Merge branch 'entitlements-tf' into 'master'

Update:Tf for Entitlements

See merge request !1715

helm/osdu-gc-baremetal/Chart.yaml

@@ -89,12 +89,6 @@ dependencies:
     repository: oci://community.opengroup.org:5555/osdu/platform/system/dataset/gc-helm
     condition: gc_dataset_deploy.enabled
     alias: gc_dataset_deploy
-  ## Entitlements
-  - name: gc-entitlements-deploy
-    version: 0.0.7-latest
-    repository: oci://community.opengroup.org:5555/osdu/platform/security-and-compliance/entitlements/gc-helm
-    condition: gc_entitlements_deploy.enabled
-    alias: gc_entitlements_deploy
   ## File
   - name: gc-file-deploy
     version: 0.0.7-latest
@@ -186,9 +180,3 @@ dependencies:
     repository: oci://community.opengroup.org:5555/osdu/platform/domain-data-mgmt-services/production/core/dspdm-services/gc-helm
     condition: gc_dspdm_deploy.enabled
     alias: gc_dspdm_deploy
-  ## RAFS DDMS
-  - name: gc-rafs-ddms-deploy
-    version: 0.0.7-latest
-    repository: oci://community.opengroup.org:5555/osdu/platform/domain-data-mgmt-services/rock-and-fluid-sample/rafs-ddms-services/gc-helm
-    condition: gc_rafs_ddms_deploy.enabled
-    alias: gc_rafs_ddms_deploy

helm/osdu-gc-baremetal/templates/datafier-secret.yaml

-{{- if .Values.conf.createSecrets }}
-{{- if .Values.global.onPremEnabled }}
-#  Copyright 2023 Google LLC
-#  Copyright 2023 EPAM
-#
-#  Licensed under the Apache License, Version 2.0 (the "License");
-#  you may not use this file except in compliance with the License.
-#  You may obtain a copy of the License at
-#
-#      http://www.apache.org/licenses/LICENSE-2.0
-#
-#  Unless required by applicable law or agreed to in writing, software
-#  distributed under the License is distributed on an "AS IS" BASIS,
-#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#  See the License for the specific language governing permissions and
-#  limitations under the License.
-
-apiVersion: v1
-kind: Secret
-metadata:
-  name: "{{ .Values.gc_entitlements_deploy.conf.bootstrapOpenidSecretName }}"
-  namespace: {{ .Release.Namespace }}
-  annotations:
-    "helm.sh/hook": pre-install
-type: Opaque
-data:
-  OPENID_PROVIDER_URL: {{ printf "http://keycloak/realms/%s" .Values.bootstrap.keycloak.secret.keycloakRealmName | b64enc | quote }}
-  OPENID_PROVIDER_CLIENT_ID: {{ print "datafier" | b64enc | quote }}
-  OPENID_PROVIDER_CLIENT_SECRET: {{ randAlphaNum 16 | b64enc | quote }}
-{{- end }}
-{{- end }}

helm/osdu-gc-baremetal/values.yaml

@@ -350,15 +350,6 @@ gc_infra_bootstrap:
 
 # OSDU Services values
 
-# --- Entitlements values --- #
-gc_entitlements_deploy:
-  enabled: true
-  data:
-    bootstrapServiceAccountName: "bootstrap-sa"
-    adminUserEmail: "osdu-admin@service.local"
-    airflowComposerEmail: "airflow@service.local"
-# --- End of Entitlements values --- #
-
 # --- Config values --- #
 gc_config_deploy:
   enabled: true
@@ -476,8 +467,3 @@ dfaas_tests:
 gc_dspdm_deploy:
   enabled: false
 # --- End of Upstream service values --- #
-
-# --- RAFS DDMS service values --- #
-gc_rafs_ddms_deploy:
-  enabled: false
-# --- End of RAFS DDMS service values --- #

modules/osdu_k8s/files/templates/values.tpl

@@ -78,20 +78,6 @@ gc_infra_bootstrap:
 
 # OSDU Services values
 
-# --- Entitlements values --- #
-gc_entitlements_deploy:
-  enabled: true
-  conf:
-    replicas: ${replicas}
-    logLevel: ${log_level}
-  data:
-    projectId: ${project_id}
-    sqlConnectionString: ${sql_connection_string}
-    bootstrapServiceAccountName: ${bootstrap_sa} # no default
-    adminUserEmail: ${admin_email}
-    airflowComposerEmail: ${airflow_sa}
-# --- End of Entitlements values --- #
-
 # --- Dataset values --- #
 gc_dataset_deploy:
   enabled: true
@@ -229,8 +215,3 @@ gc_dspdm_deploy:
   data:
     sqlConnectionString: ${sql_connection_string}
 # --- End of Upstream service values --- #
-
-# --- RAFS DDMS service values --- #
-gc_rafs_ddms_deploy:
-  enabled: ${rafs_ddms_service_enabled}
-# --- End of RAFS DDMS service values --- #

modules/osdu_k8s/helm_entitlements.tf

+/**
+*  Copyright 2024 Google LLC
+*  Copyright 2024 EPAM
+*
+*  Licensed under the Apache License, Version 2.0 (the "License");
+*  you may not use this file except in compliance with the License.
+*  You may obtain a copy of the License at
+*
+*      http://www.apache.org/licenses/LICENSE-2.0
+*
+*  Unless required by applicable law or agreed to in writing, software
+*  distributed under the License is distributed on an "AS IS" BASIS,
+*  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+*  See the License for the specific language governing permissions and
+*  limitations under the License.
+*/
+
+resource "helm_release" "entitlements" {
+  # FIXME: Update depends_on when all services are ready
+  depends_on = [helm_release.partition]
+  name            = "entitlements"
+  repository      = "oci://${var.repository}/osdu/platform/security-and-compliance/entitlements/gc-helm"
+  chart           = "gc-entitlements-deploy"
+  version         = var.entitlements_svc_version
+  namespace       = var.services_namespace
+  recreate_pods   = true
+  timeout         = 1800
+  upgrade_install = var.upgrade
+
+  set {
+    name  = "global.domain"
+    value = var.ingress_domain
+ }
+  set {
+    name  = "global.tier"
+    value = var.tier
+  }
+  set {
+    name  = "global.autoscaling"
+    value = var.autoscaling
+  }
+  set {
+    name  = "data.projectId"
+    value = var.project_id
+  }
+  set {
+    name  = "data.bootstrapServiceAccountName"
+    value = var.bootstrap_sa
+  }
+  set {
+    name  = "data.adminUserEmail"
+    value = var.admin_user_email
+  }
+  set {
+    name  = "data.airflowComposerEmail"
+    value = var.airflow_sa
+  }
+  set {
+    name  = "data.sqlConnectionString"
+    value = var.sql_connection_name
+  }
+  set {
+    name  = "conf.replicas"
+    value = local.service_replicas
+  }
+  set {
+    name  = "conf.logLevel"
+    value = local.log_level
+  }
+}

modules/osdu_k8s/helm_rafs.tf

+/**
+*  Copyright 2024 Google LLC
+*  Copyright 2024 EPAM
+*
+*  Licensed under the Apache License, Version 2.0 (the "License");
+*  you may not use this file except in compliance with the License.
+*  You may obtain a copy of the License at
+*
+*      http://www.apache.org/licenses/LICENSE-2.0
+*
+*  Unless required by applicable law or agreed to in writing, software
+*  distributed under the License is distributed on an "AS IS" BASIS,
+*  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+*  See the License for the specific language governing permissions and
+*  limitations under the License.
+*/
+
+resource "helm_release" "rafs" {
+  count = var.rafs_ddms_service_enabled ? 1 : 0
+  # FIXME: Update depends_on when all services are ready
+  depends_on = [
+    helm_release.gc_secrets,
+    helm_release.k8s-resources,
+    helm_release.osdu_gc,
+    
+  ]
+  name            = "rafs"
+  repository      = "oci://${var.repository}/osdu/platform/domain-data-mgmt-services/rock-and-fluid-sample/rafs-ddms-services/gc-helm"
+  chart           = "gc-rafs-ddms-deploy"
+  version         = var.rafs_svc_version
+  namespace       = var.services_namespace
+  recreate_pods   = true
+  timeout         = 1800
+  upgrade_install = var.upgrade
+
+  set {
+    name  = "global.domain"
+    value = var.ingress_domain
+  }
+}

modules/osdu_k8s/inputs_versions.tf

@@ -65,12 +65,24 @@ variable "eds_svc_version" {
   default     = "0.0.7-latest"
 }
 
+variable "entitlements_svc_version" {
+  description = "Version of the eds service"
+  type        = string
+  default     = "0.0.7-latest"
+}
+
 variable "partition_svc_version" {
   description = "Version of the partition service"
   type        = string
   default     = "0.0.7-latest"
 }
 
+variable "rafs_svc_version" {
+  description = "Version of the rafs service"
+  type        = string
+  default     = "0.0.7-latest"
+}
+
 variable "schema_svc_version" {
   description = "Version of the schema service"
   type        = string

modules/osdu_k8s/values-tpl.tf

@@ -72,7 +72,6 @@ resource "local_file" "helm_values" {
     oetp_server_enabled        = var.oetp_server_enabled
     dfaas_tests_enabled        = var.dfaas_tests_enabled
     dspdm_service_enabled      = var.dspdm_service_enabled
-    rafs_ddms_service_enabled  = var.rafs_ddms_service_enabled
   })
 
   filename = "./files/custom-values.yaml"