJSYCJa1KNr+7CiTFUU1wADpb6EDyspyBl+7Q0WbgJcQzDaYZp/patNs91GNt3/dbUay1b3dylgo9cseJCegtgkcioZudZZkeB8S2EKZBGdCuWbTH8KA6mXJOjxkFtGZe+CxBPyAFdgOpHWn05WueTP+iHPsyknJhyK4lZ5wLKvPbIjX5s+Dn7hAW6BnAu6hw8IxBHbImXwfPAVVIRpoJZp29VTLCXMH291GHzpfoPKMk7pWwn4sUkp6LQvj1yWxk8Qik+kM3sJn69pi9SYW8sVKgINnges0qz4mXgN7CNgetALMJU3uSn0C0tAOJORoNd9SC31RM4jJAjlTfGyNxLpte+qF3PWGqjeh/GwWCxsZ+hI6lV3sgBhf7ILeL9TobUTUgx1OA6DLDzLTXITU8zMQCeDrHtOnfE5vYlZ/b2lK2dwxGB7Xk9mf3AdCYiC6daIDuK4JVR1f2D/4J6zPs+n1pq+Oq1jV+ANNczoTx7hDhL1sEHalluQpZNse3RVEOJtS/Gwrqy8kKseW3uNws3M6YrHfLgXIxah7c5/3ApZsRYtWaQUCeXk8gSpCuC4qV3UJtI/phsnPR56ie3+2Havty57gWXKbVQRwNf9xENDuzkG1A7F5Otj+bhdxH4C+A/q5+ye9XddxxFe8Q9M3T65+fNwi9Z4dkXtX98MIXJ9kgaAUC+lxO/e5XLz13u+o8l9D1ONV+KqEXQ74Ks2YM2OK7dJRkx9nZGF6UESBaYqftUu4nDuggZev5C3uIuLLZb+gZn1ZjzJP2XFVgfuJFK4LZ4rdFgalwq6Q4EhgrVYbd5San3OKEMppeICFrieJ3liBvc7pIJkut1xQ5fD3GGs7t1SN/FBe83IkiwXmJeQ1hxepEvEdS1gqLHUOITP3R5DuwIRTEEXWMFiTLsM8uiKF1DuQt+juGLXA82hg/OVbmGMXqXT6/4A7pWpIaV3z7xcRbDkfxY3U877lD+cKA2KncgPXqBuY4NnIB3EKQ2XDp1dJOBSURn+enPBdQ4SCYL3BN8CCKePSobOgotlduj1k/O+22MJ1PFVG0jpn52n1W9vZzdugS8gm2B08nOxjTrV7+Pzmxb6s98oaURMNmqJ7sMV5pjHm5oH13ei99pPuR2DJZXrfMQ6n4g5LPt75zDnch36IgR21fZlIq6naPcTLII3Mufo9njw/bjOrrgF8MkCidTNU3kEdB87GUBspqqwfe9y4YE+HHyRzh2txPD/dcWF1ndYcm9ScHbdRBee40nUBVO9tZygWehgnFIjyxaniEs18+y/zCy9cZPnUnWPdVHWoAEkJr1xpoJ0/4kZtK4uNbO7hqxc27ojcH3GrSSyKGkwlagr5UpFMdzIJPhL+ffz3ZxigdTtXDyoaVqgl3lWVzhS7XqzwsRmUzvh06Leb20PD87Iui7R58UJp6dAX9jo5SCalFc25tpM+CrywAe6NFGe9R0PmI25MvIkutriMeaDTajIeD2zZyo9jUkGxl1O00kNT9JiWxJIcPbJgX4JlaB0BDqZwQ4k5RHXhWR23dM5BMZ1K4z5BJA3ORqTIwiQOWNvSclWvu45IYhtEk0pAY5cfEs+9H/EPVcUsKE/05T3hSJikutmeFrOcxsw3pnmhwytdlDhgus+1UsRHRnCE0rdJIjXTx4URQpY/5/daY5n3Gn/6q0N6cvVNaWTMi2AEAyZWVXlzjquoLJiJZJXiwvOc86EYf3GIJI1nJjrr0QbDvTI//1Fm+WBm2IH8mslp/u7axpN6O07bxKuNEmI+cYN7tf+8glzFUbbj5c9Ns+pJwBtWyM4ROxOpntV989rSrPJub/R5EiW9ixUO1VtfjeF7P6lk+CTzJA7rd8AzWAOX23LtezSGbad4c0Zg7PgKI/gMVx3Q79pjTcaOhcA3IuqoNJQb1ZRQtMud0yr1YHIwg41auF7+Hsd4bRy5Ub2Q1dm9T1UjLo471glIErxssayEUrwfpFX/nnOocz/hga+gJk9d5kn/sVNlYIgcJ0twtJw3z4IMSN8M+Im7b60AkcGGFAlEAx9epfryM/h4qlpx6faM/AQwB4VT/0cJ6bQbHXhJZrHiULOKi0kc5eeg4jbbSCVbSAGWFyMHUNznObQNmUEK8t4zXIKJKUNvscpYbpVVFaS9GsvgQzeQWu0BewElBpJJkxSQt+jLbIJrKZj/uhF37OD7p67gelUCtSE+3jh0CAHxwVLBoWmw1AH/q5AC9frp21D9klax0+96nWRTZpPNUA2A/0rCrWQb5g9ajEd0JovN3VVC27j94LsplMtO4av1xV7l6x2LpSdGmwAITY3g2vDCV7ncV7JwovinhINm1JiqQ7Cl2ClLgEeRCdqhD7kYBK5A5KG83IZrYarDEqbPdIwlunE5CJg72pg42HSZGGkleqLaotZC3Q4P+y9CWbY= - apipubkey: AgBiaTrFdgAzD8JCp7/G6iwjeFwwiaC2RF53WIa+fHbkKT/LnPt3VjpWbHVNwUma2s0dAuAur6jQ39wmRh6LtcEGseDwuEZMd9RG2gLMvWMlU5ZIvBt60I271s5bI5jcmPNPpFYvWOOe8RaB9HeDtqouSpbHMXmmrDA1/1VJcJh/QlHIu+UXK48EvQfl6HmEetILOpbX1C+1ieV+/QwmX69osAS+Nm3FJnN2tcbS6qPDjcI7KwdE+zvuaQ5EhjuE4jn7vRasObSL8E81iFXgKg2R9vOax3eWtVIP4jzrUc9FvaXNh9uYAxG2wl7ZOuGCJZzn1S3ftRJhkT3kcdvWANiti27TU6p98mZepL9gPmIvhVjP7lAGyUqKS/qV6TO88Di4+3J8SrDo2oEeh9U8nPsmvk8dF/8jTZSGtjwRa6pD6lcVveY+Svx+k13MkBwuStet9G13BtmGudAbpNp/M8tNnAIdHJKuw/M5wItBdriNeSEXESMvYpMRJ1yyTLX9Zfc5M3Tw/jx4aLmY/kVGiH84qqwKbzfvxQuSdLX2QUjoAqsyMGuAft3jhx8brTI1r49XTcR8KfoH8CBye0jf8Gb+mggtAhcXb6gquZ/mosw6S4buoqiwJpJQRQrmDwDDtwsw4OcM/iurJ2za4+nalXD7GJaXFuk1DFyaLnF/Tz5/w2nKTcbfxK0STLoq3Ka5NCUVAH5J3ySCl8wZqe66aaFXr1K9heuU22Ozqfsa1WCPm/FVXdzWnLkqg3qihlRM8XbYfxM4UEcKj7I/5bU5NknXLHSu9bDS/JjAfQhXzMbjs880bI1aqZ3xanvl7xGLQ81yhPdqmgQeNRtQSKllfoo4Yh/NwLAQaPsPbEdd3yBs84J/wJ1Ji6hRAoxpnSLDvMLaBlqTq748Da+rxaheNzJnwZJTxr/RHhfw0N0V1Kyxfq01QZxzle+QN+Le0G5+HZPHvfTeRMFhDegBEX86hzvWmOgMvWCpTVETwjipMRTJ3PGmyJSctgwe5Jgg3f2ozk06RvZ9mfRWD9OOTI4tjAAFKPKfSo0KGAK3f9ng68X6xNuqiTdcD3xe2jZDpwp+w4ArgXk0DAybpn8JcWnqkMbuwce90omGNt9eXo9M2nPUm3CcXtlr+sETx4t74S1IPK77Y5gwjTqc3kQhs1rRC6AEIKHAl0SwH8L6pZdZrMmRyoH8oEaC5wV0kHWhdC9datD7kUoxq4fTquDrPKmzeMmbnFcPhcmrje2UEjafd4XZm3Zt/9ekFhbSs3AX6wCwZsb9yJhoseRpX2S8IMmIgpFs3wiH - template: - metadata: - creationTimestamp: null - name: jwt-secret - namespace: stage - diff --git a/docker/kustomize/overlays/stage/kustomization.yaml b/docker/kustomize/overlays/stage/kustomization.yaml deleted file mode 100644 index f0ed19cbf8..0000000000 --- a/docker/kustomize/overlays/stage/kustomization.yaml +++ /dev/null @@ -1,72 +0,0 @@ -# create kustimization.yaml file -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization - -namespace: stage - -images: - - name: ghcr.io/virtualcell/vcell-api - newTag: 7.5.0.133.5 - - name: ghcr.io/virtualcell/vcell-data - newTag: 7.5.0.133.5 - - name: ghcr.io/virtualcell/vcell-db - newTag: 7.5.0.133.5 - - name: ghcr.io/virtualcell/vcell-rest - newTag: 7.5.0.133.5 - - name: ghcr.io/virtualcell/vcell-sched - newTag: 7.5.0.133.5 - - name: ghcr.io/virtualcell/vcell-submit - newTag: 7.5.0.133.5 - - name: ghcr.io/virtualcell/vcell-s3proxy - newTag: 7.5.0.133.5 - - name: ghcr.io/virtualcell/vcell-webapp - newTag: 7.5.0.133.5 - - name: webcenter/activemq - newTag: 5.14.3 - - name: ghcr.io/virtualcell/vcell-mongo - newTag: 7.5.0.133.5 - -replicas: - - name: api - count: 1 - - name: data - count: 1 - - name: db - count: 1 - - name: rest - count: 1 - - name: s3proxy - count: 1 - - name: sched - count: 1 - - name: submit - count: 1 - - name: webapp - count: 1 - - name: activemqint - count: 1 - - name: activemqsim - count: 1 - - name: mongodb - count: 1 - -resources: -- vcell-ingress.yaml -- activemqsim-svc.yaml -- mongodb-srv.yaml -- mongodb-pvc.yaml -- api-certificate.yaml -- selfsigned-issuer.yaml -- api-secrets.yaml -- secret-ghcr.yaml -- vcell-ssh-secret.yaml -- rest-secrets.yaml -- jwt-secret.yaml -- cfs07_vcell_pv.yaml -- cfs12_vcell_pv.yaml -- cfs09_vcell_pv.yaml -- nfs-secondary-pvc.yaml -- nfs-archive-pvc.yaml -- nfs-primary-pvc.yaml -- ../../config/stage -- ../../base \ No newline at end of file diff --git a/docker/kustomize/overlays/stage/mongodb-pvc.yaml b/docker/kustomize/overlays/stage/mongodb-pvc.yaml deleted file mode 100644 index 54d46d1dea..0000000000 --- a/docker/kustomize/overlays/stage/mongodb-pvc.yaml +++ /dev/null @@ -1,13 +0,0 @@ -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: mongodb-pvc - labels: - app: mongodb -spec: - accessModes: - - ReadWriteOnce - storageClassName: local-path - resources: - requests: - storage: 5Gi diff --git a/docker/kustomize/overlays/stage/mongodb-srv.yaml b/docker/kustomize/overlays/stage/mongodb-srv.yaml deleted file mode 100644 index 6d8fd68957..0000000000 --- a/docker/kustomize/overlays/stage/mongodb-srv.yaml +++ /dev/null @@ -1,16 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - labels: - app: mongodb - name: mongodb -spec: - ports: - - name: "mongodb" - protocol: "TCP" - port: 27017 - targetPort: 27017 - nodePort: 32000 # unique port for same cluster across different namespaces - type: NodePort - selector: - app: mongodb diff --git a/docker/kustomize/overlays/stage/nfs-archive-pvc.yaml b/docker/kustomize/overlays/stage/nfs-archive-pvc.yaml deleted file mode 100644 index d67ef7eb54..0000000000 --- a/docker/kustomize/overlays/stage/nfs-archive-pvc.yaml +++ /dev/null @@ -1,13 +0,0 @@ -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - # corresponds to the NFS mount of cfs12:/vcell to /share/apps/vcell12 on swarm nodes - name: nfs-archive-pvc -spec: - accessModes: - - ReadWriteMany - storageClassName: nfs-csi - resources: - requests: - storage: 1000Gi - volumeName: cfs12-vcell-pv \ No newline at end of file diff --git a/docker/kustomize/overlays/stage/nfs-primary-pvc.yaml b/docker/kustomize/overlays/stage/nfs-primary-pvc.yaml deleted file mode 100644 index 2c9defde9c..0000000000 --- a/docker/kustomize/overlays/stage/nfs-primary-pvc.yaml +++ /dev/null @@ -1,13 +0,0 @@ -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - # corresponds to the NFS mount of cfs09:/vcell to /share/apps/vcell3 on swarm nodes - name: nfs-primary-pvc -spec: - accessModes: - - ReadWriteMany - storageClassName: nfs-csi - resources: - requests: - storage: 1000Gi - volumeName: cfs09-vcell-pv \ No newline at end of file diff --git a/docker/kustomize/overlays/stage/nfs-secondary-pvc.yaml b/docker/kustomize/overlays/stage/nfs-secondary-pvc.yaml deleted file mode 100644 index 799ced124f..0000000000 --- a/docker/kustomize/overlays/stage/nfs-secondary-pvc.yaml +++ /dev/null @@ -1,13 +0,0 @@ -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - # corresponds to the NFS mount of cfs07:/ifs/vcell to /share/apps/vcell7 on swarm nodes - name: nfs-secondary-pvc -spec: - accessModes: - - ReadWriteMany - storageClassName: nfs-csi - resources: - requests: - storage: 1000Gi - volumeName: cfs07-vcell-pv \ No newline at end of file diff --git a/docker/kustomize/overlays/stage/rest-secrets.yaml b/docker/kustomize/overlays/stage/rest-secrets.yaml deleted file mode 100644 index 6519864c3d..0000000000 --- a/docker/kustomize/overlays/stage/rest-secrets.yaml +++ /dev/null @@ -1,19 +0,0 @@ -apiVersion: bitnami.com/v1alpha1 -kind: SealedSecret -metadata: - creationTimestamp: null - name: rest-secrets - namespace: stage -spec: - encryptedData: - quarkus.datasource.oracle.password: AgCV0H97luPVffFo4N8+2Bx/oBKUrHYqDpI74vHRhsX0JBlgxFTAf0bRSmg80jkt+gaIinsz1RCZeleA1tRAd53u2mojrVv3vL34PuC9FLVFNBpWDVOWYU6+LNcFr7bCufVIeHOOxu4x6L0Cf4wG5i2oJm1KipMlPdaWZLJmarkZ5o2fgc4ivKrH0jvj1yF9on8JMfgbTuaEj8/t1VLEcDoSrWsZ0HVj9/k2MNrPSkxoU+RmcYomHVYe5QaTXjux115VIblCgGQJeIUFC14iemn5ZC8hzzY8CowIt1keQo8kB8PrxQRncZitJCLNniz4KXY1BplKM9j/lcC/4Fof8ha0SCjAOl39r7TH7nKejBr2PiNWuQuDjPtPHB97V3sXh1+bN/6auM8GsJPJLUvBWT4PYF0EOAg3gaqaLuc1Pj8DEyaDAjIgwpTTOOM+FFmGdEoNCa7clqxe9l1viOrK9kdiNmY5AJfJgBmixw2q1EP6AM74CuTI9zmjpwx2EYSWvHIrbw+DgNDjklY/ogNFf36PlVHbVlO2GPbfs55CNbls5CIWUoyzd2F0JSfMZt2qBIUNCcx6hAOI5mYb4ocKxAxF87qdu5cC9lhnA35pJpbFupCOYWIgzSRZkAQ53leYwDMqTYQHTErg2FUb91mLo9Q80D5MBNtXtt/ntggoi5sykF1gFCYSHARHEtiJV9YUCISDSAHt/lerKQzCLmCOCrwq9rlQzqHrqO4= - quarkus.oidc.client-id: AgAhQXdq89SxHcwynry3dXkr7cWQdzCm98FJ1pp+fx8gxakXk0OB7GZpFUnYwzFe//pwytcHR8L6OE70+OOvAMfDCZbkg08wvFdITB+uMwceJrgj3+XX+apvAGUkzWESm930CvJXn8B8D7PrkmMRCnuWJbQE4ytgeZ/ep8ZFnLLWBHeqiTxw/t2lZsfssph+tr132AETsUmYym9YCA580tMOt0F50agvrVowytqT9tQ097dDJvz9qTR99uRiLOk3mZuXxj55a6kzirTNa3W3KYAAtnGU+8GR5pLIn1yNU/uEgr69n9iniCmKGrUduiI+NX1RV7E8/FKsX4fg++qomTcYNckiDeHNjQXbSttWDYoMmq/tXViYRCCcyWJ0kK8pfYsCE9PcYsflNqRxKW5AgBTop9Y6cEKuuVHFiYPdmYNQ8BnfFGb6MHxSWK+fQWVHn94CU++i63KnJbbp6xvuL11sjhrhppScEkV/rr60cvbAGgdXS7bE/OpcAlhpo1TpXGkCZWIxXSdjtqnsRzN9pPWw9KIXErwiq37AZ5uBXLHTbHgHyzL6BxlSM5JHPu+4fe4w9E9AUKNOnLfsaIPPm3v5tdgQ7PTZFW6x+RfULlGvqKTHJDq8zO0aHAnvIedMUWN0gsrLKpYmFEcfIDTBj6z0HXLxPSBK8v3Iw3lLw9QrtKZxK5bf03cBBootvbmUo68PjHJw2e5Lvlakt9/CpmgncyEhIJmOimp0fzHtEHbxXw== - quarkus.oidc.credentials.secret: AgAIrAgyf/zESVCLdovlbT57Bavg1jFS5pH4Tn48yU9isn1gy1b7856QIWAyaRSBwc068DnVMYmnAWWJknEjOxI9zrYFZ7sShAJKcwFCjTDiVjrjcM4UkJ5fG8Ong1oPh0rsrzRam9yNFqWb82nT7Ey6Ws1JXjD2RJ4UuehCKUf/YD7l8NiBPwihchnJzByUUsm+Mk+/yCU/1VEH7ao88lm9v0gslz71Xaewb5bBRSs6iufybAkUHt/ui1xVRefTolXkZWI618jVW7WHGOxh46GMpypxPkC4I+LaWutH6p9X7P8oe9/LJezgZMiE9/0dgvn09JPVbyRk37frdZ9uFV/Ut1oJuy6oUAnDOBMssreScXsipVJ1u6sN81opNQwgQNSEf3hw0eVGgznaDc2PcH2AvdjmLnsmWDgeQMFV/1POW0meYlsV9Ij/GRmAi4o5POfYX74NS94A4kHGeorZJWIMQjk2JuunHds5GnvHI+4ZzET+f0ipRFR4ADJvIVXoq6kRKYhL8APGtzOMYcKTHFeipzF+2HLe237rg0lhaxxCrJnS8ugGfnelnUmNkKUDeVvoxqAwkdojQ8FeOeTifDE5KU9ThwyBJ8dBUWMkROpk1Zpa7X3G5Zw8Hlddv03H9xUFmNfMM80+YewX7xx0JCbaw4EpBmGfibwjQTS8Y7T7xT5JgKJOy/GgNNIPaBptNpqjVALX4mtOJjXa6ZFTYrM7vSUfgEHdHxnsehHKQ+EMtqe/A8Fl/6xSWWeI7U85e3bzE6lR6YF8EgR1PJWo97Ll - quarkus.swagger-ui.oauth-client-id: AgAbCFHwP0f5R+1khVS/QGrABTj9g80H1+++gfl9RrjCnWTCt3RFtJm/ZqSnV95O/WMcy7L9ybcAAIub9xoM8CEow9i0ehLL6AIxlGbYXRWG3n2F5VdB/zdBjkRa8KGDtbGb5yz93TGLKMe3Bd3ux4RL16zG+EApZCwCorjym0/02wl6G6hnhkBOQGY8MsR0+ESE1n2XhvUenupE5nxTb2Cpr70d41klZht2BTbIEF1zhuDL2xXVy/7Ld8sFtEk2b6PV2O8+XfzW1kvC3ztwpEU+i41aOWW7QoqTbdLnCIEn3JMOH/w8eMa/7ORz+fy52Tyuil5ANm4PzLXz6/X3jExl5pJUKUpudK+FOegNHQleTr2P00+jYalmvUWczSS7bQ6EmnBuIcmqgD22vOGk2V8KE+M5tO++4N9EDI5VZ14M7cf7ngD60RnrdQ7J2cCn+G337zUDHGBAFGzsn6jnTlTlSBstUlhLCsG4YFzM8fjhKnTgWLLVlC09EjfCfrnn7zccmFoxSPlQwITrPW7dLTycl2cM2e2FNr1oVsI9QYsvI6/9Sv8uwvnyx/4CgWoL2ie1yWhWu7wHSolCIxSE9vg05+nKLxNAbJpJNvj95lGiTzcb9ZiPWZj/rwRql7GROklfAa+GO0SA6xYTH2Ak+vdP1ZWlhQWbiNQPgzL40SCkSrRv6kvJs1GFivBMadQ49QUX2OfG0fu1inSQultAmHhCVxtbXUAqZw4KPcUknzSfVg== - quarkus.swagger-ui.oauth-client-secret: AgCjOa2BEZTonZ6b0eOLCchx8Mt4lQP8vwBv7bBkJmEDqChTP/QVKFqxqDSIHVfcQNG2L9W6varFfOq/tY01exWIOn74XmjozW5jYYji1t3S3EnaOeu+L3o4WKUCbvHM7+2uKMY/FNPIwmLeTY1l6wEVVF1V9r1hkKwb2dGCPgzYkLzEW3jSJst++vzvs6yiKlm/EyZt7UTp+aHIv0aeCESHR7MLsBwpweKwK3EqsRm1/nD+d7E7l45qJx7VRJFqF37toH3Rq+Z4s0bD2oqu+Jp4P1R6QbVx8gUeWL2UQd+kDNlZSiJGSVO3aER0vqxETljk0//XlfXSNrzA/dtwGX91nXWRYZlGb936wrbCelp0BFqFWruqdqpnLV6qvGy/tHpcSGy7yT7xzibZAXxHmszmrinBG7jRqIs81U3F0d630RiEZLYNz5DXSrZFZQbByBCRBPdesZn2TSJBV/OJcevtlZv4uaB6En96haLeZ3avNdfzLBcDGeVzkbz1d2rZ/KD9MvtVk/3gLVl+qfaZ5FPv8CK8AndHYVjVyZMm6RbWHdVVruGfB+vf48aWNL+GgeSdFpv7P0K/17ItKfzAIDI7u0X+DPU7lb4KoVLmvGZbdhVE0S18cpL+LXyjDmYhTLTChR5iGxKK4H5cc7fERvUD5oGwScJrSThZeYVHgGsMfe8Sp1C3AagZDQNE/DzvJEVBCsyCYhIyV7EVyXDyjey4K/++0n51I5XFsd4PUkinLnE9rfweeCS/BXnGoGV5nRYoaTm+kHEgerV0Hxk/CBXV - template: - metadata: - creationTimestamp: null - name: rest-secrets - namespace: stage - diff --git a/docker/kustomize/overlays/stage/secret-ghcr.yaml b/docker/kustomize/overlays/stage/secret-ghcr.yaml deleted file mode 100644 index e7498fb61c..0000000000 --- a/docker/kustomize/overlays/stage/secret-ghcr.yaml +++ /dev/null @@ -1,16 +0,0 @@ -apiVersion: bitnami.com/v1alpha1 -kind: SealedSecret -metadata: - creationTimestamp: null - name: ghcr-secret - namespace: stage -spec: - encryptedData: - .dockerconfigjson: AgAt1M5ou69zxM5h6kiiEtRRBJfpuWUIs6MprfX6Ed3Y8O/AEcxz+d/fex4V0jnBjlFY1Pkg32NQw7Z9p88oX1+JfmNPDxTP47YF1HRQqEWAteh7YPhA6BsocXusZvqk6IMj7XEsNPWWEQ7d5aj3WPrS6AUy81Em4jfQZ7ozX3BCUC7/zXe994KBw76qNgEMrpe2xuBbld4qu+wJfYYUhFNyY9/8ZJAh/4qPArOnuEQbpsqFXonkPCYfBygN2RWGo+ePMyoQY21ADF2HHyrYJv58hw+dnghrz3nP5eg8WCOPdsgab5kH7ffCczbgi9j4ZiPvh5A79S03Ts7W6Uk9dtcEQNVLmKmMYLgzv51Hur5BOM4AxU+li5x5MJhoxGHLWuPyqZncAGxaL2LnDpta5z+JhKb5oRU5VBR2daR97l93levcWYhJCO3yEuVqKeGagSDsmFP7hg4N/mP7cRHsThVjDd6Kw/LdA0ZOPRua1r+z4rDa0zLaXvU7kWN1EMyqXeqovr4keIGRs/OEB4CuAL2pqkUtPByLoUxQ192BdFY2MBso63ERxXb3SWHby0awr4/LmRYGkrZMr8Gfv7MT4xhScHGzrByfO1TmU6Dca3+TmU/XN0D44aDum6fBzJUPwHeLZDmVT+6iqGgG6BbK+dZY6gk6ZC8idEjdNwVRhZpB7m81qyM5sb+3nJHtqDvzoZbWDVy4m4XyihYdfwzQG224p2lAQ5q1jIRirot7+SUETvU+s5yYlGkesb0D97XOtzhUpdTdQv8Bnrs8vUeoQtpM5sM/kv4Mf0G8VCVVjVd6vJK0gEhdc94y9J8i/HmMFOjaK4NhtzsKQnhW8heut1Rkua2ULByOGFAhhmGXOxmRBflUC3jyGwZqC+UJJC0dyru/hQQua7qOw6VmjZ65mPCkEcAnk1bBLw5gAQ+2PXDFnB5tEXkxuwWmRv0ubX14vFeTkVDmXW+f6YHb3DApufEi - template: - metadata: - creationTimestamp: null - name: ghcr-secret - namespace: stage - type: kubernetes.io/dockerconfigjson - diff --git a/docker/kustomize/overlays/stage/selfsigned-issuer.yaml b/docker/kustomize/overlays/stage/selfsigned-issuer.yaml deleted file mode 100644 index 0c99df14d9..0000000000 --- a/docker/kustomize/overlays/stage/selfsigned-issuer.yaml +++ /dev/null @@ -1,7 +0,0 @@ -apiVersion: cert-manager.io/v1 -kind: Issuer -metadata: - name: test-selfsigned -# namespace: cert-manager-test -spec: - selfSigned: {} diff --git a/docker/kustomize/overlays/stage/vcell-ingress.yaml b/docker/kustomize/overlays/stage/vcell-ingress.yaml deleted file mode 100644 index 97bdb71b73..0000000000 --- a/docker/kustomize/overlays/stage/vcell-ingress.yaml +++ /dev/null @@ -1,54 +0,0 @@ -# ingress for api -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: vcell-ingress - labels: - app: vcell-ingress - annotations: - cert-manager.io/cluster-issuer: "letsencrypt-prod" -spec: - ingressClassName: nginx - tls: - - hosts: - - vcellapi-test.cam.uchc.edu - secretName: letsencrypt-prod-vcell-tls - rules: - - host: vcellapi-test.cam.uchc.edu - http: - paths: - - path: /api/v1/ - pathType: Prefix - backend: - service: - name: rest - port: - number: 80 - - path: /n5Data - pathType: Prefix - backend: - service: - name: s3proxy - port: - number: 80 - - path: /api/v0/ - pathType: Prefix - backend: - service: - name: api - port: - number: 8080 - - path: /swversion - pathType: Prefix - backend: - service: - name: api - port: - number: 8080 - - path: / - pathType: Prefix - backend: - service: - name: webapp - port: - number: 80 diff --git a/docker/kustomize/overlays/stage/vcell-ssh-secret.yaml b/docker/kustomize/overlays/stage/vcell-ssh-secret.yaml deleted file mode 100644 index 69301ee10c..0000000000 --- a/docker/kustomize/overlays/stage/vcell-ssh-secret.yaml +++ /dev/null @@ -1,16 +0,0 @@ -apiVersion: bitnami.com/v1alpha1 -kind: SealedSecret -metadata: - creationTimestamp: null - name: vcell-ssh-secret - namespace: stage -spec: - encryptedData: - ssh-privatekey: AgBlPO1/udXfKS+cu8Z2QzYh1Ungha6MtlZE6F3ZQCZMBBWRqwahDhIXC2pN77ucYlPC5oKrhBNFFUAscNWECSfqEaEAcImsLvi27a8BlLYtNf+VvFgkeIxshxq5fRSvVPSllsqJiU9KHWbQTQR20l7zYifPw8wXwyW/rngZeoNde1xDfATGIWD6UNcLWWCDs5EUn1ufTZ7yK6LTONiKFMjc3YsXmXOC5zzkPE4wa6r/VUKfDk1YMxU3so+YetfxgZJik5Y7gkjCr1zqdJakQWSxrSROnX7ayoiM7YVuMY//EwWbkT656dG0o07BWPnjisVbq4iRq5OLwZLpO8kS2PzJgJ8ywOZrhfrGLTSoHKLdqp+jDpMky60HHvAW/q0QWREeJr7eikKGPseAU+Zn3Yq+UTVM8jKrhTZeyA5UU6hM9bgw1tmOQuJ+bZEUlv/qPvDRnsBWqqCbGkUjwSRpOfuW9a6GQ0j9C8529XmwVK2ioxsKn1L4eRJC1rb1gxfEmRqeT11ru/41psEUd3T/9u3b0XY3hWDTAZ9YaciQsdmDbDdV6JCBia2HXdp2mhWDG6GG6sCIRk383FujwESng8nBCqtij2gJgKt+B7U82O2Kwyjlvh2ri/OFt6IDpqz1So9xEA1e/nAo41pIcS9nYbHpasMtQti9TZyBheKNRlXfKAJfISuhRrdVS87UWcnYg61X+K2xBPZX2DNzYp4qlXtCjfoOXUcmMxPkVGCiRqo8d1+9Nof/tmzr5MUxnksJWQ1Q1gByLo/lzuzQdX9AUGhHHWdxZrPFDhZSOjG/4cedypzsViWhjmWbpjriNteYxMHGS7O2aDjzFCH/wyZbilcDzMG5b60/xsbBcoeaiaOb6YBJgTxY8D8BIm6LvOMiatJjpBPH8WCdbvOEyQiaRxllMhcY/gkY/wVxDAzrKJeKtvrW0H16L9Ua2IFttRjpm4QHHY6R18ZqKL2d1l4pTMPx3Q97V91h5hfaSNs2kPyDiGebCSbF22HdxDPxvuBmcgGr8TFJ9VJfdR7pIkDYj2Yia2oqpcIN+/ZUXOz+oYXVOoquqzsRTL0EgXWKXIvFUYLuBrWIc3s3fnTtEzO/Vg0VdFUXhRBDRpt4mt6m6u9/kd6an4zeInRCnuPrC3oey3lY5jcthN/egyOGZgiiEuj2VOLDln+UocdlDmb+7WLQLDTVOfa2zNHzrNtT5pBg92v7W/BOrFIzayiU0ZjE8Rr2nOM7TisOf1aMDMfcTEXgAoUEIP5EBJCrHkVkzyuR0/JqJHVh8NqQsHSjTuwgTaB/J1Ih1rrHcHKoTKDBvCLcSuOixOP8Qdx58kNOKij2TEBO3ynZOUiBVCJOjT8Kku0KPOJIPm5W7RMovRUU4yNmPVQr5uH1rLw2NSYaa985eAmwf+qtbZOcmEAIaUHxEITqanPhsa69dy2h/HU+TsQJY6c6LNHOsHVXC/JIEoi1zouUH8DuaZdlkbBQMUU39TseancgTcnqsmSGioPIExRzqDX2+Mn+0SZQ+vEOMF6VVC+rXjHbeatOvpw7+9cN3b+3yuIgmtp1NgX/hInlx76L/SpU/jROOQG9iOfYYP8GRXA6jGTwq5Rh+NjvBLwLjPpwSTap0sgyA0Lm5nf3UhByuzXhPVKKIgH5PmA+i97Qq2RhMcHU15XjA3a9MosB5i8l/J0EFsYzc7wRFlEgAxEmWalAN9ocK43eER6Mc7LjtaUDGEpuCfFiI7SQH391QFk4KwbbBzGf+DKNtEHFewKQp6CakKKRPbZrqzWjG/Zt2WsJwPUpCYjNLcwKiy28t9XOeEuIDiMvi2RohQebvWqMkRWKsxjL9a8d8nVtHm959hVoxrZYDGBzfkt1PGxWjvCDyf6x5NYw5dOX7rYn505E54r3DwzLO21jK0UAzfdPaTMAZSu80xcbItnjxlJOyhqYsLuyWhqqbZP0xKx1dEsk/xJ0vfrE73NRMqlpXVH0uTUxkF3koWsLNkZsz23472CuKyXDCuWxKrnjqWeFf8VDF9t40nbKJ32khZACkpEDb8IDBe4gWMymYWMVEbPoiQruFFmeQ3Knjy469CiHZyYI36/W5wMCcNCHQekIlUodsi0bVnHp4hEUDOMMr4TDSrRE1b1y4gxypcsbyPxzSj45Gmhm+MLImAh6Zi4mizINEOSGbPse5XI9YnSG38j0Jfb97u5kfSr299YEiVMAXDFe+MIPZzEOPqj1yllG8vofIELEPiASpTFq8m0oim8LbXMN+N5XQXrjMy6bQH+l3eGkao2W2ifJT8jl/NRx25Hwj3zh9WKOxPbKKBZ4JgCNWaJxXKfbnKDixamHjEnFycLoFnBsDCAo2cpKwxJ2hBHhVUrzQYsMQVwN1ta329eJF4fPEjYcZxvxpKexSLZxfFmZrVIFlk4Uw3a9qKP8iO7zCM2dg9Lnal+f3pB+H+c2A6d816oCHxOQONgii5qCgfa1Wfj8Ao9wDjwyirRHlmQXNPRosppAyz9+zEnXZq3qjj4EsAHs94LUkJwEqgDQYAqjvNclbEibXpvGLnkbgrfiFY5fqPcFk0mk4JU6xrTdnQY104X1mNHWN/D+nTGNYG05+i7SxG5bBvp2SuE3PG6m4XxtWiB0slRvRQp3yGD6x4AtUzgWSFqU+kIwjc5BijFFwFgxyymkudMFlUEy+QTNKq0fTLhZNC8qMu31KNhMHFRbSU1f/JJPLRY8pasc4j7PNWkgGgGdbbzqV5sQK61wVsyGCtBbM5zvwLV/2yeYodqo9gCb48Jum36G7w+EX42natNhX0Kfc6ni5hbd9RTvbFjge6r52dq7x9isuQVI9fTUQby0Hb+GCk6ZGwyGrAxmWYnZDPrV03hs34f/Wj7M1EvaGYQcfYNpcYFesE7JhDi4Hxx6E891VGr8mZRsDWRKz8otNtGPnsAED7zg9wjXnj5cpDn5li864cVvn+WV4+necBzpGBMDEXZbxaWWRQ7QjGtsNKx1NDvrpUcioHkiEGEaPnZkLqCB0hs3+VzzkNDpLznaI7i9ttSqTr4PDb5WBZayuT5XYDees8sQsMtw9V0TYjVxJln7WnejIMwz4oWRvEZIDOscd51iuUm+tElX/zG6J9zwGHGTGJClpSV6O3aKSmPRHudEAq3+s3njykCqXtw3Ati8uWp9SKMbV4+CQxK5G28ZknQ131HlyHLQil2rYWe7M2oGrAmggwW3zDttduaa4hAbmRMlHchFruETat6oz+IP1TdWgco/0r6AdofpbVhEfIv6dLMX4h7Cajlt5FcxqzMA2YfB4/aGzZV/KXTvV1a66EiEaPFnK9gLMhDOLXEnb4MRK0cLdQpqZLj4PB/F0BF4kot8J9lVSkQPcz53Rs+sW4zvI/+YZr1Kk+1VQSUL+aun7X9Fr+P1L0O0pTuIRRO1okQFOqRpUK84ZWXL8sxxe96eLuBGF32n4BZiezNKC8Pj+DBlHiYEAoPt7H6r9VFqPEg0aO/4dkhTovg8+q4cbT6LwFYItZnYneI0lRmResDxXWBiYEkl4IROQi3w9n/ww85GRaO0UA43Hz0FkztDgSAFmzkXRyeR6cQIEyzLMEZr5cDjPe+DmG4RLIo7nYOdIuRbXuRuSYliiejsAw8Zc2xnGagkVt/+OoY0893Nlz9inS3iQaYskBkn337ypnk817f+Sy1ItYua+C3LUqaDdOv2CSrnJ1UnzMKOUg+8LqOyNXxhly7OM20ZN23YobnaW1uj9WQme/fuh9p9r1EB6na7SgDxUTdOoMCYgWbWfdnerugmdLtOAiHsagkt0nEQi5b+35I+Xlai4Kcg8yEdXZlt9n7RrIJhCAQkvMdjTwP82Yka2b/T3BQZrWkf8IKFm9Jw8Kbdt348lhHKulodx6wBzMeJGoXljkBEK5l4UGNIgtUKAhC0npNqSiZL0YmjHtLBCt0ZheF+0pzoGHQ2lpIvRpHAvR0fgUEvqq1EFysFqplCIriOxsjSm0vWhIykrK1mGB7xRRaGL1Dss+k2gJS9RBZXK3/4tcsJII2bXVsw0DlPt9FM8EsX9bnHhoF2011iRy1Eq0Bx6ONUg8LHqbbtubeMxnemS+fLhAiKxptv73rsWVrl4YS61XrWIacl6tBPMlbGa93gjwzdaU3au9SvaT6evUrMdzDN8jHdRVgm9TspjAYQYQM7PeEGvMN4gjV1X5yV4dDMpuPi9klC2c3rQLemOvWB78em1rsRCZ5hfqbYo2TE8aTluN5xmi2CEfLvTKryEyKRAsbJaVgqxrT5GJMJVOhekze8tI9fpJNIeZd5VKr1zl5H1ngYvxH5uEJacFT0v2I9tSF2FH1E0+ePuVTlkEz/dCTe3Xil8e9omuELbWQCtB6Gn8bUWqUeybV7OxoAZevVSDgHHahztYoM2QD41fMvuhWDvqCw1Ve5SZB0R7rMf5G3h6nPhDqwrVVulkJoRpuySnRg3OMeQpHbYmLMPiEuC88cokK9d5e/3XLfX9+3SMXE6QWKjoFfHH74wabU4nqwc8s7qbeaS+4Cl/K8y8BDx9/Jow+hIRG+puHkyLicqCP8QfIozRB3ICi58ahUgY/3Jp1GayKFHcv+UGrdffmGUjIbTH+hpvZcrCT0ctY3+rLlUbnPvzu+M9bBnamS/uz3Gt9jY2jYKk+BPV1E9DTOKeNLpLYG+o9W/+VmErT2lm4kGYwlbjUFhTDMjhAVy+IM8kVeW7WqCR9NARqkEWcIThTjr6FafKryOM+wuwV+P5pmnClQyNE+stNfI2D+RLjfKyK6c/SlqVQIGKbFmKfDH05xPwfyj57PJQzCAj/g6KeoRY0fCTwhKGizSMF1fwajgR7hfW/Krl+NCvwwbUClCN35R4Ngu3WLNlK+p56F/ShG8hwq2tQGKs5lC0zNzkz+BQ3gP6ZV1PS/hPGXmA2R/DT5LInOU1NuQfj7TxVVMWaIdNd4066Mg4vWieTYTIxsF3V8JhVQCWEd9/i8baPA8DPKysh4KdJbP7majPTQO50+y2GShbgqKjSJDomiJOA6VftgDwI52s8WUVXUAfgmevnYc/Ud3zrVLIoNqFYXR1aR/yvZ3gNlMSM2Hc9QXJ/bcvPudWxYD12W/sRq/cHNqqSTv4mQIGj0dkN6YYUcnVA46PRZVPxs3JObb0ScxlfDnGY631a9LEvWFpLalpfBjnTOn2xxHsNRhX2Ye0eV6ng5Qo6uGVY= - ssh-publickey: AgCa9pmItuiI04lS66ESFr1Bj2Z2DxMPZaHB40Zqc6SHXE7bjkQNtrLeVJFwYCT6yR1oPlz53dLSpAuK7RmajEDACeVq7O1OR1CAlCd0pL9sm26DOtdOEcTW706IoQMvwxqafggREFn2fTER9ZHu3piL4lygVzhb64HP/xaROHMpqVIeK76cV6rvYSCjhnEhSR49NmxzIrOWevMTVrUgOC8c7as5D/Uut2APyV4UcfL4WQG4BxNcANDWIUcqVtvgotNdu1hoN8TrUVT3XT/4wldXZGLLO63DqW0ljCLR71rI85UfQEhIQTdPYc3OWtM1WNE/jpNGyJIqgp8C9k+91N3kcGoFKPOlpXe4WZBmxc3wCWQs+7WqP5QnLiMd+D4KghIOM8XGic88J2qNvNjoTvddeaSwmViRslmSjv8LQMHPAqjBH9wTydsLLVbpXYTo+27PksyFSTLF21bH5uow5Z0uUze+xMLrX269GjAffW1JHmGOm3wKuE7ZymP+essa2dPjpgTtVC6CFHMlchbqsP/Xmw+BBAwEwyj6ckRgFtaLbEgP3/eJDeOWO8uF0xqa8Cok4dlsu32ehbH0WdDWSOHdR7SScMk9vaDTD37jQYI7KP1Fnu9cdXKOo+kHhX0lmRbH8KShk4X/uuXVjZ3yIH69dz2HpucFg5p57YOZ477FuMZsEcjODnG1uq5D03IpIF6By+dK3zbdCLK3Ue+vDNWN1TL/N+qs7kTC6MdgZ/4GXXr9hLdlJUDKcBDClj57iwIRpvpnuxH3hvemLXMvpadWQ16pQGJaq4m4M4U7UwYdVrs2FrABW15T0X8pxd7p03oi2jqztUGY/uHVb5F+Ufj0oo/qbrNdQoH/HOsE/3owEf3Am3EmTy5YlawWbTWR5hCh0oeBwJqi8Mygx6BBS6mzPv0WqdKWcJ7U1g2hUK9mFhsxALFc56wJuw0IJiUylYsiZ1Py3aTdiu4vE6M4YxYMfv4QNaWsVxWipUZ55KxQO5ViReSlPzShySMfxq57mEXFmRtw9sq3/R7pCLmHyAb+QWhobXfkxRFdT8krLOCejNP+25MhXhRXQFOceqHt/VGcYUi6BwrRUyr+nHT8NS8xMcpR6k1n0kSoKRC589mGbFZPhs5rXPk4szEO6d7WOT9OyQy7hx5gcHCIQkTf+m46WDZYUal3mRJ3VFVVgwWIqtrMUzhE7e9ek1Easb5mK+K1oXTXIQqAeFqzuH6Ewh/3HxtgZ6sFKT2rrhAMeis70dSfjcoFGkKuepxyEVRfAT50Xuu0dfTRh4Uk8LJf8TpUXAWvI2rbOjNpnLDQ36WFZE1Qfw4x/AqYFg16JgaFSHSB5a/5p7EN4RP2bybCW+IjwYtSz4Yb41cve2Z/aeRZC9j4slVu6uNLCEm8kTSm+qd2iq7poPzwpqSW0KLwV1mTbf6jChf6D20AqXYR6EODvxogxTthfmioN29THVNU/UgU/MA3qA4dtca9amaw7aetXFpKdqSX4+AkHG65V1F5B9wzdEIdGIuKiWPF/I+IG35tuI5IHW3zoZj5ZmmmmOwxHhhDXnFppVk+vTc+fzMTpNLowTTtov4xbzAAwntuJMwAn7I5Psh2fy5t+/Ili/5K7PT7QUDxk9GdxYDJzLvGcVzPJXNuIXiJ9nQHIpPfhvjIegMytq5r2I9iVWy8pFO39xifrA== - template: - metadata: - creationTimestamp: null - name: vcell-ssh-secret - namespace: stage - diff --git a/docker/kustomize/scripts/README.md b/docker/kustomize/scripts/README.md deleted file mode 100644 index 2d10744a6a..0000000000 --- a/docker/kustomize/scripts/README.md +++ /dev/null @@ -1,11 +0,0 @@ -# create sealed secrets -Note that the namespace must exist and sealed secrets controller installed in -kubernetes before creating the sealed secrets. -```bash -DEPLOYMENT=devjim -NAMESPACE=devjim -kubectl create namespace ${NAMESPACE} -./sealed_secret_api.sh ${NAMESPACE} db_pswd jms_pswd mongo_user mongo_pswd > ../overlays/${DEPLOYMENT}/api-secrets.yaml -./sealed_secret_ghcr.sh ${NAMESPACE} gh_user gh_user_email gh_token > ../overlays/${DEPLOYMENT}/secret-ghcr.yaml -./sealed_secret_ssh.sh ${NAMESPACE} /path/to/ssh_priv_key /path/to/ssh_pub_key > ../overlays/${DEPLOYMENT}/vcell-ssh-secret.yaml -``` diff --git a/docker/kustomize/scripts/sealed_secret_api.sh b/docker/kustomize/scripts/sealed_secret_api.sh deleted file mode 100755 index e61ebd0d37..0000000000 --- a/docker/kustomize/scripts/sealed_secret_api.sh +++ /dev/null @@ -1,33 +0,0 @@ -#!/usr/bin/env bash - -# This script is used to create a sealed secret for the database and jms passwords -# this script should take 5 arguments as input: -# namespace -# db_password -# jms_password -# mongo_user -# mongo_pswd -# -# and outputs a sealed secret to stdout -# Example: ./sealed_secret_api.sh devjim pswd12345 pswd39393 mongo_user pswd292929 > output.yaml - -# validate the number of arguments -if [ "$#" -ne 5 ]; then - echo "Illegal number of parameters" - echo "Usage: ./sealed_secret_api.sh " - exit 1 -fi - -SECRET_NAME="api-secrets" -NAMESPACE=$1 -DATABASE_PASSWORD=$2 -JMS_PASSWORD=$3 -MONGO_USERNAME=$4 -MONGO_PASSWORD=$5 - -kubectl create secret generic ${SECRET_NAME} --dry-run=client \ - --from-literal=dbpswd="${DATABASE_PASSWORD}" \ - --from-literal=jmspswd="${JMS_PASSWORD}" \ - --from-literal=mongo-username="${MONGO_USERNAME}" \ - --from-literal=mongo-password="${MONGO_PASSWORD}" \ - --namespace="${NAMESPACE}" -o yaml | kubeseal --format yaml diff --git a/docker/kustomize/scripts/sealed_secret_ghcr.sh b/docker/kustomize/scripts/sealed_secret_ghcr.sh deleted file mode 100755 index b254bbaf6d..0000000000 --- a/docker/kustomize/scripts/sealed_secret_ghcr.sh +++ /dev/null @@ -1,26 +0,0 @@ -#!/usr/bin/env bash - -# This script is used to create a sealed secret for the ghcr.io credentials -# this script should take 3 arguments as input: namespace, github username, github user email, and github token and output a sealed secret to stdout -# Example: ./sealed_secret_ghcr.sh devjim GH_USERNAME GH_USER_EMAIL GH_PAT > output.yaml - -# validate the number of arguments -if [ "$#" -ne 4 ]; then - echo "Illegal number of parameters" - echo "Usage: ./sealed_secret_ghcr.sh " - exit 1 -fi - -SECRET_NAME="ghcr-secret" -SERVER="ghcr.io" -NAMESPACE=$1 -USERNAME=$2 -EMAIL=$3 -PASSWORD=$4 - -kubectl create secret docker-registry ${SECRET_NAME} --dry-run=client \ - --docker-server="${SERVER}" \ - --docker-username="${USERNAME}" \ - --docker-email="${EMAIL}" \ - --docker-password="${PASSWORD}" \ - --namespace="${NAMESPACE}" -o yaml | kubeseal --format yaml diff --git a/docker/kustomize/scripts/sealed_secret_jwt.sh b/docker/kustomize/scripts/sealed_secret_jwt.sh deleted file mode 100755 index 6b3522537e..0000000000 --- a/docker/kustomize/scripts/sealed_secret_jwt.sh +++ /dev/null @@ -1,34 +0,0 @@ -#!/usr/bin/env bash - -# This script is used to generate a key pair and corresponding sealed secret to sign legacy vcell-api jwt tokens. -# this script should take 1 arguments as input: -# namespace -# -# and outputs a sealed secret to stdout -# Example: ./sealed_secret_api.sh devjim > output.yaml - -# validate the number of arguments -if [ "$#" -ne 1 ]; then - echo "Illegal number of parameters" - echo "Usage: ./sealed_secret_ssh.sh " - exit 1 -fi - -SECRET_NAME="jwt-secret" -NAMESPACE=$1 - -TMP_FILE_PREFIX=$(date +%s) -PRIV_KEY_FILE_NAME="${TMP_FILE_PREFIX}_vcell_rsa.pem" -PUB_KEY_FILE_NAME="${TMP_FILE_PREFIX}_vcell_rsa.pub.pem" - -# create a new RSA key pair stored in .pem file format -openssl genpkey -algorithm RSA -out $PRIV_KEY_FILE_NAME -pkeyopt rsa_keygen_bits:2048 -openssl rsa -pubout -in $PRIV_KEY_FILE_NAME -out $PUB_KEY_FILE_NAME - -kubectl create secret generic ${SECRET_NAME} --dry-run=client \ - --from-file=apiprivkey="${PRIV_KEY_FILE_NAME}" \ - --from-file=apipubkey="${PUB_KEY_FILE_NAME}" \ - --namespace="${NAMESPACE}" -o yaml | kubeseal --format yaml - -# remove the temporary files -#rm $PRIV_KEY_FILE_NAME $PUB_KEY_FILE_NAME diff --git a/docker/kustomize/scripts/sealed_secret_rest.sh b/docker/kustomize/scripts/sealed_secret_rest.sh deleted file mode 100755 index 48c1c3ed96..0000000000 --- a/docker/kustomize/scripts/sealed_secret_rest.sh +++ /dev/null @@ -1,37 +0,0 @@ -#!/usr/bin/env bash - -# This script is used to create a sealed secret for the database and jms passwords -# this script should take 5 arguments as input: -# namespace -# db_password -# oidc_client_id -# oidc_client_secret -# swagger_client_id -# swagger_client_secret -# -# and outputs a sealed secret to stdout -# Example: ./sealed_secret_rest.sh devjim db-pass oidc-client-id oidc-secret swagger-client-id swagger-client-secret > output.yaml - -# validate the number of arguments -if [ "$#" -ne 6 ]; then - echo "Illegal number of parameters" - echo "Usage: ./sealed_secret_rest.sh " - exit 1 -fi - -SECRET_NAME="rest-secrets" -NAMESPACE=$1 -DATABASE_PASSWORD=$2 -OIDC_CLIENT_ID=$3 -OIDC_CLIENT_SECRET=$4 -SWAGGER_CLIENT_ID=$5 -SWAGGER_CLIENT_SECRET=$6 - - -kubectl create secret generic ${SECRET_NAME} --dry-run=client \ - --from-literal=quarkus.datasource.oracle.password="${DATABASE_PASSWORD}" \ - --from-literal=quarkus.oidc.client-id="${OIDC_CLIENT_ID}" \ - --from-literal=quarkus.oidc.credentials.secret="${OIDC_CLIENT_SECRET}" \ - --from-literal=quarkus.swagger-ui.oauth-client-id="${SWAGGER_CLIENT_ID}" \ - --from-literal=quarkus.swagger-ui.oauth-client-secret="${SWAGGER_CLIENT_SECRET}" \ - --namespace="${NAMESPACE}" -o yaml | kubeseal --format yaml diff --git a/docker/kustomize/scripts/sealed_secret_ssh.sh b/docker/kustomize/scripts/sealed_secret_ssh.sh deleted file mode 100755 index 910b94cc04..0000000000 --- a/docker/kustomize/scripts/sealed_secret_ssh.sh +++ /dev/null @@ -1,27 +0,0 @@ -#!/usr/bin/env bash - -# This script is used to create a sealed secret for the vcell ssh key used to interact with Slurm for HPC jobs. -# this script should take 3 arguments as input: -# namespace -# priv_key_file -# pub_key_file -# -# and outputs a sealed secret to stdout -# Example: ./sealed_secret_api.sh devjim /path/to/vcell_rsa /path/to/vcell_rsa.pub > output.yaml - -# validate the number of arguments -if [ "$#" -ne 3 ]; then - echo "Illegal number of parameters" - echo "Usage: ./sealed_secret_ssh.sh " - exit 1 -fi - -SECRET_NAME="vcell-ssh-secret" -NAMESPACE=$1 -PRIV_KEY_FILE=$2 -PUB_KEY_FILE=$3 - -kubectl create secret generic ${SECRET_NAME} --dry-run=client \ - --from-file=ssh-privatekey="${PRIV_KEY_FILE}" \ - --from-file=ssh-publickey="${PUB_KEY_FILE}" \ - --namespace="${NAMESPACE}" -o yaml | kubeseal --format yaml