Commit 88c7be84 authored by MANISH KUMAR's avatar MANISH KUMAR
Browse files

Merge branch 'release/0.9' into 'master'

Release/0.9

See merge request !326
parents c080aeae 0dfdf916
Pipeline #46042 passed with stages
in 1 minute and 21 seconds
......@@ -2,9 +2,21 @@
# Current Master
# v0.9 (2021-6-7)
__Service Onboarded__
- [Issue 95 - Policy Service](https://community.opengroup.org/osdu/platform/deployment-and-operations/infra-azure-provisioning/-/issues/95)
__Feature Changes__
- [Feature 142 - Added support for array of object search](https://community.opengroup.org/osdu/platform/system/search-service/-/merge_requests/142)
- [Feature 121 - Added support for nested search](https://community.opengroup.org/osdu/platform/system/search-service/-/merge_requests/121)
__Infra Changes__
- [Feature 277 - Alerts framework for Monitoring](https://community.opengroup.org/osdu/platform/deployment-and-operations/infra-azure-provisioning/-/merge_requests/277)
- [Feature 169 - Container hardening for Java based services](https://community.opengroup.org/osdu/platform/deployment-and-operations/infra-azure-provisioning/-/issues/169)
- [Feature 159 - Added default JVM Parameters](https://community.opengroup.org/osdu/platform/deployment-and-operations/infra-azure-provisioning/-/issues/159)
# v0.8 (2021-4-9)
__Infra Changes__
......
......@@ -285,6 +285,8 @@ Milestone 5(v0.8.0) introduced a breaking changed for Entitlements, which requir
[here](https://community.opengroup.org/osdu/platform/security-and-compliance/entitlements/-/tree/master/data-migration).
The script should be run whenever you update OSDU installation from less than Milestone 5(v0.8.0) to equivalent or higher.
## How to enable Policy based authorization (optional)
Follow the steps in the [link](https://community.opengroup.org/osdu/platform/system/search-service/-/blob/master/docs/tutorial/PolicyService-Integration.md) to enbale policy based authoorization.
## Developer Activities
......
......@@ -10,7 +10,8 @@ Schema Service has standard shared schemas that have to be loaded.
UNIQUE="<your_osdu_unique>" # ie: demo
AZURE_DNS_NAME="<your_osdu_fqdn>" # ie: osdu-$UNIQUE.contoso.com
DATA_PARTITION="<your_partition>" # ie:opendes
TAG="<app_version>" # ie: 0.8.0
ACR_REGISTRY="<repository>" # ie: msosdu.azurecr.io
TAG="<app_version>" # ie: 0.9.0
# This logs your local Azure CLI in using the configured service principal.
az login --service-principal -u $ARM_CLIENT_ID -p $ARM_CLIENT_SECRET --tenant $ARM_TENANT_ID
......@@ -28,7 +29,38 @@ AZURE_CLIENT_SECRET=$(az keyvault secret show --id https://${ENV_VAULT}.vault.az
EOF
# Execute container to load the schema's
docker run --env-file .env msosdu.azurecr.io/schema-load:$TAG
docker run --env-file .env $ACR_REGISTRY/schema-load:$TAG
```
## Policy Data Loading
Policy Service has standard shared policies that have to be loaded.
```bash
# Setup Variables
UNIQUE="<your_osdu_unique>" # ie: demo
AZURE_DNS_NAME="<your_osdu_fqdn>" # ie: osdu-$UNIQUE.contoso.com
DATA_PARTITION="<your_partition>" # ie:opendes
ACR_REGISTRY="<repository>" # ie: msosdu.azurecr.io
TAG="<app_version>" # ie: 0.9.0
# This logs your local Azure CLI in using the configured service principal.
az login --service-principal -u $ARM_CLIENT_ID -p $ARM_CLIENT_SECRET --tenant $ARM_TENANT_ID
GROUP=$(az group list --query "[?contains(name, 'cr${UNIQUE}')].name" -otsv)
ENV_VAULT=$(az keyvault list --resource-group $GROUP --query [].name -otsv)
cat > .env << EOF
DATA_PARTITION=$DATA_PARTITION
AZURE_TENANT_ID=$ARM_TENANT_ID
AZURE_DNS_NAME=$AZURE_DNS_NAME
AZURE_AD_APP_RESOURCE_ID=$(az keyvault secret show --id https://${ENV_VAULT}.vault.azure.net/secrets/aad-client-id --query value -otsv)
AZURE_CLIENT_ID=$(az keyvault secret show --id https://${ENV_VAULT}.vault.azure.net/secrets/app-dev-sp-username --query value -otsv)
AZURE_CLIENT_SECRET=$(az keyvault secret show --id https://${ENV_VAULT}.vault.azure.net/secrets/app-dev-sp-password --query value -otsv)
EOF
# Execute container to load the policies
docker run --env-file .env $ACR_REGISTRY/policy-data:$TAG
```
## CSV Parser DAG Loading
......@@ -42,7 +74,7 @@ UNIQUE="<your_osdu_unique>" # ie: demo
DNS_HOST="<your_osdu_fqdn>" # ie: osdu-$UNIQUE.contoso.com
DATA_PARTITION="<your_partition>" # ie:opendes
ACR_REGISTRY="<repository>" # ie: msosdu.azurecr.io
TAG="<app_version>" # ie: 0.8.0
TAG="<app_version>" # ie: 0.9.0
# This logs your local Azure CLI in using the configured service principal.
az login --service-principal -u $ARM_CLIENT_ID -p $ARM_CLIENT_SECRET --tenant $ARM_TENANT_ID
......@@ -52,7 +84,7 @@ ENV_VAULT=$(az keyvault list --resource-group $GROUP --query [].name -otsv)
cat > .env << EOF
CSV_PARSER_IMAGE=${ACR_REGISTRY}/csv-parser:${TAG}
SHARED_TENANT=$DATA_PARTITION
DATA_PARTITION=$DATA_PARTITION
AZURE_TENANT_ID=$ARM_TENANT_ID
AZURE_DNS_NAME=$DNS_HOST
AZURE_AD_APP_RESOURCE_ID=$(az keyvault secret show --id https://${ENV_VAULT}.vault.azure.net/secrets/aad-client-id --query value -otsv)
......
......@@ -39,7 +39,7 @@ resource_tags = {
}
# Kubernetes Settings
kubernetes_version = "1.18.14"
kubernetes_version = "1.18.17"
aks_agent_vm_size = "Standard_E4s_v3"
aks_agent_vm_count = "5"
aks_agent_vm_disk = 128
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment