Commit 4a908408 authored by Komal Makkar's avatar Komal Makkar
Browse files

Merge branch 'komakkar-test' into 'master'

Komakkar test

See merge request !8
parents 0061a873 15e04427
Pipeline #29803 passed with stages
in 8 minutes and 59 seconds
docs/architecture/decisions
......@@ -5,6 +5,8 @@
k8-gitops-manifests/
osdu-charts/
custom*.tfvars
dev.tfvars
.envrc*
*.output
......
......@@ -2,6 +2,46 @@
# Current Master
__Bug Fixes__
- [Bug 119 - Add Airflow python package `python-keycloak`](https://community.opengroup.org/osdu/platform/deployment-and-operations/infra-azure-provisioning/-/issues/119)
__Infra Changes__
- [Arch 123 - Obsolete Cosmos DB Tables and add new v2 tables](https://community.opengroup.org/osdu/platform/deployment-and-operations/infra-azure-provisioning/-/issues/123)
- [Issue 127](https://community.opengroup.org/osdu/platform/deployment-and-operations/infra-azure-provisioning/-/issues/127)
- [Feature 126 - Add support to pass JAVA_OPTS to java command in DockerFile](https://community.opengroup.org/osdu/platform/deployment-and-operations/infra-azure-provisioning/-/issues/126)
- [Feature 125 - Enable Manifest Ingestion](https://community.opengroup.org/osdu/platform/deployment-and-operations/infra-azure-provisioning/-/issues/125)
# v0.5 (2021-2-11)
__Service Onboarded__
- [Issue 60 - Seismic DMS Service](https://community.opengroup.org/osdu/platform/deployment-and-operations/infra-azure-provisioning/-/issues/44)
- [Issue 111 - CSV DAGS](https://community.opengroup.org/osdu/platform/deployment-and-operations/infra-azure-provisioning/-/issues/111)
__Infra Changes__
- [Issue 106 - Arch Change - Data Partition - Ingestion Workflow Database and Storage new collections and fileshares](https://community.opengroup.org/osdu/platform/deployment-and-operations/infra-azure-provisioning/-/issues/106)
__Bug Fixes__
- [Bug 109 - Add Entitlement Role](https://community.opengroup.org/osdu/platform/deployment-and-operations/infra-azure-provisioning/-/issues/109#related-issues)
- [Bug 108 - Add VM Agent Max Nodes Option](https://community.opengroup.org/osdu/platform/deployment-and-operations/infra-azure-provisioning/-/issues/108)
- [Bug 103 - Enable opt-in airflow ui ingress](https://community.opengroup.org/osdu/platform/deployment-and-operations/infra-azure-provisioning/-/issues/103)
- [Bug 102 - Users with a lot of groups receive a 400 Bad Request when making API calls](https://community.opengroup.org/osdu/platform/deployment-and-operations/infra-azure-provisioning/-/issues/102)
- [Bug 101 - Comsos Graph module always requires a change on tf plan](https://community.opengroup.org/osdu/platform/deployment-and-operations/infra-azure-provisioning/-/issues/101)
- [Bug 100 - Airflow statsd not building in pipeline](https://community.opengroup.org/osdu/platform/deployment-and-operations/infra-azure-provisioning/-/issues/100)
- [Bug 99 - AKS and Postgres Diagnostics - All Metrics](https://community.opengroup.org/osdu/platform/deployment-and-operations/infra-azure-provisioning/-/issues/99)
- [Bug 97 - Rename Cosmos DB collections used by Schema Service](https://community.opengroup.org/osdu/platform/deployment-and-operations/infra-azure-provisioning/-/issues/97)
# v0.4.3 (2021-1-25)
__Service Onboarded__
- [Issue 60 - Schema Service](https://community.opengroup.org/osdu/platform/deployment-and-operations/infra-azure-provisioning/-/issues/60)
- [Issue 65 - CRS Conversion Service](https://community.opengroup.org/osdu/platform/deployment-and-operations/infra-azure-provisioning/-/issues/65)
- [Issue 53 - WKS Service](https://community.opengroup.org/osdu/platform/deployment-and-operations/infra-azure-provisioning/-/issues/53)
- [Issue 43 - Workflow Service](https://community.opengroup.org/osdu/platform/deployment-and-operations/infra-azure-provisioning/-/issues/43)
__Infra Changes__
- [Issue 75 - Upgrade Infrastructure tools and software dependencies](https://community.opengroup.org/osdu/platform/deployment-and-operations/infra-azure-provisioning/-/issues/75) - _* Manual Intervention Required_
- [Issue 76 - Add Terraform Service Resource Template Feature Flags](https://community.opengroup.org/osdu/platform/deployment-and-operations/infra-azure-provisioning/-/issues/76)
......@@ -9,6 +49,12 @@ __Infra Changes__
- [Issue 77 - Architecture Change - Central Resources - Add Graph Database](https://community.opengroup.org/osdu/platform/deployment-and-operations/infra-azure-provisioning/-/issues/77)
- [Issue 84 - Architecture Change - Data Partition - Add dedicated Storage Account for use by Ingestion Service](https://community.opengroup.org/osdu/platform/deployment-and-operations/infra-azure-provisioning/-/issues/84/)
__Bug Fixes__
- [Bug 82 - AKS Template Plan Calculation](https://community.opengroup.org/osdu/platform/deployment-and-operations/infra-azure-provisioning/-/issues/82)
- [Bug 90 - Indexer Service ADO Pipeline](https://community.opengroup.org/osdu/platform/deployment-and-operations/infra-azure-provisioning/-/issues/90)
- [Bug 92 - CRS Conversion File Shares](https://community.opengroup.org/osdu/platform/deployment-and-operations/infra-azure-provisioning/-/issues/92)
- [Bug 94 - AKS Default Node Pool Disk Size](https://community.opengroup.org/osdu/platform/deployment-and-operations/infra-azure-provisioning/-/issues/94)
# v0.4.2 (2020-12-30)
......
......@@ -179,7 +179,7 @@ __Installed Azure Resources__
6. An AD application to be leveraged in the future that defines and controls access to the OSDU Environment for AD Identity. _(future)_
7. An AD application to be used for negative integration testing
> Removal would require deletion of all AD elements `osdu-mvp-{UNIQUE}-*`, unlocking and deleting the resource group then purging the KV.
> Removal would require deletion of all AD elements `osdu-mvp-{UNIQUE}-*`, unlocking and deleting the resource group.
__Azure AD Admin Consent__
......@@ -192,10 +192,9 @@ __Azure AD Admin Consent__
For more information on Azure identity and authorization, see the official Microsoft documentation [here](https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-permissions-and-consent).
## Elastic Search Setup
Infrastructure requires a bring your own Elastic Search Instance of a version of 6.8.x with a valid https endpoint and the access information must now be stored in the Common KeyVault. The recommended method of Elastic Search is to use the [Elastic Cloud Managed Service from the Marketplace](https://azuremarketplace.microsoft.com/en-us/marketplace/apps/elastic.ec-azure?tab=Overview).
Infrastructure requires a bring your own Elastic Search Instance of a version of 7.x (ie: 7.11.1) with a valid https endpoint and the access information must now be stored in the Common KeyVault. The recommended method of Elastic Search is to use the [Elastic Cloud Managed Service from the Marketplace](https://azuremarketplace.microsoft.com/en-us/marketplace/apps/elastic.ec-azure?tab=Overview).
> Note: Elastic Cloud Managed Service requires a Credit Card to be associated to the subscription for billing purposes.
......@@ -221,6 +220,10 @@ EOF
cp .envrc .envrc_${UNIQUE}
```
## Configure Back Up
Back is enabled by default. To set the backup policies, utilize the script
[here](https://community.opengroup.org/osdu/platform/deployment-and-operations/infra-azure-provisioning/-/tree/master/tools).
The script should be run whenever you bring up a Resource Group in your deployment.
## Configure Key Access in Manifest Repository
......@@ -252,13 +255,16 @@ __Manual Installation__
1. Setup DNS to point to the deployed infrastructure following directions [here](./docs/dns-setup.md).
1. Upload the Integration Test Data following directions [here](./tools/test_data/README.md).
1. Upload the Configuration Data following directions [here](./docs/configuration-data.md).
1. Deploy the application helm charts following the directions [here](https://community.opengroup.org/osdu/platform/deployment-and-operations/helm-charts-azure).
1. Deploy the application helm charts following the directions [here](./charts/README.md).
1. Upload the Integration Test Data following directions [here](./tools/test_data).
1. Register your partition with the Data Partition API by following the instructions [here](./tools/rest/README.md) to configure your IDE to make authenticated requests to your OSDU instance and send the API request located [here](./tools/rest/partition.http) (createPartition).
1. Setup Environment Variables for IDE Development and Integration Testing following the directions [here](./tools/variables/README.md).
1. Load Service Data following directions [here](./docs/service-data.md).
__Automated Pipeline Installation__
......@@ -271,6 +277,8 @@ __Automated Pipeline Installation__
1. Setup DNS to point to the deployed infrastructure following directions [here](./docs/dns-setup.md).
1. Upload the Configuration Data following directions [here](./docs/configuration-data.md).
1. Upload the Integration Test Data following directions [here](./tools/test_data).
1. Setup Service Automation following directions [here](./docs/service-automation.md).
......
......@@ -85,18 +85,146 @@ Create the helm chart values file necessary to install airflow charts.
# Setup Variables
BRANCH="master"
TAG="latest"
DNS_HOST="<your_ingress_hostname>" # ie: osdu.contoso.com
GROUP=$(az group list --query "[?contains(name, 'cr${UNIQUE}')].name" -otsv)
ENV_VAULT=$(az keyvault list --resource-group $GROUP --query [].name -otsv)
# Translate Values File
cat > config_airflow.yaml << EOF
# This file contains the essential configs for the osdu airflow on azure helm chart
################################################################################
# Specify the azure environment specific values
#
appinsightstatsd:
aadpodidbinding: "osdu-identity"
################################################################################
# Specify any optional override values
#
image:
repository: $(az keyvault secret show --id https://${ENV_VAULT}.vault.azure.net/secrets/container-registry --query value -otsv).azurecr.io
branch: $BRANCH
tag: $TAG
airflowLogin:
name: admin
################################################################################
# Specify the airflow configuration
#
airflow:
###################################
# Kubernetes - Ingress Configs
###################################
ingress:
enabled: false #<-- Set this enabled to true for Admin UI
web:
annotations:
kubernetes.io/ingress.class: azure/application-gateway
appgw.ingress.kubernetes.io/request-timeout: "300"
appgw.ingress.kubernetes.io/connection-draining: "true"
appgw.ingress.kubernetes.io/connection-draining-timeout: "30"
cert-manager.io/cluster-issuer: letsencrypt
cert-manager.io/acme-challenge-type: http01
path: "/airflow"
host: $DNS_HOST
livenessPath: "/airflow/health"
tls:
enabled: true
secretName: osdu-certificate
precedingPaths:
- path: "/airflow/*"
serviceName: airflow-web
servicePort: 8080
###################################
# Database - External Database
###################################
postgresql:
enabled: false
externalDatabase:
type: postgres
## Azure PostgreSQL Database username, formatted as {username}@{hostname}
user: osdu_admin@$(az keyvault secret show --id https://${ENV_VAULT}.vault.azure.net/secrets/base-name-sr --query value -otsv)-pg
passwordSecret: "postgres"
passwordSecretKey: "postgres-password"
## Azure PostgreSQL Database host
host: $(az keyvault secret show --id https://${ENV_VAULT}.vault.azure.net/secrets/base-name-sr --query value -otsv)-pg.postgres.database.azure.com
port: 5432
properties: "?sslmode=require"
database: airflow
###################################
# Database - External Redis
###################################
redis:
enabled: false
externalRedis:
## Azure Redis Cache host
host: $(az keyvault secret show --id https://${ENV_VAULT}.vault.azure.net/secrets/base-name-sr --query value -otsv)-cache.redis.cache.windows.net
port: 6380
passwordSecret: "redis"
passwordSecretKey: "redis-password"
###################################
# Airflow - DAGs Configs
###################################
dags:
installRequirements: true
persistence:
enabled: true
existingClaim: airflowdagpvc
subPath: "dags"
###################################
# Airflow - WebUI Configs
###################################
web:
podLabels:
aadpodidbinding: "osdu-identity"
baseUrl: "http://localhost/airflow"
###################################
# Airflow - Worker Configs
###################################
workers:
podLabels:
aadpodidbinding: "osdu-identity"
autoscaling:
enabled: true
## minReplicas is picked from Values.workers.replicas and default value is 1
maxReplicas: 3
metrics:
- type: Resource
resource:
name: memory
target:
type: Utilization
averageUtilization: 50
resources:
requests:
memory: "512Mi"
###################################
# Airflow - Flower Configs
###################################
flower:
enabled: false
###################################
# Airflow - Scheduler Configs
###################################
scheduler:
podLabels:
aadpodidbinding: "osdu-identity"
variables: |
{}
###################################
# Airflow - Common Configs
###################################
airflow:
image:
repository: apache/airflow
......@@ -123,6 +251,7 @@ airflow:
AIRFLOW__WEBSERVER__ENABLE_PROXY_FIX: "True"
AIRFLOW__CORE__PLUGINS_FOLDER: "/opt/airflow/plugins"
AIRFLOW__SCHEDULER__DAG_DIR_LIST_INTERVAL: 60
AIRFLOW__CORE__LOGGING_LEVEL: DEBUG
extraEnv:
- name: AIRFLOW__CORE__FERNET_KEY
valueFrom:
......@@ -134,6 +263,13 @@ airflow:
secretKeyRef:
name: airflow
key: remote-log-connection
- name: CLOUD_PROVIDER
value: "azure"
- name: KEYVAULT_URI
valueFrom:
configMapKeyRef:
name: osdu-svc-properties
key: ENV_KEYVAULT
extraConfigmapMounts:
- name: remote-log-config
mountPath: /opt/airflow/config
......@@ -143,7 +279,13 @@ airflow:
"flask-bcrypt",
"apache-airflow[statsd]",
"apache-airflow[kubernetes]",
"apache-airflow-backport-providers-microsoft-azure"
"apache-airflow-backport-providers-microsoft-azure",
"dataclasses",
"google-cloud-storage",
"azure-identity",
"azure-keyvault-secrets",
"msal",
"https://azglobalosdutestlake.blob.core.windows.net/pythonsdk/osdu_api-0.0.4.tar.gz"
]
extraVolumeMounts:
- name: azure-keyvault
......@@ -159,66 +301,6 @@ airflow:
readOnly: true
volumeAttributes:
secretProviderClass: azure-keyvault
dags:
installRequirements: true
persistence:
enabled: true
existingClaim: airflowdagpvc
subPath: "dags"
scheduler:
podLabels:
aadpodidbinding: "osdu-identity"
variables: |
{}
web:
podLabels:
aadpodidbinding: "osdu-identity"
baseUrl: "http://localhost/airflow"
workers:
podLabels:
aadpodidbinding: "osdu-identity"
autoscaling:
enabled: true
## minReplicas is picked from Values.workers.replicas and default value is 1
maxReplicas: 3
metrics:
- type: Resource
resource:
name: memory
target:
type: Utilization
averageUtilization: 50
resources:
requests:
memory: "512Mi"
flower:
enabled: false
postgresql:
enabled: false
externalDatabase:
type: postgres
## Azure PostgreSQL Database username, formatted as {username}@{hostname}
user: osdu_admin@$(az keyvault secret show --id https://${ENV_VAULT}.vault.azure.net/secrets/base-name-sr --query value -otsv)-pg
passwordSecret: "postgres"
passwordSecretKey: "postgres-password"
## Azure PostgreSQL Database host
host: $(az keyvault secret show --id https://${ENV_VAULT}.vault.azure.net/secrets/base-name-sr --query value -otsv)-pg.postgres.database.azure.com
port: 5432
properties: "?sslmode=require"
database: airflow
redis:
enabled: false
externalRedis:
## Azure Redis Cache host
host: $(az keyvault secret show --id https://${ENV_VAULT}.vault.azure.net/secrets/base-name-sr --query value -otsv)-cache.redis.cache.windows.net
port: 6380
passwordSecret: "redis"
passwordSecretKey: "redis-password"
image:
repository: $(az keyvault secret show --id https://${ENV_VAULT}.vault.azure.net/secrets/container-registry --query value -otsv).azurecr.io
branch: $BRANCH
tag: $TAG
EOF
```
......@@ -231,6 +313,7 @@ SRC_DIR="<ROOT_PATH_TO_SOURCE>" # $HOME/source/osdu/osdu-gitlab
git clone https://community.opengroup.org/osdu/platform/system/partition.git $SRC_DIR/partition
git clone https://community.opengroup.org/osdu/platform/security-and-compliance/entitlements-azure.git $SRC_DIR/entitlements-azure
git clone https://community.opengroup.org/osdu/platform/security-and-compliance/entitlements.git $SRC_DIR/entitlements
git clone https://community.opengroup.org/osdu/platform/security-and-compliance/legal.git $SRC_DIR/legal
git clone https://community.opengroup.org/osdu/platform/system/storage.git $SRC_DIR/storage
git clone https://community.opengroup.org/osdu/platform/system/indexer-queue.git $SRC_DIR/indexer-queue
......@@ -238,16 +321,26 @@ git clone https://community.opengroup.org/osdu/platform/system/indexer-service.g
git clone https://community.opengroup.org/osdu/platform/system/search-service.git $SRC_DIR/search-service
git clone https://community.opengroup.org/osdu/platform/system/file.git $SRC_DIR/file-service
git clone https://community.opengroup.org/osdu/platform/system/delivery.git $SRC_DIR/delivery
git clone https://community.opengroup.org/osdu/platform/system/unit-service.git $SRC_DIR/unit-service
git clone https://community.opengroup.org/osdu/platform/system/crs-catalog-service.git $SRC_DIR/crs-catalog-service
git clone https://community.opengroup.org/osdu/platform/system/reference/ unit-service.git $SRC_DIR/unit-service
git clone https://community.opengroup.org/osdu/platform/system/reference/crs-catalog-service.git $SRC_DIR/crs-catalog-service
git clone https://community.opengroup.org/osdu/platform/system/reference/crs-conversion-service.git $SRC_DIR/crs-conversion-service
git clone https://community.opengroup.org/osdu/platform/system/notification.git $SRC_DIR/notification
git clone https://community.opengroup.org/osdu/platform/data-flow/enrichment/wks.git $SRC_DIR/wks
git clone https://community.opengroup.org/osdu/platform/system/register.git $SRC_DIR/register
git clone https://community.opengroup.org/osdu/platform/system/schema-service.git $SRC_DIR/schema-service
git clonehttps://community.opengroup.org/osdu/platform/data-flow/ingestion/ingestion-workflow.git $SRC_DIR/ingestion-workflow
git clone https://community.opengroup.org/osdu/platform/domain-data-mgmt-services/seismic/seismic-dms-suite/seismic-store-service.git $SRC_DIR/seismic-store-service
git clone https://community.opengroup.org:osdu/platform/domain-data-mgmt-services/wellbore/wellbore-domain-services.git $SRC_DIR/wellbore-domain-services
git clone https://community.opengroup.org/osdu/platform/data-flow/ingestion/ingestion-service.git $SRC_DIR/ingestion-service
```
__Additional Manual Steps__
Following services require additional steps for manual setup.
- [CRS Catalog Service](https://community.opengroup.org/osdu/platform/deployment-and-operations/infra-azure-provisioning/-/issues/56)
- [CRS Conversion Serice](https://community.opengroup.org/osdu/platform/deployment-and-operations/infra-azure-provisioning/-/issues/65)
- [Unit Service](https://community.opengroup.org/osdu/platform/deployment-and-operations/infra-azure-provisioning/-/issues/55)
- [Wellbore DMS](https://community.opengroup.org/osdu/platform/deployment-and-operations/infra-azure-provisioning/-/issues/36)
__Kubernetes API Access__
......@@ -326,27 +419,42 @@ helm template airflow ${INFRA_SRC}/charts/airflow -f ${INFRA_SRC}/charts/config_
SERVICE_LIST="infra-azure-provisioning \
partition \
entitlements-azure \
entitlements \
legal \
storage \
indexer-queue \
indexer-service \
search-service \
delivery \
file \
file-service \
unit-service \
crs-conversion-service \
crs-catalog-service \
wks \
register \
notification \
schema \
ingestion-workflow"
schema-service \
ingestion-workflow \
ingestion-service"
for SERVICE in SERVICE_LIST;
for SERVICE in $SERVICE_LIST;
do
helm template $SERVICE ${SRC_DIR}/$SERVICE/devops/azure/chart --set image.branch=$BRANCH --set image.tag=$TAG > ${FLUX_SRC}/providers/azure/hld-registry/$SERVICE.yaml
done
SERVICE=wellbore-domain-services
helm template $SERVICE ${SRC_DIR}/$SERVICE/devops/azure/chart \
--set image.repository=${CONTAINER_REGISTRY_NAME}.azurecr.io/${SERVICE}-${BRANCH} \
--set image.tag=$TAG \
--set annotations.buildNumber=undefined \
--set annotations.buildOrigin=manual \
--set annotations.commitBranch=undefined \
--set annotations.commitId=undefined \
--set labels.env=dev \
> ${FLUX_SRC}/providers/azure/hld-registry/$SERVICE.yaml
# Commit and Checkin to Deploy
(cd $FLUX_SRC \
&& git switch $UNIQUE \
......
################################################################################
# Specify the azure environment specific values
#
appinsightstatsd:
aadpodidbinding: "osdu-identity"
aadpodidbinding: "osdu-identity"
################################################################################
# Specify any optional override values
#
image:
repository: #{container-registry}#.azurecr.io
branch: #{ENVIRONMENT_NAME}#
tag: #{Build.SourceVersion}#
airflowLogin:
name: admin
################################################################################
# Specify the airflow configuration
#
airflow:
###################################
# Kubernetes - Ingress Configs
###################################
ingress:
enabled: true
web:
annotations:
kubernetes.io/ingress.class: azure/application-gateway
appgw.ingress.kubernetes.io/request-timeout: "300"
appgw.ingress.kubernetes.io/connection-draining: "true"
appgw.ingress.kubernetes.io/connection-draining-timeout: "30"
cert-manager.io/cluster-issuer: letsencrypt
cert-manager.io/acme-challenge-type: http01
path: "/airflow"
host: #{DNS_HOST}#
livenessPath: "/airflow/health"
tls:
enabled: true
secretName: osdu-certificate
precedingPaths:
- path: "/airflow/*"
serviceName: airflow-web
servicePort: 8080
###################################
# Database - External Database
###################################
postgresql:
enabled: false
externalDatabase:
type: postgres
host: #{base-name-sr}#-pg.postgres.database.azure.com #<-- Azure PostgreSQL Database host
user: osdu_admin@#{base-name-sr}#-pg #<-- Azure PostgreSQL Database username, formatted as {username}@{hostname}
passwordSecret: "postgres"
passwordSecretKey: "postgres-password"
port: 5432
properties: "?sslmode=require"
database: airflow
###################################
# Database - External Redis
###################################
redis:
enabled: false
externalRedis:
host: #{base-name-sr}#-cache.redis.cache.windows.net #<-- Azure Redis Cache host
port: 6380
passwordSecret: "redis"
passwordSecretKey: "redis-password"
###################################
# Airflow - DAGs Configs
###################################
dags:
installRequirements: true
persistence:
enabled: true
existingClaim: airflowdagpvc
subPath: "dags"
###################################
# Airflow - WebUI Configs
###################################
web:
podLabels:
aadpodidbinding: "osdu-identity"
baseUrl: "http://localhost/airflow"
###################################
# Airflow - Worker Configs
###################################
workers:
podLabels:
aadpodidbinding: "osdu-identity"
autoscaling:
enabled: true
## minReplicas is picked from Values.workers.replicas and default value is 1
maxReplicas: 3
metrics:
- type: Resource
resource:
name: memory
target:
type: Utilization
averageUtilization: 60
resources:
requests:
memory: "512Mi"
###################################
# Airflow - Flower Configs
###################################
flower:
enabled: false
###################################
# Airflow - Scheduler Configs
###################################
scheduler:
podLabels:
aadpodidbinding: "osdu-identity"
variables: |
{}
###################################
# Airflow - Common Configs
###################################
airflow:
image:
repository: apache/airflow
......@@ -29,7 +153,15 @@ airflow:
AIRFLOW__WEBSERVER__ENABLE_PROXY_FIX: "True"
AIRFLOW__CORE__PLUGINS_FOLDER: "/opt/airflow/plugins"
AIRFLOW__SCHEDULER__DAG_DIR_LIST_INTERVAL: 60
AIRFLOW__CORE__LOGGING_LEVEL: DEBUG
extraEnv:
- name: CLOUD_PROVIDER
value: "azure"
- name: AIRFLOW_VAR_KEYVAULT_URI
valueFrom:
configMapKeyRef:
name: osdu-svc-properties
key: ENV_KEYVAULT
- name: AIRFLOW__CORE__FERNET_KEY
valueFrom:
secretKeyRef:
......@@ -40,6 +172,31 @@ airflow:
secretKeyRef:
name: airflow
key: remote-log-connection
- name: AIRFLOW_VAR_AZURE_TENANT_ID
valueFrom:
secretKeyRef:
name: active-directory
key: tenantid
- name: AIRFLOW_VAR_AZURE_CLIENT_ID
valueFrom: